CyberArk Software Ltd.

will be a question and answer session. If you would like to ask a question during this time, simply press star followed with the number one on your telephone keypad. If you would like to withdraw your question, press star one again. Thank you. I would like to turn the call over to Srinivas, VP of Investor Relations. Please go ahead.

Thank you, operator. Good morning. Thank you for joining us today to review CyberArk's strong first quarter 2025 financial results. With me on the call today are Matt Cohen, our chief executive officer, and Erica Smith, our chief financial officer. After prepared remarks, we will open up the call to a question and answer session. Before we begin, let me remind you that certain statements made on the call today may be considered forward-looking statements, which reflect management's best judgment based on currently available information. I refer specifically to the discussion of our expectations and beliefs regarding our projected results of operations for the second quarter, full year 2025 and beyond. I also refer to our expectations and beliefs regarding the integration of NFI and Zillow security into our operations. Our actual results might differ materially from those projected in these forward-looking statements. I direct your attention to the risk factors contained in the company's annual report on Form 20-F filed with the U.S. Securities and Exchange Commission and those referenced in today's press release that are posted to CYBROC's website. CYBROC expressly disclaims any application or undertaking to release publicly any updates or revisions to any forward-looking statements made herein. Additionally, non-GAAP financial measures will be discussed on this conference call. Reconciliations to the most directly comparable GAAP financial measures are also available in today's press release, as well as in an updated investor presentation that outlines the financial discussion in today's call. A webcast of today's call is also available on our website in the IR section. With that, I would like to turn the call over to our CEO, Matt Cohen.

