This conference call transcript was computer generated and almost certianly contains errors. This transcript is provided for information purposes only.EarningsCall, LLC makes no representation about the accuracy of the aforementioned transcript, and you are cautioned not to place undue reliance on the information provided by the transcript.
spk09: Good day, and thank you for standing by. Welcome to the Rapid 7 third quarter 2021 earnings conference call. At this time, all participants are in a listen-only mode. After the speaker's presentation, there will be a question and answer session. To ask a question during the session, you will need to throw one on your telephone. Please be advised that today's conference is being recorded. If you require any further assistance, please press star zero. I would now like to hand the conference over to your speaker today, Sunil Shah. Vice President, Investor Relations. Please go ahead.
spk14: Thank you, Operator, and good afternoon, everyone. We appreciate you joining us today to discuss Rapid7's third quarter 2021 financial and operating results, in addition to our financial outlook for the fourth quarter and full fiscal year 2021. With me on the call today are Corey Thomas, our CEO, and Jeff Kulowski, our CFO. We've distributed our earnings press release over the wire and is now posted on our website at investors.rapid7.com, along with the updated company presentation and financial metrics file. This call is being broadcast live via webcast, and following the call, an audio replay will be available at investors.rapid7.com until November 10, 2021. During this call, we may make statements related to our business that are forward-looking under federal securities laws. These statements are made pursuant to the safe harbor provisions of the Private Securities Allegation Reform Act of 1995 and include statements related to the company's positioning, our future goals and financial guidance for the fourth quarter and full year 2021, and the assumptions underlying such goals and guidance. These forward-looking statements are based on our current expectations and beliefs and on information currently available to us. Actual outcomes and results may differ materially from the expectations contained in these statements, due to a number of risks and uncertainties, including those contained in our most recent quarterly report on Form 10-Q and in the subsequent reports that we filed with the SEC. The information provided on this conference call should be considered in light of such risks. Actual results and the timing of certain events may differ materially from the results or timing predicted or implied by such forward-looking statements, and reported results should not be considered as an indication of future performance. Rapid7 does not assume any obligation to update the information presented on this conference call, except to the extent required by applicable law. Our commentary today will primarily be in non-GAAP terms, and reconciliations between our historical GAAP and non-GAAP results and guidance can be found in today's earnings press release. At times, in our prepared comments or in response to your questions, we may offer incremental metrics to provide greater insight into the dynamics of our business or our quarterly results. Please be advised that this additional detail may be one time in nature, and we may or may not provide an update in the future on these metrics. With that, I'd like to turn the call over to our CEO, Corey Thomas. Corey?
spk13: Thank you, Sunil, and good afternoon, everyone. Thank you all for joining us for our third quarter 2021 earnings results call. I'm thrilled to report that Rapid7 delivered a milestone quarter, exceeding $500 million in ARR for the first time. Accelerated demand for our security transformation solutions, coupled with sustained growth in vulnerability management and our recent insights acquisition drove Q3 Indian ARR to $550 million, growth of 38% year over the prior year and growth of over 30% organically, driven by strong contribution from both our land and expanded engines in the quarter. was driven by strong customer interest for the expanding set of capabilities on our Insight platform and solid execution on the part of our Rapid 17. Moreover, we have been pleased with the early reception from our customers to the recent addition of Insight's threat intelligence offering. Our third quarter results also demonstrate how we're delivering on our customer mission while balancing our dual mandate to drive durable growth, and expand profitability and free cash flow as we scale. Alongside our accelerated ARR growth, we delivered over 150 basis points of year-over-year operating margin expansion during the third quarter, even as we absorbed our largest ever acquisition to date. Jeff will share more details on our strong operating results in his remarks and how it positions us to continue investing behind our growth engine while delivering on our growth and profitability framework. But before we step into those details, I'd like to spend a few moments sharing with you how Rapid7 is working to help customers achieve better security outcomes in a rapidly evolving threat landscape. Organizations of all sizes are investing aggressively in scaling the digital experiences they must deliver to their customers, employees, and partners in today's distributed economy. However, as they embrace these broad digital initiatives, they are increasingly faced with critical challenge of managing a dynamic cyber risk profile across the internal, cloud, and external footprint. As we speak with customers and prospects on a day-to-day basis, many are struggling with the same set of questions. How do I gain visibility to the threats and vulnerabilities in my environment and better manage my risk profile? How do I identify and respond to attacks happening in my environment? And how do I improve my security team's productivity to drive better security efficacy and an increasingly tight cybersecurity talent market. These questions are at the core of today's security operations challenges and the expanded security achievement gap that I spoke with you about earlier this year. To solve this challenge, many customers we engage are seeking a more holistic approach to monitoring the threats and vulnerabilities in their environment, as well as detecting and responding to attacks across their internal and external digital footprints. As I shared at our investor day in March, Rapid7 is leading the charge by delivering some of the most advanced capabilities around security analytics and automation unified on an integrated platform that are also massively accessible to a wider audience of enterprise and mid-market organizations. This is how we're disrupting the market by enabling customers to marry advanced capabilities with high efficiency and productivity to achieve better security outcomes for their stakeholders. A great example of how customers are leveraging this value was a six-figure deal in the quarter with