Let’s turn on to updates from our three platforms that are the engine driving our success. First, in network security, we continue to drive innovation across our portfolio and see momentum as customers drive towards Zero Trust architecture. This month we unveiled PAN-OS 11.1 or Cosmos and Strata Cloud Manager, unifying the management of all of our three form factors and all security services in a single pane of glass, and also leveraging AI to analyze security policies, reduced miss configuration that predict and prevent disruptions. Customers who have invested in our platform by deploying all three form factors continue to grow rapidly, up 34%. Of our top 100 network security customers, 60% have purchased all three form factors, up from 63% a year ago.
On average, these platform customers spend more than 15 times of the rest of our network security customers spend. The story is similar in SASE. Having just seen our innovations gain multiple industry recognition in SASE in the second half of our fiscal year, we’ve continued to invest to build on our leadership position. We’re seeing strong momentum in SASE with ARR growth of approximately 60% in Q1. We also saw a 35% of our 5 million or greater network security transaction includes SASE, up from less than 10% a year ago. Today, it was the first day of our event called SASE Converge, where we unveil several enhancements. We were able to SASE to access applications with performance faster than the Internet. We added visibility and control over interconnect SaaS applications, and enable safe access to Gen-AI tools and ensure data isn’t inadvertently leaked.
Lastly, we added Remote Browser isolation technology for an extra layer of security. M&A has always been an important part of our strategy. Last week, we announced our intent to acquire Talon Cyber Security. We see an opportunity to expand the addressable market for SASE and solve an important customer problem. As many as 36% of workers classify themselves as independent workers, who often use unmanaged devices for work. In addition, employees increasingly use personal devices for accessing business applications. To enable access of these devices, security teams have an impossible trade-off. There are forced to either ignore security entirely in favor of flexibility and user experience or trade-off cumbersome technologies like VDI. Talon is a pioneer in the emerging enterprise browser category and when combined with Prisma SASE after closing, we will enable users to securely access business applications from any device, including mobile devices and non-corporate devices for the seamless user experience.
We intend to include this capability with Prisma Access after closing and customers will be able to extend the same best-in-class security to unmanaged devices. Moving on to Prisma Cloud. We continue to see a strong endorsement of our integrated platform strategy. This traction is evident in the strong growth of our multi-module customers. We have seen particular success here with modules released over the last two and a half years. There has been a consistent pattern of seeing 100 plus customers for new modules in the first full quarter of launch and rapid growth after that, as the benefits of these new modules are broadly understood. This enthusiastic adoption has driven our strong conviction in adding key new modules, including some through acquisitions.
our IaC scanning capability which came through the Bridgecrew acquisitions and CICD Security, which came through Cider are two such examples. This new module traction is helping to accelerate Prisma Cloud new business ACV in the last quarter. In Q1, we also unveiled a major new Prisma Cloud released Darwin. Darwin further differentiates our unique position across code cloud infrastructure and cloud runtime, Darwin enables a view across all elements of cloud applications including cloud services, infrastructure assets, compute workloads, API endpoints data, and code, Darwin can also help customers understand risks with deep context and overlay active attack attempts in near real-time. Our full coverage from code to cloud to enables fixes to be applied immediately versus the months most vulnerabilities stake to be passed.
About two weeks ago, we announced our intention to acquire Dig Security, which will bring an award-winning Data Security posture management capability Prisma Cloud. With almost 70% of organizations having data stored in the public cloud, the sprawl of new cloud data services and the adoption of generative AI, we see an increased need to identify sensitive data, effectively manage user access, and implement robust security measures to prevent unauthorized internal and external access to this data stored in the cloud. After the close of proposed acquisition. Dig’s capabilities will be integrated into Prisma Cloud platform to provide near real-time data protection from code to cloud. Moving on to Cortex, we continue to invest across our product portfolio and expand our customer count, as we see continued adoption of XDR, XSOAR, Xpanse, and XSIAM.
In Q1, we had several industry recognitions of our innovation, Cortex XDR is the only product in the industry to achieve 100% protection and detection in the Round 5 MITRE evaluation. Additionally, XSOAR, Xpanse, and XSIAM are all name leaders by third-parties this quarter. We grew our Cortex active customer count by 25% to over 5,300 customers. Attraction overall in Cortex is essential, as it allows us to sell our transformational offering XSIAM. XSIAM has had a very fast start since we released the product just over a year ago. After a strong FY ’23, XSIAM’s first year release which included over $200 million in bookings, we followed up with a strong Q1. You saw our first expansion purchase of XSIAM, an eight-figure deal, and in Q1, our largest XSIAM customer to date was deployed with over 300,000 endpoints.
