This conference call transcript was computer generated and almost certianly contains errors. This transcript is provided for information purposes only.EarningsCall, LLC makes no representation about the accuracy of the aforementioned transcript, and you are cautioned not to place undue reliance on the information provided by the transcript.
spk00: Good day and thank you for standing by. Welcome to the Rapid 7 fourth quarter and full year 2021 earnings conference call. At this time, all participants are in a listen-only mode. After the speaker's presentation, there will be a question and answer session. To ask a question during this session, you will need to press star one on your telephone. Please be advised today's conference is being recorded. If you require any further assistance, please press star then zero. I would now like to hand the conference over to your host today, Sunil Shah, Vice President, Investor Relations. Please go ahead.
spk03: Thank you, Operator, and good afternoon, everyone. We appreciate you joining us today to discuss Rapid7's fourth quarter and full year 2021 financial and operating results, in addition to our financial outlook for the first quarter and full fiscal year 2022. With me on the call today are Corey Thomas, our CEO, and Tim Adams, our CFO. We have distributed our earnings press release over the wire and is now posted on our website, investors.rapid7.com, along with the updated company presentation and financial metrics files. This call is being broadcast live via webcast, and following the call, an audio replay will be available at investors.rapid7.com until February 16, 2022. During this call, we may make statements related to our business that are forward-looking under federal securities laws. These statements are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995 and include statements related to the company's positioning or future goals and financial guidance for the first quarter and full year 2022 and and the assumptions underlying such goals and guidance. These forward-looking statements are based on our current expectations and beliefs and on information currently available to us. Actual outcomes and results may differ materially from the expectations contained in these statements due to a number of risks and uncertainties, including those contained in our most recent quarterly report on Form 10-Q and in the subsequent reports that we filed with the SEC. The information provided on this conference call should be considered in light of such risks. Actual results and the timing of certain events may differ materially from the results or timing predicted or implied by such forward-looking statements, and reported results should not be considered as an indication of future performance. RAPID-7 does not assume any obligation to update the information presented on this conference call except to the extent required by applicable law. Our commentary today will be primarily in non-GAAP terms, and reconciliations between our historical GAAP and non-GAAP results and guidance can be found in today's earnings press release. At times, in our prepared comments or in response to your questions, we may offer incremental metrics to provide greater insight into the dynamics of our business or our quarterly results. Please be advised that this additional detail may be one time in nature, and we may or may not provide an update in the future on these metrics. With that, I'd like to turn the call over to our CEO, Corey Thomas.
spk05: Thank you, Sunil, and good afternoon to everyone on today's call. Thank you for joining us. Rapid7 finished 2021 on a high note delivering strong fourth quarter results on broad-based strength across our security transformation and vulnerability management solutions. Security transformation saw year-over-year organic ARR growth of over 50%, exceeding our expectations for the quarter and the year, driven by our team's strong execution and the growing need for customers to manage increasingly complex security environments. We ended the year with $599 million of ARR, growth of 38% over the prior year, and growth of over 30% on an organic basis. These growth rates highlight the compelling value proposition our Insight platform is delivering to our customers and support our belief that 2022 will be another strong year for Rapid7. Our commitment to executing on our growth and profitability framework is evident in today's results. We delivered nearly 100 basis points of non-GAAP operating margin expansion for the year, while accelerating ARR growth and absorbing our largest ever acquisition to date. We also saw significant scale in cash flow, exceeding $50 million of operating cash flow in 2021 and delivering $35 million of free cash flow for the year ahead of expectations. This puts us on a great trajectory to execute against our mid and long-term free cash flow targets. While Tim will share more on our operating results during his prepared remarks, these financial highlights illustrate the strength of our underlying business and our commitment to making responsible investments in growth. We began last year with our three enduring goals in mind. To enable customers to securely transition to the cloud, to expand the capabilities and value proposition of our best-in-class insight platform, and to balance our dual mandate of scaling profitably while strategically investing to drive durable growth. In March, we expanded on this vision at our Investor Day, where we outlined our medium- to long-term financial goals and elaborated on a few key opportunities, including the large and expanded addressable market for our solutions, our ability to grow ARR per customer, by cross-selling and upselling into our base, focusing on higher growth strategic customers to support this expansion, and an under-penetrated international market with significant room for share gains. During 2021, we executed exceedingly well across all of these opportunities. We accelerated ARR growth while expanding our addressable market beyond $30 billion. ARR per customer with 17% for the year approaching $60,000 per customer. Customer growth accelerated driven by increased demand and notable improvements in retention as we eclipsed 10,000 customers globally. And we saw approximately 50% year-over-year growth in our international revenue. Moreover, the escalating cyber threat landscape we experienced throughout the year validates the durability of these opportunities as customers transform their businesses, Cloud adoption gains pace, and the ability to manage cybersecurity risk becomes even more challenging. These issues are now a top priority for executives and boards, particularly as the labor market