This conference call transcript was computer generated and almost certianly contains errors. This transcript is provided for information purposes only.EarningsCall, LLC makes no representation about the accuracy of the aforementioned transcript, and you are cautioned not to place undue reliance on the information provided by the transcript.
spk02: Ladies and gentlemen, welcome to the RADWARE conference call discussing first quarter 2023 results and thank you all for holding. Today's conference is being recorded and all lines have been placed on mute to prevent any background noise. After the speaker's remarks, there will be a question and answer session. If you would like to ask a question during that time, simply press the star key followed by the number one on your telephone keypad. If you would like to withdraw your question, press star one once again. Thank you, and I would now like to turn the call over to Yiska Erez, Director of Investor Relations at Radware. Please go ahead.
spk01: Thank you, Abby. Good morning, everyone, and welcome to Radware's first quarter 2023 earnings conference call. Joining me today are Roy Zisopel, President and Chief Executive Officer, and Gaya Bidan, Chief Financial Officer. A copy of today's press release and financial statement as well as the investor kit for the first quarter are available in the investor relations section of our website. During today's call, we may make projections or other forward-looking statements regarding future events or the future financial performance of the company. These forward-looking statements are subject to various risks and uncertainties, and actual results could differ materially from RADWR's current forecast and estimates. Factors that could cause or contribute to such differences include, but are not limited to, impact from the changing or severe global economic conditions, the COVID-19 pandemic, general business conditions and our ability to address changes in our industry, changes in demand for products, the timing in the amount of orders and other risks, details from time to time in rather risk filings. We refer you to the documents the company files and furnishes from time to time with the SEC, specifically the company's last annual report on Form 20-S, as filed on March 30, 2023. We undertake no commitment to revise or update any follow-up statement in order to reflect events or circumstances after the date of such statement is made. I will now turn the call to Roy Disappear.
spk05: Thank you, Yiska, and thank you all for joining us today. We ended the first quarter of 2023 with revenue of $69 million and earnings per share of 14 cents. The macro challenges that we experienced in the first quarter were stronger and broader than previous quarters. These challenges translated into longer sales cycle, more cautious spending, and closing delays across all regions. Despite that, We saw strong cloud security bookings and our cloud ARR grew 21% year-over-year, in line with Q4 2022 growth rates, highlighting the strength of our offering and the critical nature of our solutions. While the macro environment is creating business challenges, organizations remain under pressure as they face more frequent and more complex cyber attacks. Attacks accelerated during the first four months of the year. There were significant attack campaigns against the U.S. healthcare sector, Canadian government, Australian ports and government websites, Israeli government and banks, as well as airlines and airports in Scandinavia, to name a few. Russia's invasion of Ukraine has ushered in a whole new wave of activism that is generally bolder and more determined than ever before. Any organization, independent of size and industry, can become a target for hacktivists who desire to advance their cause. According to our recent threat intelligence report, three hacktivist groups claimed responsibility for more than 60% of DDoS attacks between February and April. As a result of the escalation in attacks and downtime in enterprise networks, we saw multiple emergency onboardings to our cloud platform by organizations under attack. We estimate that many of the companies that were onboarded under attack during the first quarter will convert into longer-term customer contracts.
spk03: It's clear that so-called good enough security is not good at all.
