Qualys, Inc.

Q1 2022 Earnings Conference Call

5/4/2022

speaker
Operator
Ladies and gentlemen, thank you for standing by, and welcome to the QALYS First Quarter 2022 Investors Conference Call. At this time, all participants are on a listen-only mode. After the speaker's presentation, there will be a question and answer session. To ask the question during this session, you will need to press star then one on your telephone. If you require any further assistance, please press star then zero. I would now like to turn the conference over to your speaker for today, Blair King, Investor Relations. You may begin.
speaker
Blair King
Thank you, Tawanda, and good afternoon, and welcome to QALYPSE's first quarter 2022 earnings call. Joining me today to discuss our results are Sumit Pekar, our president and CEO, and Jimmy Kim, our CFO. Before we get started, I'd like to remind you that our remarks today will include forward-looking statements that generally relate to future events or future financial and operating performance. Actual results may differ materially from these statements. Factors that could cause results to differ materially are set forth in today's press release and our filings with the SEC, including our latest form 10Q and 10K. Any forward-looking statements that we make on this call are based on assumptions as of today, and we undertake no obligation to update these statements as a result of new information or future events. During this call, we will present both GAAP and non-GAAP financial measures. A reconciliation of GAAP and non-GAAP measures is included in today's earnings press release. And finally, as a reminder, the press release prepared remarks and investor presentation are all available on the investor relations section of our website. So, I'd like now to turn the call over to Sunil.
speaker
Sumit Pekar
Thank you, Blair, and welcome everyone to our first quarter earnings call. Building on our momentum, we are very pleased to report a good start to the year reflecting another quarter of continued revenue growth acceleration and strong cash flow generation. Behind these headlines are several encouraging market trends and notable business highlights. From market dynamics and continued competitive differentiation are fueling our growth. We believe the continued increase in the attack surface coupled with the growing concerns over cyber attacks like ransomware and cyber warfare is pushing organizations around the world to shed outdated siloed security and compliance systems and move to integrated security platforms to reduce the risk and response time as they future-proof their security architecture. Wallace researchers recently conducted a study on the widespread lock for share vulnerability, which included analyzing billions of assets and trillions of data points indexed on our platform, highlighting the complexity of the current threat landscape. Not only did organizations have to immediately assess their asset inventory and get a real-time view of their own and third-party vulnerable software, but also have to move at lightning speed to patch and mitigate the issues in a matter of hours. Our study showed that organizations took an average of 17 days to remediate this vulnerability, leaving them vulnerable to attacks during that period. At the same time, they also had to monitor their assets for compromised attempts and respond without delay. Qualys Cloud Platform's unified approach of bringing asset inventory, vulnerability detection, patch management, and EBR together in a single agent was greatly appreciated by our customers in helping to reduce their exposure significantly compared to siloed preset approach with multiple point solutions. Additionally, as shown in the study, encompassing more than 150 million scams globally, over 50% of vulnerable lock for show software was also end-of-life, again highlighting the strategic visibility provided by Qualysys integrated cybersecurity asset management capability that allowed our customers to understand the technology and its impact to their security for proactive risk reduction. We believe we are uniquely positioned in this market with our ability to provide innovative, comprehensive, and integrated products using a single-agent approach for speedy detection and response. Given the opportunities ahead, we continue to prioritize investing in our business, especially building our go-to-market team where we expect to see WG growth this year despite the challenging hiring environment given the tight labor market. In Q1, cloud agent subscriptions grew 26% year-over-year to $77 million purchased over the last 12 months. There was also a steady adoption of our vulnerability management detection and response, or VMDR solution, which is now deployed by 40% of customers worldwide. These results continue to validate our security consolidation approach and the power of a single agent as customers transition to VMDR. Our growth risk quarters speaks to the commitment customers are making to the Qualys Cloud platform. The customer stories I will share with you today underscore our success with customers of all sizes in