This conference call transcript was computer generated and almost certianly contains errors. This transcript is provided for information purposes only.EarningsCall, LLC makes no representation about the accuracy of the aforementioned transcript, and you are cautioned not to place undue reliance on the information provided by the transcript.
Operator
Thank you for standing by and welcome to QALYS first quarter 2021 investor call. At this time, all participants are in a listen-only mode. After the speaker presentation, there will be a question and answer session. To ask a question during the session, you will need to press star 1 on your telephone. Please be advised that today's conference may be recorded. Should you require any further assistance, please press star 0. I would now like to hand the call over to your host, VP of Investor Relations and Corporate Development, Blair King. You may begin.
spk05
Thank you, Lateef. Good afternoon and welcome to Qualys' first quarter 2021 earnings call. Joining me today to discuss our results are Sumit Thakkar, our CEO, and Jomi Kim, our CFO. Before we get started, I would like to remind you that our remarks today will include forward-looking statements that generally relate to future events and or our future financial or operating performance. Actual results may differ materially from these statements. Factors that could cause results to differ materially are set forth in today's press release and in our filings with the SEC, including our latest Form 10-K and 10-Q. Any forward-looking statements that we make on this call are based on assumptions as of today, and we understand no obligation or we undertake no obligation to update these statements as a result of new information or future events. During this call, we will present both GAAP and non-GAAP financial measures. A reconciliation of GAAP to non-GAAP measures is included in today's earnings press release. And as a reminder, the press release prepared remarks and investor presentation are all available on the investor relations section of our website. So with that, I'd like to turn the call over to Sumed.
Lateef
Thank you, Blair, and welcome everyone to our Q1 earnings call. We are pleased to report another quarter of healthy revenue growth and profitability, reflecting good progress our strategic and financial agendas. Since taking on the role of interim CEO in February, I have been working closely with the Qualys team, our customers, as well as our board to ensure continued success of the company. As the newly appointed CEO, I am very excited to have the opportunity to lead Qualys on this next phase of its journey. I would like to thank Philippe for his leadership, making Qualys a significant force in the cybersecurity space, and I'm confident we will take the company to the next level of its growth. I'm now squarely focused on platform innovation and enhancing our go-to-market motion. We experienced another quarter of strong growth in our paid cloud agent subscription, which grew 58% year-over-year to 61 million, as well as continued momentum with VMDR with 34% purchasing VMD app. Our multifunction lightweight cloud agent is a core engine that helps customers consolidate multiple agents with a single quality solution. One of my key priorities is to ensure we are providing innovative, comprehensive, and integrated products to transform the way new and existing customers secure and protect their organization's IT infrastructure and applications with cloud-based IT security and compliance solutions. We believe Qualys VMDR, which is vulnerability management detection and response, is setting the gold standard for vulnerability management with our single agent approach to speedy detection and response. Attackers' rapid exploitation of vulnerabilities for malware and ransomware attacks continues to grow as witnessed with the recent high-profile proxy logon vulnerabilities impacting Microsoft Exchange servers. The threat actors raised to exploit a few days and installed the China Chopper web shell for further entry into organization's environment. The DeerCry ransomware hit soon after leveraging those same vulnerabilities. Qualys quickly released a 60-day free VMDR service to help organizations not only quickly detect the vulnerabilities, but also patch it with single click and further detect the ransomware with multi-vector EDR and take response actions, all using the single Qualys agent. This showcases the power of VMDR to not only report on vulnerabilities like other siloed point solutions, but also mitigate the risk immediately and was very well received by our customers who were able to patch high profile vulnerabilities in a matter of hours with our tightly integrated patch management solution in a single app workflow and stay ahead of the threat actors. While still a small portion of overall bookings we continue to see strong customer interest in our patch management solution, both in the mid-market as well as with large new and existing customers. In fact, in Q1, a leading large multinational firm selected our patch management application over several other competing solutions given its ability to easily and effectively patch remote endpoints without using the limited bandwidth available on the VPN gateways. With our recent announcement of extension of patch management for Linux systems, where very few enterprise patching solutions are available. We are looking forward to expanding the opportunity of Upsell to customers who already have cloud agents on these systems. Further pressing our advantage with agent consolidation, we continue to see customer interest in adding our multi-vector EDR to their VMDR and patch management deployment to reduce agent sprawl on their endpoints with single solution for risk mitigation and threat response. Our recent announcement of adding real-time anti-malware protection capability to our multi-vector EDR solution further solidifies our commitment to continuing to expand our addressable market opportunity. As an example, in Q1, a Fortune 500 company purchased our paid asset inventory module, VMDR, patch management, and EDR together to standardize their endpoint security on a single agent solution over multiple best-of-grade point solution agents. In terms of our newer paid solutions, we saw solid growth in the quarter with our container security solution led by Microsoft Azure for scanning container registries. In addition, we continue to see