New Palo Alto Networks partnerships chief on ‘quest’ to drive expansion on SASE, XSIAM
Simone Gammeri, the newly appointed chief partnerships officer at the cybersecurity giant, tells CRN that enabling partners to expand beyond traditional firewalls is a top priority.
Palo Alto Networks is looking to double down on channel partnerships as the company seeks to accelerate the expansion of next-generation product categories such as SASE and AI-powered security operations, according to newly appointed Chief Partnerships Officer Simone Gammeri.
The cybersecurity giant is seeking to enable partners to move beyond a focus on traditional firewalls amid massive opportunities related to network, cloud and AI transformation, Gammeri told CRN.
“Since every customer is going through some sort of networking-cloud transformation, I’m on a quest to make sure all of our partners know how to not just position firewalls — but how to position software firewalls, how to position SASE. Because that transformation is before our eyes,” he said.
In addition to SASE (secure access service edge), major growth areas for Palo Alto Networks partners include driving SOC (Security Operations Center) modernizations using the company’s AI-powered SIEM alternative, Cortex XSIAM, Gammeri said.
“What we have built with XSIAM and around Cortex is game-changing in the SOC space,” he said. “We have thousands of Cortex XDR customers that we can [expand to the] next step of delivering an AI-powered SOC, in a way that makes them truly resilient against the attacks that are coming at us fast and furious.”
Formerly a senior vice president heading SASE and network security sales at Palo Alto Networks, Gammeri was promoted last week to serve as its new chief partnerships officer, CRN reported exclusively.
Gammeri said he plans to focus on enhancing the company’s engagement across the full range of its partnerships, including with VARs and MSSPs. Michael Khoury, who is vice president for ecosystem partners and oversees the vendor’s NextWave Partner Program, will report to Gammeri.
Overall at Palo Alto Networks, “we are at the point in our growth where partnerships are going to be even more critical than they’ve been thus far,” he told CRN.
In addition to driving faster growth with partners around next-generation offerings such as Prisma SASE, Cortex XSIAM and Cortex Cloud, other major opportunities for Palo Alto Networks partners include the company’s Prisma Access Browser and AI security platform, Prisma AIRS, Gammeri said.
Ultimately, “we need this to start becoming a more natural partner motion,” he said. “We’re seeing it in pockets, but it’s still small. So I need to get both enablement and incentives aligned for partners to help us transform our customers’ infrastructure and operations.”
What follows is an edited portion of CRN’s interview with Gammeri.
What are your biggest priorities and focus areas for working with partners looking ahead?
As we [look] at where our ecosystem partnerships are, we have a great opportunity in front of us. We’ve made public our growth aspirations for the next five years. To reach that scale, we need partnerships to work for us, with us, to enable [that growth] — especially as we are bringing in a third pillar to our platform play, which is identity, with the [proposed] CyberArk acquisition. The mandate that I have encompasses all routes to market — from channel sales to GSI alliances to service provider and managed service providers, and MSSPs the smaller managed SOC type of providers. There are pockets of this that have been very successful for us. My job in that will be to add fuel to the fire. And the pockets where we have been not as fast and not as good as we would like, my job on that is to look at those partners and figure out the way to scale it — across not just one or two products, but across our product portfolio. And that, by the way, will require us to do things differently from a tooling and partner experience standpoint, from a partner engagement standpoint. We need to [give] more visibility to our partners [and] we need to get approvals faster. There is some fixing of the plumbing that needs to be done. We have great relationships. We have great talent. We have a great approach and mindset to partnerships. Pretty much everything we sell goes through partners. So we have a very strong foundation. But there is so much more we can do.
What in particular are some of the things you’re looking to do differently with key channel partners?
We have an opportunity to be more outcome-oriented with those partners and work together to not just build business, but transform business. Every single one of our customers is going through some transformation, whether it’s a SOC transformation, a network transformation, a cloud transformation, an AI transformation. Everybody is doing that. When you look upmarket for us, which is where the Optivs and WWTs of the world work with us, we have great relationships [and] we cover the vast majority of the Global 2000. Our job with those [types of] partners is to get more tightly aligned, to drive those transformations. We need to make sure each and every one of them is enabled to go and have [those conversations]. As you go downmarket, I think [we need to] have a different approach there, because you have a very long tail of disty-managed partners. That’s where the disty relationship and the way we engage with them will really matter a lot. A key area of focus is, how do we drive incentives, both upmarket and downmarket, so that we can align to the outcomes we need in those different spaces across our portfolio? The core of our portfolio and our revenue still is tied to firewall and firewall attach. We need to keep this going, because it’s a core part of our business. But we need all the other areas [comprising] next-generation security — around SASE, around Cortex, around cloud — we need this to start becoming a more natural partner motion. We’re seeing it in pockets, but it’s still small. So I need to get both enablement and incentives aligned for partners to help us transform our customers’ infrastructure and operations.