a multi-billion dollar general contracting firm. This customer was looking to build a more effective detection and response program after experiencing a security incident with their existing solution. They wanted a comprehensive solution, but one that would also drive improved efficiency for their modest-sized security team. As an existing Insight VM customer, they were excited about how quickly and easily they could stand up and integrate additional Insight platform solutions. When coupled with the depth of our detection and response capabilities and the critical value our automation offerings brought to their team, it became clear to them that few competitors could match the combined efficiency and efficacy of our platform. As a result, this customer chose to expand their relationship with Rapid7 as a trusted security partner, adding Insight IAR with our enhanced endpoint telemetry and network traffic analysis add-ons, as well as Insight Connect for automation to provide a more comprehensive visibility across their environment and the ability to more quickly respond to incidents. This is a great validation of Rapid7's vision and approach towards our extended detection response strategy. which is to help customers minimize the seams and gaps that exist in their technology environments through our natively integrated insight platform. Our approach is built on the premise that to have effective security, you have to have broad visibility across your environment. This is why we have invested aggressively over the years to become a leader in enabling that visibility. The core of what Rapid7 does is collect fragmented data across the technology environment, endpoint data, deep cloud data, vulnerability data, APIs, logs, network data, fast data, all collected and aggregated natively on our Insight platform. This allows us to look at risk more holistically across the environment to not just detect attacks, but to perform the forensics and analysis across the environment and ultimately drive remediation with our automation framework. Increasingly, today's attackers are exploiting the data gaps and themes that exist in customers' fragmented security ecosystem. This has led to an increasing focus on an extended approach to detecting and responding to threats in the environment to reduce visibility gaps to introduce that risk. Rapid7's core differentiation is this pervasive end-to-end data collection that allows us to deliver leading security analytics and automation that enables customers to more effectively assess risk, detect attacks, and drive remediation across their environments. We're seeing this focus on more holistic risk visibility reflected in our engagement with customers. A good example of this was an international enterprise customer who had an interesting platform journey with us leading up to their purchase of our recently introduced IDR Ultimate package. Let me take a moment to step you through that journey. Despite having a market-leading STEM solution, this customer was lacking full coverage of their environment. So they engaged with us early in the year in an effort to achieve the detection response value they were seeking. At the same time, they were preparing to replace their existing VM solution. Our cohesive SecOps platform vision and the idea of a single trusted security partner resonated with them. And so they actually ended up purchasing Insight VM first, demonstrating our ability to meet them where they were in their SecOps journey. Around this time, they were also beginning their cloud security journey and exploring leading solutions for this. The combination of our best-in-class CloudSec capabilities and our native integration with Insight VM on our platform put us ahead of the pack, and so they purchased Insight CloudSec early in Q3. By the time they were ready to make a detection and response decision later in Q3, The integrated platform experience positioned IDR as the clear frontrunner. With IDR Ultimate, our best IDR tier, they were able to gain more full coverage of their environment while also reducing data gaps by tapping into our extended capabilities, including enhanced endpoint data for more comprehensive forensics analysis and automation for increased efficiency and accelerated response over time. In each part of this customer journey, our complete platform vision was a key value driver for the customer, not to mention a competitive difference here. And they are now leveraging a large portion of our Insight platform as they approach seven figures in total ARR. Over time, we believe the winners in this space will be those that can provide this type of extended approach to reducing fragmentation and increasing visibility in our customers' technology environments as we continue to invest in delivering this on our Insight platform. Most recently, our acquisition of Insight amplifies our platform and XDR vision by layering on external attack surface visibility, further minimizing zines and elevating each of our vulnerability management, detection response, and cloud security capabilities across our Insight platform. Turning now to a brief update on progress towards our enduring goal. First, we continue to lead the charge in enabling customers to transform their SecOps practices around the cloud. You've seen us successfully extend the core capabilities of our Insight platform, both organically and through strategic acquisitions to help customers effectively scale their security operations. Our strong and accelerating customer growth as we approach 10,000 customers is a great validation of our progress in meeting customers where they are in their SecOps journey with an expanded set of market-leading capabilities. Second, we're investing to accelerate our platform distribution engine through enhanced pricing and packaging for products like IDR, but also by making it easier for customers to seamlessly expand on the Insight platform through natively integrated experiences. This success is delivering a best-in-class platform experience, continuing to drive ongoing expansion in customer wallet share, as demonstrated by our ARR to over $55,000. And third, we remain focused on driving long-term operating leverage and cash flow scale while investing for growth. This is evidenced by our strong cash generation and operating margin expansion, even as we continue to invest in innovation and absorb our recent insights acquisition. In closing, it's clear that organizations across the world are undergoing significant digital transformation amidst an escalating cyber threat landscape. Our team is investing to deliver a highly differentiated and more holistic approach to security analytics and automation that better enables customers to bring security transformation alongside their digital investments. We believe this will remain a long-term demand driver for our business as we continue on our mission to make the best in security operations achievable for all. With that, thank you all, and now I will turn the call over to our CFO, Jeff Galowski.