strong growth for our global IT asset discovery and inventory solution. In the quarter, two leading financial institutions selected our asset inventory paid modules in order to gain visibility of all of their known and unknown assets spanning multiple environments to identify the end-of-life of the installed software and synchronize with their ServiceNow CMDB. Looking into the remainder of 2021, we have a strong roadmap to expand our asset inventory, EDR, ICS, OT, cloud, and container security solutions. We also plan to introduce our extended detection and response platform, XDR. XDR is a next-generation security analytics and incident response solution which natively integrates and correlates security platform. This solution is currently in private beta with a few select design partner customers. With these continued innovations and others on our platform, we'll expand our addressable market while opening exciting new growth opportunities for the business. In addition, we continue to build strong strategic partnerships towards enhancing our global market with building in quality security solutions with cloud providers like Microsoft Azure and GCP, as well as displacing competing solutions with MSSP partners like HCL, where Qualys VMDR is now their default vulnerability management offering. Another key area of my focus is our go-to-market strategy and sales execution. Pairing industry-leading innovation with an amplified investment in our go-to-market initiatives underpin our confidence in driving profitable growth and long-term value creation for our customers and shareholders. Armed with industry-leading technology and substantial new platforms following the successful launch of VMDR and multi-vector EDR last year, as well as the upcoming release of our HDR solution, we are planning to make appropriate go-to-market investments in our business. We believe that we are well positioned to maximize the return on incremental investments, so I have been spending majority of my time with the sales and marketing teams as well as product management to execute on this plan. To that effect, one of my top priorities, as previously mentioned, was to look for a candidate for chief revenue officer to drive growth of our business. Today, I am pleased to announce that Alan Peters will be joining us as our new CRO starting next week. He will be responsible the leadership of worldwide sales and partner organizations, and continuing Qualys growth momentum. Alan has more than 20 years of executive sales experience building and scaling global teams in cybersecurity and SaaS companies, including previously serving as the CRO of Trustway. We also recently appointed Klaus Moser to assume the role of Executive Vice President for Field Operations for America and General Manager of our SME and SMB business. At the same time, we are also enhancing sales operations, digital marketing, and other sales enablement functions in the company with a balanced approach to sustain future growth and profitability. In conclusion, as I stated on our prior call, Qualys continues to move well beyond vulnerability management and increase its competitive advantage with the addition of newer solutions, including our soon-to-be-released XDR. Our strategic direction remains focused on leading with powerfully disruptive technologies. Paired with strong sales leadership and a focus and growing global go-to-market initiative, we believe we are well positioned to drive long-term value for both our customers and our shareholders. With that, I'll turn the call over to Jumi to further discuss our first quarter financial results and guidance for the second quarter and full year fiscal 2021.
Blair
Thanks, Junaid, and good afternoon. Before I start, I'd like to note that except for revenue, all financial figures are non-GAAP and growth rates are based on comparisons to the prior year period, unless stated otherwise. We're pleased to report another strong quarter reflected in the following financial and operational highlights. Revenues for the first quarter of 2021 grew 12% to $96.8 million. Please note our Q1 2021 calculated current billing was negatively impacted by a large late renewal that closed after the end of the quarter, as well as a timing and amount of prepaid multi-year subscriptions and shorter duration invoicing. In Q2, we expect this to reverse to have a positive impact on calculated current billing by a few percentage points. Our average deal size increased 9%, and paid cloud agent subscriptions increased to 61 million over the last 12 months, of around $56 million for the 12 months ended in Q4 2020. And 34% of non-Strategic Alliance customers with their vulnerability management solution of for renewal on the quarter purchased the MDR, similar to 35% in Q4. The MDR contributed approximately 34% of total bookings over the last 12 months. Our scalable platform model continues to drive superior margins and generate significant cash flow. Adjusted EBITDA for the first quarter of 2021 was 44.6 million, representing a 46% margin versus 44%. Non-GAAP EPS for the first quarter of 2021 was 74 cents, up from 55 cents last year. And our free cash flow for the first quarter of 2021 increased 14% to 51.6 million. representing a 53% margin. In Q1, we continue to invest the cash we generated from operations back into college, including $6.3 million in capital expenditures for operations and $31 million to repurchase $269,000 of our outstanding shares. We remain confident in our business model, driven by our foundation of nearly 100% recurring revenue and an expanding suite of applications. We are delighted to be raising our full year 2021 guidance for both revenues and non-GAAP EPS. We are raising the bottom and top end of our revenue guidance for the full year to now be in the range of $402.5 to $404.5 million from the prior range of $399 to $402 million. We are raising our full year non-GAAP EPS guidance to now be in the range of $2.67 to $2.72 from the prior range of 2.60 to 2.65. And for the second quarter, we expect revenue to be in the range of 98.6 million to 99.2 million, which represents a growth rate of 11 to 12%. We expect non-GAAP EPS to be in the range of 67 to 69 cents. Q2 capital expenditures are expected to be in the range of 6 to 7 million. We remain confident in our financial model due to our strong competitive position and leading cloud platform. With that, Sunet and I are happy to answer any other questions.