for security professionals tightens and regulatory scrutiny and brand risk increase. These market conditions provided a healthy secular backdrop for our strong growth in 2021 and should support durable ongoing growth in 2022. I highlight three areas that are driving our success today. First, our Insight platform provides customers with a broad-based integrated suite of best-in-class security operations solutions. We've invested in and expanded our capabilities over the last few years to build a leading position in the extended detection and response, cloud security, and vulnerability risk management markets. We've further strengthened our our customer value proposition by adding platform services including SOAR and Threat Intelligence to provide security teams with comprehensive visibility, analytics, and automation that they need to manage an evolving IT environment. The depth and breadth of our platform is increasingly becoming a competitive differentiator. It's driving demand with our customers, particularly as security teams look to consolidate an increasingly fragmented set of security solutions. This is demonstrated by the strong growth we saw across our Insight platform throughout 2021, with particular strength driven by our security transformation solutions, which now represents the majority of our total ARR. We see a long runway ahead in terms of our platform opportunity as we expand our base of multi-product platform customers. The recent long for the shelf vulnerability highlights the value of holistic visibility and monitoring our Insight platform can provide in helping customers to drop better security outcomes. Beyond the critical importance of Insight VM and providing visibility to the risk in customer's traditional environments, customers are leveraging Insight CloudSec to identify vulnerable cloud instances, Insight IDR to monitor for attacker behavior related to log for sale, our application security capabilities to both monitor and block against attack attempts, and Velociraptor for forensics analysis of exploitation attempts against the vulnerability. The scope of incidents like Log4Shell demonstrates the persistent nature of the elevated threat landscape our customers are facing today and why we expect cybersecurity will remain top of mind for organizations of all sizes as we look ahead. The second aspect of our business I want to highlight is our market leading incident detection response. As the topic of XDR gains minds here, Many of you have asked how Rapid7's Insight IDR is delivering customer impact in this area. The answer is that we've always approached IDR from this perspective. When we began building IDR in 2013, most people were focused solely on data collection. Rapid7 took a detection-first approach, hence the name, Incident Detection and Response. By combining leading data collection capabilities on our Insight platform with detections From our analysis of attacker behavior and layering on user behavior analysis, file integrity monitoring, and compliance dashboards, we were able to build not just a market-leading SIEM, but also a market-disrupting capability to detect and respond to attacks more effectively. We have since extended the breadth and depth of our offering at a rich capability, including endpoint detection and forensics, and network traffic analysis, to provide more comprehensive visibility across customer environments, as well as embedding automation to drive productivity to help customers deliver better security outcomes. Our investments in natively integrating these capabilities is why customers are choosing Insight IAR to help minimize the seams and gaps that exist in their fragmented technology environments today. We continue to invest in extending our platform capabilities most recently via the addition of Insight's best-in-class threat intelligence offering. We remain early on our integration efforts, but have begun to see the vision of combined internal and external attack surface monitoring resonate with our customers. During the fourth quarter, we saw great progress on our ability to sell Insight into our existing customer base, with nearly 40% of our new threat intelligence business driven by cross-sell. A great example of this was a six-figure competitive displacement with a well-known global food and beverage brand. The customer added threat command alongside our detection and response and vulnerability management solutions, in part because of the enterprise-relevant alerts and the ability to automate workflows to improve the efficiency and effectiveness of their stock. We remained bullish. on our long-term opportunity to deliver a market-leading XDR solution to our customers as we continue to integrate threat intelligence into IAR. Lastly, I'd like to take a moment to discuss the emergence of our cloud-native security platform, Insight CloudSec. Digital transformation and the accelerating customer shift to cloud-based infrastructure is disrupting security programs. Cloud environments are more dynamic and scale at a different pace than traditional IT environments This is why security teams are increasingly looking for solutions that are built from the ground up to manage the unique risk in their cloud environments. While the cloud security market remains in its early days, it is clear to us that success in securing the cloud relies on holistic data collection, analytics, and automation, all capabilities that are core to Rapid7's DNA. This is how we have architected Insight CloudTech. by integrating three critical areas of technology to bring together multi-cloud data for rich visibility and analysis across cloud posture management, cloud workload protection, and cloud identity and entitlement management. We continue to innovate and invest heavily in this space, given the massive opportunity ahead to help our customers migrate securely to the cloud. Our approach is resonating with customers, as evidenced by a competitive six-figure deal with a Fortune 500 company The customer's homegrown approach to securing and growing multi-cloud environments was struggling to scale with the pace of their cloud development. They selected Insight CloudSec for our scalable automation, seamless integration with Insight VM, and our public cloud provider coverage that few competitors can match. Our swift time to value and out-of-the-box capabilities provided tangible benefits for the customer, allowing Insight CloudSec to become, in their words, a cornerstone of their security program. As we look across all three of these areas, we expect that many of the market dynamics we experienced in 2021 will continue to intensify in 2020T. The attacker landscape continues to become