spk05: You need best-of-breed security and hardware by any technical and analyst evaluation is best of breed. We believe that while security purchasing decisions might be delayed, they can't be ignored indefinitely without creating added business risk and exposure. This, combined with the operational and cost benefits that our fully managed cloud security solution offers, continues to give us confidence in our positioning and long-term growth prospects. Just last week, I attended the RSA conference. Compared to 2022, we saw a significant increase in customer activity. We believe this is one more indicator that the increase in cyberattacks is driving a critical business need and causing organizations to rethink and reprioritize security spending despite budget scrutiny. Consistent with the strategy that we shared during our investor day in February, we have continued to focus on transitioning our business to a subscription-based model and doubling down on our cloud security offerings. During the first quarter, subscription booking crossed for the first time, 50% of our total booking highlighting our progress. Furthermore, we are pleased to report strong cloud security business. We recorded close to 30% irreversible growth in cloud total booking, strong growth in the total number of cloud customers, many of which were mid-sized enterprises. And in addition, as I highlighted before, we saw 21% growth year-over-year in cloud AR. Our cloud performance was backed by several major wins. For example, we signed a million-dollar cloud DDoS deal with a world leader in data center design and operation. The company was hit by several large attacks that resulted in downtime for its largest customers, triggering this deal. We also warned the cloud WAP of a major digital entertainment services provider in the Americas. The customer was faced with both attacks and technical issues while dealing with an incumbent provider. Our proof of concept demonstrated our superior cloud security solution. On the product front, we announced major new product launches. For instance, we released new algorithms to mitigate web DDoS attacks, a new AI algorithm that automatically detects false positive and false negative and supervises our cloud systems. We strongly believe our algorithms are an important competitive differentiator and in lockstep with what customers need in order to withstand the type of attacks we're seeing today. In addition, we rolled out our new best of suite offering for the cloud application protection, which delivers seamless 360-degree application protection from the user's browser to the application. This best of suite offering includes cloud DDoS protection, cloud WAF services, API, and bot management, and it also includes our newly introduced client-side protection solution, which secures the less protected and seldom monitored client-side supply chain. During the first quarter, we also introduced our next-generation DDoS mitigators, Defense Pro X, and Radar Cyber Controller, a new state-of-the-art management, security operation, and orchestration system. Together, this next-generation solution combines industry-leading performance with enriched usability and visibility to defend against encrypted attacks, and application layer DDoS attacks in real time. This is a major advancement in on-premise DDoS protection, which was traditionally focused on just mitigating network attacks. DefensePro X uses our hardware mitigation engine, rather internally developed high-capacity security FPGA. Leveraging the HME, DefensePro X is the fastest and most scalable mitigation platform in the market today. Its superior performance and scale provide us with long-term competitive advantage. Our state-of-the-art solutions continue to earn us industry recognition. In the first quarter, our API discovery solution and SecurePass architecture won gold cybersecurity excellence awards for innovation and leadership in application security. SecurePass also received honors when it was named a gold winner in the 2023 Global Cybersecurity Awards for its innovative approach in ensuring security in the digital age. In closing, while we experience strong macro headwinds, we believe that the slowdown is temporary. We are confident that organizations will have to resume investments in real-time attack mitigation and cyber protection regardless of the environment. In order to capitalize on future opportunities and to be the natural cybersecurity provider of choice for organizations, we are determined to grow a strong and sustainable business with a core focus on our fully managed cloud security offerings. We remain mindful of the macro environment and disciplined in our expense management so that we can deliver profitable growth. With that, I will now turn the call over to Guy.
spk04: Thank you, Roy, and good day, everyone. I'm pleased to provide the analysis of our financial results and business performance for the first quarter of 2023, as well as our outlook for the second quarter of 2023. Before beginning the financial overview, I would like to remind you that unless otherwise indicated, all financial results are non-GAAP. A full reconciliation of our results on the GAAP and non-GAAP basis is available in the Earnings Press Release issued earlier today and on the Investors section of our website. First quarter 2023 revenue declined 6% year-over-year to $69 million compared to $73.7 million in the same period of last year. This decline of revenue was on the back of ongoing and increased macroeconomic environment that we have experienced since the second quarter of last year, and which intensified in the first quarter of this year. The impact of the macro environment is still evident in elongated cell cycles, as well as budget scrutiny and extended multi-phase deployments. As Roy said, And as we are witnessing for some time, levels of attacks are growing consistently in the last few years. However, these attacks are not fully expressed yet in the demand of organization for our cyber solution due to budget cuts as a result of macro uncertainty.
spk03: Despite the macro headwind, our cloud business was strong in the first quarter.
spk04: Cloud ARR in the first quarter of 2023 grew 21% year-over-year, similar to the growth in the fourth quarter of 2022, and accounted for 27% of total ARR compared to 24% last year. The growth of our cloud business is also reflected in our recurring revenues, an increase from 68% in Q1 2022 to 73% in Q1 2023. As we highlighted in our Investor Day in February this year, we are focused on scaling our cloud business and accelerating its growth to improve visibility and profitability. On a regional breakdown, revenue in the Americas in the first quarter of 2023 decreased 8% to $27 million compared to Q1 2022. On a trailing 12-month basis, America's revenue decreased by 2%. We are working on multiple fronts to improve our execution in the U.S. as we highlighted in the investing. We are expanding our relationship with OEN, building the mid-sized market infrastructure, and applying Salesforce changes. We believe that these actions will lead to an improvement of performance by the end of the year. EMAIL revenue in the first quarter increased 6% compared to Q1 2022 to $30 million and was flat on a trailing 12-month basis. APAC revenue in the first quarter of 2023 was $12 million compared to $16 million in the same period of last year, representing a 24% decrease year-over-year and a 3% decrease on a trailing 12-month basis. Americas accounted for 39 percent of total revenues in the first quarter. EMEA accounted for 43 percent of total revenue, and APAC accounted for the remaining 18 percent of total revenue in the first quarter.
