About Palo Alto Networks

Palo Alto Networks, Inc. (Palo Alto Networks) operates as a global cybersecurity provider. The company empowers enterprises, organizations, service providers, and government entities to protect themselves against most sophisticated cyber threats. Its cybersecurity platforms and services help secure enterprise users, networks, clouds, and endpoints by delivering comprehensive cybersecurity backed by industry leading artificial intelligence and automation. The company is a leading provider of zero trust solutions, starting with next-generation zero trust network access to secure remote hybrid workforces and extending to securing all users, applications and infrastructure with zero trust principles. The company’s focuses on delivering value in five fundamental areas: Network Security The company’s network security platform, which includes its ML-Powered Next-Generation Firewalls, available in a number of form factors, including physical, virtual, and containerized appliances, as well as a cloud-delivered service, has been recognized as a leader in the industry. The company’s network security platform also includes its Cloud-Delivered Security Services, such as Threat Prevention, Advanced Threat Prevention, WildFire, Advanced URL Filtering, DNS Security, IoT Security, GlobalProtect, SD-WAN, Enterprise Data Loss Prevention (Enterprise DLP), AIOps, SaaS Security API, and SaaS Security Inline. Through these add-on security services, the company’s customers are able to secure their content, applications, users, and devices across its network security platform, as well as the Prisma and Cortex product lines. Panorama, the company’s network security management solution, available as hardware or virtual machine, can centrally manage its network security platform irrespective of form factor, location, or scale. Secure Access Service Edge Prisma Access is the company’s next-generation Zero Trust Network Access (ZTNA) platform that provides secure network access for all employees with unified policy management and continuous threat inspection. The company has introduced ZTNA 2.0, which addresses major shortcomings in the first-generation ZTNA products in the industry (which the company refers to as ZTNA 1.0). Prisma Access delivers granular least-privileged access along with continuous trust verification and security inspection, and protects security for all applications and data across the enterprise infrastructure. Prisma Access, when combined with Prisma SD-WAN, provides a comprehensive single-vendor Secure Access Service Edge (SASE) offering that is used to secure remote workforces and enable the cloud-delivered branch. Cloud Security The company enables cloud native security through its Prisma Cloud platform. As a comprehensive Cloud Native Application Protection Platform (CNAPP), Prisma Cloud secures hybrid and multi-cloud environments for applications, data, and the entire cloud native technology stack across the full development lifecycle, from code to runtime. For inline network security on multi and hybrid-cloud environments, the company also offers its VM-Series and CN-Series Firewall offerings. Security Operations The company delivers the next generation of endpoint security, security analytics and security automation solutions through its Cortex portfolio. These include its industry-leading extended detection and response platform Cortex XDR to prevent, detect, and respond to complex cybersecurity attacks; Cortex XSOAR for security orchestration, automation, and response (SOAR); Cortex Xpanse for attack surface management (ASM); and Cortex Data Lake allowing the company’s customers to collect and analyze large amounts of context-rich data across endpoints, networks, and clouds. These products are delivered as software subscriptions or SaaS subscriptions. Threat Intelligence and Security Consulting (Unit 42) The company enables security teams with up-to-date threat intelligence and deep cybersecurity expertise before, during and after attacks through its Unit 42 threat research and security consulting team. Unit 42 offers incident response, risk management, board advisory, and proactive cybersecurity assessment services. Product, Subscription, and Support The company’s products are available in the form of the product, subscription, and support offerings described below. Products Firewall Appliances and Software: The company’s ML-Powered Next Generation Firewalls embed machine learning in the core of the firewall and employ inline deep learning in the cloud, empowering its customers to stop zero-day threats in real time, see and secure their entire enterprise, including IoT, and reduce errors with automatic policy recommendations. All of the company’s firewall appliances and software incorporate its PAN-OS operating system and come with the same rich set of features ensuring consistent operation across its entire product line. The content, applications, users, and devices—the elements that run a business—become integral components of an enterprise’s security policy via its Content-ID, App-ID, User-ID, and Device-ID technology. In addition to these components, key features include site-to-site virtual private network (VPN), remote access Secure Sockets Layer (SSL) VPN, and Quality-of-Service (QoS). The company’s appliances and software are designed for different performance requirements throughout an organization and are classified based on throughput, ranging from the company’s PA-410, which is designed for small organizations