Thanks, Sri, and thanks, everyone, for joining the call today. We're excited to kick off 2025 with a strong first quarter that exceeded all of our guided metrics. This performance highlights not only the critical role identity security plays in the broader cybersecurity landscape, but also our team's unwavering focus on excellence in execution. In Q1, we achieved total ARR of 1.215 billion, revenue of 318 million, an 18% operating margin, and generated 96 million in free cash flow, a great quarter all around. Our results continue to demonstrate that identity is the new perimeter and that demand remains robust. With more than 90% of organizations experiencing identity-related breaches, security leaders recognize that identity security is a mission-critical imperative. CyberArk is at the forefront of this imperative, offering the most comprehensive and most effective platform for securing every identity, human, machine, and now AI. Before I dive into the quarter, let's touch on the broader macro environment. As you can see from our results, demand for our solutions is increasing, and we continue to deliver strong growth. Despite ongoing macro uncertainty, we have not seen any impact on our business. Given the elevated threat landscape, cybersecurity remains a top priority for organizations. And within that, identity security is a non-discretionary investment. It is a foundational to business continuity, customer trust, and regulatory compliance. Of course, we are carefully monitoring the economic situation and its potential impact. And as we have always done, if we see any negative trends, we will be disciplined in our execution and make the necessary strategic adjustments. We have successfully navigated similar conditions before by staying close to our customers and infusing even more rigor into our go-to-market execution. Importantly, we believe times like these push customers towards our platform and consolidation, and specifically, consolidation of trust. Our confidence in the underlying demand trends was further reinforced recently with thousands of customers in attendance at the recent Impact and RSA conferences. At these conferences, I had the opportunity to engage directly with hundreds of customers and partners in one-on-one meetings. The feedback was clear and consistent. Identity security continues to be a top spending priority. Organizations are actively seeking to consolidate fragmented security tools, modernize legacy systems, address the growing challenges of machine identities, and get advice on how to integrate security from day one into their agentic AI initiatives. The level of strategic discussions we are having with the C-suite at our customers and prospects has never been more constructive and underscores the growing demand for our unified identity security solutions. I come away from these events more confident than ever in our vision and ability to win and drive long-term, durable growth. I want to center our discussion today around three key pillars that anchor so many of these one-on-one conversations I have been having. First, the identity security imperative, Second, our unified platform for every identity. And third, our relentless innovation. Starting with the identity security imperative. As I mentioned at our impact conference last month, we are living and operating in an exponential era, an age where the speed of change, the scale of threats, and the complexity of digital ecosystems are compounding at a pace we've never seen before. The threat landscape continues to intensify with state-sponsored actors, cyber criminals, and emerging threats like AI-driven exploits increasing in both frequency and sophistication. Identity is the connective tissue of every digital interaction across every user, system, cloud, and application, making it foundational to any modern cybersecurity strategy. With identity at the center of virtually every breach It's crystal clear that if you don't have a strong identity security, you simply don't have security at all. We are seeing the identity security imperative proliferate across the three different identity groups that our platform is purpose-built to protect, human, machine, and AI. For humans, privileges have proliferated across the entire spectrum of identities, including IT admins, cloud ops, developers, and SaaS admins. In today's dynamic work environments, every employee interacts with sensitive data or critical systems. Identity security requires us to reimagine privilege as a dynamic, contextual, and tightly controlled concept delivered across the workforce without friction. We're bringing layered, in-depth defense to every human identity without compromising user experience. Applying privilege controls against all identities is among the most complex, cybersecurity challenge, and our deep expertise and leadership position sets us apart from the competition, which you see in our results. When it comes to machine identities, a year ago you heard us talk about a 45 to 1 ratio of machine to human identities. Today it's over 80, and that number is still rising rapidly. These machine identities are granted access to critical infrastructure and sensitive information, yet they often operate without oversight. Without an identity-first approach to securing machines, organizations leave a massive blind spot in their defenses. Identity security is the only way to bring visibility, control, and governance to this rapidly growing attack surface. With the addition of Entify, our machine identity solutions are setting a new standard on how to address this challenge. And turning to AI, we are seeing AI everywhere, embedded in organizational workflows and opening the door to new use cases. It's challenging how privileges are assigned, creating new identities, and becoming a force multiplier for both defenders and attackers. The need to secure AI agents, both autonomous and human-directed, is becoming increasingly top of mind. And as we dive deeper into the depths of agentic approaches, it's increasingly understood that securing AI agents is an identity security problem, not a data problem. The identity security imperative is clear. to meet the exponentially increasing threat landscape by securing every identity with the right level of privilege controls. Which takes us to our second pillar, our unified identity security platform. Our platform starts with the idea that discovery in context is critical. Understanding what identities exist across human, machine, and AI, their associated access rights, risk profiles, and appropriate privilege controls is foundational to any effective identity security strategy. Once discovered and onboarded, applying industry-leading privilege controls is the most essential step and cornerstone of our differentiation. Privilege controls that cover credential management, authentication management, session management, and entitlements management are the secret sauce of our platform and create a deep, competitive moat against all competitors. Next comes policy automation, which is also crucial. Given the scale and scope of modern identity security, it's no longer enough to merely impose policies. They must be automated. We offer automated enforcement of contextual security policies to eliminate manual overhead, reduce time to value, and support rapid scalability across complex environments. Along with policy automation, you need to automate life cycles, which is the ability to onboard and offboard dynamically provisioned entitlements and provide just-in-time access. with the goal of streamlining security