spk03: I'll now discuss profits and expenses.
spk04: Gross margin in Q1 2023 was 82.3 percent, compared to 83.2 percent in the same period in 2022. The changing gross margin is related mainly to higher costs related to recently launched cloud security centers and these economies of scale. During this time of macro challenges, Radar is mindful of its expenses and is agile to adjust its cost structure as needed. Our flexible structure and ability to align expenses with the changing market condition will enable us to come out stronger. We are committed to improve profitability over time. Operating expenses in the first quarter of 2023 were $52.4 million below our lower end guidance, representing an increase of 1% compared to the same period of 2022 and a 5% decrease compared to Q4 2022. Operating expenses decreased versus Q4 2022 a decrease attributed mainly to a 3% headcount reduction. Financial income grew gradually in the last year. In the first quarter of 2023, financial income was $2.7 million, an increase of $1.9 million from Q1 2022. This increase is attributed to higher interest rates in the market. Net income in the first quarter was $6.1 million, as compared to $8.8 million in the same period of last year. Rather, adjusted EBITDA for the first quarter was $6.5 million, which includes $2.7 million negative impact of the hawks. Deluded earnings per share for Q1 2023 was $0.14 compared to $0.19 in Q1 2022. Turning to cash flow statements and balance sheet. Cash flow from operations in Q1 2023 was negative $1.2 million, compared to negative cash flow from operation of $10.5 million in the same period of last year. Cash flow from operation in the first quarter of 2023 was impacted mainly by the increase in trade and other receivables and decrease in other payables. During the first quarter, We repurchased shares in the amount of approximately $12.7 million out of the $100 million share repurchase plan that we have in place. We ended the first quarter with approximately $419 million in cash, bank deposits, and marketable securities. I'll conclude my remarks with guidance. We believe that the current macroeconomic will remain during 2023. And although we cannot estimate the timing, we believe that our current cash position and agile cost structure will help us cross it stronger than others. We expect our revenue for the second quarter of 2023 to be in the range of $68 to $70 million. We expect Q2 2023 non-GAAP operating expenses to be between $52 and $54 million. As for Q2 2023, we expect non-GAAP diluted net earnings per share to be between 12 and 15 cents. I'll now turn the call over to the operator for questions. Operator, please.
spk02: Thank you. And at this time, I would like to remind everyone, in order to ask a question, press star then the number one on your telephone keypad. We will pause for just a moment to compile the Q&A roster. We will take our first question from Alex Henderson with Needham. Your line is open.
spk08: Great. Thanks so much. Just looking at the guide for a second, can you give us some sense of what you think your interest rate, tax rate will do? Just to round out the numbers a little bit, obviously those have been moving around a little bit.
spk04: So as mentioned before, we expect interest rates to continue, income, financial incomes to continue to grow based on current interest rates. And tax.
spk08: So do you have any guide for that, for the interest income for the 2Q?
spk04: No, we haven't guided. The only thing we said is that we expect to continue to grow more or less the same pace as we did in the last quarter. And tax rate, same as before.
spk08: Okay. And then if you could just remind us how you're positioned against the FX. Obviously, the shekel is quite weak as a result of the political turmoil there. So how are you positioned on that?
spk04: We're hedged for the rest of the year, so news recheckup versus U.S. donor effects should not impact our P&L. That's it. For next year, we're not hedged yet.
spk08: All right. And then going back to the numbers, it looks to me like the U.S. was the particular problem, but it also looks like the problem was heavily skewed to service provider in the quarter. So can you talk a little bit about what's going on with that vertical? Because obviously it was a big part of the overall decline here and significantly worse than the corporate averages. Is that a function of the shift in the business mix away from you know, what you've traditionally done for them, and therefore we should expect that to continue, and when does that flatten out?
spk05: So I think there's several factors. First, we saw overall weakness across the globe. Yes, America was weak, but I can tell you that was our feeling also on the rest of the theaters. Second, we're definitely now more geared, especially with the focus on cloud security, towards enterprises. And I think that you see that over the last several years and also now. And third, I believe that the major weakness was in large CapEx projects. That's where the biggest headwind is. And obviously, carrier deals tend to be larger, tend to be CapEx. And therefore, you know, I think we saw it also there in large magnitude. I think also large enterprise CapEx deals suffered. But this is masked. by our cloud performance. So I think in Carrier, there's nothing to cover the reduction in the CapEx deals.
spk08: Just to clarify, when you said weak globally on demand, that was not company-wide. That was a comment about service providers specifically, right?