and branch offices, to its top-of-the-line PA-7080, which is designed for large-scale data centers and service provider use. The company’s firewall appliances come in a physical form factor, a containerized form factor, called CN-Series, as well as a virtual form factor, called VM-Series, which is available for virtualization and cloud environments from companies, such as VMware, Inc. (VMware); Microsoft Corporation (Microsoft); Amazon.com, Inc. (Amazon); and Google, Inc. (Google), as well as in Kernel-based Virtual Machine (KVM)/OpenStack environments. The company also offers Cloud NGFW, a managed next-generation firewall (NGFW) offering, to secure customers’ applications on Amazon Web Services (AWS). Panorama: Panorama is the company’s centralized security management solution for global control of all of its firewall appliances and software deployed on a customer’s network, as well as in their instances in public or private cloud environments. Panorama can be deployed as a virtual appliance or a physical appliance. Panorama is used for centralized policy management, device management, software licensing and updates, centralized logging and reporting, and log storage. Panorama controls the security, network address translation (NAT), QoS, policy-based forwarding, decryption, application override, captive portal, and distributed denial of service/denial of service (DDoS/DoS) protection aspects of the appliances, software, virtual and containerized systems under management. Panorama centrally manages device software and associated updates, including SSL-VPN clients, SD-WAN, dynamic content updates, and software licenses. Panorama offers network security monitoring through the ability to view logs and run reports from all managed appliances and software in one location without the need to forward the logs and reliably expands log storage for long-term event investigation and analysis. Virtual System Upgrades: Virtual System Upgrades are available as extensions to the Virtual System capacity that ships with the company’s physical appliances. Virtual Systems provide a mechanism to support multiple distinct security policies and administrative access for tenants on the same hardware device, which is applicable to its large enterprise and service provider customers. Subscriptions The company offers a number of subscriptions as part of its portfolio. Of these subscription offerings, cloud-delivered security services like Threat Prevention, Advanced Threat Prevention, WildFire, Advanced URL Filtering, DNS Security, IoT (Internet of Things) Security, SaaS Security Inline, GlobalProtect, SD-WAN, Enterprise DLP and AIOps are sold as options to the company’s firewall appliances and software, whereas Prisma Cloud, Prisma Access, Prisma SD-WAN, SaaS Security API, Cortex XDR, Cortex XSOAR, Cortex Xpanse and Cortex Data Lake are sold on a per-user, per-endpoint, or capacity-based basis. The company’s subscription offerings include: Cloud-delivered Security Services Threat Prevention: This cloud-delivered security service provides intrusion detection and prevention capabilities and blocks vulnerability exploits, viruses, spyware, buffer overflows, denial-of-service attacks, and port scans from compromising and damaging enterprise information resources. It includes mechanisms, such as protocol decoder-based analysis, protocol anomaly-based protection, stateful pattern matching, statistical anomaly detection, heuristic-based analysis, custom vulnerability and spyware ‘phone home’ signatures, and workflows to manage popular open-source signature formats to extend the company’s leading coverage. Advanced Threat Prevention: This cloud-delivered security service builds on all of the capabilities of Threat Prevention, adding the industry’s first Inline Deep Learning protection engine for Command-and-Control (C2). It delivers real-time detection and prevention of unknown, evasive, and targeted C2 communications over HTTP, unknown-TCP, unknown-UDP and encrypted over SSL. Advanced Threat Prevention is the first offering to protect patient zero from unknown command and control in real-time. WildFire: This cloud-delivered security service (which can also be delivered as an appliance) provides protection against targeted malware and advanced persistent threats and provides a near real-time analysis engine for detecting previously unseen malware while resisting attacker evasion techniques. The core component of this subscription goes beyond traditional sandbox environments and can operate on an end-customers’ local environment, private cloud or the company’s public cloud. WildFire combines dynamic and static analysis, recursive analysis, and a custom-built analysis environment with network traffic profiling and fileless attack detection to discover even the most sophisticated and evasive threats. A machine learning module derived from the cloud sandbox environment is delivered inline on the ML-Powered Next-Generation Firewalls to identify the majority of unknown threats without cloud connectivity. Once identified, whether in the cloud or inline, preventive measures are automatically generated and delivered in seconds or less across networks, clouds, endpoints, or wherever WildFire-enabled sensors are deployed. By providing this as a cloud-based subscription, all of the company’s end-customers benefit from malware found on any of the company’s end-customers’ networks. Advanced URL Filtering: This cloud-delivered security service offers the industry’s first Inline Deep Learning