to reduce risk and ensure continuous compliance. And lastly, governance and compliance are essential for meeting the growing oversight both within organizations and increasing regulatory standards being imposed by government organizations. As we'll talk about later, with Zillow's modern IGA, we are setting out to free organizations from the longstanding challenges of legacy IGA. These components are the building blocks and the unique differentiators of our platform. They are the blueprint for how we talk with our customers and partners. More importantly, they enable us to deliver measurable customer outcomes, reducing cyber risk, strengthening business resilience, satisfying audit and compliance, all while increasing efficiency and automation. This is why, while customers may come to us hoping to solve one use case, instead, They often expand to secure additional identities across our solutions and consolidate on our platform over time. Moving on to our third pillar, which is innovation, at Impact we introduce new solutions and capabilities across human, machine, and AI identities. And I want to highlight a few of them one more time today. For securing human identities, we announced the availability of Zillow provision and comply modules. Since we closed the acquisition, customer feedback has been overwhelmingly positive, especially around how CyberArk and Zillow can simplify access reviews and automate provisioning across modern environments. Both customers and partners recognize the powerful combination of having modern IGA on our platform and the synergies we are confident we can realize. On the machine identity side, we announced our secure workload access solution, which combines modern workload identity management with CyberArk's secrets management capabilities for the industry's first and most comprehensive protection for all non-human identities that matter, giving security teams visibility and control throughout the machine identity lifecycle. I did want to pause to quickly mention another key development in machine identity security around the lifespan of certificates. The certificate The Certification Authority Browser Forum, which sets guidelines for certificate life cycles, recently voted to significantly reduce certificate lifespans from 398 days to just 47 days. Major industry players, including Apple, Google, and Microsoft, supported this change, emphasized the growing need for automated management of short-lived certificates. In an increasingly complex security environment, this is top of mind for our customers. At the recent RSA conference, this industry change drove more traffic to our booth than any other topic. Customers are realizing that the time to get this part of the machine identity security under control is now. The final major innovation we talked about was in the field of agentic AI. Agentic AI sits at the intersection of human and machine identity security. AI agents, are machine identities that act like or on behalf of humans, proliferating at machine scale, gaining access to and granting privileges over critical infrastructure. As a result, they will require the same security principles as human identities, and soon, billions of AI agents will require robust access controls, governance, and privilege management frameworks. To address the security challenges of AI agents, we introduced our secure AI agent solution. which integrates our platform capabilities with AI-specific discovery and context, privileged controls, policy automation, lifecycle management, and governance. We expect this solution to be widely available to customers later this year. Additionally, we announced a strategic partnership with Accenture, integrating our identity security platform with Accenture's AI refinery. Together, we'll offer customers out-of-the-box security for AI-driven agents, ensuring secure adoption, of emerging AI technologies at an exponential scale. Beyond these highlighted announcements, we also launched major innovations across workforce, IT, developer, and machine solutions that deliver incremental value and real-world security controls to meet the demands of the current and future threat landscape. The product and engineering team at CyberArk continues to amaze me in their ability to lead the market. As I said, Q1 was a great way to start the year. And I did want to quickly highlight just a few deals from the quarter to illustrate how we are delivering valuable customer outcomes across our platform, as well as an early Zillow deal. In a deal that showcases the power of our full platform, a leading U.S. enterprise software company replaced a competing PAM vendor, prioritizing CyberWorks' ability to deliver a complete identity security platform. They are boldly focused on just-in-time access and zero spending privilege to secure IT and developers. and a complete solution for the machine identities in a multi-figure, six-figure ACV deal. In another full platform deal focused solely on modern use cases, a leading U.S. healthcare company wanted to secure modern cloud workloads for developers, protect their entire workforce, both the user and at the endpoint, and secure machine identities with Secrets Hub in another multi-six-figure ACV add-on deal. We continue to see great momentum with Venify and this quarter, a Fortune 100 financial services company, who is a long time side of our customer on the human identity side, is now deploying all of our certificate lifecycle management and PKI offerings in a competitive multi six figure ACV deal. And in a great Venify deal that demonstrates our cross-sell motion, PDS Health, a leading integrated healthcare support organization, who has been a CyberArk customer since 2019, built on that longstanding relationship, expanding further on the machine identity side with our certificate manager and zero-touch PKI in a six-figure Q1 ACV deal. The excitement around Vanify deals continues to build across our go-to-market teams, and stories like this are becoming commonplace as the business begins to scale. Finally, in a Q1 Zilla deal, We saw early success after the acquisition closed with a financial services company who landed as a new logo with a six figure ACV deal, replacing a competing legacy IGA vendor. The customer highlighted that the acquisition by CyberArk gave them strong confidence in closing out this deal and starting their modern IGA journey. In summary, I want to leave you with the following takeaways today. First, The identity security imperative is real and accelerating. As the digital ecosystem grows more interconnected and decentralized, the threat landscape is not just expanding, it's evolving at an unprecedented pace. Organizations must respond. Second, CyberArk is uniquely positioned with the only unified platform for securing every identity and addresses a critical pain point for overburdened CISOs by simplifying identity security. Third, our relentless innovation is strengthening our competitive mode as we solve our customers' problems of today and the future. Fourth, cybersecurity spend and certainly identity is defensible in all macro environments as organizations realize the importance of protecting their most critical assets, particularly in this escalating threat environment. And finally, we are executing with discipline and confidence Our go-to-market teams are an exceptional differentiator for us. Our continued execution and strong demand environment positions us to deliver strong growth and profitability. Now I'll turn it over to Erica to walk through our strong financials and updated guidance.