spk02: Jeff Galowski Thank you, Corey, and hello to everyone on the call this afternoon. Before I begin, a reminder that except for revenue, all financial results we will discuss today are non-GAAP financial measures, unless otherwise stated, and reconciliations between our GAAP and non-GAAP results can be found in today's earnings press release. Turning to results, We are pleased to report strong performance as we ended the third quarter with $550 million of annualized recurring revenue. ARR grew 38% over the prior year, driven by organic acceleration in our security transformation solutions and sustained growth in vulnerability management, as well as the contribution from our newly acquired threat intelligence offering. Third quarter revenue of $139.9 million grew 33% over the prior year, and exceeded the high end of our guidance range on strong underlying demand trends for our Insight platform. Revenue overperformance was led by upside in products revenue, which grew 33% to $131.2 million. There was also modest outperformance on the professional services side, which naturally varies quarter to quarter. We continue to execute well on our international growth strategy, which when combined with a higher mix of Insights customers outside North America, drove 58% year-over-year growth, bringing it international to 20% of total revenue in the quarter. North America revenue grew by 28% year-over-year and comprised 80% of total revenue in the quarter. We ended the third quarter with over 9,900 customers globally, which represents 17% growth from the prior year. The customer count includes slightly over 300 net new customers acquired as part of the insights acquisition. We continue to see strong upsell and cross-sell activity on our insight platform with just over 50% of our new ARR coming from existing customers in the quarter. This drove ongoing strong expansion in ARR per customer during the quarter, which grew 18% to $55,500. Strong secular tailwinds across the security operations market are fueling our ability to both land new customers and expand within our existing base. And third quarter ARR growth was driven by a healthy balance of growth between these land versus expand dynamics. Turning to operating and profitability measures for the third quarter, we came in ahead of our guidance on these metrics, primarily due to revenue overachievement. Most of that incremental revenue flowed through directly to profitability, highlighting the strong leverage profile of our subscription software business. As has been our typical cadence, this positions us well to reinvest the overperformance in future quarters to support our goal of driving durable growth over the long term. We continue to balance high return investments and growth with our focus on delivering consistent annual improvement in operating margin and free cash flow. Total gross margin for the quarter was approximately 74%, consistent with the prior year, and in line with our range of expectations. As we've shared before, we expect gross margin to vary within the mid-70s at the product gross margin level and in the low 70s at the consolidated level. Sales and marketing expenses grew 27% year over year, reflecting continued growth in headcount and improved to 40% of revenue compared to 42% in the third quarter of 2020. R&D expenses grew 35% over the prior year, driven in part by the acquisition of insights and represented 21% of revenue consistent with the prior year. G&A expenses grew 24% and were approximately 8% of revenue, down slightly from 9% in the prior year period. All in all, we delivered strong operating profits in the third quarter with operating income of $5.7 million, well above our prior guidance. And we generated $9.9 million of adjusted EBITDA and $0.06 of net income per share, also above our guidance. Moving to our balance sheet, we ended Q3 with cash, cash equivalents, and investments of $310 million, compared to $613 million at the end of Q2 2021. The reduction was primarily driven by July's insights acquisition, with a net amount of $306 million paid at closing. Turning to the cash flow statement, You can see we benefited from ARR outperformance and strong operating results in the quarter. These dynamics coupled with stronger than expected collections trends drove third quarter cash flow operations of $19 million, and we generated $14 million in free cash flow. This brings us to our guidance for the remainder of the year. We delivered strong third quarter results and feel confident about demand trends and our ability to continue to execute on these opportunities. As we succeed in meeting customers where they are in their security journey, we continue to expect that organic security transformation solutions, ARR, will grow over 40% year-over-year in 2021, with vulnerability management continuing to grow over 10%. Given these dynamics, we are raising our outlook for the year. We now expect full-year ARR to be approximately $586 million, growth of 35% over the prior year, up two points from our prior expectation of 33 percent growth. We also expect higher revenue for the full year in the range of $528.7 to $530.3 million, or 29 percent growth over the prior year at the midpoint, up from our prior expectation of 27 percent growth at the midpoint. Our full-year operating income outlook remains unchanged at $7 million. Our strong year-to-date performance combined with high visibility and confidence in the demand environment support our reinvestment of year-to-date upside and the compelling growth opportunities in front of us. And we plan to do this while remaining committed to our growth and profitability framework. We expect non-GAAP loss per share for the full year to be a loss of approximately $0.07 per share, which is based on an anticipated 55.2 million basic weighted average shares outstanding. I'm pleased to report that we are once again raising our free cash flow expectations and now anticipate full-year free cash flow of approximately $25 million, an increase from our prior expectation of approximately $20 million, driven by our strong ARR performance. As we've said, we remain focused on investing in durable growth while maintaining our commitment to delivering consistent free cash flow and operating margin improvement on an annual basis. Now turning to quarterly guidance. For the fourth quarter of 2021, we expect revenue in the range of $144.9 to $146.5 million, growth of 28 to 29% over the prior year. We expect an operating loss of approximately $6.7 million and non-GAAP loss of 18 cents per share, which is based on an anticipated 57 million basic weighted average shares. In summary, Our third quarter results highlight the strong demand for our best-in-class security transformation and vulnerability management solutions, as well as our ability to execute on our strategy and unique set of opportunities. Thank you for taking the time to join our call today, and now I'll open the line for any questions. Operator?
