A10 Networks, Inc. (ATEN) Business

Item 1. Business

Overview

We are a global provider of secure application and network infrastructure solutions that enable enterprises and service providers to deliver high-performance, reliable, and protected digital services across on-premises, hybrid cloud, and distributed environments.

Our solutions are designed to operate in mission-critical environments where availability, scalability, low latency, and security are essential. We provide integrated capabilities spanning application delivery, traffic management, distributed denial of service (“DDoS”) protection, application and application programming interfaces (“API”) security, and centralized management. Our portfolio is built on a unified software architecture that allows customers to deploy consistent performance and security policies across physical, virtual, containerized, and cloud-native environments.

We serve customers worldwide across industries including telecommunications, technology, financial services, public sector, industrial, retail, gaming, and education. Our service provider customers rely on our solutions to support large-scale network infrastructure and deliver connectivity and managed services. Our enterprise customers use our solutions to secure and optimize business-critical applications, modernize hybrid architectures, and address increasingly complex cybersecurity requirements, including those associated with artificial intelligence (“AI”) enabled workloads.

We generate revenue primarily from the sale of secure networking and cybersecurity solutions and related maintenance and support services. Our offerings are delivered through a combination of direct sales and channel partners. Customers typically purchase maintenance and support alongside initial deployments and renew those services over time. We are continuing to expand subscription, term-based, and software-focused offerings to support recurring revenue growth and flexible customer consumption models.

In February 2025, we acquired the assets and key personnel of ThreatX Protect, expanding our cybersecurity portfolio with cloud-delivered web application and API protection capabilities. This acquisition supports our strategy to strengthen our position in enterprise security and application protection markets.

Industry Trends and Customer Requirements

Digital transformation continues to increase reliance on applications and APIs as core business infrastructure. As organizations modernize their technology environments, application architectures are becoming more distributed, hybrid, and cloud-integrated. At the same time, threat landscapes are evolving in scale and sophistication. These dynamics are reshaping performance, security, and operational requirements across enterprise and service provider environments.

AI-Driven Infrastructure Evolution. The rapid adoption of artificial intelligence technologies, including generative AI and large language models, is introducing new infrastructure demands. AI-enabled applications increase traffic concurrency, intensify east-west traffic flows within data centers, and introduce new security considerations related to data exposure, prompt-based interactions, and API-driven workflows. Organizations are seeking infrastructure capable of supporting AI workloads while maintaining performance, reliability, and policy enforcement across environments.

Hybrid and Multi-Cloud Architectures. Enterprises and service providers increasingly operate across combinations of on-premises data centers, private clouds, and public cloud environments. Applications may originate in traditional infrastructure and migrate to the cloud over time, while new applications are often cloud-native from inception. This hybrid reality requires consistent traffic management, visibility, and security controls across deployment models, supported by centralized management and flexible form factors.

Escalating Cybersecurity Threats. Cybersecurity threats continue to grow in frequency, scale, and complexity. Distributed denial of service attacks, application-layer attacks, bot-driven abuse, API exploitation, and threats embedded in encrypted traffic require advanced detection and mitigation capabilities. The widespread adoption of TLS and SSL encryption has improved privacy but has also increased the need for efficient inspection and policy enforcement without degrading user experience. Organizations require solutions that combine performance and security at scale.

6

Operational Complexity and Automation. As networks and application environments grow more complex, organizations are prioritizing automation, orchestration, and analytics to improve operational efficiency. Centralized management, predictive insights, and programmable interfaces help customers simplify deployment, reduce total cost of ownership, and respond more rapidly to performance or security anomalies. Integrated platforms that unify performance and security services are increasingly favored over point solutions.

Service Provider Network Evolution. Service providers continue to modernize core and edge network infrastructure to support increasing bandwidth consumption, higher connection densities, IPv6 migration, and the delivery of value-added services. As operators expand fiber and mobile networks and introduce new digital offerings, they require scalable, high-throughput infrastructure capable of supporting large session volumes while maintaining performance and security. In addition, many service providers are increasingly embedding security capabilities into their offerings, including managed DDoS and application protection services for enterprise customers.

These dynamics create demand for solutions that combine carrier-grade scalability, traffic management, and integrated security within programmable, operationally efficient platforms.