spk05: No, I think company-wide. So company-wide, weak globally and also in service provider? Yes, yes. I see.
spk08: If I could, just one more question here. So as I'm looking at the mechanics of the U.S. business being down, you've got a reorg going on in your go-to-market there, I believe, that – should stabilize things at some point. How do you expect that to progress over the course of the year? When does the realignment there start to improve things?
spk05: From a number point of view, we didn't see that in Q1, but from other measures and other KPIs, we do see improvement in the execution in the U.S. We have many improvements Many KPIs we track before revenues from proof of concept to engagement to pipeline and so on. All in all, we feel better about the U.S. organization. We feel better about pipeline creation. I mentioned also the RSA and the customer activity. So, you know, while Q1 was difficult, we're actually feeling way better going now into Q2. and beyond. All right.
spk03: I'll see the floor and get back in queue. Thanks.
spk02: Thank you, Alex. And we will take our next question from George Notter with Jeff Rees. Your line is open.
spk07: Hi, guys. Thanks very much. Yeah, I guess I wanted to expand on that. You know, you guys have made a lot of changes, I think, in the sales organization. I know you've change the compensation plan, you're reorienting folks around more medium-sized enterprise deals, obviously the cloud products. Can you talk a little bit about what the early returns are there in terms of the new comp plan and the changes you're making? Any more you can tell us would be great.
spk05: Okay. So first, obviously, it's early to say, but if I need already to look at one figure, the booking of subscriptions in Q1 for the first time crossed 50% of our total booking. So we definitely saw some of our sellers in growing quantity focusing on everything that is subscription more than a regular product. So that we are already seeing. I think also very strong pipeline and activity in cloud as a result of that because we're highlighting not only subscription but cloud cloud security in specific and so all in all I think we are moving in the right direction it's aligned with the focus areas we covered in the analyst day we'll see how it's progressing but so far I think it's going in the right direction
spk07: Got it. And then I know you made some changes to the Cisco OEM relationship. Also, I know that they included Radware in their enterprise-wide license agreements. Can you talk about what you're seeing through that channel?
spk05: Yeah, it was a very good quarter with Cisco. We actually, beyond revenues, which I think were record level, we're seeing a lot of activity in the field. So there's really a big pickup in activity, in deals, in engagements, in events. As you've mentioned, we're now part of the enterprise agreement of Cisco. So we're seeing the Cisco security team engaging in discussions with their customers under those frame agreements to include the hardware portfolio in Cisco. We have also the Turbo accounts that we're working together, the large accounts of Cisco that we're working together with them. So all in all, it was a very good quarter, very good momentum there, and we have good expectations also for the coming quarters.
spk07: Got it. At what point do you think that would be a relationship that you might break out for investors? Give us a sense for how big that is. Is that on the horizon?
spk05: I hope so. I hope so. We are progressing. We're progressing well. Let's see, as it grows more, what is the right time.
spk03: Okay, great. Thank you very much, guys. Thank you, George.
spk02: We will take our next question from Chris Reimer with Barclays. Your line is open.
spk00: Hi, thanks for taking my questions. I wonder if you could touch on the process for onboarding the emergency customers. You said there was an uptick this quarter and a few more of those. Can you just walk us through the process of how they get onboarded? How long can they remain customers until they do become an actual customer? And what kind of traction do you see in them converting as a permanent customer?
spk05: Yeah, so generally, thanks for the question, so generally when we're talking about an emergency onboarding, we mean that the customer is under attack. When they're under attack, they probably are down, meaning their applications are down, their network is down, and there's, especially in DDoS, there's heavy traffic towards their data centers and applications. The onboarding process can be very quick, meaning it can be done in an hour. and definitely can be achieved in several hours, the critical factor there is receiving a letter of authorization from the customer to its ISPs that Radwar can act on the network as behalf on the customer. So we can behave as if we are the customer network. Once this is done, it's quite immediate to onboard the customer to our network. As we are onboarding and protecting them, we are providing around a week to 10 days for them to experience the service. Following that, there is an expectation to conclude the contract. Now, some enterprises, especially the large ones, the processes are longer. In some government entities, there are requirements for RFPs, but definitely the fact that, A, they onboarded our network, B, the service was proven in real time, in production, is a major benefit. So we are seeing anywhere between several days of turnover time or conversion time to several months. And it's a very delicate matter, you know, if we're seeing that it's not progressing and budget is not there, do you take them off the surveys? Do you give another grace period? How do you manage that? customers that are coming into attack are converting with very high probability, especially if we are very, very good in what we do and we're really saving them. So I think the latest activity that was predominantly started mid-February and accelerated in terms of cyber attacks in March and more so in April is definitely generating, I would say, pipeline with high probability to close. which I think is a good outcome for us, obviously.