spk09: Thank you. As a reminder to ask a question, you will need to press star 1 on your telephone. To withdraw your question, press the pound key. please stand by while we compile the Q&A roster. Our first question comes from Rob Owens with Piper Sandler. Your line is open.
spk10: Great. Thanks for taking my question this afternoon. I wanted to unpack the ARR guide for the year and just in contemplating the net new ARR of about $36 million and comparing it with last year, I think you're up kind of mid-single digits. So Was there anything in the comp from a year ago or anything in that number that we should be aware of?
spk02: No, there's nothing unusual. Remember that we have raised the guidance from 33% to 35%. No unusual activity. It's possible that the consensus seasonality may have been off for the quarter. So we're taking the full year up from 33% to 35%. And, you know, we think it's a good reflection on the continued strong demand, you know, we see for the platform, but nothing unusual.
spk10: Great. And then, Corey, as you look at another successful quarter here with your third quarter print, maybe help paint what the environment looks like relative to security demand and then kind of thought process for a fourth quarter and anything you want to give us into next year? Do you think these heightened spending levels will persist as we think about and contemplate 2022? Thanks.
spk13: Yeah, Rob, it's a great question. When I look at the demand environment, we're talking to customers directly and talking to our teams, I would say it's robust. We continue to see people shifting more to technology and upgrading their technology and digital transformation. And we continue to see security a priority. I mean, it's hard not to have security as a priority around that today if you pay any attention to what's happening in the world. And we continue to actually have the support of not just, you know, the customers who want to do it, but the boards and the CEOs who are now prioritizing security more than ever. The thing that I would actually say as we go forward is that, you know, as we saw the durability of the demand environments, one of the things that we started doing is making sure that we were actually set up to ensure that we could both service customers and continue to meet the demand where it is. And so we focused on making sure that we had the staffing level to support the more sustained demand environment. On that point, you know, my biggest focus and the biggest thing that I'm looking at in the demand environment right now is customers have the appetite for sort of like security projects. But they're saying the same thing that everyone all over the world is seeing right now. They have to step up. And so we're watching that closely because, as you know, our strategy is long-term we want to make sure that customers are buying at the pace that they can consume and get value from it. This is how we actually grow and this is how we expand. And so that's our core focus as we go forward. You know, the last thing I'll say is we just think about our business. We see durability on both the VM side and the security transformation side. and we're continuing to make investments to support that.
spk10: Great. Thank you very much.
spk09: Thank you. Our next question comes from Matt Hedberg with ABC Capital Markets. Your line is open. Great.
spk15: Thanks for taking my question, guys. Congrats on a really strong quarter. Corey, you guys have done a really good job of expanding your platform, obviously well beyond just broader DevSecOps. You know, I'm curious now, as the platform matures and you're able to touch things like automation and orchestration, you know, how do you see the competitive environment these days? I have to imagine you're able to consolidate perhaps some fragmentation out there with maybe some point solutions. I mean, do customers increasingly see you guys as that consolidator across this kind of DevSecOps landscape?
spk13: Yeah, so I'll tackle it first, and then Jeff will follow up on that. is first and foremost, we are definitely seeing the platform strategy that we've articulated multiple times working well. And that's that if you actually lead across all the areas and you provide a common platform that delivers productivity, efficacy, efficiency, and a consistent user experience, customers like that. And you saw that in some of the customer examples that I used on the call. The other thing that I'll highlight is that we have the benefit of multiple places to land. if you look across specifically the vulnerability risk management, the IAR, and the cloud. But because we actually have put ourselves in a strategic position with customers, we are now more easily able to add on added security services. So when you think about things like network traffic analysis, five years ago we couldn't have actually done that because that wasn't the right thing to actually land with. But now we actually have a robust customer base and robust demand, we're seeing lots of customers interested in fully filling out their security strategy and their security platform with Rapid7 Insight platform products or products that highly integrate with Rapid7 Insight platform offers. And we think that that's a real long-term advantage for us.
spk15: Got it. And then that's super helpful in terms of additional land spots. And then I guess just maybe a question on return to work. I guess What is Rapid7's sort of strategy around that as we think about 2022? And do you expect salespeople to start to increase their travel next year? And could that have a positive impact on pipeline generation relative to this year?
spk13: Yeah, we expect travel to increase next year versus this year. I mean, again, remember, the last two years have been historical lows. And even when we thought we were coming out of it, the Delta came back and that tempered it down. That said, we've actually gotten a lot smarter about what travel is effective and valuable. Now, I personally, you know, I'm a deep believer in the power of culture, which is why I think that we have such an impressive team with relatively good tenures. And so we do believe that the hybrid world works where employees can have the flexibility that they need. They can travel to see customers in value-added ways. Now, I do think there's value to actually spending time with customers and prospects. That said, all the ways that we actually talk about that we need to spend time with customers and prospects, not all of that was value-add. And so we're definitely looking at sort of like a reconciliation of what's truly value-add and what's not. And so it'll be more, but we're not also going back to the world the way that it was in 2018 and 2019. That state's not coming back. Got it. Thanks a lot. Best of luck, guys. Thanks.
spk09: Our next question comes from Sakic Kalio with Barclays. Your line is open.