These evolving requirements across enterprise and service provider markets are driving demand for integrated solutions that unify application delivery, infrastructure scalability, and cybersecurity within a common architecture.

Product Portfolio

Our product portfolio is designed to deliver secure, high-performance networking for enterprises and service providers operating across on-premises, hybrid cloud, and edge environments. We focus on outcomes customers require in production environments, including low latency at scale, always-on reliability, embedded security, and operational simplicity through automation and centralized control.

Consistent with how we operate and go to market, we organize our portfolio around three core solution areas, supported by a unified control plane and common architecture.

Three Core Solution Areas

1.Legacy Networking

Our legacy networking solutions support large-scale service provider and enterprise environments where performance, scale, and reliability are essential. A core capability in this area is carrier-grade address and protocol translation, which enables customers to extend IPv4 networks, support migration to IPv6, and manage subscriber or device growth while maintaining service continuity. These solutions are commonly deployed in high-throughput networks and are designed to provide resilient, standards-based traffic processing with operational stability.

Representative capabilities include carrier-grade NAT and related translation services, high scale session management, policy controls, and visibility required to operate in complex networks.

2.Next-Generation Networking

Our next-generation networking solutions focus on application delivery and traffic management for modern data center, hybrid cloud, and distributed architectures. These solutions help customers ensure application availability, optimize performance, and apply consistent traffic policies across environments as applications become more distributed and API-driven. In many customer deployments, application delivery also serves as an enforcement point for performance and security policies in the data path, helping reduce operational complexity while maintaining low latency.

Representative capabilities include server load balancing, high availability, application traffic steering, global load distribution, SSL/TLS acceleration and offload, and application-level observability and policy controls.

3.Network Security (A10 Defend)

Security is embedded across our portfolio and is also delivered through dedicated security solutions designed to protect applications, APIs, and infrastructure from modern cyber threats. Our network security capabilities support both enterprises and service providers with solutions that help defend against volumetric and application-layer DDoS

7

attacks, protect web applications and APIs, mitigate automated threats such as bots, and improve operational outcomes through centralized orchestration and actionable threat intelligence.

Representative capabilities include DDoS detection and mitigation, orchestration and workflow automation, threat intelligence and blocklisting, converged network security functions delivered in the data path, and cloud-delivered WAAP (web application and API) capabilities, including web application firewall, bot protection, Layer 7 DDoS protection, and API protection.

Unified Control Plane, Architecture, and Policy

Our solutions are built on a unified product architecture and are centrally managed through a control plane that provides policy management, automation, and analytics. This common foundation is intended to help customers operate performance, availability, and security as a single system across hybrid environments and deployment models.

Product Families and Delivery Models

We deliver our capabilities through integrated product families that span secure application delivery, traffic management, and infrastructure security, as well as our A10 Defend security portfolio.

Our solutions are available in multiple form factors and deployment models, including:

•Purpose-built hardware appliances

•Software deployed on customer-selected hardware

•Virtual appliances

•Containerized software

•Cloud-native and SaaS-delivered offerings (where applicable)

Historically, a significant portion of our revenue has been derived from proprietary software embedded in optimized hardware and licensed on a perpetual basis. As customer preferences evolve toward hybrid architectures and more flexible procurement models, we are increasingly delivering our solutions through term-based licenses, subscription offerings, software-only deployments, and cloud marketplace transactions.

We offer a range of commercial models designed to align with customer deployment preferences and budgeting cycles. These include perpetual licenses, term licenses, subscription-based pricing, pay-as-you-go models in certain cloud environments, and flexible consumption-based arrangements that allow customers to allocate and reallocate licensed capacity across applications, clouds, and data centers. These consumption options are intended to support operational agility while improving capacity planning and workload portability in hybrid environments.

Underlying Technology

Since our inception, our solutions have been recognized for high performance, scalability, and reliability in large and demanding enterprise and service provider environments. Our products are built on our proprietary Advanced Core Operating System, or ACOS, which provides a unified software foundation across our networking and security portfolio. ACOS is designed to support integrated performance, security, automation, and analytics capabilities within a single architectural framework.