Operator
As a reminder, to ask a question, you will need to press star 1 on your telephone. To withdraw your question, press the pound key. Once again, that's star 1 on your touchtone telephone to ask a question. Please stand by while we compile the Q&A roster. Our first question comes from the line of Matt Hedberg of RBC Capital Markets. Your line is open.
Matt Hedberg
Yeah, hey, it's Dan Bergstrom for Matt Hedberg. Thanks for taking our questions. Is there any additional color into that late renewal you could provide? You said it would be a few percentage point benefit in the second quarter here. Is that just the late renewal, or does that take into account some of the prepaid timing and duration as well?
Blair
It's in combination. So when we have a large late renewal in the quarter, we usually call it out. And it was meaningful enough to have a negative impact by a couple percentage points as a whole. We expect that to reverse. And this is consistent with how our current billings have been in the past. Now, if you take a look at our current billing, because we don't manage to quarterly billing, you'll see some fluctuation. So what we anticipate is the Q1 negative impact to more or less reverse in Q2, so we'll see a higher current billing in Q2 relative to booking.
Matt Hedberg
Great. That's helpful. And then maybe, you know, could you just talk to India? It's been in the headlines with COVID here. I know you've got over 900 employees there. I think everyone's been working remotely already. I guess, you know, is that the case, or is there any incremental action that's needed to happen here recently?
Lateef
Yeah, I think that's a very important aspect to address. We do have a large presence in India, and we have been doing quite well working remotely for all of our employees over the last year plus. So our employees have been already used to that working remote environment and staying safe in their homes. And obviously, we call this monitoring the situation, working with our employees, providing assistance that's needed. But at this point, we don't see any meaningful impact to what we are seeing in terms of an output from our operation. But our hearts go out to those who are impacted pretty severely.
Matt Hedberg
Thank you.
Operator
Thank you. Our next question comes from Young Kim of Loop Capital Markets. Your line is open.
Young Kim
Thank you, Sumedh and Jumi. Congrats on a solid start to the year. Just want to be very specific on one question here. First, to start off, VMDR upgrade rate, or the renewal rate, since often renewals, that is, seems to be stabilizing at 34 to 35 percent rate. Is that consistent with what you are expecting? And perhaps, you know, can this number start to downtick starting next quarter and in the second half of the year? as we anniversarize the renewal cycle and start targeting customers who didn't renew last time. And just overall, how should we think about the VMDR adoption rate in regard to your cloud agent adoption and the overall platform strategy? Thanks.
Lateef
Yeah, I can take that one. You know, VMDR, we released that, you know, last year, I think around Q2, was when the initial push started, and I think the way we see VMDR, obviously, is that it's a combination of many different capabilities that the customers need to adopt, and they need to make them operational within that environment. And so we are not being pushy with our customers. So we're working with them to ensure that they respond to the attacks or to the vulnerabilities that are coming up. And I don't expect that to go down because the way we're tracking this is that the numbers are the number of customers that were converted to VMDR that were eligible for renewal in that quarter. So as you will see coming up in Q2, we will see additional incremental or through the rest of the year, we'll see additional incremental conversions of customers as they get ready, maybe their budget allocation, their resources available to pension in the MDR. So we'll see, you know, our hope is to see that number keep going up.