spk04: Okay, great. Hey guys, thanks for taking my questions here. Corey, maybe just start with you. In your prepared commentary, you talked a good bit about enhanced pricing and packaging and also talked about meeting the customer where they are. Can you just maybe give us some broad brushes on some of the new packages that maybe have worked particularly well and maybe how you sort of see that pricing and packaging sort of strategy evolving as we go into next year?
spk13: Yeah, it's a great question, Doc. I thought about three things, sort of like the pricing and packaging and how they blend together, but also the experience and the selling engine, because all of these contribute. But the core idea is how do we actually help our customers be as productive and effective as possible, and how do we actually make our go-to-market engine as effective, predictable, and as possible. So both of those is sort of where the value comes together. So the first thing on the pricing and packaging is, you know, we've talked for a little while about some of the areas that we are still, I want to emphasize this, we're in active, active exploration. We have some that are working great. We have some new ones that are coming out all the time. And we have some that we're actually honing and optimizing. As an example, and these are just examples, is we've had great success with our IDR, which really serves as a text-to-response use case and delivering a package that not just includes some, like, core sort of IDR UVA, but also I talked about our IDR ultimate package, which also includes enhanced endpoint telemetry, unlimited sort of, like, or full SOAR capability that allows you to actually automate workflows in the environment, and network traffic analysis. And we're joining that with the ability to extend and add things like threat intelligence. Those type of packages really resonate for customers because they solve a holistic solution that customers know are deeply integrated, and that integration provides productivity. So you have deep integration that drives productivity, but you have best-in-class product capabilities, which actually drives the efficacy, which is really the name of the game for customers. So that's the first thing. The second thing that I want to highlight just as importantly, though, is that for both our customers and our sales team, Some of them get my packages up front. Some of them get upgrade packages. But some of them just want us to prove the value, which is actually great. And so one of the customer examples that I gave was a customer that came in and said, hey, look, I have these problems. Solve whatever my first problem is. And we thought it was going to be IDR, and they said, no, it's a VM problem that I actually have first and foremost. And by the way, they would not have bought more if they had not had a great experience. And so we came in, we gave them a great experience, And they said, oh, you're really delivering on that experience. And then they added sort of a cloud and then eventually the IDR. And so while we had one order in our mind, the customer had a completely different order that they wanted to prove out the value that we have. So that ability to not just sell packages but to help customers understand how they can have frictionless expansion and we can prove that we meet their needs is core to both our sustained growth but also giving customers the experience that they want.
spk04: Got it. Got it. That's really helpful. You know, Jeff, maybe for my follow-up for you, I think you mentioned this in the prepared remarks, but could you just remind us, you know, how big is VM as a percent of total ARR roughly? And can you just remind us sort of how that's growing versus security transformation? Sure.
spk02: So, you know, both VM and security transformation had a good quarter, as Corey said in the prepared remarks. Right now, security transformation is obviously our high-growth engine. VM is just under, it's below 50% now of the total. So as you can imagine, security transformation is growing faster, so it's gaining as a percent of the total. VM is still growing over 10% a year, and security transformation over 40%.
spk04: Got it. Very helpful. Thanks, guys.
spk09: Thank you. Our next question comes from Michael Turretts with KeyBank. Your line is open.
spk00: Hi, this is Eric Keith. I'm from Michael. Congrats on the really strong results. Corey, it looked like another strong quarter for customer ads accelerating again, even organically. So maybe you could just give us some color on what's driving that success, whether it's a strengthening macro, better win rates, or even if it's being driven by particular products.
spk13: Yeah, at the core, it's a combination of a strong demand environment and strong execution. So And what I mean by that is that our new ads are healthy because there's lots of demand in the environment, and we see that across the products. With the growth rates that Jeff just talked about and that I mentioned earlier, it's clear that security transformation is doing quite well, but also we are continuing to keep our momentum in vulnerability management, and we're quite happy with the sustainability and the health of that business. But the second thing is good execution by our teams, both our product teams and our customer engagement teams, because another core driver of that is we're doing a really, really good job of retaining more customers. And so our ability to actually retain more customers, retain more revenue from customers, that's continuing to improve year on year, and that also drives the net customer ad.
spk00: Great. And then one more, if I could. I mean, Corey, you earlier talked about kind of the need for customers to staff up, so I wanted to ask, actually, on your MDR offering, it seems like an area of the market that's seen stronger demand and maybe spurred by the increasingly difficult hiring environment and growing complexity of attack. So could you just talk about how you think about this market strategically as part of the broader Insight platform?
spk13: Absolutely. We think, and we've thought this for a long time, that man's detection of requirements is quite strategic. Our entire strategy, one way to think about it, it's designed around the presumption is that customers would have to be highly effective, highly efficient, and that they're going to always be talent and strength. And so we make products that address that use case, and we actually look at things like MDR that actually address that use case. Our strategy is really twofold. One, we have some of our own MDR offerings. But again, our biggest part of our strategy is to work with our managed services partners to deliver that. And we have a massive demand in the managed services ecosystem. for rapid-setting solutions to solve the managed services challenge. Now, part of our goal is we're only interested in providing high-quality managed services. So there's a lot of managed services organizations that, let's just say, are more focused on their own margin than the customer experience and customer effectiveness. And so what we've been really doing is beeping up our ability to find and mostly right now select partners that share our view on quality And customers are willing to pay for quality. We've proven that out ourselves. And so we're a big believer in the market long term. We'll continue to work with our partners to address their market opportunity.