more hostile and the pace of innovation, particularly the move to the cloud, is accelerating and the security cap is getting wider. it is clear that security now has a permanent seat at the table in executive and board discussions. And we expect this to fuel durable growth for our best in-suite insight platform as we look ahead to 2022. These dynamics are also impacted by the increased turnover many companies are facing in today's labor market, exacerbating what has already been a tight talent environment for cybersecurity professionals. Rapid7's sustained focus on addressing the needs of resource-constrained customers by delivering best-in-class productivity and efficacy of security programs while lowering the cost of operations positions us well to drive strong customer impact through our Insight platform in this environment. As we march forward into 2022, we remain committed to executing against our three enduring goals for Rapid7. enhancing our customers' ability to securely transition to the cloud, building out an increasingly integrated best-in-suite platform experience, and driving sustained profitability growth. We believe that secular tailwinds in security and the evolving IT environment put us in a great position to execute on these goals in 2022, and we're confident that we have the right technology and people to drive another year of durable growth. Our team remains committed to delivering on our 2025 goal of becoming an over $1 billion Rule of 40 company, and we see great line of sight to achieving that given our strong execution in 2021. Amidst an ever-escalating cyber threat landscape, I am tremendously grateful to all of the security professionals around the world who work tirelessly to keep our technology environment safe. The Log4Shell vulnerability strains security teams at the end of an already busy year, and I'm proud of our Rapid7 team for their commitment to supporting our customers during the ongoing remediation efforts. We know that the threat environment will continue to escalate, impacting organizations of all sizes, and that gives us conviction in the importance of our mission to make the best in security operations achievable to all. Thank you to our team and to our customers for supporting us on this journey. Before I turn the call over to our new CFO, Tim Adams, I would like to thank Jeff Kolowski for his significant contributions over the last five years. When Jeff joined the company, we had a VM solution and an annual revenue run rate of around $150 million. Today, we have broad-based, best-in-class security operations platform generating nearly $600 million in annualized recurring revenue. Jeff was a critical player in this transformation. We wish him all of the best in retirement. Tim, we're thrilled to have you on board as we usher in the next chapter of Growth for Rapid7. And I'm excited about all the great experience you will bring to our leadership team. Thank you for joining us today. And now I will hand the call over to Tim.
spk02: Tim? Thank you, Corey. Good afternoon, everyone. Thank you for joining us on the call today. I look forward to working with all of you and hopefully meeting you face-to-face in the near future. First, let me say I'm very excited to be part of such a great company. I have known Corey and the Rapid7 team for a few years and I am truly honored to be here. I've been on board for just over a month and I have been impressed by the level of talent and experience across the organization. There is a strong culture of collaboration, teamwork, and customer focus. As one of the executive leaders, I will be working across the company to ensure that we continue to align our business and finance strategies to support our overall growth and long-term financial targets. Now, before I turn to the results, a reminder that except for revenue, all financial results we will discuss today are non-GAAP financial measures unless otherwise stated. Additionally, reconciliations between our GAAP and non-GAAP results can be found in our earnings press release. Rapid7 delivered strong fourth quarter and full year 2021 results. Total ending ARR of $599 million grew 38% over the prior year, driven by growing customer demand across our portfolio of security transformation and vulnerability management solutions. ARR growth was over 30% on an organic basis in 2021, and acceleration over the prior year and highlights Rapid7's exceptional ability to drive durable growth as we scale our business. Four-year revenue of $535 million grew 30% over the prior year and exceeded the high end of our guidance range. Strong demand for our insight platform solutions drove product revenue growth of 31% over the prior year to $501 million. As Corey shared earlier, the need to manage risk across an increasingly complex IT environment fueled organic growth of over 50% in our security transformation solutions ARR in 2021. I am thrilled to share that our security transformation solutions now represent the majority of our total ARR. We continue to see a healthy mix of growth coming from both new and existing customers during the year. in addition to experiencing strong and improving customer retention rates throughout the year. Our customer base grew 18% over the prior year, ending 2021 with over 10,200 customers globally. Our expanding suite of leading security solutions and the compelling value proposition of our Insight platform is underscored by the ARR per customer of 58,300 at year end, which is up over 17% over the prior year. Our commitment to driving durable growth while expanding margins within our profitability framework is clear in our operating results. Rapid7 generated approximately $8 million of operating profit, a year over year improvement of nearly 100 basis points and $35 million of free cash flow during 2021. both of which exceeded our guidance. We were able to achieve these results while increasing our investments and growth, absorbing our largest acquisition to date, and hiring and retaining talent in a more competitive labor environment. Now turning to our fourth quarter results. Total revenue in Q4 of $152 million was up 34 percent over the prior year and above the high end of our guidance. Product revenue grew 35% year-over-year to $141 million. Our international revenue grew 59% and represented 20% of total revenue for the fourth quarter, while North America revenue grew 29% over the prior year and represented 80% of total revenue. Product gross margin was 75% in the quarter, while total gross margin for the quarter was 71%. down slightly from the prior year, but in line with our range of expectations. As we've shared previously, we continue to expect product gross margin to