powered web protection engine. It delivers real-time detection and prevention of unknown, evasive, and targeted web-based threats, such as phishing, malware, and command-and-control. While many vendors use machine learning to categorize web content or prevent malware downloads, Advanced URL Filtering is the industry’s first inline web protection engine capable of detecting never-before-seen web-based threats and preventing them in real-time. In addition, it includes a cloud-based URL filtering database, which consists of millions of URLs across many categories and is designed to analyze web traffic and prevent web-based threats, such as phishing, malware, and command-and-control. DNS Security: This cloud-delivered security service uses machine learning to proactively block malicious domains and stops attacks in progress. Unlike other solutions, it does not require endpoint routing configurations to be maintained and therefore cannot be bypassed. It allows firewalls access to DNS signatures that are generated using advanced predictive analysis, machine learning, and malicious domain data from a growing threat intelligence sharing community of which the company is a part. Expanded categorization of DNS traffic and comprehensive analytics allow deep insights into threats, empowering security personnel with the context to optimize their security posture. It offers comprehensive DNS attack coverage and includes industry-first protections against multiple emerging DNS-based network attacks. IoT Security: IoT Security is a cloud-delivered security service on the company’s ML-Powered Next-Generation Firewalls with backward compatibility to older versions of PAN-OS. Using machine learning and the company’s App-ID technology, it can accurately identify and classify various IoT and operational technology (OT) devices, including never-been-seen-before devices, mission critical OT devices and unmanaged legacy systems. It uses machine learning to baseline normal behavior, identify anomalous activity, assess risk, and provide policy recommendations to allow trusted behavior with a new Device-ID policy construct on the company’s ML-Powered Next-Generation Firewalls. The company’s existing subscription-based security services have also been enhanced with IoT context to prevent threats on various devices, including IoT and OT devices. SaaS Security API: SaaS Security API is a multi-mode, cloud access security broker service that helps govern sanctioned SaaS application usage across all users and helps prevent breaches and non-compliance. Specifically, the service enables the discovery and classification of data stored across the supported SaaS applications, protects sensitive data from accidental exposure, identifies and protects against known and unknown malware, and performs user activity monitoring to identify potential misuse or data exfiltration. It delivers complete visibility and granular enforcement across all user, folder, and file activity within sanctioned SaaS applications, and can be combined with SaaS Security Inline for a complete integrated cloud access security broker (CASB). SaaS Security Inline: SaaS Security Inline is a recent cloud-delivered security service on the company’s ML-Powered Next Generation Firewalls that adds an inline service to automatically gain visibility and control over the tens of thousands of known and new sanctioned, unsanctioned and tolerated SaaS applications in use within organizations. It provides enterprise data protection and compliance across all SaaS applications and prevents cloud threats in real time with best-in-class security. The solution is easy to deploy being natively integrated on the company’s range of ML-Powered Next-Generation Firewalls, eliminating the architectural complexity of traditional CASB products, while offering low total cost of ownership. It can be combined with SaaS Security API as a complete integrated CASB. GlobalProtect: This appliance-based subscription provides protection for users of both traditional laptop and mobile devices. It expands the boundaries of the end-users’ physical network, effectively establishing a logical perimeter that encompasses remote laptop and mobile device users irrespective of their location. When a remote user logs into the device, GlobalProtect automatically determines the closest gateway available to the roaming device and establishes a secure connection. Regardless of the operating systems, laptops, tablets and phones will stay connected to the corporate network when they are on a network of any kind, and as a result, are protected as if they never left the corporate campus. GlobalProtect ensures that the same secure application enablement policies that protect users at the corporate site are enforced for all users, independent of their location. SD-WAN: The company’s SD-WAN subscription is integrated with PAN-OS, so that the company’s end-customers can get the security features of its PAN-OS ML-Powered Next-Generation Firewall together with SD-WAN functionality. The SD-WAN overlay supports dynamic, intelligent path selection based on the applications, services and conditions of the links that each application or service is allowed to use, allowing applications to be prioritized based on criteria, such as whether the application is mission-critical, latency-sensitive, or meets certain health criteria. Enterprise DLP: This cloud-delivered security service provides consistent, reliable protection of sensitive data, such as personally identifiable information (PII) and intellectual property, for all traffic types, applications, and users. Native integration with the company’s products makes it simple to deploy, and advanced machine learning minimizes management complexity. Enterprise DLP allows organizations to consistently discover, classify, monitor, and protect sensitive data, wherever it may reside. It helps minimize the risk of a data breach both on-premises and in the cloud—such as in Office/Microsoft 365, Salesforce, and Box—and assists in meeting stringent data privacy and compliance regulations, including GDPR, the California Consumer Privacy Act, PCI DSS, HIPAA, and others. AIOps for NGFW: AIOps for NGFW is a new cloud-delivered security service available on ML-Powered Next-Generation Firewalls and Panorama that run on PAN-OS 10.0 and above; and is available in both free and licensed premium versions. AIOps for NGFW redefines firewall operational experience by empowering security teams to proactively strengthen security posture and resolve firewall disruptions. AIOps for NGFW provides continuous best practice recommendations powered by machine learning (ML) based on industry standards, security policy context, and advanced telemetry data collected from all Palo Alto Networks firewalls to improve security posture. It also intelligently predicts firewall health, performance, and capacity problems up to seven days in advance and provides actionable insights to resolve the predicted disruptions. Cloud Security Prisma Cloud: Prisma Cloud is a comprehensive CNAPP, securing both cloud native and lift-and-shift applications across hybrid- and multi-cloud environments. With broad security and compliance coverage and a flexible agentless, as well as agent-based, architecture, Prisma Cloud protects cloud-native applications spanning hosts, containers, serverless architectures and other platform as a service (PaaS) offerings across cloud platforms. It dynamically discovers public cloud resources as they are deployed and correlates cloud data services (resource configurations, flow logs, audit logs, host and container logs, etc.) to provide timely security and compliance insights for cloud applications. The platform uses machine learning to profile user, workload, and application behaviors to identify and prevent advanced threats. For security and development and operations teams, Prisma Cloud removes the impedance mismatch between security and cloud-driven agility by integrating with continuous integration and continuous development (CI/CD) tool chains to provide full lifecycle vulnerability management, compliance, infrastructure-as-code scanning, and runtime defense. With a comprehensive library of compliance frameworks, it vastly simplifies the task of maintaining compliance. Prisma Cloud accomplishes this through deep context-sharing that spans infrastructure, PaaS, users, development platforms, data, and application workloads. Seamless integration with security orchestration tools ensures rapid remediation of vulnerabilities and security issues. Prisma Cloud delivers cloud security posture management, cloud workload protection platform, cloud network security, cloud code security, and cloud identity security capabilities that provide continuous visibility and protection across an organization’s hybrid, and multi-cloud infrastructure. Secure Access Service Edge Prisma Access: Prisma Access is a cloud-delivered security offering that helps organizations deliver consistent security to remote networks and mobile users. Located in more than 100 locations around the world, Prisma Access consistently inspects all traffic across all ports and provides bidirectional networking to enable branch-to-branch and branch-to-headquarter traffic. Prisma Access consolidates more point-products into a single converged cloud-delivered offering than any competing solution, transforming network security and allowing organizations to enable secure hybrid workforces. Unlike competing solutions, only Prisma Access protects all application traffic with complete, best-in-class security while ensuring an exceptional user experience with industry-leading service-level agreements (SLAs). Prisma SD-WAN: The company’s Prisma SD-WAN solution is a next-generation SD-WAN solution that makes the secure cloud-delivered branch possible. Prisma SD-WAN enables organizations to replace traditional Multiprotocol Label Switching (MPLS) based WAN architectures with affordable broadband and internet transport types that promote improved bandwidth availability, redundancy and performance at a reduced cost. Prisma SD-WAN leverages real-time application performance SLAs and visibility to control and intelligently steer application traffic to deliver an exceptional user experience. Unlike legacy SD-WAN solutions that introduce cost and complexity, the company’s Prisma SD-WAN ensures an excellent user experience with application-defined policies and simplifies network and security operations using machine learning and automation. Security Operations Cortex XDR: This cloud-based subscription enables organizations to collect telemetry from endpoint, network, identity and cloud data sources and apply advanced analytics and machine learning across all data, to quickly find and stop targeted attacks, insider abuse, and compromised endpoints. Cortex XDR has two product tiers: XDR Prevent and XDR Pro. XDR Prevent delivers enterprise-class endpoint security focused on preventing attacks. XDR Pro extends endpoint detection and response (EDR) to include