spk00: Great. Congrats again. Thank you.
spk09: Our next question comes from Jonathan Ho, William Blair. Your line is open.
spk05: Hi, good afternoon, and congrats on the strong results. I just wanted to start out with the 40% organic ARR growth you're expecting for security transformation. Is there a way for you to maybe unpack for us, like the growth rates, are they all fairly similar? Are there certain products that are growing much more quickly? Just some additional color in terms of how you're thinking about the ST side.
spk13: Yeah, great question. We don't break it out. It just has a lot to do with our packaging strategy that we talked about earlier, especially as we do more of the experimentation. And we frankly do a better job of selling both joint deals and packages to customers. It becomes somewhat arbitrary about how you allocate so much value to this product versus this. So our primary way, the reason we break out VM is because mostly you all and our investors are interested in understanding how things like VM perform and our security transformation solutions. So we try to give you enough visibility, but also without distancing it too much from where the business is actually running and operating. And the way that we operate the business is really focusing on are we solving the customer's problems, and then are we driving share of wallet so the customers are trusting more of their security operations spend budget with us. And increasingly, the allocations when you have lots of our packets become somewhat arbitrary. So we'll continue to sort of articulate security transformation solutions at the high level so you get some sense of the growth rates, but breaking it out within that becomes increasingly arbitrary over time.
spk05: Got it. And then just in terms of the contribution from Insights, I may have missed this, but can you give us, I guess, the numbers in terms of the contribution as well as ARR coming from Insights? Thank you.
spk02: Yeah, so I'll start and Corey can add. When we acquired them, we brought on 27 million of ARR. There were about 200 employees, and, you know, they were growing over 40%. In the quarter, they contributed about $3.8 million of revenue in the quarter. And that was net of deferred revenue haircut that we took for purchase accounting.
spk05: Great. Thank you.
spk09: Thank you. Our next question comes from Brian Essex with Goldman Sachs. Your line is open.
spk16: Hey, good afternoon. Thank you for taking the question. I just want to dig into vulnerability management a little bit. And I guess maybe, Corey, if you could help us understand how you're thinking about that business, given its growth rate relative to the rest of the business and the rate of growth of some of the peers. Is that just a steady kind of growth business and maybe the – I guess maybe if you can compare and contrast the sales incentives from the sales force on that side of the business versus security transformation, and then I have a follow-up.
spk13: Yeah, and I'll just reiterate for anyone who missed it is that, you know, what we said and maintained was our expectations of the growth rate of vulnerability management to be over 10%, and we think that has durability there. We also think that from a long-term perspective, we still expect to take share in the market overall, and we expect to take significant usage share in the market if you think about people using vulnerability management solutions. Part of the reason that we continue to invest heavily in a market-leading VM solution from an R&D perspective, is we think it's strategic to our customers. And so while we have parts of the business, specifically our security transformations, that are going faster, we think vulnerabilities are an incredibly both strategic and healthy part of our business long term. And so we actually treat it like that. We invest in it. We continue to do innovations and enhancements around it. What I would say you'll see over time, again, is we are indifferent to the line item distribution allocation. What we're really, really focused on is how customers consume and then maximizing that share wallet that we talked about earlier. And so, again, as we move forward, I would say our goal is to make sure that we're leading, especially in terms of usage around vulnerability management, to actually continue to gain share in the overall market and to grow our AR for customer and the share wallet strategically. And we think all of those are self-reinforcing with one another.
spk16: Got it. Got it. That's helpful. And then, and maybe just as a follow-up, I don't know if you saw, but the Biden administration issued an operational directive to federal agencies this afternoon to reduce known vulnerabilities. And I guess the question is, you know, how much exposure do you have on the federal side? You know, from your experience, when these kinds of announcements are made, how long does it take to trickle down to state, local, and SMB and then large enterprise as maybe that's kind of a leadership by example type issue?
spk13: We've seen good progress on the federal level, but to be clear, we're still early innings. We have both our FedRAMP and our expanded sales and customer engagement for the public sector that we expect to expand significantly over the next five years. But that said, we've seen great progress to date. As far as how the mandates – quote unquote, trickle down to the broader environment. We think it's positive. Like, look, but today you actually have most both CEOs and boards of directors that are aware. I don't know if this adds anything incremental. So I think it actually increases our confidence in our public sector investments. And I think it definitely has some implications potentially on state and local budgets, which I think is extraordinarily positive. But for the corporate sector, we've seen really, really good. What we're hearing from our customers It's just really good engagement with both the executive team and the board of directors, which provides lots of the air cover and support for a long-term healthy environment.
spk16: Got it. That's helpful. Thank you very much.
spk09: Thank you. Our next question comes from . Your line is open.
spk06: Yeah. Hey, guys. Congrats on the strong air performance. It's nice to see that organic acceleration. So I want to talk about CloudSec. It's been quite a few days since the acquisition of DiviCloud, obviously bringing you CSPN. But I'm wondering if you can provide some customer interest, maybe adoption trends around some of the newer parts of that product, the cloud workload protection, cloud identity, and access management. And then also maybe you could comment on how you see customers buying that solution set. Is it the whole – portfolio, or is it more of a land and expand type of sales motion?