Young Kim
Okay, great. And then second question from me is, can you just give us any qualitative sense on how much of your business is driven by you know, security by deployments on hyperscaler environments or securing deployments on hyperscaler environments like AWS and Azure. And is that business, you know, primarily driven by your existing customers or, you know, are you seeing a higher mix of new customers, you know, coming from those environments versus your traditional sales channels? Thanks.
Lateef
Yeah, I think it's a combination, right? A lot of our large customers today, you know, we don't necessarily break it down that way, but a lot of our large customers today, they do have a hybrid infrastructure. So while they may have certain business units or certain environment that they're running in this hyperscale environment with multi-cloud deployment where we are very strong, they also have, you know, other devices within their environment that could be remote endpoints, which we're seeing in large numbers as well. or other types of devices that are also part of their overall license. So we're not necessarily tracking it that way. But then when you look at customers who are migrating to the cloud environment, they clearly want to ensure that from their auditor's perspective that they are getting the same kind of high-quality reports, metrics, ability to fix these vulnerabilities in the cloud environment. just as they were getting from Qualys in their on-prem environment. So we work with them to help them have Qualys be part of their migration. And our architecture, being a cloud-based architecture, really lends itself to have that very easy integration, and we already have a lot of built-in capabilities in multiple of these environments. And so we have Qualys integrated well with Azure, as well as GCP, and in those environments, through this sort of integration, embedded capability that we have, customers who are directly bringing workloads to Azure may also be leveraging the Azure scanning that is provided by Azure and that is in the backend supplied by Qualys. So there's also that additional way that we are embedded into native cloud environments as well where the native cloud security solutions in these cases are leveraging Qualys in the backend to provide the capabilities around scanning, configuration assessment, etc.
Young Kim
Okay, great. That's very helpful. Thank you so much.
Operator
Thank you. Our next question comes from Sterling Odie of JP Morgan. Your line is open.
spk00
Hi, this is Maya on for Sterling. I was hoping that you could just give a bit more color on what you are considering in your full-year guidance, it just seems like it's implying a bit of a slowdown in the second half of the year, especially on the back of some new product development. So just hoping for, you know, what you're considering in that outlook.
Blair
Yeah, so when we take a look at revenue trajectory, what we look at is the near-term bookings as well as some of the potential increase in return from the additional investments that we plan to make in the current year. So if you take a look at our annual revenue guidance, at last quarter, we had guided to $399 to $402, and we are raising it at the midpoint by $3 million, primarily because of the business momentum that we see right now. In Q1, we did outperform relative to the guidance. And taking a look at to the full year, hiring the CRO, additional initiatives that we have in place, It's kind of what we see that will land at around 11% year-over-year growth. With that said, what it doesn't include is a potential increase or meaningful uptake from the adoption of newer products, such as, for example, EDR is still relatively new, and we didn't take into consideration potential significant upsells in the VMDR that we don't currently see now. So there is definitely upside that we haven't included in the guidance.
spk00
Okay, great. Thank you.
Operator
Thank you. Our next question comes from Joel Fishing of Truist. Your line is open.
Joel Fishing
Hey, good afternoon. Thanks for taking the question. So, Matt, can you just give us a little bit more detail on some of the specifics around the go-to-market changes that you plan to be focused on over the next couple of months to reinvigorate growth?
Lateef
Yeah, I think one aspect of the focus really is about ensuring that we are creating all of these additional capabilities on the platform to expand our, you know, the TAM. So with adding a VDR, XDR, so we're ensuring that from that perspective, we're getting ready to have multiple capabilities that we can upsell to these customers that are coming on board. And we're already seeing that in some of the examples that I gave where customers really see the value in saying, well, why do I need to get four different agents, one for EDR, another for patching, another for vulnerability management, another for asset inventory, I can leverage Qualys as the one agent that is providing all of these capabilities in a single solution. And what we're now focusing on, we're obviously bringing Allen on board. We've had a model where technical salespeople work closely with our customer, given that it's a SaaS service. to ensure success of the customers in the product that they purchase initially, and then work with them for the rest of the year to ensure that we find opportunities there to upsell so that they can consolidate other existing solutions that they have in their environment. And sometimes those solutions could be prepaid for a couple of years, so maybe it takes time for that opportunity to come up. But with bringing on Alan, where we can focus really on additional business. We're going to focus on sales enablement. We're going to focus on digital marketing. So there's a few different areas that we're going to focus on. So taking really our model that we have, which our customers appreciate for the way we work with them, and then helping ensure that our sellers are getting additional help in terms of being able to be enabled for selling these additional solutions that we are bringing out to the market. That's really the focus that I have and working closely with the product team as well as the sales team. And in addition to sales and marketing directly, we've also been enhancing our product management organization to ensure that we can have product line owners that can really be closely associated with the specific business, whether it's application security business or whether it's a tech detection business or whether it's a vulnerability detection business, so that they can drive the sales aspect much more closely, the marketing aspect much more closely with the sales team.