cross-data analytics, including network, cloud and identity data. These capabilities build on each other such that a customer can start with XDR Prevent, then upgrade to XDR Pro for endpoints or XDR Pro for cross-data analytics. Going beyond EDR, Cortex XDR detects the most complex threats using analytics across key data sources and reveals the root cause, which can significantly reduce investigation time as compared to siloed tools and manual processes. Cortex XSOAR: Available as a cloud-based subscription or an on-premises appliance, Cortex XSOAR is a comprehensive SOAR offering that unifies playbook automation, case management, real-time collaboration, and threat intelligence management to serve security teams across the incident lifecycle. With Cortex XSOAR, security teams can standardize processes, automate repeatable tasks and manage incidents across their security product stack to improve response time and analyst productivity. It learns from the real-life analyst interactions and past investigations to help SOC teams with analyst assignment suggestions, playbook enhancements, and best next steps for investigations. Many of the company’s customers see significantly faster SOC response times and a significant reduction in SOC alerts, which require human intervention. Cortex Xpanse: This cloud-based subscription provides attack surface management, which is the ability for an organization to identify what an attacker would see amongst all of its sanctioned and unsanctioned Internet-facing assets. In addition, Cortex Xpanse detects risky or out-of-policy communications between Internet-connected assets that can be exploited for data breaches or ransomware attacks. Cortex Xpanse continuously identifies Internet assets, risky services or misconfigurations in third parties to help secure a supply chain or identify risks for mergers and acquisitions due diligence. Finally, compliance teams use Cortex Xpanse to improve their audit processes and stay in compliance by assessing their access controls against regulatory frameworks. Cortex Data Lake: This cloud-based subscription allows the company’s customers to collect and analyze large amounts of context-rich network security data. This includes a collection of enhanced network logs generated by the company’s security offerings, including those of the company’s ML-Powered Next-Generation Firewalls and Prisma Access subscription, eliminating the need to plan for local data storage. Support Customer Support: Global customer support helps the company’s customers achieve their security outcomes with services and support capabilities covering the customer's entire journey with Palo Alto Networks. This post-sales, global organization advances the company’s customers’ security maturity, supporting them when, where, and how they need it. The company offers Standard Support, Premium Support, Four-Hour Premium Support and Platinum Support to its end-customers and channel partners. The company’s channel partners that operate a Palo Alto Networks Authorized Support Center (ASC) typically deliver level-one and level-two support. The company provides level-three support 24 hours a day, seven days a week through regional support centers that are located worldwide. The company also offers a service offering called Focused Services that includes Customer Success Managers (CSM) to provide support for end-customers with unique or complex support requirements. The company offers its end-customers ongoing support for hardware, software and certain cloud offerings in order to receive ongoing security updates, PAN-OS upgrades, bug fixes, and repair. End-customers typically purchase these services for an one-year or longer term at the time of the initial product sale and typically renew for successive one-year or longer periods. Additionally, the company provides expedited replacement for any defective hardware. The company uses a third-party logistics provider to manage its worldwide deployment of spare appliances and other accessories. Threat Intelligence, Incident Response and Security Consulting: Unit 42 brings together world-renowned threat researchers, incident responders and security consultants to create an intelligence-driven, response-ready organization that is passionate about helping clients proactively manage cyber risk. The company helps security leaders assess and test their security controls, transform their security strategy with a threat-informed approach and respond to incidents rapidly. The Unit 42 Threat Intelligence team provides threat research that enables security teams to understand adversary intent and attribution, while enhancing protections offered by its products and services to stop advanced attacks. The company’s security consultants serve as trusted partners with cyber risk expertise and incident response capabilities, helping customers focus on their business before, during, and after a breach. Professional Services: Professional services are primarily delivered directly by Palo Alto Networks and through a global network of authorized channel partners to the company’s end-customers and include on-location and remote, hands-on experts who plan, design, and deploy effective security solutions tailored to its end-customers’ specific requirements. These services include architecture design and planning, implementation, configuration, and firewall migrations for all its products, including Prisma and Cortex deployments. Customers can also purchase on-going technical experts to be part of customer’s