Thanks. Excuse me. Thanks, Matt. We're off to a strong start in 2025 with our first quarter results exceeding all of our guided metrics. We delivered solid top-line growth, expanded operating profitability, and generated robust free cash flow. As we review our results, please note that Venify, which closed in October 2024, and Zillow, which closed in February 2025, contributed to our Q1 results of this year, but were not part of the comparable period in 2024. Moving to our results. Annual recurring revenue reached $1.215 billion. Net new ARR was 46 million, up from 37 million in Q1 of last year. As a reminder, Zillow brought to CyberArk approximately 5 million of ARR when we closed the acquisition. Lastly, fluctuations in the euro and pound created about a $1 million headwind to ARR in the first quarter. As Matt mentioned, the Venify integration is progressing ahead of expectations. Pipeline continues to build, and we are executing on the cross-sell synergies. Momentum in our machine identity business overall, including secrets management, was strong in the first quarter, with Venify and Secrets included in nine of our top 10 deals. As we noted on our last earnings call, we don't plan to break out Venify's contributions separately, given that customers are increasingly buying across our platform and our machine identity solutions can include both Ventify and Secrets Management. The value proposition we outlined at the time of the Ventify acquisition is being validated by strong cross-sell into existing customer base, new customers being added, and growing activation of our channel partners, with several hundred certified since we closed the acquisition. Subscription ARR grew to $1.028 billion with subscription net new ARR of 51 million compared to 39 million in Q1 of last year. Our maintenance ARR was $188 million. Like-for-like conversion activity remains a single-digit percent of our year-over-year ARR growth. As you saw in the release we posted this morning, we are now reporting revenue in two lines, a subscription line, which includes SAS and self-hosted subscription, and a maintenance professional services, another line, which includes perpetual maintenance, services, and perpetual license revenues. Given that nearly 95% of our business is recurring revenue, and we expect our perpetual license revenue to represent about 1% of total revenue, we change the P&L to better reflect the value we provide to our customers and to represent the way we look at our business. Total revenue significantly beat our guidance, reaching $317.6 million in Q1. For the first quarter, recurring revenue reached $298.2 million, representing 94% of total revenue. Our subscription revenue reached $250.6 million, or 79% of total revenue. The outperformance in Q1 was from two primary factors, the strength in our overall business compared to our guidance, and in a slightly higher than expected mix of self-hosted subscriptions. Maintenance and professional services and other revenue was $67 million in the quarter. The business remains geographically diverse. America's revenue was $193.5 million, EMEA revenue came in at $93.8 million, and APJ revenue was $30.4 million. We had strong organic and inorganic revenue growth across the platform in all regions. In addition, we're leveraging the strength of our Salesforce to drive Ventify demand and experienced healthy overall growth, particularly in EMEA. In the first quarter, we signed about 200 new logos. Consistent with prior periods, we continue to see strong momentum in multi-solution adoption, with approximately half of new logos purchasing two or more solutions at land. This contributed to a year-over-year double digit percent increase in new business deal sizes in the first quarter of 2025. All P&O line items will be discussed on a non-GAAP basis. Please see the full GAAP to non-GAAP reconciliation in the tables of our press release. First quarter gross profit was $269 million, or an 85% gross margin. The expansion of our gross margin was in part due to that higher self-hosted subscription revenue in the quarter, as I mentioned earlier. Our operating income was $57.5 million, or 18% operating margin, well ahead of our guidance. Our operating margin expanded by three percentage points from Q1 of last year. Even as we absorbed over 400 employees from Venify, and incurred approximately six weeks of expenses from the Zillow acquisition. We ended March with approximately 3,930 employees worldwide, including adding approximately 60 employees from Zillow. We had approximately 1,590 employees in sales and marketing at the end of the quarter. Net income came in at $50.3 million, or 98 cents per diluted share, also ahead of our guidance. We generated strong free cash flow of $95.5 million, or a margin of about 30% in the first quarter. This performance reflects the power of our recurring revenue model, our disciplined execution, and the continued operating efficiency. We continue to maintain a strong balance sheet and end of the quarter with approximately $776 million in cash, which takes into account the approximately $165 million of consideration paid for the Zillow acquisition in Q1. Before moving to our guidance, I want to comment on the macroeconomic environment. As you can see from our strong Q1 results, the recent macroeconomic conditions have not impacted our business. Demand remains robust across our platform and our solutions. Execution is strong and Venify is performing ahead of our expectations. As Matt discussed, identity security continues to be a top priority for CIOs and for CISOs, and we believe spending on security is resilient across macroeconomic environments. That said, despite the strength in our pipeline and the strategic importance of identity, we are taking the current macroeconomic environment into consideration in our full year 2025 outlook. Now, turning to our guidance. For the second quarter of 2025, we expect total revenue to be between $312 to $318 million. We expect non-GAAP operating income to be in the range of $41.5 million to $46.5 million for the second quarter. That includes the seasonal increase in marketing expenses related to our Impact customer event, as well as our Impact World Tour. It also reflects a full quarter of costs related to the Zillow acquisition. We expect our non-GAAP EPS to be in the range of $0.74 to $0.81 per diluted share. Our guidance assumes 51.5 million weighted average diluted shares outstanding. It also assumes about $8.5 million in financial income and a tax rate of 24% in the second quarter. For the full year, we are increasing our total revenue to be in the range of $1.313 billion to $1.323 billion. representing 32% year-over-year growth at the midpoint of the range. Keep in mind, the 2025 growth rate includes a full year of Ventify contribution in 2025 compared to just one quarter in 2024. We are increasing our full year non-GAAP operating income to be between $221 million and $229 million. We expect our non-GAAP EPS to be between $3.73 and $3.85 per diluted share for the full year. That assumes 51.6 million weighted average diluted shares and approximately $32 million in financial income. We are now assuming a tax rate of 24% for the full year. We expect our annual recurring revenue to be in the range of $1.410 billion and $1.420 billion at December 31, 2025, representing about 21% year-over-year growth at the midpoint. Turning to cash flow, we expect adjusted free cash flow for the full year 2025 to be in the range of $300 to $310 million, representing an adjusted free cash flow margin of 23% at the midpoint. As outlined in our press release, adjusted free cash flow excludes the estimated one-time tax payment of $42 million related to the migration of Ventify's SaaS IP to our Israeli entity and about $15 million of capital expenditures associated with leasehold improvements to our new US headquarters. We signed a lease for this office space in the second quarter. We expect to incur a $15 million in capital expenditures, primarily in the third and fourth quarters of 2025. Accordingly, we are raising our CapEx forecast to be between 2.5% and 3% of revenue. I also want to comment on taxes. The reduction in our estimated IP transfer tax payment from approximately $70 million to $42 million is in part due to the certain tax credits and the strong growth in our U.S. business. As a result of this growth, Cyberg is now subject to approximately $17 to $20 million of U.S.-based erosion taxes under the Tax Cuts and Jobs Act, also referred to as BEAT tax. This tax expense was not anticipated in the initial February guidance, and it is in part related to the IP transfer. The BEAT tax will be an ongoing expense, and as a result, we've absorbed it within our reported free cash flow guidance. To sum up, we're pleased with our strong first quarter results, which underscores the continued prioritization of identity securities by enterprises around the world. As a market leader, we are well positioned to capture greater share of security spend as customers consolidate around strategic platforms. Our solutions continue to deliver significant value by addressing critical security challenges, improving resiliency, and driving operational efficiencies. With that, I will turn the call over to the operator for Q&A. Operator?