trend in the mid-70s and overall gross margin in the low 70s. During the fourth quarter, we continue to invest in growth and innovation and absorbed a full quarter of expenses from our insights acquisition. Sales and marketing expenses grew 34% year over year and represented 44% of revenue as we ramped investments to position ourselves for growth in 2022. R&D investments grew 45% year over year and represented 22% of revenue, while G&A expenses grew 31% and represented 9% of revenue. Our ability to reinvest our top-line overperformance from the second half of last year provides a strong foundation for growth in 2022 while maintaining the commitment to executing against our profitability framework. Fourth quarter operating loss of $6 billion was slightly better than our guidance. Our adjusted EBITDA loss was $2 million in the quarter and net income per share was a loss of 16 cents. Moving to our balance sheet and cash flow. We ended the year with cash, cash equivalents and investments of $258 million compared to $310 million at the end of Q3 2021. The reduction was primarily driven by the November redemption of the remaining $45 million of our convertible senior notes due in 2023. We delivered better than expected fourth quarter and full year cash flow from operations, reflecting strong ARR growth and we exceeded our expectations by generating $35 million of free cash flow in the year. This brings us to our guidance. The strong results we achieved in 2021 highlight the large and growing opportunity we have to deliver our best and sweet insight solutions to customers as they face an increasingly complex risk environment. Our demonstrated success across the three areas that Corey elaborated on, the breadth and depth of our insight platform as customers look to consolidate down to strategic security vendors, our unique approach to delivering a market-leading extended detection and response solution, and our early traction in helping customers migrate securely into the cloud provide a solid foundation for our outlook into 2022. With that in mind, for the full year 2022, We expect an ending total ARR of $740 million to $750 million, which represents growth of 24% to 25%. We plan to share relevant ARR guidance updates likely in the second half of the year. We expect total revenue for the full year to be in the range of $682 million to $690 million, representing growth of 27% to 29%. On profitability measures, we anticipate non-GAAP operating income to be in the range of $17 million to $24 million for the full year, with non-GAAP net income per share in the range of $0.05 to $0.16. This is based on an estimated 60.9 million diluted weighted average shares outstanding. For full year 2022, we expect to generate strong growth in operating cash flow which when coupled with slightly higher CapEx infrastructure investments to support our growth, should drive healthy overall growth and free cash flow to a range of $40 million to $45 million for the year. The operating margin expansion we expect in 2022 reflects our growth outlook and is consistent with the profitability framework we have previously outlined. Moving to quarterly guidance. For the first quarter of 2022, we expect total revenue in the range of $153 million to $155 million, representing year-over-year growth of 30% to 32%. We expect a non-GAAP operating loss for the first quarter in the range of $7 million to $5 million, driven in part by early-year investments and some annual Q1 events such as kickoff. We expect a non-GAAP net loss of 18 to 15 cents per share for the quarter, which is based on 58.3 million basic weighted average shares outstanding. In conclusion, we remain committed to driving durable growth and margin expansion within our profitability framework as we continue on our path to becoming an over $1 billion Rule of 40 company. Thank you for joining us on the call today. And with that, we will open the call for questions. Operator?
spk00: Thank you. If you have a question at this time, please press star then 1 on your telephone. If your question has been answered or you wish to remove yourself from the queue, please press the pound key. And our first question comes from the line of Rob Owens with Piper Sandler. Your line is open. Please go ahead.
spk07: Yeah, good afternoon. Thanks for taking my question. Obviously, a strong quarter punctuated by acceleration and looking at that organic ARR number, it's clear the environment's as good as it's ever been. So Corey, with the vulnerabilities out there with all the attacks, do you have any sense, is there a pull in the demand that we're seeing right now? Curious how sales cycles are trending and how sustainable are these levels? And I do note that it does look like you're going to hit your midterm goal of $750 million in ARR one year early just based on your guidance alone.
spk05: No, Rob, it's a great question. So one, I would say the demand environment overall is quite healthy. We started highlighting that at the tail end of last year. And I think it's driven partially by some of the big name, either vulnerabilities or compromises. But I do think that it's actually moved to a level where this is on the permanent agenda now of both CEOs and boards. And we think that's a very good backdrop for our business and our organization overall. Now, I think part of the thing that has allowed us to capitalize on that well is I think that our team has a great story and great delivery on the ability to give customers the productivity they want and the efficacy they want. And lots of organizations are looking for both of those. So just because it's in demand, they still want efficiency and productivity. And I think that's really the story that transcends. And so to answer your core question is we think that that is durable. sort of like the latest fad or the latest breach or the latest compromise, we tend to focus on, like, what's the long-term outlook and prospect. And we are seeing a high level of focus by customers, and we do think that we actually have durability of opportunity ahead of us.
spk07: Great. Thank you. Thank you.
spk00: Thank you. And our next question comes from the line of Luke Hillel with Barclays. Your line is open. Please go ahead.
spk14: Okay, great. Hey, guys, it's Sackett Kelly at Barclays. Thanks for taking my questions here, and welcome, Tim. Thank you. Corey, maybe for you, I was wondering if we could talk a little bit about the cross-selling success this year. You know, to your point, nearly $60,000 in ARR per customer with just the bigger, best, and sweet, as you noted. How do you sort of think about the cross-sell effort going into 2022 as that list of products kind of continues to expand?