spk13: You mean within the cloud tech portfolio? I'm not sure I understand the question.
spk06: Yeah, the cloud tech portfolio, including CSP, cloud workload protection, cloud identity.
spk13: Yeah, I would say one, we're seeing very, very healthy demand for cloud in general, which you would expect with the digital transformation. And so we have a lot of confidence, both near term and long term, about the opportunity in cloud sec, especially if you have digital transformation. As far as the process of the packaging, it's early days. We definitely see both people starting with sort of like one part of the solution and expanding. Part of the reason we started our investment with cloud security posture management is that tended to be how lots of customers started their journey. But If you look at both the IAM and Cloud Workload Protection, we say lots of customers are just like, hey, just give me the solution up front because I actually want to look at the holistic. I don't have a determination right now, nor am I that overly concerned. Just like my discussion on price and packaging earlier, is we really let the customer preferences drive it. Now, we don't give them an overwhelming number of choices because that would just cause some stress and anxiety. But we try to give them concrete choices that say, listen, you can control your rollout and your journey uh, in the path that best suits you. And so when they purchased it all at once, which we have some customers that do, or whether they actually sort of like buy it as they actually use the capabilities, um, we have customers doing both of those things today and we have not steered customers either way.
spk06: Yeah, that makes sense. Um, And then I think also just looking forward, Corey, we'd love to hear your thoughts on how you see that CloudSec portfolio evolving, where you think there might be holes that would be a natural fill-in for the company over time.
spk13: So I think that, well, I can't answer the question about the holes, but that has more to do with the earliness of the cloud market in general. I know we think about stuff like cloud security and cloud applications and It's something that's been around. But, look, this is really sort of like if you look at mainstream adoption, a recent five-year thing. And so if you look at the massive shift in how we've actually managed and deployed technology in the cloud over the last five years, there's been some big shifts, and there will be even bigger shifts. So this is the one area that we're going to be invested in and we have the capacity to invest in. organically and unorganically to make sure that we stay relevant. But if you had asked me three years ago, I had no clue that identity would be such a big opportunity. But we actually noticed 18 months ago or two years ago that identity is a really, really significant opportunity, and we allocated the resources to organically build out that identity solution. And so that's kind of the approach. Cloud is still early stages. We have a great portfolio in cloud, and that portfolio absolutely will evolve because the cloud market itself will evolve.
spk06: Right. Very helpful. Thanks, Corey. Thank you.
spk09: Our next question comes from Brad Rebeck with Stifel. Your line is open.
spk03: Great. Corey, maybe following up on those last comments, when you're walking into an existing customer or a net new and you're selling them, we'll say the entire platform, Is most of the net new products that you're selling them greenfield opportunity as opposed to the customer replacing a legacy tool?
spk13: It's a great question. You know, we see greenfield and legacy. The more up markets you go, our larger accounts, we see more replacements. The only thing I would say is that by and large, the majority of what we're seeing is is replacements of things that are unhappy and inefficient or greenfield and so meaning that like it's not that we're our sales team very um does not very often go try to convince customers to actually go replace something that the customer is happy with or satisfied with most of the time the customer has some level of satisfaction even sometimes with great products they're just like you know, they're too hard to use or they're too expensive or they have gaps. And so, like, the fragmentation causes me to actually not be able to train up my team efficiently. And so, by and large, the way to think about it is we're selling to either greenfield or dissatisfied customers. And, you know, what I hear from our sales team is that that's not sort of like an opportunity limit. There's lots of people there. that are dissatisfied, and that's mostly because the market has not focused on productivity, the user experience, or how to make sure that customers can actually have the results they want at a reasonable cost. And those are all problems that we're tackling and solving.
spk03: That's great. Thanks very much. Thank you.
spk09: Our next question comes from Adam with Raymond James. Your line is open.
spk01: Hi, thanks. This is Alex. I'm for Adam. Just curious, with the number of monitoring vendors moving into AppSec recently over the last few months, how do you think the competitive dynamic may shift? And with so many vendors, do you think there's any risk that application security becomes commoditized at any point in the future?
spk13: It's a great question. One, we participate, but AppSec is a highly fragmented market to start off. And so I would say that, yes, there's more vendors than anything, but application security out of all the markets that we purchase. And it's a smaller part of our business. It's very healthy, but a smaller part of our business. It is also the most fragmented ecosystem and part of the business. Would it become commoditized? I don't think so. And the primary reason is that if you look at the foundations, people are building more apps than ever before. And by the way, if you think about the other side of the equation, is that we had a really difficult global cybersecurity ecosystem when it was professional ISVs building applications. Now we have a bunch of professional ISVs and a whole bunch of organizations who are new to actually building commercial-grade applications who are building it sort of at scale and faster than ever. That should be a robust opportunity for security. That said, we see some of the biggest opportunities in the cloud and as we extend backwards. And so I think the application security market is highly fragmented. It, just like the cloud I talked about, will evolve over time, but I don't see near-term commoditization even with the competition and even seeing players coming in from other markets who actually have great relationships in application security space join it. I see many of those players joining it to actually participate in the upside, not just to actually drive it to zero, but we'll see where it goes.