their respective journey to uniquely unite asset inventory threat detection and prevention into a natively integrated cloud-based platform that immediately develops much faster than alternate solutions. I'll start with an existing US-based Fortune 200 customer who entered into a new agreement with us to expand their VMDR and patch management deployment while adding Firebase UDSS management capabilities stunning on-prem, cloud, and container environment. The ability to significantly enhance their security program with high-quality asset context, CMDB integration, alerting, and accurate response capabilities on a single integrated platform stood out among several competing solutions in the market today. The next example is of a new customer that started with cybersecurity asset management, EMDR, patch management, and multi-factor EDR. as part of a strategic initiative to transform its IT security architecture. This customer chose Qualys because we offer the only security and compliance stack available in the market today that utilizes a single agent to enable full asset visibility and context-aware mapping to prioritize vulnerabilities, to actively reduce technical debt, automate patching, and continuously monitor endpoints to define against future malware and ransomware events across multiple environments. Finally, in another new logo win, a Fortune 1000 customer selected VMDR along with patch management. This customer consolidated two vendors to significantly reduce complexity and legacy IT costs while uniquely leveraging automation in its security and compliance operations. The speed of vulnerability detection and remediation capabilities leveraging a single agent and a unified dashboard were critical factors in its purchasing decision. This is also a good example of how we are benefiting from the investments we are making to onboard new channel partners to win new business opportunities. We believe these new links and expansions illustrate that our natively integrated cloud-based platform and single-agent approach is increasingly resonating with customers ready to re-architect and consolidate their security stack, leveraging our technical leadership We are also better partnering with our channel as part of our little market initiative. In fact, we recently launched new partner programs designed to further drive our new business level and worldwide. As I've said before, our goal is to remove friction for customers to make product expansion simple and hassle-free. A customer who may currently use only VMDR has the ability to trial and adopt our other applications at the click of a button. Executing well against this agenda, we recently introduced our next major upgrade to our multi-vector EDR solution. This natively integrated solution in the Qualys Cloud Platform further leverages our single agent approach for enhanced threat hunting and risk mitigation capabilities. Unlike traditional EDR products focused on detecting threat activity on the endpoint after the threat has already landed, multi-vector EDR 2.0 unifies multiple context vectors, including asset pay fatality, vulnerability, and system misconfigurations associated with threats, as well as patching to reduce real-time correspondence. We are pleased to have completed the most recent microevent evaluation for the first time, shoulder to shoulder with existing EDR players and more specifically, achieving impressive results. We believe that for existing customers already utilizing our VMDR solution, the added capabilities of multi-vector EDR 2.0 will immediately reduce the volume of incidents, extend prediction and prevention capabilities, and further strengthen our customers' cyber resilience. I'm also very pleased by the early adoption of this product from a handful of our customers since its introduction in early April and excited by the positive feedback we are receiving for this new update. Looking ahead, as a leader in security and compliance solutions, we continue to invest in Qualys Cloud Platform to further differentiate our automation detection and response capabilities. More specifically, we will expand on our robust capabilities in cloud, container, and ICS-OT environment to further strengthen our competitive differentiator as customers increasingly move applications to cloud and containerized environments. In summary, we are delivering solid financial results and building strong business momentum in the market as companies uniformly recognize Security transformation is fundamental to combatting today's heightened tech environment. As a result, customers are increasingly looking to reduce their risk exposure through the adoption of a natively integrated security platform instead of relying on a collection of disparate point solutions. We believe that with our organically integrated cloud-native platform built to solve modern security challenges, Qualys is uniquely positioned to capitalize on this long-term, sustainable trend and drive shareholder value. With that, I'll turn the call over to Julie to further discuss our first quarter outlook, results and outlook for the second quarter and still year 2022.