spk05: We've thought of, as you know, we've expanded our product portfolio over the last few years. Our focus, first and foremost, was making sure that we're making the right products that customers want to adopt. I think, hands down, we nailed the formula for how do you actually deliver highly effective, sophisticated products that are also adoptable and consumable and accessible by a wide range of customers. And so we feel we actually got that right. And for that part of the equation, you know, it was incredibly important not just to actually wholesale the package, but to make sure that each of those offerings could stand on their own. And we've proven that out over the last several years. Over the last year or so, you've heard me start to talk about packaging and pricing. I want to say that now that we've actually proven that we have this quote-unquote best of suite, and really what that means is customers aren't making tradeoffs in quality. in order to actually get the benefits of a platform and platform leverage, how do we then actually turn that into something that we can use to actually reduce friction in how customers adopt, and frankly, reduce our costs about how we actually engage with customers. And this is where cross-selling, I think, becomes quite strategic over time. And what I say is that in our pilots over the last few years, we've seen the evidence, we've seen the attractiveness of customers, and we've seen the adoption. And so what I say is we've seen the proof points. And now from here, we're continuing to scale those proof points as we go forward. So it'll be like it won't be one big thing overnight, but what we'll do is we'll get better and better at actually finding the optimum mix of adoption for customers that works for customers and works for us. Now, the one thing I'd say to keep in mind, Socket, is that when we think about adoption, we're really focused on customer adoption, not rapid-setting sales. And what that really means is we want to actually deliver technologies and sell technology to customers at the pace that they can adopt those technologies because we think that that's what leads to the most enduring success and, frankly, the best long-term customer economics. So that's how we approach it. I think we made good progress. I still think we've got lots of upside in front of us, but we're on the road that we want to be on.
spk14: Got it. That makes a lot of sense. Tim, maybe for my follow-up for you, since this is our first call all together here, Um, I was wondering if you just talk a little bit to us about, you know, what attracted you to the opportunity at rapid seven and understanding that it's only been a month, uh, you know, at, at, at the company, anything you want us to know just about your process or rigor when, when thinking about the guidance, uh, the, you know, just the overall guidance philosophy.
spk02: Yeah. Socket. Thanks. Uh, first let me reemphasize. I'm thrilled to be here. Um, I guess I've known Corey for about five years or so now, and Jeff Kalowski, and they're first-class people. They built a great company, which I think all of you will agree with, and so I'm really thrilled to be here. It's a very strong team, and, you know, in the 30-plus days that I've been here, I've had the chance to meet a lot of folks face-to-face, and you can tell they are very smart, very hardworking, very engaged, very passionate, and really focused on the customer, which I think is critically important. Corey talks a lot about the culture of a company, and I think that is very important. That really does matter to me, how we operate and behave and work with each other, and I think it's all very important. And it's very mission-driven. You know, there are a lot of bad actors out there that are creating a lot of havoc to the world as we know it, and I think we're out there really trying to get in front of that and prevent a lot of that. So I'm thrilled to be here and I look forward to working with everyone over the next several years. In terms of the guidance, we feel very good about the guidance that we put out. We think it's showing very strong growth year over year with the top line ARR range that we share. And I will tell you, I think this team does an outstanding job. They are very thoughtful. They are very thorough. And it's a collaborative approach, not just of the finance team, but we reach out to the sales leaders, Our COO, Andrew Barton, is very strong and very engaged with us. And it really is a very thoughtful process, and I feel very comfortable with how it's come together. And we feel very good about the guidance that we've shared with you today. Very helpful, guys. Thanks very much. Thank you.
spk00: Thank you. And our next question comes from the line of Matt Hedberg with RBC Capital Markets. Your line is open. Please go ahead.
spk13: Great. Thanks for taking my question, guys. And I'll offer my welcome to Tim as well, looking forward to working with you. Corey, security transformation products are clearly driving a lot of your growth, and I think it's a huge focus of TAM expansion. But obviously, you still have a pretty healthy VM business. I'm wondering if you could comment on, you know, as we think towards next year, you know, maybe the relative health of that business, you know, versus maybe some historic trends.
spk05: Yeah, so I'll – talk about both of those. Let me start by saying that I think that as we go forward, it becomes less important, mostly because of the way that we actually sell and operate to actually break out security transformation in the VM. As we actually continue to drive the cross-selling, the packaging, and the adoption strategy, we're focused much more about how to drive productive usage and consumption for our customers. So I just wanted to give that intro. And then to To address your other questions, yes, we actually are seeing great growth on security transformation, and we're seeing durable growth on the vulnerability management. We feel very good about all the aspects of our business. As you know, we're fairly rigorous about how we think about it. So security transformation, we saw extraordinary growth last year, and we see durable growth this year. You know, we've used the 40% number for a couple of years now, and that really goes to the durability, and we see that same durability as we actually go forward into the future. And when we think about vulnerability management, we see visibility as a persistent backdrop that drives not just vulnerability management, but it's also a big driver of our cloud solutions also. And so to get to your core question is that when we look at our complete portfolio, we see extraordinary opportunity across the entire portfolio. And most importantly, we see the opportunity to actually meet customers wherever they are on their journey. And one of the things that I think our sales team is really operationalizing is with the help of Andrew and a bunch of other people, is this mindset that we can go in and figure out what customers' most pressing issues are and address those issues wherever they are. And then from there, we can actually expand their success with adopting other solutions.
spk13: That's great. Thanks, Corey. Maybe just a really quick follow-up, and it sort of touches on sort of something you mentioned in your script. But, you know, did Log4J have any impact on your Q4 growth rates? And how do you think about that as a potential solution? demand generator sort of benefit to 2022?
spk05: Yeah, it's a great question. So we treat all of these things as healthy backdrops. But keep in mind, we don't go in and sell into any type of breach and crisis. Like we're very focused on how do we help customers with their long-term security program. What we think that these things do is it reminds customers about why security is important. And that's what we actually sell into is how do you actually build great security programs and the importance of security. So we work very hard with our sales team to focus on the long-term aspects and not just sort of like using really painful incidents that happen for our customers as the reason that we go in and sell. But yet still, they provide incredibly healthy backdrops for customers to understand why security is incredibly important.