At this time, I would like to remind everyone, in order to ask a question, press star, then the number one on your telephone keypad. We encourage everyone to limit yourself to one question and one follow-up. We will pause for just a moment to compile the Q&A roster. Your first question comes from the line of Saket Kalia with Barclays. Your line is open.

Okay, great. Hey, guys. Thanks for taking my questions here, and nice start to the year. Thanks, Akit.

Thanks, Akit.

Sure. Matt, maybe for you, I'd love if you could just talk a little bit about customers' willingness to buy multiple products here as you become more of an identity platform. I mean, you had some great customer examples, right, that you spoke about in prepared remarks. Erica, I think, threw out some stats in her prepared remarks as well. But maybe you could just bring that home for us and maybe also touch on what are you doing to drive that multi-product sale more?

Yeah, sure, Saket. And listen, I shared a little bit of some examples of the conversations I was having at Impact and the conversations I had at RSA, and frankly, the conversations I have every day here at our Visit Center. And I would tell you that there's not one conversation I have, not one, that isn't multi-product or multi-solution based. You know, customers want to engage in a conversation. that is specifically around how do they tackle their entire identity security problems or opportunities there. It can be that they want to talk about human and machine, and we're talking about, you know, PAM plus machine identity, either in the form of Secrets, Inventify, or both. It can be on the human spectrum. How do they actually get all of their human identities covered from IT to developers back into the workforce? And we're talking about not only our IT solutions, but also our endpoint solutions, as well as our access solutions. It's really across the board, and it's the foundation of our entire discussion. It's our entire strategy at this point. So what are we doing? We continue to elevate the team's ability to talk platform versus individual areas. We go in and we talk about three-year roadmaps, really around value, around architecture, and then ultimately how do you build that into a plan? Even customers that want to get started with one solution, Erica mentioned that about 50% or so of new logos land with multiple solutions. But even the ones that don't are working with us on that roadmap, on that architecture about where they're going to go over time. And ultimately, that lends itself to our confidence in what we're going to be able to get from a lifetime value out of our customer base.

That makes a ton of sense. Erica, maybe for my follow-up for you, definitely. obviously a smaller and smaller part of the business, but can we just talk a little bit about the maintenance business? You know, how do you think about that sort of decline or shift this year, and how are you thinking about that conversion opportunity?

Yeah, it's a great question on that maintenance business. We're at about, you know, that $188 million, and I think all of the things that Matt just talked about really do apply to that maintenance business as well, meaning that the customer base is now more willing to move to our SaaS and our subscription solutions. We saw a little bit of an uptick in the conversion activity in Q1. As I mentioned in the prepared remarks, it was still a single-digit percent of our overall growth, but we did see a slight uptick. I think as we progress through the year, our expectation is that the readiness of our customer base is increasing. And we do think we'll see an increase of that maintenance ARR coming down Think about it in the tune of about $15 million roughly, but I think really there is a tremendous opportunity for us there to continue to execute on that maintenance ARR, and the customer readiness is moving in that direction. We don't expect it to be a meaningful change in what we've seen in the past. and still a single-digit percent to the overall growth, but there should be an uptake as we move through the year here.

And maybe just one add for me, just, again, back, because it's so fresh in my mind, all the customer conversations we've been having. You know, at Impact, I got a chance to meet with several customers who have been customers of ours for a long time, think financial institutions. And, you know, we're having conversations with them about migration and conversion. Now, it takes a while to plan those things out. But the number one comment I heard coming into those conversations was, I'm excited by what you guys are talking about on stage. I want that platform. Help me figure out how to get there. And I think that sets the stage for the next couple of years as we think about the migration and conversion opportunity.

Super helpful, guys. Thank you.

Thanks, Zach. Your next question comes from the line of Joe Gallo with Jefferies. Your line is open.

Hey, everyone. Thanks for the question. Erica, I wanted to circle back to what you said regarding guidance. Have you seen macro headwinds or you're just embedding that it gets worse in your updated guidance? Can you just walk us through any changes to your process versus 90 days ago?

We have not seen any macro headwinds. Our Q1 results were strong. Pipeline continues to be strong. Close rates were consistent. I think we just wanted to, as we looked at the macro volatility we were seeing in the market, we wanted to make an assumption in the guide that took a bit more conservatism than certainly we were seeing in the trends and the data. And so when you think about that guidance, if the macro holds and the trends we saw in Q1 persist as we move through the year, there's room for us to move that guidance up. But given that we were in the first quarter, There were a lot of moving parts around the tariffs and around the broader macro. We thought it best to take a more prudent approach to those very strong metrics we were seeing coming out of the first quarter and apply that to the guidance as we move forward here.

Crystal clear. And then maybe as a follow-up, how should we think about sales capacity, sales comfortability, selling Venify in this ever-broadening portfolio and where your go-to-market investments are going?

Yeah, I'll jump in there. I mean, we see an uptick of Ventify pipeline at a really strong rate. We see sales across not just Americas where they were traditionally strong, but actually into EMEA and APJ, running Ventify and kind of machine identity as a whole, cross-sell campaigns. We see a real exceptional reception from the customers. In fact, actually, while we talk here, the European impact events are going on this week. And I got notes this morning about the level of attendance in our machine identity sessions that are going on there. So I think across the board, we see a go-to-market organization that's poised to attack that opportunity. I think they're also extremely excited about the Zillow opportunity in the IGA space. And they continue to see momentum in just our core business around human identity security. And so across the board, it's a good time to be in go-to-market at CyberArk. And we feel that when we're out there in the field meeting with the teams. Thanks, and nice job, guys. Thank you.