Joel Fishing
Okay, and one follow-up, if I may. You called out on the call a large deal with a customer, I think, and I believe they, if I heard you right, took EDR, XDR, and a lot of other products. Can you give us any color around that, you know, the competitive dynamics around that and the pricing around that deal?
Lateef
Yeah, the customer had a couple of other solutions, individual that they were leveraging, and, you know, they were in the market to look for a vulnerability management solution. As they started looking at different capabilities, they saw VMDR, the ability to mitigate the risk that the vulnerability management product was bringing I think was paramount to them because as I gave that example today the time between the vulnerability coming out and the speed at which those vulnerabilities are being weaponized is extremely short and so other point solutions that they were looking at as we see best of these vulnerability solutions are only giving you a report and that's what they wanted to kind of look at to say can I get something that also is able to provide response capabilities and so Once we work with them on the POC, and our model always is to give the broader POC, have them leverage that 60-day free service so that they can see the value of the overall platform. They were quite intrigued with our ability to also give them other additional things with the same agent, like end-of-life, and then helping them essentially not have to install another separate EDR agent because that same agent that was doing their patching to mitigate the risk was also monitoring the system for threats and then responding to that. Obviously, the pricing that we put in place was a combination of the various modules that they would have otherwise purchased from Qualys, which is individual modules for paid asset inventory, vulnerability management, batch management, and EDR. Obviously, we do volume-based pricing, and based on that, we gave them a pricing that effectively they felt like, not just from a license perspective, so That one price on Qualys with a single agent relative to four different software licensing from four different agents plus the cost of deploying those agents and their platforms and then integrating all of them to get that single view, I think the customer felt that this was a lot more cost effective and something that was much quicker to operationalize than having to do multiple point solutions.
Joel Fishing
Thank you so much.
Lateef
Okay.
Operator
Thank you. Our next question comes from Hamza Fadawalla of Morgan Stanley. Your line is open.
Qualys
Hey, guys. Thank you for taking my question. And, Samet, congratulations on your formal appointment as CEO. Thank you. So I had a question sort of following up on the last one around sort of the multi-sector EDR and the or the XDR solution that you're rolling out. Can you maybe comment on your ability to be able to garner telemetry from a variety of different attack surfaces relative to some of your other competitors who are also coming at this market with an XDR approach? And then also, what sort of technologies would you say you're displacing, right? Because you talked a lot about consolidating different parts of the security solution. So I'm just curious, who do you often place when you do go into these deals from a technology standpoint?
Lateef
Yeah, I think if you look at the way Qualys architecture is, that's I think the biggest advantage we have is that we have sensors that are embedded across the entire infrastructure no matter what type of infrastructure it is. So we don't have a approach which is very agent-less only or agent-based only. Today, Wallace natively collects data from agents. We have non-agent assets in the environment that are able to do very deep scans. We have passive sensors that are able to look at network telemetry information passively to collect additional information on the connections that are being made in that environment. Cloud connectors that we have, we have container sensors that are collecting information, and then also Layer 7 scanners that are providing information about the applications as well. And all of the data comes into the centralized platform that we have. And that's really where we are correlating this information. And with the backend, as we have talked about previously, we have really gone through an entire architecture of the platform. We're making it highly scalable today with 8 trillion data points being indexed in Elasticsearch. So as that data comes in from Wallace's own sensors, we already have a lot of visibility into what is happening on that asset. whether it's related to collecting network connections or processes or whether it's related to registry or files or file integrity monitoring alerts. So that's already being done. Obviously, and that kind of is covered by VMTR, ETR, and those capabilities of the same agent. On the XDR side, What we are focusing on is in addition to all of the data that Qualys is collecting, for example, Qualys can collect data about a printer in your environment that can be compromised, which a typical EDR cannot do because they need an agent on the actual device, and you cannot put an agent on a printer. But in addition to that, there are firewall logs, proxy logs, and a few other log sources that add context to the potential attack that may be going on. And what our XDR solution now does is that it actually allows opens up our platform to take this additional telemetry data from multiple different vendors that are providing this capability so that this data can be ingested into the policy backend, correlated with the large amount of data we've already collected with multiple sensors that we have, and then provide a much more simplified