speaker
Blair
Thanks, Sinad, and good afternoon. Before I start, I'd like to note that except for revenue, all financial figures are non-GAAP and growth rates are based on comparison to the prior year period, unless stated otherwise. We're pleased to report continued organic revenue growth acceleration and strong profitability as reflected in the following financial and operational highlights. Revenues for the first quarter of 2022 grew 17% to $113.4 million, up from 12% growth in the year-ago period. We saw continued success in our land-to-expand engine with a healthy cross and upsell performance, driving an increase in our year-over-year and sequential net dollar expansion rate, which was to 110% in Q1 up from 108% last quarter and 103% a year ago. Our LTM average deal size continues to increase for both new and existing customers, with total average increasing by 17% in Q1, same as LTM growth in Q4, and up from 5% LTM growth a year ago. With accelerating demand for security transformation solutions and our strengthening market position, our Q1 LTM calculated current billing grew 22%. We believe the investments we've made in platform innovation and our single-agent approach have enhanced our value proposition with customers and helped drive bookings growth over the past several quarters. This quarter was no different, and we're excited by the continued adoption of EMDR, with total customer penetration now at 40%, up from 36% last quarter and 24% a year ago. And continued adoption of quality solutions increased large customer spend with 128 customers spending $500,000 or more with us. This represents 17% growth from the year-over-period. We attribute this success to our innovation strategy having resulted in strong product differentiation and market position. Our investments in building a unified cloud-based platform clearly resonating with customers CIOs, and CISOs are increasingly looking to phase out legacy point solutions in favor of a consolidated security and compliance platform due to increasing cybersecurity risks, the speed at which critical vulnerabilities are organized, and increasing importance and priority of digital transformation initiatives. We remain focused on building a long-term business with durable growth and industry-leading margins. As a result, Our scalable platform model continues to drive superior margins and significant cash flow. Adjusted EBITDA for the first quarter of 2022 was 54.3 million, representing a 48% margin. EPS for the first quarter of 2022 was 89 cents. And our free cash flow for the first quarter of 2022 was 71.4 million, representing a 53% margin. We believe we can continue to generate attractive levels of free cash flow while continuing to invest in the business. In Q1, we continue to invest the cash we generated from operations back into Qualys, including $7.6 million on capital expenditures and $46.6 million to repurchase $368,000 of our outstanding shares. We're pleased to announce that our board has authorized an additional $200 million increase to our share repurchase program. The resilience of our sustainable and scalable business model has been proven over time as currently demonstrated by our continued strong earnings and cashflow generation at this time of uncertainty and volatility. Leveraging our excess cash to continue to return capital to shareholders will allow us to mitigate our share dilution and drive shareholder value. Including 225 million remaining as of Q1, This provides approximately $425 million in share repurchase capacity. The weighted average through the shares outstanding in Q1 was $40 million, down from $40.4 million last year. Shifting now to guidance for the second quarter and the rest of the year, a strong start to the year continues to bolster our confidence in both our strategic agenda and business environment. And with current opportunities ahead, we continue to believe that this remains the right time for us to increase our spend with an emphasis on sales and marketing to support long-term growth in the business. As I said before, this investment strategy is not about just having a headcount. We're equally focused on enhancing our channel, accelerating digital marketing initiatives, expanding product management capabilities, and other sales support functions. to further enhance both our value proposition with customers and mid- to long-term sales productivity. Building off our strong start to the year, we are raising the bottom and top end of our revenue guidance for the full year to now be in the range of $484 million to $486.5 million, representing an 18% growth. This compares to the prior full-year revenue guidance of $482 to $485 million. In terms of profitability, balancing a tight labor market with our anticipated investments of the year, we are raising our full-year EPS guidance to now be in the range of 3.13 to 3.17 from the prior range of 2.87 to 2.92. This revised guidance implies even the margin in the low 40s for the timing of our investments to be more back-half-weighted. For the second quarter, we expect revenues to be in the range of 117 million to 117.8 million, which represents a range of 17 to 18% growth. We expect APS to be in the range of 78 to 80 cents. Our planned capital expenditures in Q2 is approximately 5.5 million to 6.5 million. And for the full year 2022, we continue to expect investments in the range of 25 to 30 million. In conclusion, as we look to the balance of this year, we remain excited about our opportunity to drive durable top-line growth on the back of a large and growing market opportunity while leveraging our highly scalable model to maintain industry-leading profitability. With that, Sumedh and I are happy to answer any of your questions.