security teams to aid in the implementation and operation of their Palo Alto Networks capabilities. The company’s education services include certifications, as well as free online technical courses and in-classroom training, which are primarily delivered through the company’s authorized training partners. Research and Development During the year ended July 31, 2022, the company introduced several new offerings, including Prisma Cloud 3.0, Prisma Access 3.0, AIOps for NGFW, PAN-OS 10.2, and Cloud NGFW for AWS. Competition The company’s main competitors fall into five categories: Large companies that incorporate security features in their products, such as Cisco Systems, Inc. (Cisco), or those that have acquired, or may acquire, large network and endpoint security vendors and have the technical and financial resources to bring competitive solutions to the market. Independent security vendors, such as Check Point Software Technologies Ltd. (Check Point); Fortinet, Inc. (Fortinet); and Zscaler, Inc. (Zscaler), which offer a mix of network and endpoint security products. Large and small companies, such as Crowdstrike, Inc. (Crowdstrike), which offer solutions for security operations and endpoint security. Sales, Marketing, Services and Support Customers: The company’s end-customers are predominantly medium to large enterprises, service providers, and government entities. The company’s end-customers operate in a variety of industries, including education, energy, financial services, government entities, healthcare, Internet and media, manufacturing, public sector, and telecommunications. The company’s end-customers deploy its portfolio of products for a variety of security functions across a variety of deployment scenarios. Typical deployment scenarios include the enterprise perimeter, the enterprise data center, and the distributed enterprise perimeter. The company’s end-customer deployments typically involve at least one pair of its products along with one or more of its subscriptions, depending on size, security needs and requirements, and network complexity. Distribution: The company primarily sells its products and subscription and support offerings to end-customers through its channel partners utilizing a two-tier, indirect fulfillment model whereby the company sells its products and subscription and support offerings to its distributors, which, in turn, sell to the company’s resellers, which then sell to its end-customers. The company also sells its VM-Series virtual firewalls directly to end-customers through Amazon’s AWS Marketplace, Microsoft’s Azure Marketplace, and Google’s Cloud Platform Marketplace under a usage-based licensing model. Sales: The company’s sales organization is responsible for large-account acquisition and overall market development, which includes the management of the relationships with its channel partners, working with its channel partners in winning and supporting end-customers through a direct-touch approach, and acting as the liaison between its end-customers and its marketing and product development organizations. Channel Program: The company’s NextWave Channel Partner program is focused on building in-depth relationships with solutions-oriented distributors and resellers that have strong security expertise. To promote optimal productivity, it operates a formal accreditation program for the company’s channel partners’ sales and technical professionals. As of July 31, 2022, the company had more than 6,700 channel partners. Global Customer Success: The company’s Global Customer Success (GCS) organization is responsible for delivering professional, educational and support services directly to its channel partners and to end-customers. The company leverages the capabilities of its channel partners and train them in the delivery of professional, educational and support services to enable these services to be locally delivered. Marketing: The company’s marketing team consists primarily of product marketing, brand, demand generation, field marketing, digital marketing, communications, analyst relations and marketing analytics functions. Marketing activities include pipeline development through demand generation, social media and advertising programs, managing the corporate website and partner portal, trade shows and conferences, analyst relationships, customer advocacy, and customer awareness. Every year the company organizes multiple signature events, such as the company’s end-customer conference ‘Ignite’ and focused conferences, such as ‘Cortex Symphony’ and ‘SASE Converge’. The company also publishes threat intelligence research, such as the Unit 42 Cloud Threat Report and the Unit 42 IoT Threat Report, which are based on data from its global threat intelligence team, Unit 42. These activities and tools benefit both its direct and indirect channels and are available at no cost to the company’s channel partners. Seasonality The company’s business is affected by seasonal fluctuations in customer spending patterns. The company has begun to see seasonal patterns in its business, which it expects to become more pronounced as the company continues to grow, with its strongest sequential revenue growth generally occurring in its fiscal second and fourth quarters (year ended July 2022). Manufacturing The company’s electronics manufacturing services provider is Flextronics International, Ltd. (Flex). History Palo Alto Networks, Inc. was founded in 2005. The company was incorporated in 2005 under the laws of the state of Delaware.