visibility into that environment. Because otherwise, the customer has to buy a SIM, and the SIM does not come with any data collector, so they have to buy 10 different sensors solutions, then deploy those, integrate those, and then start to see the value. And one of the things that you've seen over the last year and this year is that we are also focusing a lot on providing response capabilities directly into the platform. So what that means is that the SOAR aspect, that once we collect the data, we analyze that, enrich it with information from third-party sources, our platform, our agent, our scanner, our appliance can start to take response action immediately and customer doesn't have to go and deploy another set of solutions to now take response actions. So in this process, we typically end up displacing your standard vulnerability management solutions that only do reporting, but they don't do patching. We may have a separate patching solution that we end up displacing. On the EDR side, customers are looking to get out of their standard endpoint protection capabilities that they have had for a while, antivirus, type solutions and then increasingly as our solution is becoming mature we start to see that we will be competing more and more with the other EDR players in the market that already have established solutions and the goal there for us is to provide the customer broader visibility and not just EDR. The idea is that we actually will give you not just the threat part because EDR only gives you the threat. We also give you the risk mitigation all through the same solution and that's sort of where we are looking to compete in that market instead of just the feature-to-feature comparison on a specific EDR agent.
Qualys
This is just a quick follow-up for that. From a go-to-market perspective, what are you doing to really gain traction within the MSSE ecosystem? That seems to be a very important channel in order to drive more adoption, some of the things you're talking about with XDR and sort of incentive response capabilities. So Can you talk a little bit about some of your go-to-market efforts there?
Lateef
Sure. I mean, we have always been very well partnered with the MSSP partners. And if you saw some of the recent, I mean, you look at the trend that is happening with MSSP, they are looking to, you know, move towards more of a platform of course themselves so they can put more resources on helping the customer with their security issues rather than trying to deploy these solutions. So traditionally they have, MSSPs have used, you know, QRadar or some SIM, and then they have to deploy multiple solutions. What Qualys brings to them, and this is what we're working with a few of them, is that a good chunk of what they need from a security perspective to provide customers the service is already on the Qualys platform. So whether it's file and data monitoring, whether it's container security, cloud security, a lot of those capabilities are already part of the Qualys platform. And now with XDR, the ability to bring in the data that Qualys does not collect natively is really going to be something that is very meaningful to them. So we have early conversations with MSSP partners to start to leverage Qualys at even more strategic level. But if you look at some of the recent partnerships that we have done, whether it's with Infosys or Armor or some of them who are already looking at their platform, looking at ways that they can create more value more of an integrated solution that they can leverage and then focus on providing the service to their customers. So I think that's where we are working with those MSSP partners who are sort of the new age MSSP partners who are looking to integrate our platform as the core of what they're doing and then provide the service on top of that.
Operator
Got it.
Qualys
Thank you.
Operator
The next question comes from Alex Henderson of Needham. Please go ahead.
Alex Henderson
Thanks. I was hoping you could explain the mechanics that occurred in the quarter that caused the VMDR to go from 35% to 34% in one queue. We certainly wouldn't have expected a decline in that number. I'm assuming that it has something to do with the seasonality But, you know, if you could clarify the mechanics that caused that to happen, it would be very helpful. Thanks.
Blair
Yeah, Alex, just to clarify, it's not a decline. So what we take a look at is we look at a group of core customers that are up for renewal in the respective quarter. So, for example, Q4 last quarter, those customers who are up for renewal, it was the first time where they, you know, had a chance to really upgrade to BMDR from VM. So out of that board of customers, 35% ended up renewing into BMDR. In Q1, what happened was last year we launched BMDR in Q1, so it's our first year anniversary. And so last year, 6% of them actually had already converted into BMDR, and out of the remaining customer base, obviously now that BMDR has been out for a while, we've been in discussions with them, and taking a look at the entire customers who renewed in Q1, Those who had purchased vulnerability management solutions, 34% adopted BMDR. So if you think about it from that perspective, you know, it really is customer-specific in terms of what they need. And this is why, because it's a first-year anniversary, we did share percentage contribution to total booking, taking a look at the LTM booking. So that's 34%. contribution is pretty significant if you take a look at it, because that includes total bookings, including other solutions that we have out there. So we are very pleased with the adoption. We do anticipate that percentage contribution to bookings to continue to increase, and we will continue to share that metric going forward.