Your next question comes from the line of Brian Essex with JP Morgan. Your line is open.

Hi, this is Charlotte Bedeck on for Brian Essex. Thank you so much for taking the question, and it was nice to see great results. Now that we're still in early days of Zillow and Benefi, can you talk about if you've seen any trends of adoption across segments or even just like size of customers? Is there anyone that's particularly looking to adopt those types of technologies? Thank you.

Sure. So let me start, you know, they're obviously in different segments. points of maturity of absorption within the company. So, Venify, we've got a couple quarters under our belts. We've been out there training, enabling, working with our customers, working with our sales teams, working with our partners. And ultimately, what we're seeing is kind of universal interest. And I mentioned that little story about our RSA booth around this 47-day mandate around certificate life cycles because it was really remarkable. It was remarkable to see customers come in and basically from all segments, big and small, and say, can you help us with this problem? And I think that's what we're seeing across the board is is a shift. I think we talked about it when we acquired Venify, that we were seeing that shift in the market where the time for machine identity security was now, where certificate lifecycle management was becoming top of mind. And even though it had been a long process to get here, we felt like we could really amplify the success that Venify was going to be able to have in the market. Well, that is what we're seeing across the board. We see it in our sales reception. We see it in our customer reception. And ultimately, we see it in the pipeline builds. Zillow is earlier days. Zillow, we're starting the conversations. But I would say there, it's been an interesting set of dozens and dozens, if not hundreds of conversations where customers are coming to us and they're really leaning in to the thesis of the acquisition. They're saying, we've deployed a traditional IGA provider out there in the market. We've spent a lot of money deploying that, and the time to value has taken a very long time. Can you help us get started on managing the governance and administration of our modern environments? Because we need to move faster. We need it to be more efficient, more effective. We need to have apps online in days and weeks, not months and years. And that type of discussion is what frames our early discussions around Zillow. And ultimately, it gives us the optimism that as we get into the back half of this year and certainly into 2026, that Zillow can start to contribute as we get past the sales cycles that we need to build.

Thank you so much for the color.

Your next question comes from the line of Matt Hedberg with RBC Capital Markets. Your line is open.

Great. Thanks for taking my question, guys. You know, Matt, I had a question on pricing. You know, in your prepared remarks, you noted that the number of machines to humans has increased pretty significantly. I think you said it was 45 to 1. Now it's 80 to 1. You know, I can imagine a similar dynamic will play out for agents as agent proliferation continues. You know, I guess the question is, is how do you think about pricing longer term from these non-human identities, especially if the numbers increase? I mean, do you kind of think that it has to evolve over time?

Yeah, Matt, great question. I think as we look forward, the lens we should look through is the machine lens, even when we're applying it against the AI agent space, which is the idea that it becomes a curve, right? As you get exponential numbers, the price per agent, or in the case of machines, the price per application or workload starts to come down. And in some cases, it comes down dramatically. You know, I don't think anyone's going to be, you know, if they have hundreds of millions of agents running around, they're not going to be paying us, you know, top dollar for every agent. But you're going to start to see the deals as a deal size continue to increase. You know, already we see the average deal size on the machine side is often 2 or 3x what we see if we're just going out there and selling PAMM. And I expect that to be similar on the AI agent side, even at the scale we're talking about. So I think it is a slightly different pricing model in that you're able to scale the cost effectively or efficiently as the numbers become really large. But ultimately, it's the total deal size that matters. And we're optimistic about what those average deal size will look like as we scale that piece of the business.

Very clear. Thanks a lot. Well done, guys.

Thank you, Matt.

Your next question comes from the line of Keith Weiss with Morgan Stanley. Your line is open. Mr. Keith Weiss, your line is open.

Thank you guys for taking the question, and congratulations on a good quarter. Two questions, one kind of more strategic, one more tactical. On the strategic side of the equation, definitely heard and felt the excitement around identity and identity security at RSA. A lot of vendors are running around trying to tell their new identity stories. Have you been seeing any change in the competitive environment? I'm sure you do to some extent now that, like, Ben and Zillow are part of the equation. So perhaps you could talk to us about the evolution of your competitive environment. Who do you see yourselves coming up against more so as you sell the broader – set of solutions into the customers. And then on the more tactical side, and this is, I think, one of the debates that's going on in our email boxes right now, you haven't spoke specifically to the contribution of ARR from Venify or Zillow, but if we think about that $51 million in net new ARR, is that still growing on a year-on-year basis if we take out the incremental contributions from Venify and Zillow?

Yeah, so why don't, Eric, why don't you jump in on the second one, and then I'll come back right on the first one.

Yeah, so I think the way you should really think about the contribution and the growth of MET New ARR, we are seeing their growth on the subscription MET New ARR side. And so that would be where we would anchor. We aren't going to break out the various component parts. I think that the reality is that there's a lot of customers that are beginning to buy the combined SKUs. And then when you kind of think about the broad platform selling motions, you are seeing some very strong synergies across the broader platform. But you should think of that as being a net new ARR growing, but we aren't going to break it out in more granularity.