The ACOS platform is optimized for modern computing environments and is engineered to efficiently process high volumes of application and network traffic while maintaining consistent availability and low latency. Its architecture enables scalable traffic management, embedded security enforcement, and centralized policy control across physical, virtual, containerized, and cloud deployments. This common foundation allows us to deliver consistent functionality across deployment models and adapt to evolving infrastructure requirements, including hybrid and AI-driven environments.

Performance and Scalability Architecture. Our platform is engineered to efficiently distribute traffic processing across multi-core processing environments, enabling horizontal and vertical scaling as customer throughput requirements grow. The architecture is designed to minimize processing bottlenecks, optimize resource utilization, and maintain consistent application performance under varying traffic conditions.

We leverage a combination of software optimization techniques and, where appropriate, hardware acceleration technologies to enhance throughput, reduce latency, and improve overall system efficiency. This design approach

8

allows our solutions to support high concurrency, large session volumes, and performance-sensitive workloads in enterprise data centers and service provider networks.

Integrated Networking and Security Services. Our platform provides a modular and extensible software framework that supports application delivery, traffic management, and security services within a common operating environment. By operating in the data path, our solutions can apply performance and security policies in real time without requiring separate infrastructure layers.

The platform includes capabilities that support multi-tenancy, automation, and programmability through standards-based interfaces and APIs. This enables integration with customer orchestration systems and supports deployment across physical, virtual, containerized, and cloud-native environments.

Reliability and Operational Resilience. Our software architecture is designed to enhance reliability and reduce operational risk. A modular design framework isolates functional components, which helps limit the impact of updates or configuration changes and supports continuous improvement and feature expansion. The platform supports centralized configuration management, analytics, and policy enforcement to improve visibility and operational control.

Intellectual Property. We have developed proprietary technologies that support high-performance traffic processing, scalability, and integrated security. We also maintain a portfolio of patents and other intellectual property protections covering aspects of our architecture and implementation.

Support and Services

Customer support and service are core components of our value proposition and have been since our founding. We provide global technical support and maintenance services designed to help customers deploy, operate, and optimize our solutions in mission-critical environments. Our support organization includes technical professionals with domain expertise across our networking and security portfolio and works closely with engineering to facilitate timely issue resolution and continuous product improvement.

Our support offerings include installation assistance, technical support, hardware repair and replacement, software updates, online tools, and training services. Customers typically purchase maintenance and support in conjunction with initial product deployments and renew those services over time. We believe the quality and responsiveness of our support organization are important factors in customer retention and long-term relationships.

All customers receive standard warranty support for 90 days following product purchase. We offer tiered maintenance programs that provide varying levels of response times and service coverage, with contract terms generally ranging from one to five years. The average maintenance contract term is approximately 21 months. Maintenance contracts are invoiced at the time of initial hardware purchase and are generally non-cancellable during the contract term. Software updates are provided to customers with an active maintenance agreement on a when-and-if-available basis. Maintenance and support services are typically renewed through the same sales channel as the original purchase.

We operate technical support centers in the United States, Japan, India, and the Netherlands to provide global coverage.

For customers requiring advanced DDoS protection support, we offer enhanced service options that include access to specialized security response resources and threat intelligence services designed to assist with rapid mitigation of active attacks and evolving threat patterns.

Customers

Our customers operate across a broad range of industries, including telecommunications, technology, financial services, public sector, industrial, retail, gaming, and education. We support organizations that manage mission-critical applications, high-availability networks, and performance-sensitive digital services where uptime, security, and scalability are essential.

Our solutions are deployed in environments that require continuous availability and protection of business-critical traffic, including large enterprise data centers, hybrid and cloud infrastructures, and service provider networks. Customers rely on our capabilities to help deliver resilient application experiences, manage large-scale traffic volumes, and protect infrastructure from evolving cyber threats.

9

During the years ended December 31, 2025, 2024, and 2023, purchases from our 10 largest end-customers accounted for approximately 40%, 38%, and 33% of our total revenue, respectively.

A substantial portion of our revenue is from sales of our products and services through distribution channels, such as resellers and distributors. During the years ended December 31, 2025, 2024 and 2023, sales through a single distribution channel represented 29%, 20% and 19% of our total revenue, respectively.