Alex Henderson
So does this, just mechanically, does the 34 percent, is that additive with the 6 percent from the prior year to get a net contribution from customers that have the opportunity?
Blair
No, no, that's a total, total end of order.
Alex Henderson
Okay, the second question I wanted to ask is, you know, you haven't really talked about your data lake at all in this call or actually in some of the recent calls. I was wondering if you could give us an update on where you are in building out the data lake, where you are in terms of, you know, satisfying yourself that the content that you're pulling up is the right content and delivers the proper degree of efficacy? And to what extent the timeline is stable, improved, or eroded relative to getting it to full maturity?
Lateef
Yeah, I think, you know, when we initially started talking about it as a data, like as you've seen that with feedback from our customers, we've essentially transform that into our XDR solution because customers don't want just a data lake. They want that Qualys data already integrated into that data lake and bringing that additional information. So our focus really has been on our XDR solution that today is already imported and deployed in our production environment as a private beta. So where we are today is the Qualys internal. We are already leveraging that to test it, make sure that it's working the way we anticipate. As you can imagine, this is a huge undertaking from an engineering and platform perspective for us to go in this area and to build that out. And so there's a lot of learnings in there, building our cloud-based solution, the kind of EPS that we can ingest, how quickly we can ingest that, how the speed of this thing is working out. So today, we have that already deployed as a private data where Paulus and a couple of other private data customers are already engaged with us, where We are pulling the data in. We're learning through that process, fixing any bugs that we may be coming across in that as we learn to put new sources. And as we go through that and get additional insight, we'll bring on a few more beta customers over the next couple months. And then once we have that release that we feel is good enough to open for a more public beta and can start working on the GA timelines, I think We are today, I feel like we're in a good place in terms of the roadmap and where we have executed so far on ACR and having that system already out there. And then the plan that we have to ensure that we are working with our customers to get it to the point where we can get it out at some point through this year. We just don't have an exact timeline yet, so let it try for the GA.
Alex Henderson
So when you say get it out this year, you're talking about getting it out to a more public beta than what you've done so far, as opposed to fully complete, done, no issues whatsoever, and it's in sustained mode at that point?
Lateef
Both. Yeah, both. Our goal is to get the beta out in the next couple of months, and then our goal is that by Q4, we also get this out as a product that customers can start purchasing.
Alex Henderson
And has the efficacy of the data lake in terms of the outcomes that it's predicting been proven out as reasonably high efficacy?
Lateef
Yeah, I think where we sit right now and comparing for our own internal environment, we are getting close to where we feel this is something that customers can really deploy and see the similar amount of efficacy that they're seeing with the added advantage of not having to integrate additional solutions and buy multiple solutions. So we feel we're on the right track here in terms of where we are and where we see the clarity of the roadmap on the various other additional functionality that we will be fixing and delivering over the next few months.
Alex Henderson
So both Sentinel-1 and CrowdStrike have done acquisitions to bring in an ability to – upload more compressed data from their endpoints and to even do searches on that data while it's still compressed, significantly lowering their costs. Have you thought through or do you expect to do something similar in terms of trying to bring your data ingestion costs down?
Lateef
Yeah, I mean, we've always had a very bare-metal strategy around leveraging Docker Elastic for the last multiple years. And if you look at, we're already indexing 8 trillion data points in Elasticsearch. We have extremely high rights, a million rights per second on Cassandra that we already achieved in our platform. So we feel pretty good about the scalability and the ability for the platform to ingest a large amount of data. Where we feel we differentiate ourselves is that, from what we see right now, Sentinel-1 and CrowdStrike focus on the endpoint and collecting the data from the endpoint and maybe additional data and sending it to the platform. Our XDR solution goes well beyond endpoint. So not only our EDR solution will be collecting the same kind of data from the endpoint itself with the agent, but with the ability that we already have of collecting scan-based information on devices that cannot have an agent, like routers, switches, printers, many other devices. plus passive devices to see what network telemetry we see from outside of devices that don't have an agent, collecting that, and then bringing firewall log and proxy log type of data from allowable firewalls and Cisco ASA to enrich this information gives a much broader visibility into the infrastructure, and then you add on top of that, we already have strong container security and cloud security solutions that the endpoint ADR solutions necessarily only focus on the thread aspect of it. So overall, bringing that and then adding the application context, right? So a lot of these solutions focus only on the infrastructure context, but then if you're running a web application that has a SQL injection vulnerability that could be compromised or a web shell can be put, Qualys brings that as well. So we feel that what we are doing is a much broader scope because we're collecting a lot of data that is outside of just the endpoint that your traditional endpoint solutions are looking at.