Net new ARR organic subscription growing. Yes, 100%. Yes, exactly. Okay, I think on the – On the more strategic question, you know, I was at that RSA conference as well, and I like to do it, too. I do it to myself. I walk the booths, and I walk around the floor, and I feel out what's going on, and at one level, you're right. It's like identity, identity, identity in every booth, and on the other side, it's It's what is the message that they're trying to tell. And I think what you see with those kind of upstart competitors is that they're trying to solve a small slice of the identity security problem. They may be talking a big message, but when you actually pin them down and ask what's the use case, they're solving a very narrow use case. I think what differentiates us in the market And the reason for our strong results and our outlook going forward is identity security can't be solved in small little increments. In fact, CISOs are overwhelmed with all the tools they already have. They don't need more tools to go do small levels of solutions. They need a tool that actually can solve human and machine. We are the only one in the market that's able to do that. They need one that can apply privilege controls effectively, not only in a standing access motion, but also in this just-in-time, zero-standing privilege access. We're the only ones who can do that. And ultimately, those are the conversations we're having with customers where, yeah, of course they hear the noise and they see some of these other providers. And then we sit down and we do these, again, value architecture roadmap workshops. And coming out of that, they see that actually their best path forward for actual coverage and ultimately consolidation is to come on to our platform. So ultimately, the short answer to that is we don't really see a strong change in the competitive positioning or competitive situation. We don't see somebody growing in competitiveness at the moment. And ultimately, we find the market to be the same market that we were operating in from a competitive positioning last year and the year before.

Your next question comes from the line of John DeFucci with Guggenheim Securities. Your line is open.

Thank you. I want to go back to Joe Gallo's question, Erica. You said you're just being more conservative with annual ARR guidance, but just trying to gauge that a little bit more. Matt talked a lot about conversations with customers for machine identity that make FiberArk feel good about the future there. I mean, even though the quarter was strong, and it was, and pipeline is good, Is it customer conversations that give you pause on that guidance, or is it just the press? Because that could change day to day.

Yeah, no, I mean, it's a great question, John. And it really, customer conversations, as Matt's outlined, have been incredibly positive. And so, you know, if you think about impact, our impact event, where we had very constructive conversations with the customers, not just about machine identities, but across the broader platform. and our offerings, it's been very consistently positive. So really when we provided the guidance, it was more around the fact that we weren't sure of what the impact would be on our customers if there were things around tariffs that had moved forward. So we wanted to be more prudent in the guidance and really take a haircut against some of the metrics that we saw in the first quarter to ensure that if something were to happen in the back half of the year, that we accounted for that in the guidance. At this point, it just didn't seem like there was much benefit to us being more aggressive on the guide despite the positive feedback we were getting from the customers. So nothing to make us pause at this point, but we thought that it was the right approach for us to take given what the noise that we were hearing in the broader macro.

Yeah, maybe just since I'm in those customer conversations and I'm generally talking to C-suite there, and in some cases, you know, even hire a board or two, you know, what is on their mind is the macros. Like, let me be clear. Like, our customers, when you meet with an auto OEM in Germany, they're worried about the tariffs. When you meet with, you know, a manufacturing organization here in the U.S. that's planning out their strategy, they're worried about the economics and the tariffs. We get into a conversation about that and I noticed the worry. We then get into a conversation about their cybersecurity strategy, what they have to go do and where identity security ranks on their list. And my worry kind of moves away for a while. But when you're having those conversations about the overall macros with customers, you have to take that into account from where you sit and you're watching carefully to understand if it's ever going to come in to your space and have impact on your business. That's the smart thing to go do. So I think what Eric is really emphasizing is we sat down and we said, listen, based upon that uncertainty that our customers have around the broader macros, not specific to us, you know, do we pass our beat through or not? And, you know, the thought process was it's Q1 and there's a lot going on and we probably shouldn't pass our beat through because that's the responsible thing to go do. So just taking it down to that level there for you.

That makes sense. total sense to me that, and Erica, but I think the confusion out there with the investment community is that not everybody's done what you've done. But thank you for all the explanation. It makes total sense. Great. Thank you.

Thank you, John. Your next question comes from the line of Roger Boyd with UBS. Your line is open.

Great. Thanks for taking the questions, and yeah, congrats on a great quarter. Matt, I appreciate your comments on identity consolidation. I think maybe just to play devil's advocate, when we talk to CISOs, there's generally an admission that projects around identity can be lengthy, complex, expensive, and to your point around IGA, in some cases have significant sunk costs. It sounds like you're seeing very good momentum on that consolidation kind of play, but As you think about kind of the next couple of quarters, what are you contemplating from a sales cycle perspective? Have you seen any sort of expansion to date? And when, Eric, when you think about kind of a more conservative outlook, is that the primary way that's manifesting is just sales cycles taking longer? Thanks.