spk02: Thanks, Fort.
spk05: Thank you.
spk00: Thank you. And our next question comes from the line of Brian Essex with RPA. Goldman Sachs. Your line is open. Please go ahead.
spk04: Hey, good afternoon. Thank you for taking the question. First of all, Tim, congrats on the new role. Looking forward to working with you again. And then, Corey, maybe if we could talk a little bit about the algorithm for growth throughout the year. You had really balanced land and expand between customer growth and expansion within existing customers. Are we looking at the same algorithm in 2022? And then maybe on the back of that, could you talk about investments you've made in sales and marketing, the sales force and pricing configuration that might either drive that consistency or trend it one way or another away from the historical trend? It's a great question.
spk05: I'll remind you as when I think about sort of like the drivers of growth, and you really alluded to the two of them. You know, we either landed new customers or we're driving ARR. per customer. And we have a big focus on both, but with the opportunity and the TAM in front of us, it's an incredible opportunity on the ARR per customer, which is a heavy focus. What we said on analyst ethics still holds today. We expect ARR per customer to actually be, over the medium and longer term, a higher-growth contributor than adding new customers. And it's not because adding new customers is not good. We love to add new customers. It's just that we also have so much opportunity to actually provide great service to our existing customers. And that's a heavy part of the focus. The other thing I remind you is that while we occasionally provide sort of like spiffs, we actually don't provide structural incentives that are about how our sales teams have to actually grow. And the reason that's important is that you would actually expect how sales teams actually focus a lot of their time and attention on customer grace, especially when we have so much potential for a customer. And so if you ask me, I'll go back to the original outlook that I gave at the Amos Day last year, is that, listen, we think that we can actually grow ARR per customer and consistently drive that forward. And we actually think that we can grow also new customers, but it won't be at the same pace over the medium term as ARR per customer growth. That said, last year we were quite happy with the dynamics. And if the dynamics flip around this year, we're fine with that, too. It's not something that we're managing. We're really managing the quality of our customer adoption.
spk04: Got it. Super helpful. And maybe just to follow up, I guess jump on this one, given that Tim's only been there a short time. But on the TAM, how do you think about the way that your customers are thinking about cloud security spend? And I know some of your peers have talked about, you know, five to six percent of You know, total cloud IT spend should be the number, but it's still an evolving market, and I think pricing still has to be worked out. But any kind of reconciliation there in terms of, you know, where there might be upside-downside to your TAM estimates and how you kind of thought about addressing the opportunity there?
spk05: Yeah, I'll start. We tend to be pretty pragmatic with the TAM estimates, and we revised them over time. I think we revised it again in this deck if you look at some of the materials that And the way that we actually think about it is it's really based on what we think the realistic potential is for customers, and we revise those over time. As you said, cloud is still early in general. I mean, we're still early in the overall cloud adoption cycle for customers. We're still early in the types of services that customers are adopting, and yet still we're seeing both good success and it's something that we're incredibly excited about. And so I think cloud is one that you could absolutely have revisions in the future, but it's premature to do that sort of today because, again, we want this to actually be durable with customers. And so I would say that our cloud estimates that we just updated are very good and we feel great about today, but the cloud market is evolving, so you can expect that to be, as it evolves, something that, as it makes sense, we'll revise that in the future.
spk02: Brian, let me get a census too. Yeah, go ahead. Sorry. But let me just add to a comment Corey made earlier, is that you're really capturing the mindshare now of the C-level suite and at the board level and certainly at audit committee levels of this broader framework of cybersecurity and what are we doing and how do we feel about our environment is top of mind, you know, right at the level where you want to be. And my experience has been over the past couple of years, you see folks really willing to invest more Because the downside of having an event far outweighs the additional investment that they want to put to work. Got it. That's super helpful.
spk04: Thank you very much. Thank you.
spk00: Thank you. And our next question comes from the line of Fatima Bulani with Citi. Your line is open. Please go ahead.
spk01: Good afternoon. Thank you for taking my questions. And Tim, very nice to telephonically meet you. Corey, I have one for you and one for Tim, so I'll start with you. You alluded to the international performance in your prepared remarks, so I just wanted to peel that onion back a little bit. You've now seen four straight quarters of accelerating growth in your rest of world execution, so I'm curious if you can take a step back and share with us any notable drivers or any patterns of observable strengths, whether that is concentrated in certain countries or certain geos or any particular products that are really driving the bus on some of your international performance and the acceleration in international business? And then my follow-up question.