spk00: Got it. Thanks. That's really helpful. And just following on your comments around the reorganization in the U.S. and getting to the point where you feel execution is optimal, Looking at the other regions, do you see that execution there is also optimal, or might there be a need for reorganization in the other geographical areas as well?
spk05: We're not looking to have further sales reorganization in the field. We are focused also through, for example, the compensation plan and other corporate initiatives, the alignment with the OEMs, the midsize enterprise, we are looking to improve our go-to-market, but it's not going, at least it's not on our plans currently to do any restructuring or sales reorganization.
spk00: Got it. Thanks, Dad, for me.
spk06: Thank you.
spk02: We'll take a follow-up question from Alex Henderson with Needham. Your line is open.
spk08: Yeah, if I could go back to that service provider question for a second. So are you, in fact, delivering stuff in the security space to the service providers, or is that more your traditional business that's going over there? Can you talk a little bit about what you're selling and how you see, you know, how you define those service provider category?
spk05: Yeah. So I think there's three buckets there. So first, we're selling... the application delivery controller to the carriers, predominantly to their IT and network services organization to load balance and do traffic management for key applications. So that's the first bucket. The second bucket, we sell our high-end mitigation devices, security DDoS mitigation devices when they are generally using them on their network to clean DDoS attacks. Those are generally large projects, large topics. The third is we are delivering our mitigation devices and our web application firewalls to their MSSP businesses, to those carriers that are engaged in an MSSP business. Over there, obviously, it depends about their traction with their customers. You know, if they grow it, if they scale it, they will probably... purchase more. If not, they would not need more capacity and more solutions. So those are the three buckets that we are engaged with the carriers. I would say that the major, I would say, headwind is on the first two buckets, the ADC and the large security mitigators. Those are the large CapEx equipment purchased by the carriers.
spk08: Could you give us any sense of what the scaling of these three are? Are these similar sizes or is the ADC business actually the largest piece? How do we think about this scaling?
spk05: I think actually the DDoS mitigation is the largest piece for the networks. Also there, I believe, you know, they cannot hold those purchases for long because attacks are growing and the capacity that they need is growing. And we do see increases in pipeline in this segment. We just didn't see a lot of purchases that were actually done in the first quarter. But I don't believe they can carry on. with this approach for long because it's against the dynamics we see in the market, more capacity and more attacks. I see.
spk08: Okay. I get the gist of it. Going back to the pipeline comments you made earlier, it sounds like you felt the pipeline was improving, at least in the Cisco piece and somewhat in the U.S. piece. Could you comment on company-wide pipeline? You know, is the linearity during the quarter an issue, i.e., did, you know, the late March timeframe with all the financial debacle cause a perturbation in the closure rates, but your pipelines are healthy? What's the flavoring there?
spk05: The pipeline is improving, so we feel better about that. I think also the... You know, the velocity of the pipeline, especially those that I've mentioned that are triggered by attacks, those deals generally are accelerating faster to close. So all in all, I think the quality of the pipeline and the velocity is better. As you pointed out, both America, Cisco, those are key areas. Cloud, obviously, is a key area, and so on.
spk08: So, again, was there any impact because of the banking issues that happened in March? Did that perturbate the linearity or cause anything to slide out of the quarter that would have stopped, would have closed normally?
spk05: I don't know how to say. I don't think so, though.
spk04: None of our, or let's say none of the banks that were impacted We're actually our customers, so nothing direct. That being said, there is some kind of uncertainty in that segment. Therefore, we see the longer sales cycle.
spk08: A lot of companies doing rifts. Any thought about maybe doing something more aggressive on the cost side to mitigate some of the pressure on margins?
spk05: At this point, we don't plan one. You know, we think we are positioned well. We think we can, you know, with cloud security and the subscriptions growing, we think we need to keep the investment as we have. We want to continue to create competitive advantage on the product side to provide good service to customers. As we said, we think this halt is temporary. We think the attacks are creating real need, and we want to be there for the customers. So we are mindful of the expenses, but we believe profitability will grow as we will grow the business and scale back our results, scale up again our results.
spk03: Great. Thank you so much.
spk02: And there are no further questions at this time. I will now turn the call back to Mr. Roy Zisipel for closing remarks.
spk05: Thank you very much for joining us today and have a great day.
spk02: Ladies and gentlemen, this concludes today's conference call, and we thank you for your participation. You may now disconnect.
Disclaimer