Alex Henderson
Okay, one last comment. Congratulations on bringing in your new chief revenue officer. And from our perspective, there was nobody else that could possibly be the right choice for the CEO, and I'm glad the board made the decision it did. And congratulations on being the permanent CEO. It's certainly well-deserved. You've done most of the hard lifting on constructing this thing. Thank you very much, Alex. Thank you for the kind words. I'll pass that on now. Thanks.
Operator
Thank you. Our next question comes from the line of Shevly Serafi of FDN Securities. Your line is open.
Shelby
Yeah, thank you very much. So I want to be clear on the current billings growth expectation for Q2. I think you said you expected to accelerate a couple points from Q1, so I assume that means 8% growth in Q2. And Mike, just please confirm that. And then secondly, what do you think is a reasonable current billions growth rate in the second half and going forward? Do you think we go back to double digits over the next several years?
Blair
Yeah, so Shelby, just to clarify, on the current billing, so because we don't manage to quarterly billings, we'd like to give a little bit of color when we see some meaningful fluctuations. So what we were guiding to is we don't guide to current billing's growth rate per se, but in terms of Q1, we had some unexpected, like our... couple percentage point negative impact on current billings relative to bookings. So we call that out, and we expect that to reverse in Q2. So what it means is, if you think about the current billings growth in Q1 at 6.5%, compared to actual bookings growth rate, it was lower. We expect that to reverse in Q2. So compared to bookings, we expect billings to be higher. So that was a color that we were trying to give. And in terms of the business momentum, and this is supports why we keep on pointing to the annual revenue guidance and the trajectory of that guidance and where it's headed as a best proxy for business momentum because our current bookings really inform our guidance. So if you take a look at our annual revenue guidance, we have guided to $399 to $402 last quarter. We increased that at the midpoint by $3 million, so now the implied growth rate for the total year is 11%. So I would point to that in terms of your kind of trying to determine the current business outlook for Paulus.
Shelby
Okay, thank you very much. And then I think you made the comment earlier that the BMDR, the percentage of customers renewing with BMDR is going to start increasing now, even though it ticked down in Q1. Do you have an idea of what kind of target you expect over the next several quarters Do you think that metric goes over 50%, for example?
Lateef
Yeah, I mean, I think we certainly are working towards that. I think the big part of really the deployment of VMDR started in Q2 of last year, even though in Q1 we had a little bit of that. So I think as the first year anniversary of VMDR all started, which is still early stages, we – we expect to build additional VMDR conversion on top of what were converted in Q2 of last year. And so what that percentage is going to be, I think we don't know right now, but that is something that with the right go-to-market motion and with the changes that we are making, we're hoping the next few quarters will continue that rate to start to keep ticking up and create that opportunity for us to push more agents.
Shelby
Okay, and last one for me is... The XDR SIM launch, I think you made the comment you expect customers to be able to purchase it in fiscal Q4. Does that mean it goes GA in Q4, or is that just a public beta in Q4?
Lateef
No, that's GA in Q4. Our plan for public beta is in Q3, and then our GA in Q4.
Shelby
Got it. All right. Thanks a lot.
Operator
Thank you. At this time, I'd like to turn the call back over to CEO Sumedh Sekhar for closing remarks.
Lateef
All right. Thank you for attending our earnings call and for all of your questions. I couldn't be more honored to be leading this great company. I'm very excited. We're very well positioned in the marketplace with disrupting new applications on our cloud platform, including EMDR, multivector EDR, and the forthcoming XDR offering, as well as other solutions that will our addressable market. At the same time, we're ramping up our sales efforts and marketing activities to capitalize on these developments while maintaining industry-leading profitability and driving long-term value creation for our shareholders. Lastly, this space of bringing new solutions to market would not be possible without the innovation and tireless efforts of our talented engineering team, who continues to work hard despite the difficult situation faced by many, especially in our India operation, given the current pandemic impact may remain safe and healthy. Thank you very much.
Operator
This concludes today's conference call. Thank you for participating. You may now disconnect.
Disclaimer