spk05: Absolutely. So it's a great question. I would highlight probably two things. It's less specific geographic. We're seeing fairly broad-based adoption. I do think one of the drivers, though, is sort of like two factors. One is the demand factor is that I think cybersecurity, specifically the willingness to actually invest in cybersecurity programs, is growing. If you go back a couple of years, I used to talk about the fact that, in general, this is sort of a generalization, the global organizations did not have the same priority on cybersecurity as you sometimes found in the U.S. And I actually think that that gap is close. I think you have a basic driver that's there. I think the regulatory environment helps that, but also I just think you have an environment where people are actually paying attention to cybersecurity. So I think that's a healthy demand backdrop. The second part is probably a little bit more particular to us, is that we've done lots of innovation, but when we do innovation and we launch new offerings, like I gave the stat on the call earlier when I was talking about Jeff, is that we introduce the platform, we make new offerings available, we have new services. By and large, those new offerings and services tend to actually start their distribution in the US and they tend to start in our cloud US instances. What's happened is over the last couple of years, we've actually got those technologies distributed around the world to more cloud instances, which has been lots of great work by our core infrastructure and platform teams. And that's kind of important in a world where like data sovereignty is more and more important. So that's a helpful unlocking of potential And then we've also invested a lot in our partner ecosystems and our global sales team and global service team and global support team to actually support those customers around the world. So it's that combination of things that allows us to unlock the potential to meet the demand, and we're leveraging all the great stuff that we've actually invested in along the way.
spk01: I appreciate that, Corey. Tim, really quickly for you, appreciate it's been but 30 days in the seat. But just with respect to some of your commentary around gross margins, I can see that you're still operating within your disclosed envelope. But just wondering if there are any one tiny items in the compression we saw this quarter and really how we should think about the shape of gross margins working through calendar 22, especially as some of the cloud portfolio and cloud security solutions start hitting escape velocity. And that's it for me. Thank you.
spk02: All right. No, it's a very good question. And just to remind everyone of the framework that we shared at the Investor Day about a year ago is that we expect our product gross margins to stay in the mid-70s with total gross margin in the low 70s. And if you go back and look at previous quarters, you will see some variability quarter over quarter, which we really attribute to product mix. We go back and we take a hard look at that. And it's important to note, and Corey and I both mentioned this earlier, that we have outstanding growth this past year in the security transformation solutions growing over 50% on an ARR basis. And it now makes up the majority of that ARR. These products are earlier in the maturity curve, and we have programs in place that will drive scale and drive additional efficiency. So again, we think it's all contained within the guidance that we've given for 2022, and we stay within that framework that we outlined about a year ago.
spk01: I appreciate that. Thank you.
spk03: Thank you. Thank you, everyone. And just a reminder to try to get to as many questions as we can if we can keep it down to one question. Thank you.
spk00: Thank you. And our next question comes from the line at Jonathan Ho with William Blair. Your line is open. Please go ahead.
spk08: Hi. Let me echo my congratulations. With the strong ARR per customer growth, is there a way for you to maybe parse this out a little bit more between you know, perhaps larger platform lands, expansion in your existing assets or maybe new product additions. I just want to get a little bit more granularity on how to think about, you know, sort of the sources of that, you know, strong ARR per customer growth. Thank you.
spk05: It's a great question. Unfortunately, like there's not a simple parsing that actually gets you the answer you're looking for because it actually was, you know, with multiple contributors. We continue to execute well across customer segments, both big and small. As we talked about earlier, we talked about sometimes our different products do have different ASPs. You can see on average security transformation solutions has slightly higher ASPs than VM. But again, that depends on sort of like segment and mix. You also have different trends internationally and you have distribution. What I would say in general to actually get to sort of like the larger trends that you can actually just think about is ultimately over time there will be two big contributors to the ARR for customer. One is the obvious cross-sell, which we talked a little bit about earlier. The second is upsell, which is about sort of like what's the usage and adoption on a per customer overall. And those are going to be like the biggest things that are actually going to drive the dynamic. And what we're seeing is some combination of all of that Combined with the fact that, especially if you look at cloud and IDR, they do have higher ASVs as we continue to have success there. That actually matters.
spk10: Thank you.
spk05: Thank you.
spk10: Appreciate it.
spk00: Thank you. And our next question comes from the line of Michael Turretz with KeyBank. Your line is open. Please go ahead.
spk11: Hey, everybody. So congrats on the quarter. Tim, welcome. I want to come back to the cross-sell question. to the cross-sell question that Saket started with. Corey, I love that AnalystAid said 22% of your customers are multi-platform sales. Is there an update on that and where it's going? And importantly, can you talk about what are the specific products that most often are sold together and how are you going about packaging multiple products together in order to get those multiple product sales?
spk05: Yes. So it has continued to actually improve. I don't have an update to give at this moment, and we'll give it episodically. But it has continued to improve. And really what you're seeing right now are clusters that in some ways align with how we've actually done some of our early packaging pilots and some of the things that resonate. So you definitely see a cluster around IDR where you actually see – you know, IDR and SOAR and the enhanced endpoint delivery and other things going on. So you see things like that, and that's become part of the modern SOC normal selling motion. We're seeing the emergence of the idea of the cloud front door, where people are sort of like cloud-first users, and then they're thinking about their vulnerability management And eventually, we're seeing some early tea leaves where they're thinking about detection through the lens of how they actually think about cloud. So again, those are early indicators. And then there's some customers that are just interested in visibility. And so they actually think about both their cloud and their vulnerability management as sort of like the visibility platform. And so what our sales team is actually doing right now is really working to actually operationalize the emotions that they see. But again, the thing I would emphasize is that we want to be able to respond to how the customer thinks about it. Now, of course, we'll always have some guidance about what we see across customers, but our goal is to actually respond to our customers. So if customers want to focus on visibility, that's great. If they want to actually update and modernize their SOC, that's absolutely amazing. If they want to actually operationalize everything around the cloud, they will package over time and deliver the experience. But I just gave you the three that are the most common that I actually see the most often traction around.