Competition

The markets in which we operate are highly competitive and continue to evolve as organizations modernize application architectures, adopt hybrid and cloud environments, expand API usage, and increase focus on cybersecurity resilience. The growing importance of security, distributed application delivery, modernized networks, and AI-driven workloads has broadened the competitive landscape and introduced new categories of competitors.

We compete across application delivery, network infrastructure, and security markets, where customers increasingly seek integrated solutions that combine performance, availability, and protection within unified platforms. Our ability to deliver multiple capabilities through a common architecture and centralized management framework allows customers to reduce operational complexity and streamline deployment across physical, virtual, and cloud environments.

We do not consider any of these markets to include a single dominant company, nor do we consider the markets to be fragmented. Our main competitors fall into the following categories:

•Providers of network and infrastructure security solutions, including DDoS protection and related services, such as Arbor Networks Inc, a subsidiary of NetScout Systems, Radware Ltd, and F5;

•Vendors of application delivery and traffic management solutions, including F5, NetScaler from Cloud Software Group, and VMware offerings within Broadcom;

•Network equipment and security vendors offering firewall, routing, and carrier-grade infrastructure solutions, including Cisco Systems, Hewlett Packard Enterprise (division f/k/a Juniper Networks, Inc.), and Fortinet Inc.;

•Cloud-based security and application protection providers offering WAAP and related services, including Akamai, Cloudflare, Imperva, and Amazon Web Services; and

•Emerging vendors and specialized security providers addressing API protection, bot mitigation, and AI-related security use cases.

Competition in our markets is based on a number of factors, including:

•Performance, scalability, and reliability in mission-critical environments;

•Breadth and integration of networking and security capabilities;

•Effectiveness in detecting and mitigating evolving cybersecurity threats;

•Flexibility across deployment models, including on-premises, hybrid, and cloud;

•Total cost of ownership and operational simplicity;

•Quality of customer support and service;

•Brand reputation and customer relationships; and

•Ability to attract and retain skilled technical and sales talent.

We believe our unified architecture, performance heritage, and integrated security capabilities position us to compete effectively across these markets.

Sales and Marketing

Sales

Our high-touch sales force engages customers directly and through distribution channels. Our sales team is comprised of inside sales and field sales personnel who are organized by geography and maintain sales presence in 23 countries as of December 31, 2025, including in the following countries and regions: United States, Western Europe, the Middle East, Japan, Taiwan, South Korea, Southeast Asia and Latin America. Our sales organization includes sales engineers with deep technical domain expertise who are responsible for pre-sales technical support, solutions engineering, proof-of-concept work and technical training for our distribution channels. Our sales team is also comprised of a channel sales organization that is

10

expanding our market reach through resellers. We may continue to grow our sales headcount, including in geographies where we currently do not have a sales presence.

Some customer sales are originated and completed by our Original Equipment Manufacturer (“OEM”) and distribution channels with little or no direct engagement by our sales personnel. We fulfill nearly all orders globally through our distribution channels, which include distributors, value added resellers and system integrators. Revenue fulfilled through our distribution channels accounted for 96%, 94% and 95% of our total revenue for the years ended December 31, 2025, 2024 and 2023, respectively.

Marketing

Our strategy is focused on driving greater demand for our products and services, and enabling sales to win as that demand broadens. Our marketing drives global demand generation campaigns, as well as additional awareness and demand via joint marketing campaigns worldwide. Our marketing also drives global awareness through industry analyst engagement, media outreach, blogs, social media and events.

Manufacturing

We outsource the manufacturing of our hardware products to original design manufacturers. This approach allows us to benefit from the scale and experience of our manufacturing partners to reduce our costs, overhead and inventory while allowing us to adjust more quickly to changing customer demand. Our manufacturers are Lanner Electronics Inc. (“Lanner”), AEWIN Technologies Co., Ltd. (“AEWIN”) and iBase. These companies manufacture and assemble our hardware products using design specifications, quality assurance programs and standards established and owned or licensed by us. Our manufacturers procure components and assemble our products based on our demand forecasts and purchase orders. These forecasts represent our estimates of future demand for our products based on historical trends and analysis from our sales and product management functions as adjusted for overall market conditions.