Anything in particular you’re looking at evolving there?
[To become] very outcome-oriented with partners and incentivize the right outcomes, those two pieces require perhaps a slightly different way on how we engage. Our operating model with partners may require slightly different incentives. So there’s going to be work to do to take a hard look at NextWave and our incentives in the partner program, and [how we] are aligning to guide to those outcomes. There’s going to be a set of tools and partner experience capabilities that are now not where they should be to enable those types of outcomes and that type of transition. And then there are a number of routes to markets that are not scaled yet, where we need to just drive the business-building initiatives. Those are the key themes.
Within your next-generation product portfolio, is there anything you particularly think partners should be excited about right now?
No. 1, since every customer is going through some sort of networking-cloud transformation, I’m on a quest to make sure all of our partners know how to not just position firewalls — but how to position software firewalls, how to position SASE. Because that transformation is before our eyes. It’s happening every day, and it’s driving a lot of consolidation on our customer tech stack and security stack. Second, what we have built with XSIAM and around Cortex is game-changing in the SOC space. We have thousands of Cortex XDR customers that we can [expand to the] next step of delivering an AI-powered SOC, in a way that makes them truly resilient against the attacks that are coming at us fast and furious. And then there are areas that are very nascent, but everybody really is engaging — one being the enterprise browser. Our Prisma Access Browser, in a little more than 18 months, has grown to have more than 6 million licenses. This is incredible growth. Everybody is seeing the potential. The problem is not, do I have a use case for it? The problem is like, which use case do I go and prioritize? [Use cases include] helping with securing GenAI adoption, unmanaged devices and contractors, helping to better secure the exchange of data and information with the web applications for which you cannot encrypt traffic. I think our partner community hasn’t caught up yet with [the opportunity] of the secure browser. It takes a little time to go and build the practice and the capability. Similarly, the new portfolio products around AI security with Prisma AIRS, as the integration with Protect AI progresses, I think will be a natural segue for a lot of our customers. The way the customers consume this product is in the same way they consume software firewalls for us. So it makes it a very seamless go-to-market motion for partners and alliances. Those are four key threads that you’ll see me repeat over and over in our partner conversations.
In terms of the Prisma Access Browser, is that an area where it might be natural for a new partner to get involved?
Yes, in fact, we are seeing a lot of adoption for our Prisma Access Browser not just as an extension of our own SASE platform, but as a way to plug a hole in a customer’s infrastructure where they have decided in the past to adopt a different SASE solution. There are some inherent gaps of just observing traffic inline through a networking tool, whether it’s a networking tool in cloud or on-prem, that are hard to plug unless you are sitting on the endpoint, looking at the traffic before it ships. And that’s what a browser does. It’s a safe environment, a secure workspace. So the short answer is, yes, absolutely.
Could you also say a bit about the Prisma AIRS opportunity?
Everybody is adopting AI, whether directly or indirectly, whether at scale or experimenting. There is a lot of hype. The reality is, the transformation is before our eyes. The next generation of talent will bring an acceleration in the way we do things and will bring a different expectation on the type of productivity tools that get adopted in the enterprise. [Previously] the conversation around GenAI was about, how do I contain it? This year, the conversation is about how to securely enable it. At Palo we have a series of capabilities to help customers protect the use of third-party GenAI applications. On top of that, a lot of enterprises are now going to build their own applications, and they are building their own models, or using models to support their own homegrown applications for GenAI. Prisma AIRS will help us protect the entire lifecycle of these GenAI applications — from the moment they download the model to when they finetune it, deploy it, use it in runtime — all the way to agents that interact with that model or are built around that model. And then we are bringing all those capabilities that other companies are building, we’re bringing [them] into our products. You’ll see a lot of upcoming announcements around agentic. And even there, it will be just the beginning of this journey.
Overall what would be your message to partners?
We are at the point in our growth where partnerships are going to be even more critical than they’ve been thus far. You’ll see us, as a company, making very thoughtful investments to grow this part of our business and the way we do business with partners across all routes to market. You will continue to see us listening and adapting [as] partners change the way they work. We have a lot of partners who are traditional VARs that now are executing on managed services. We need to evolve to support that. So we’re going to do that as well as making sure that we keep bringing to market the best products to help them serve their customers.