spk11: Great, Corey, thanks. Thank you very much, Lauren.
spk00: Thank you. And our next question comes from the line of Jonathan Rookover with Baird. Your line is open. Please go ahead.
spk10: Hey, Jonathan. You might be on mute.
spk09: Sorry about that. Yeah, here I am. Oh, there you are. Got it. Yeah, so, Corey, I would love to hear your thoughts on the competitive landscape for XDR, specifically who you view is delivering on true enterprise-grade detection and response capability. So that's just your thoughts as the market evolves with these endpoint vendors also introducing more VR capabilities. How do you think that shakes up the space over time?
spk05: Yeah, I'll talk about the attributes of it in broad categories, just because we don't talk specifically about specific competitors necessarily. But the attributes of how I think about being winners at XDR, and there are some. I think I'll wrap this up later, but there are definitely other players. One, you actually have to be able to actually bring data in natively. And it has to actually be a broad set of data. It has to be endpoint data, network data, log data. You have to be able to bring that in, contextualize it, and then allow people to actually do two things with it. To actually be able to do high quality detections against that heterogeneous data set, and actually very, very fast automated investigations. And we think that that is gonna be, we think that's sort of like the key and essential, and we've had this thesis for a long time. And there's multiple players in the market that are actually trying to build in that direction, and I think RAPID's up in the right position. in that market at all. The second question that you're addressing is the endpoint players. I'll ignore the branding of XDR because, again, we come from different places. I'll remind the rest of you, I know you know this, is that XDR is really the combination of two things. One, it's a broad-based trend to say we can't have these gaps and these themes in terms of visibility and how we actually process information. And that's true whether you look at how we approach it from an enterprise data perspective. That's also true for the endpoint players about how they approach it from an endpoint perspective. That's also true for network players. So in some ways, everyone has to have the X in XDR because customers are not being successful with a highly fragmented technology and a highly fragmented security environment. So that's a natural customer-driven trend. It's how you actually reduce the gaps and the themes and visibility that allow you to operationalize. Now, when it comes to the idea of how do we think about how these things intersect across, and keep in mind many of these are our partners also, is that, yes, you'll actually see a lot more bleeding and overlap. So you will actually see some of the endpoint players that actually have some storage services or some data services that can take in log data. And by the way, we actually have endpoint data that actually takes in that. You're still going to end up with a pretty sizable, not like a small one, a sizable gap between endpoint players' ability to actually take in all types of enterprise data at that scale, process it, organize it, and do the compliance and the investigation and the enterprise-wide detection that we actually do. Likewise, by the way, is that we have some of the best-in-class endpoint forensics technology with Velociraptor. with large companies and governments all over the world that use the technology, but that's not the same as actually having a comprehensive enterprise endpoint platform. And so what I would say is that it gets confusing because we may use the same language, but the center of mass is different. Rapid7 is, when we talk about XDR, we are an enterprise data platform that's allowing you to collect all the relevant data across your platform, be able to actually search that, organize that, do high-quality detections on that, and then do high-quality investigations on that, consuming both the internal data sources and the external data sources, and then automate all those stock workloads. That is extraordinarily different than what the enterprise players are offering in the market today. And so that just gives you a little bit of flavor about what the difference is, but also what are the similar trends that we're all adapting to.
spk09: Yeah. Oh, that's great. Thanks, Corey. Thank you very much.
spk00: Thank you. And our next question comes from the line of Brad Reback with CIFL. Your line is open. Please go ahead.
spk12: Great. Thanks very much. Just real quick, Corey, are your customers seeing any issues with employment levels being able to deploy your solutions?
spk05: Yes. I mean, not to give you a one-word answer. It's something that we're actually tracking. And that is an area of concerns is that, again, we're very focused that When we sell, we measure ourselves on what we call the customer value realization. Did the customer get the promise? And one of the most frequent challenges is staffing capacity. And so it's one of the things that I probably spend the most amount of time on. You know, we have, I think it was asked earlier, I forgot to ask this, but like how you think about some of your investments. I would say lots of our investments are going to actually how do we accelerate some of the investments that we're making to not just in ourselves, but also heavily in our partner ecosystem so that we can actually have an ecosystem that if customers can't find the resource they need, they can still get the security that they need overall. And so, yes, that is a big concern of mine and our team because customers do need talent, and they're having higher turnover. It's taking them a longer time to actually fill those gaps. And what we're doing is we're working – with our partner ecosystem to actually find ways that allow them to actually still build out their security programs as they're actually building their teams. And that's been quite well received by our customers.
spk12: That's great. Thanks very much. Thank you.
spk00: Thank you. And this is going to conclude our Q&A session for today's conference, and then I would like to turn the conference back over to Corey Thomas for any further remarks.
spk05: Well, thank you, Operator, and thank you all so much for joining us today. We enjoyed it and we appreciate your questions and we look forward to the next one.
spk00: This concludes today's conference call. Thank you for participating. You may now disconnect.
Disclaimer