Yeah, so, no, I mean, we haven't seen any change in sales cycles, actually. Q1 was, if anything, a little bit of a tick up in improvement. But overall, they've been pretty consistent. You know, they've been pretty consistent over the last, you know, more than several quarters. So I don't think we see any changes there. You know, in general, our sales process is to talk, as I said, about longer-term roadmaps to design out how somebody might take advantage of the platform, but to get them started where they are. So if they're not ready to make a full platform purchase, then get started with one or two solutions. And you see that in some of the new logos that come in. And then over time, we'll expand your footprint and we'll expand you across the whole platform Most cases, we have a roadmap, a plan for that already, even if they're getting started with less of the platform. That being said, as Erica mentioned, if you look at our top 10 deals in the quarter in Q1, almost all of them, actually nine out of the 10, were multi-platform deals, I mean, multi-solution deals across the platform. And it speaks to the ability we already have to be able to drive that conversation with our customers. So no, I don't think it changes the sales cycle because our go-to-market team is excellent at understanding where the customer is and to keep them moving on their buyer's journey, if you will. I think what you will see is, you know, as you try to bring in some of these displacement opportunities, those will take a little bit longer. And so we're not building that into our guidance. You know, the idea that we're going to go in and disrupt legacy IGA rather than sit alongside of it. We've built in an idea of how we sit alongside of it. We're not going to build in disruption because that will take a little bit more time to materialize. But in a lot of cases, when we're talking about our platform, they don't have in place the machine side yet. And so it's a pure expansion, not a replacement. When you're talking about going into the access or the workforce side, the EPM side, in a lot of cases, we're layering security controls on top of what they already have so they don't have to replace. And that allows them to efficiently get onto our platform quickly, even in a tougher macro environment.

Super clear. Thanks, Matt.

Your next question comes from the line of Greg Moskowitz with Mizzou. Your line is open.

All right, thank you very much for taking the question. In your recent identity survey, we found it interesting that 42% of machine identities have access to sensitive data, which is a little higher than it is for human users, and yet only 12%, I think, consider machine identities to be privileged users. Matt, you mentioned that Ventify is performing ahead of expectations so far, but the data here also shows that there's clearly still an awareness gap. So how do you go about closing this?

Yeah, listen, I think that's the moment of now, right? And I think we've been talking about it when we acquired Ventify. By the way, we were talking about it beforehand with our secrets business and kind of the takeoff we've seen in the secrets business. The moment is now that security is getting involved in the discussion. And I think we've talked about that before, right, which is a lot of these machine identity security decisions were left to the DevOps teams, to the local developers to choose on their own, which left no visibility to central security on what was actually happening. That's the fact that comes out in that data. So what happens now is the CISO and the security team is saying, no way. No way are you making those decisions without us. No way are you having localized vault sprawl throughout your organization. No way are you doing certificates on spreadsheets anymore. and they're coming with a central authority, when the CISO gets the right to have central authority, CyberArk wins. And that's what we're seeing today in the market. And so it's really a matter of helping the CISO get control rather than it is us educating the market on something.

Very helpful. Thank you.

Your next question comes from the line of Shaoli Yao with TD Common. Your line is open.

Thank you. Hi. Good morning. Congrats on a great quarter all around. I wanted to go back to Matt Hedberg's question on machine identity and pricing. I understand the ratio of 80 to 1. Specifically on pricing, SailPoint, for example, they indicate that pricing of their machine identity is going to come at about one third of human identity. And I understand you guys are different companies yet operating in the same broader arena. What's the thinking along these lines? And maybe just as a follow-up, I've been getting some emails, some questions about the commentary about the certificate lifecycle change. Is that a recommendation or is that a decision being supported by some industry regulations? Thank you, guys. Yeah, sure.

So to your pricing discussion and, again, specifically around what we see, I think it's – and I bring it back. I know it's the same answer I gave Matt, but I bring it back to the idea of it's the deal size that matters, not the individual cost per identity. I think you should expect to see a fully deployed customer on the machine side to basically be 1.5 to 2X on the secret side and 1.5 to 2X on the certificate side. to what we are able to do on the human side. Ultimately, when you're fully deployed on the machine side, we're talking about somewhere between 3 to 5x the size of the base that we can go sell to. And it's a big deal. It's an enterprise sale. And ultimately, over time, it will continue to grow. I think that's what we see. Listen, I don't think SailPoint is really in the machine space. So I'm not sure where their pricing is coming from. But it's not really covering the type of machine identity that we're talking about. The second part of your question around certificate authority, it is a mandate. So it's an actual, it's called the CA Browser Forum. It is a kind of governing body and it's mandated that it go down to 47 days. That mandate is for 2028 or 2029. But basically, it indicates that the Google 90-day mandate, which was kind of a Google-specific thing, didn't go far enough. They want to go even farther, and they want to push the envelope there. It basically wakes people up to the idea that certificates are a thing that's going to change. Their world of certificates and long-lived certificates are not going to exist for long. And I think enterprise companies are coming in and saying, what can I do about it? And we've got the perfect solution to solve that problem for them.

Thank you so much. Super helpful. Great caller. Thank you.

I will now turn the call back to Matt Cohen, CEO, for closing remarks.

So thanks, everybody, for the questions today and the dialogue. It was fun and appreciated. I want to conclude by thanking our customers and our partners for their support and trust, and most importantly, our employees here at CyberArk who wake up every day and make sure we can deliver strong quarters like we did today. You know, when we think about a world where identity security is an imperative, we feel ready to respond, continue to grow, and drive durable growth for the future. Thanks, everybody.

Ladies and gentlemen, that concludes today's call. You can now disconnect. Thank you and have a great day.