We have agreements with Lanner with an initial term of one year and AEWIN with an initial term of six years pursuant to which they manufacture, assemble, and test our products. Each agreement automatically renews for successive one-year terms unless either party gives notice that they do not want to renew. We do not have any long-term manufacturing contracts that guarantee fixed capacity or pricing. Quality assurance and testing is performed at our San Jose, Taiwan and Japan distribution centers, as well as at our manufacturers’ locations. We warehouse and deliver our products out of our San Jose warehouse for the Americas and direct from Taiwan for APJ and EMEA. We outsource delivery to a third-party logistics provider for deliveries in Japan.

Backlog

Backlog represents orders confirmed with a purchase order for products to be shipped to customers with approved credit status. Orders may be subject to cancellation, rescheduling by customers and product specification changes by customers. Although we believe that the backlog orders are firm, purchase orders may be canceled or rescheduled by the customer prior to shipment without significant cost. For these reasons, we believe that our product backlog at any given date is not a reliable indicator of future revenues.

For the years ended December 31, 2025, 2024 and 2023, our total revenue was $290.6 million, $261.7 million, and $251.7 million, respectively, and our gross margin was 79.3%, 80.4%, and 80.9%, respectively. We had net income of $42.1 million, $50.1 million and $40.0 million for the years ended December 31, 2025, 2024 and 2023, respectively.

Intellectual Property

We rely on a combination of patent, copyright, trademark and trade secret laws, and restrictions on disclosure to protect our intellectual property rights. As of December 31, 2025, we had 211 United States (“U.S.”) patents issued, 2 U.S. patent applications pending, 77 overseas patents issued and 7 overseas patent applications pending. Our issued U.S. patents, excluding 10 patents that we acquired, expire between 2026 and 2043. Our issued overseas patents, excluding 2 patents that we acquired, expire between 2026 and 2037. Our future success depends in part on our ability to protect our proprietary rights to the technologies used in our principal products. Despite our efforts to protect our proprietary rights, unauthorized parties may attempt to copy aspects of our products or to obtain and use trade secrets or other information that we regard as proprietary. In addition, the laws of some foreign countries do not protect our proprietary rights as fully as do the laws of the U.S. Any issued patent may not preserve our proprietary position, and competitors or others may develop technologies similar to or superior to

11

our technology. Our failure to enforce and protect our intellectual property rights could harm our business, operating results and financial condition.

We license software from third parties for development of, or integration into, our products, including proprietary and open source software. We pursue registration of our trademarks and domain names in the U.S. and other jurisdictions. See Part I, Item 1A. Risk Factors included in this Annual Report on Form 10-K for additional information regarding the risks associated with protecting our intellectual property.

Human Capital

As of December 31, 2025, we had 494 full-time employees, including 219 engaged in research and development and customer support, 220 in sales and marketing and 55 in general and administrative and other activities. None of our employees is represented by a labor union or is a party to any collective bargaining arrangement in connection with his or her employment with us. We have never experienced any work stoppages, and we consider our relations with our employees to be good.

Corporate Responsibility

Our mission is to enable business-critical networks that are secure, available and efficient. In our rapidly expanding digital economy, this has never been more relevant and critical. Our customers rely on us to help them drive better business outcomes now and into the future.

With our mission in mind, we are committed to maintaining the highest standards of ethics and corporate governance, and to fostering a customer and partner ecosystem. These standards are described in our Code of Business Conduct and Ethics, which can be accessed at https://investors.a10networks.com/corporate-responsibility/default.aspx. We believe these practices will deliver the highest value for our employees, customers, partners and stockholders. Our global footprint provides an additional level of sustainability for business performance, and we drive this responsibility across all our global locations.

We use as a guide the code of conduct policies set forth by the Responsible Business Alliance, the world’s largest industry coalition dedicated to corporate social responsibility in global supply chains, and we expect all of our suppliers to do so as well. The alliance sets standards and practices for a social, environmentally sustainable, and ethical supply chains. Our supply chain has sustained audits based on the Validated Assessment Program.

Further, we have established standards and practices to which our Board of Directors, executives and employees are obligated to adhere, as outlined on our website under Corporate Responsibility.