speaker
Operator
Thank you. Ladies and gentlemen, as a reminder to ask the question, you will need to press star then one on your telephone. To withdraw your question, press the pound key. Again, that's star one to ask the question. Please stand by while we compile the Q&A roster. Our first question comes from the line of Joshua Tilton with Wolf Research. Your line is open.
speaker
Joshua Tilton
Yeah, hi, guys. Thanks for taking my questions. I just wanted to kind of start off on the hiring trends. Are you guys still on track to meet the targets that were baked into the guidance you gave at the end of Q4? And I guess I'm asking because you mentioned investments will be back half-weighted. this year, is that by design or is it just because you guys are kind of maybe behind schedule on some of those investments?
speaker
Sumit Pekar
Yeah, I think, you know, we're seeing the same market challenges that everybody else is seeing from a hiring perspective in the current environment. But, you know, we've been really focused on building out our leadership team, which now has really given us the ability to work attract the right people in our sales and marketing. I think our sales and marketing team will talk more about that. We have made progress. I think what we are looking forward to doing is really continuing that focus on hiring so that we can continue to build out the team and forward the hiring back in the second half of the year.
speaker
Blair
Yeah, to follow up, we remain very confident in our ability to execute and drive growth In terms of the investment, it is by design. We knew that from the get-go that the investments will be more back-half-weighted. On the hiring spot, we are still targeting growing the sales and marketing headcount in double digits as we communicated last quarter.
speaker
Joshua Tilton
Very helpful. And then just a quick follow-up. Obviously, awesome outperformance in free cash flow in the quarter. Can you maybe just give us some additional guardrails as to just how we should think about margins and how they should trend for the rest of the year?
speaker
Blair
In terms of the margins, what Q2 implies is even the margin in the low 40s based on the non-GAAP EPS guidance. And so the first half, it will be in the low 40s versus the second half, it will probably be below the 40%. So ending the year in the low 40s is what we're projecting.
speaker
Joshua Tilton
Thank you very much. Appreciate it.
speaker
Operator
Thank you. Next question comes from the I'm Trevor Wash with JMP Securities. Your line is open.
speaker
Trevor Wash
Great. Thanks for taking my call. A quick question around the new partner program that you rolled out. Can you give us maybe a little bit more context as the impetus for that? Was it feedback from the partner community? Was it maybe a hedge around kind of, you know, if some of the hiring of direct sales maybe doesn't come through, that you kind of have that as a backup? Can you just give us some more context there? It would be great.
speaker
Sumit Pekar
Yeah, sure. We really got a lot of feedback from the partner community. I mean, you know, we hired an SVP focused on partnerships. He will be working with our partners and understanding from them how we can actually take the platform that we really believe is superior and the ability for us to take that and figure out with our partners what would be a relationship that's beneficial to them and beneficial to us. And so with a lot of feedback we've done sort of a new partner program with working with different types of partners. And then maybe we've done an early preview with them and we've gotten a lot of positive feedback, but we do feel that we can leverage the relationships that the partners have with some of these organizations. And then, of course, with the capabilities that the platform brings, that is something that we feel that we can focus and leverage our partners to really focusing on the business level growth, right? So being able to leverage their relationships and then figuring out the right growth market with them is really the direction that we're taking now.
speaker
Trevor Wash
Great. Awesome. And maybe one more if I can. For the new Contacts XDR rollout, I maybe have missed it, but in some of the messaging that I'm seeing, For the network layer telemetry, are you looking to maybe partner with different providers or other vendors to get that piece of the puzzle or maybe doing that more organically with your own tool? Where do you see that kind of coming through, like that piece of Intel as far as, again, that network layer piece?