spk01: Perfect. Thanks. And then in case I missed it, just a housekeeping question. Can you speak to net retention rate or any changes in gross retention rate?
spk02: We haven't been disclosing it, the net retention rate, but what we will say is that it has improved sequentially over the past few quarters, and we've done a very good job with that area of customer retention. We've invested in it. but we aren't disclosing the specific metric anymore. Perfect. That's helpful. Thank you.
spk09: Our next question comes from Greg Moskowitz with Mizuho. Your line is open.
spk07: Okay, thank you. Good afternoon, guys. So the 58% rest of world revenue growth was pretty remarkable. I think it's been five years since we've seen that type of growth, and the compare that you faced this quarter was actually the toughest that you'll face all year. You know, Corey, were there any regions that were particularly strong for Rapid7 that you would highlight?
spk13: You know, the growth internationally is strong. It was not sort of like specific to a single region. We saw all I would say broad-based health. It wasn't the same across the board. We saw broad-based health and growth and strong growth across the board, across all regions. I think a big part of that was, I think I've talked about this dynamic before, is that internationally it's a lot more work to actually get, especially if you have new offerings, to get both the channel, the branding, and the sales team sort of like selling the platforms. I think our international leadership team and sales team to go to marketing and customer services team have done a very, very good job of shifting to the platform from some of our traditional transactional offerings like Metapoint, which is great, highly strategic, highly valuable. But as they've shifted over to the platform, that's helped drive the growth. And frankly, they also improved the customer retention. That's also driven growth.
spk07: All right, perfect. And then just as a follow-up, how is the labor market from your vantage point?
spk13: Yeah, well, let me just make sure Jeff didn't have any follow-up comments on the last question because he has lost perspective.
spk02: Yeah, yeah. I just wanted to mention, Greg, that we did benefit. There was a tailwind for the insights acquisition, which wasn't in the prior year numbers. So they have a greater percentage of international revenue. So that contributed to the 58%. But international revenue was very strong and grew in excess of our overall ARR rate this quarter.
spk07: Thanks, Jeff. And then, Corey, any thoughts on the labor market?
spk13: Yeah. So, V, it's a great question on the labor market. Look, we're experiencing the same thing that everyone else is experiencing. The labor market has definitely tightened. I think that from my perspective, I think we're probably a net beneficiary. And what I mean by that is that if you look at our hiring plan, we perform well against our hiring plan. If you look at attrition, attrition is not as good as it was in 2020, where people really crave job stability. But it's normalized from what it was in 19, so over the period. So it's more normalized versus some of these super high crazy attrition I think that some organizations are seeing. And we're seeing that we are our employer brand and our focus on culture. has been able to net attract talent in. Now, one of the biggest challenges that we have, frankly, as we go forward, is that as we've seen greater growth as a demand environment, we've actually invested in hiring to support that growth. And so we opened up that capacity to make sure that we were supporting the customers and to support the growth as we go into next year. And that's a lot in this talent market right now to actually expand your hiring. In this talent market, But that's it. We're having success, but it's something I watch and we talk about on an ongoing basis.
spk07: Very helpful. Thank you, guys.
spk09: Thank you. Our next question comes from Zofatawala with Morgan Stanley. Your line is open.
spk11: Hey, guys. Good afternoon, and thank you for taking my question. Corey, maybe just one question for you. You know, really strong growth in new customers. I was wondering, just given the rising threat environment, to what extent is the growth in insight IDR being influenced by more deals around incident response? Is that something that you're seeing contribute more to larger customer lands in particular? Thank you.
spk13: Yeah, I think you mean they're not incident response services, meaning that customers have an incident response. And therefore, they're upgrading their services. Yeah. And so, well, so one is, I would say, service is not a material driver of that business. I mean, we have a services business. But you can think about the services business as for us being most about having the capacity to serve our customers and getting intelligence about what's happening in the event environment. So services, in that way, for internet response, are a business driver. Now, one of the drivers is, is customers have incidents and they decide to upgrade their monitoring capability. And that's a great driver for us. I don't have statistics on it because, as you can imagine, not every customer that upgrades tells us that they have an incident. Some of them want to talk to them one-on-one or actually share that, but they don't always share that with salespeople. And so I would say we don't have a statistical answer around that. But I would say that we definitely know that that's a driver. Thank you.
spk12: Yes, thank you very much. Is there a reason why the professional services revenue growth spiked to 34% from like 12% in Q2? Was that insights as well?
spk02: No, just overall we had stronger bookings in the quarter, which led to delivering more revenue this quarter, but there was nothing significant. unusual in that other than the volume increase this quarter.
spk12: So with that strength that you're seeing, do you expect services revenue growth to be elevated compared to the past for the next several quarters?
spk02: You know, it's not a big part of our business. As you can tell, as Corey said, it does lead to product revenues. I think the way you should look at our professional services going forward is it'll be in that mid to high single digits growth over the next four quarters, over the next year. Okay. Thank you.
spk09: Thank you. And I'm sure no further questions at this time. I'd like to turn the call back over to Corey Thomas for closing remarks.
spk13: Thank you all so much for joining us today on our earnings call. And I hope that all of you are healthy. And I look forward to speaking with you all later on the next call.
spk09: This concludes today's conference call. Thank you for participating. You may now disconnect.
Disclaimer