Sustainability

We are committed to business practices that preserve the environment, recognizing its fundamental role in sustaining our society and economy. We are committed to meeting and strive to exceed all legal and compliance requirements

related to our people, products, and operations. Additionally, we aim to deliver products and services that minimize environmental impact across our entire value chain.

•Environmental Sustainability Policy: We have adopted an Environmental Sustainability Policy, which can be accessed on our corporate website: https://investors.a10networks.com.

•Ongoing Environmental Initiatives: We continuously evaluate environmental initiatives to further develop our corporate policies and objectives. One such initiative is a sustainability project focused on reducing carbon emissions. We have engaged a sustainability expert and established 2019 as the baseline year for our 10-year carbon reduction plan. This strategy aligns with the 1.5°C initiative scope protocols.

•Sustainable Facilities & Energy Efficiency: Our corporate headquarters in San Jose, California, complies with the California Building Energy Efficiency Standards (Title 24) to reduce wasteful and unnecessary energy consumption. We have also planned for increased use of renewable energy in partnership with PG&E. Additionally, we provide EV charging stations for employees and visitors and facilitate recycling and proper disposal of e-waste, in accordance with local requirements.

12

•Conflict Minerals Supply Chain Policy: Under our Conflict Minerals Supply Chain Policy, which can be viewed at https://investors.a10networks.com/corporate-responsibility/default.aspx, we expect our suppliers to comply with our standards for responsible sourcing of minerals from conflict-affected and high-risk areas. Suppliers must cooperate with our due diligence inquiries, information requests, and certifications to meet reporting and disclosure obligations and ensure they do not knowingly contribute to local conflict or human rights abuses.

We work with our contract manufacturers and suppliers to maintain compliance with, for example, RoHS, REACH and WEEE in the European Union (“EU”) and elsewhere across the globe for other such environmental requirements. The Company’s Conflict Minerals Supply Chain Policy as well as our Code of Business Conduct and Ethics outlines our practices and procedures with respect to human rights to ensure participants in our supply chain do not knowingly contribute to local conflict or human rights abuses. We expect our suppliers to comply with our policy on responsible sourcing of minerals from conflict-affected and high-risk areas and to cooperate with our diligence inquiries and requests for information and certification as may be required by us to comply with reporting and disclosure obligations to which we are subject from time to time.

Workplace Standards

We are committed to providing a work environment that is free of discrimination and harassment. We are an equal-opportunity employer. We make employment decisions on the basis of a person’s qualifications, as well as our business needs, while complying with our statement against discrimination. We believe in the richness and quality of a working environment that is informed by people from all walks of life and strive to create a genuinely inclusive environment.

We are committed to ensuring our team members are treated with fairness, dignity and respect. We believe that a cooperative work environment, based on trust and mutual respect, is essential to our success. We embrace the diversity of our workforce and celebrate the creative value added by individuals with differing backgrounds. We expressly prohibit intimidation, hostility, harassment, discrimination and other inappropriate behavior. Furthermore, we expect employees to conduct themselves in a professional and dignified manner at all times; in doing so, we seek to avoid making employees feel uncomfortable at work.

As new employees join us, they learn more about our policies and culture through orientation and onboarding, our Employee Handbook, Code of Business Conduct and Ethics, and compliance trainings. They are also given access to our Statement Against Discrimination and are expected to comply with it. These all provide guidance on how we expect to operate in order to foster equity and inclusion across our company.

We are an equal opportunity employer and a Vietnam Era Veterans' Readjustment Assistance Act (“VEVRAA”) federal subcontractor. All qualified applicants receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. We also comply with all applicable state and local laws governing nondiscrimination in employment.

We use as a guide the code of conduct policies set forth by the Responsible Business Alliance, the world’s largest industry coalition dedicated to corporate social responsibility in global supply chains, and we expect all of our suppliers to do so as well. Our Code of Business Conduct and Ethics and our Statements Against Discrimination and Modern Slavery can be found on our corporate website at https://investors.A10networks.com within the “Governance - Governance Documents” section.