speaker
Sumit Pekar
Yeah, that's a great question. And ContactsXDR really is about two main things. One is the organic sensors that Qualys platform already has built in with a combination of active scanners, API connectors in the cloud, our agents. And we also have passive network sensors that are part of our platform that are providing that network telemetry back to our platform. However, one of the things with ContactsXDR that we have done In addition to bringing all the context that our platform is already collecting across the board from an inventory and vulnerability and risk perspective, we're also expanding the ability for us to collect macro telemetry and other types of log data from multiple different partners as well so that we can provide a more comprehensive visibility in helping customers reduce the number of things that they have to put together. to get the context when they're looking at incidents that are happening in their environment. And so this sort of gives that ability for them to leverage the quality sensors for collecting network telemetry where it makes sense. And in other cases, if they already have deployed some other network vendors, we can also take the data from them and then provide the analysis on our platform.
speaker
Trevor Wash
Great. Thanks a lot. Appreciate the good questions.
speaker
Operator
Thank you. Next question comes from the line of Joel Fishman with Truist. Your line is open.
speaker
Joel Fishman
Thank you. I just had a quick follow-up to that. Now that Context XDR is in GA, can you give us a little bit of color around how it's been tracking and how that space is actually developing for you guys?
speaker
Sumit Pekar
Yeah, I think we feel good about the direction that Context XDR is taking as we have with any other new product launches We're working closely with a few early adopters and getting additional feedback from them, and we're going to continue to enhance those capabilities, you know, similar to what we've done with EDR as well. And we'll look forward to this year to continue to increase the adoption of that and getting feedback from the customer on this sort of a unique approach to bringing that context-based XDR.
speaker
Joel Fishman
Great. Thank you.
speaker
Operator
Thank you. Our next question comes from the line Hamza Fadawalla with Morgan Stanley.
speaker
Qualys
Excellent. This is actually Keith Weiss sitting in for Hamza. In your prepared remarks, you talked about the heightened threat environment and in particular the conflict in Europe driving sort of better demand signals. I wanted to just sort of clarify, is that something that you guys are seeing in your business today that you think that's actually sort of driving sales, or is this just something a broader kind of the environment remains very good kind of for overall spending and security, but it's not as direct of an impact? So that's kind of the number one question. And then on the – the broader platform, really nice kind of penetration trends in VMDR. It looks like it's driving really nice growth for you on that consolidation play. Can you remind us, like, how high you guys think that penetration should get? Is there a theoretical kind of maximum of where VMDR customer penetration would go?
speaker
Sumit Pekar
Yeah, I think the first question, I think the – Great question. My comments around that are really about the environment and not necessarily about direct demand as we've talked about this in the past as well. Our customers tend to look at these events when they happen more holistically in terms of taking a step back to see what kind of security program do they need to be able to avoid potential incidents like this and so it's really what What we're seeing is conversations happening with our customers, as I highlighted in some of the data points in the study that we did, that even with everybody all hands on deck for something like Lock4Shell, it is taking an organization a long time to mitigate and patch serial critical vulnerabilities that are being actively exploited. And the conversations with customers are more broadly about what kind of security that consolidation potentially needs to happen so that they can reduce that time, reduce that exposure window, leverage more automation, and having siloed solutions or having vendors who provide five, 10 different platforms as part of their overall offering is not really helping them reduce that time to remediate. And so what is encouraging is really that conversation that we see which is understanding the customers are having and pushing forward to looking at platforms like Qualys that are consolidating because obviously we see the new business examples that we did this quarter, last couple of quarters, we've seen when we're getting new customers come in, they are looking at more of an architecture, overall architecture rather than looking at, How can I get another tool that is just giving me a big list of CEs that I have to go figure out what to do with, right? How do we make sure that they are actually able to mediate those very quickly and release their exposure? And that's the conversation that we are having because in that environment, you see the risk there is a different world because every organization has to protect themselves from prevention nation-state and cyber attacks at their own expense. So when they're looking to do that, they are looking to say, how do I create a good stack that is modern and then actually can help to provide much more real-time visibility and remediation capabilities.
speaker
Qualys
Got it.
speaker
Blair
That's super helpful. And your second question on the DMVR penetration, it's been trending nicely up to 40% right now. I think that there is definitely more room for us to increase that penetration. But historically, our customer base has been such that anywhere between 65% to 70% have had VM solutions. And so I think that definitely we can see VMDR penetration going up to 70%. And even beyond that, about that with customers who don't currently have a VM solution with us, we're seeing some adoption there as well.
speaker
Qualys
Got it. That's super helpful. Thank you, guys.
speaker
Operator
Thank you. Our next question comes from a line of critics. Boulanger with Summit Capital. Your line is open.
speaker
spk08
Hi. Thanks for taking that question. You're asking for strong revenue growth this quarter. With revenue from foreign markets up 25% year over year, I was wondering if you could provide some color on the key trends you're seeing internationally and how you expect these trends to play out for the rest of the year. Thanks.
speaker
Blair
We don't have a forecast that's separated out. I mean, we're seeing a good momentum overall. If you take a look at whether you're looking at revenue or LPM current billing trajectory, we're seeing a lot of opportunities both in the U.S. and international. Obviously, on the international front, there's more opportunities just because we're less penetrated in those markets. And so we're happy with the growth that we're seeing in both regions.
speaker
Sumit Pekar
That's great. Thanks.
speaker
Operator
Thank you. Our next question comes from the line of Young Kim with Loop Capital. Your line is open.
speaker
Young Kim
Thank you. Sumesh, can you just give us an update on how much of your business or your customers' usage is on hyperscaler environments like AWS and Azure and GCP? And for some of your early adopters of your context XDR, are they using it to analyze deployments on those hyperscaler environments?
speaker
Sumit Pekar
Yeah, we don't necessarily break out the usage from a cloud versus on-prem versus remote endpoint perspective. We have the adoption across the different aspects of IT environment, and I think that's really the value that I think that the Qualys platform brings, is that we can actually bring your cloud visibility, your remote employee visibility, as well as your on-prem server environment into one. And so today what we do see is as customers are looking to migrate potential workloads from on-prem systems into the cloud, feel Qualys has the right capabilities as a trusted partner to help them make the move rather than – so we have capabilities in the cloud environment. So we have customers who are running our agents in AWS and Azure. We have the partnership with Azure where there is an embedded Qualys capability in Azure environment if you take your workload. So we're looking at cloud from multiple different aspects, working with existing customers help them and be their partner as they're moving into the cloud and finding new security paradigm as well as providing them more embedded capabilities directly through the cloud provider as well in some cases. And so we're quite happy to see that the customers that see value in Qualys are usually unlike most customers. They don't only have cloud, they have a large number of employees who are remote, who have cloud, as well as who have on-prem, and with the early XDR customers, it's again the same thing, is that when they're looking at threats and they're looking at exposure, it is not only in one particular environment with the Qualys platform. In our context, if you are able to bring the visibility of not only maybe the cloud account that may be seeing some activity, but also that remote employee laptop, admin laptop, which may be accessing their cloud account. That's the posture of that particular asset. How do we see those together in a single platform? That's really the value that I see that Context XTR brings and differentiates us from what is out there, which may be very focused on certain environments.
speaker
Young Kim
Okay, great. Thanks for that context. And, Jumi, I have a quick question around contract length and billing frequency. Obviously, you continue to see VM, ER platform adoption, the deal size around those, I'm assuming, is getting larger. You know, just any trends that you're seeing around contract length and billings and any potential deviation between the current and total calculated billings.
speaker
Blair
Nothing to call out this quarter here. It's been, though we did average contract length, that's been slightly over one year, and that's remained the same.
speaker
Young Kim
Okay, great. That's it. Thank you so much.
speaker
Operator
Thank you. Thank you. I'm sure no further questions in the queue. Ladies and gentlemen, this concludes today's conference. Thank you for your participation. You may now disconnect. Everyone have a wonderful day.
Disclaimer

This conference call transcript was computer generated and almost certianly contains errors. This transcript is provided for information purposes only.EarningsCall, LLC makes no representation about the accuracy of the aforementioned transcript, and you are cautioned not to place undue reliance on the information provided by the transcript.

-

-