Total Rewards

We offer an attractive mix of compensation and benefit plans to support our employees and their families’ physical, mental, and financial well-being. We believe that we employ a fair and merit-based total compensation system for our employees and offer a variable bonus plan for eligible employees. Employees are generally eligible for medical, dental, vision and other comprehensive benefits, most of which become effective on their start date. Below are some of the types of health and wellness related benefits offered to employees:

•Medical, dental and vision insurance;

•Retirement plan with Company matching contribution feature;

•Flexible Spending Accounts for medical expenses, childcare, parking and transit;

•Health Savings Account (with employer contribution);

•Life insurance;

13

•Short & long-term disability;

•Paid time off and leave of absences; and

•Employee assistance program

Employees have an opportunity for financial inclusion at A10 Networks with an ownership interest in our company. There are several programs that provide employees with the ability to own our stock. Generally, more than 75% of our employees participates in at least one of our stock programs. During their tenure with our company, most employees have an opportunity to receive an equity award, either upon hire and/or during an annual review process to recognize those with significant impact on achieving our goals. Most employees, whether part or full time, also have the ability to participate in our Employee Stock Purchase Plan (“ESPP”). Participants in the ESPP may purchase our stock at a 15% discount to market price. We believe our discounted stock purchase program helps to build an ownership mentality amongst participating employees.

Health, Safety and Wellness

We are committed to maintaining a healthy, safe, and secure work environment that protects our employees and the public from harm. We use a multi-faceted approach to ensure the health and safety of our employees, from our Code of Business Conduct and Ethics to our policies governing the way we act within and outside of our company. We comply with applicable health, safety, and environmental laws as well as related company policies and procedures. We have a zero-tolerance policy against aggressive behavior, violence, direct and indirect threats, harassment, intimidation, and possession of weapons on company property. Moreover, we strive to conduct our everyday business activities in an environmentally sustainable way through wellness programs and webinars through our health insurance providers.

Governance

Our Board of Directors believes that our board should be a diverse body, and our Nominating and Corporate Governance Committee considers a broad range of backgrounds and experiences when selecting nominees for our board. Sixty percent of our directors currently self-identify as being from one or multiple diverse groups, including gender.

We continuously review and improve our corporate governance guidelines in response to changing requirements and feedback from employees, customers, partners, vendors and stockholders. The Nominating and Corporate Governance Committees of the Board of Directors, consisting entirely of independent directors, evaluates the appropriate governance practices as defined by law and industry best practice and takes those recommendations to the Board of Directors. Currently, four of five Board members are independent.

We engage with an independent audit firm to ensure the Company complies with relevant requirements such as the 2002 Sarbanes-Oxley Act.

The Company’s governance and code of conduct policies are outlined in the Code of Business Conduct and Ethics, Corporate Governance Guidelines, Whistleblower Policy and the Employee Handbook. Employees may submit concerns to generalcounsel@a10networks.com or via the Company’s third-party hotline as noted the Employee Handbook.

Corporate Information

A10 Networks, Inc. was incorporated in the State of California in 2004 and subsequently reincorporated in the State of Delaware in March 2014. Our website is located at www.A10networks.com, and our investor relations website is located at https://investors.A10networks.com. The following filings are available through our investor relations website after we file them with the SEC: Annual Reports on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, as well as any amendments to such reports and all other filings pursuant to Section 13(a) or 15(d) of the Securities Act. These filings are also available for download free of charge on our investor relations website. Additionally, copies of materials filed by us with the SEC may be accessed at the SEC’s website at www.sec.gov.

We announce material information to the public about the Company, our products and services and other matters through a variety of means, including our website (www.A10networks.com), the investor relations section of our website (https://investors.A10networks.com), press releases, filings with the Securities and Exchange Commission, public conference calls, and social media, including our corporate X (formerly Twitter) account (@A10Networks) and our corporate Facebook page (https://www.facebook.com/a10networks). Information provided includes press releases and other information about

14

financial performance, information on environmental, social and governance and details related to the Company’s annual meeting of stockholders. The contents of our website and social media contents are not intended to be incorporated by reference into this Annual Report on Form 10-K or in any other report or document we file with the SEC, and any references to our websites are intended to be inactive textual references only. We encourage investors and others to review the information we make public in these locations, as such information could be deemed to be material information. Please note that this list may be updated from time to time.