Tenable Holdings, Inc.

Greetings, and welcome to the Tenable First Quarter 2026 Earnings Conference Call. At this time, all participants are in a listen-only mode. A brief question and answer session will follow the formal presentation. If anyone should require operator assistance during the conference, please press star zero on your telephone keypad. As a reminder, this conference is being recorded. It is now my pleasure to introduce your host, Erin Carney, Vice President, Investor Relations. Thank you.

You may begin. Thank you, Operator, and thank you all for joining us on today's conference call to discuss Tenable's first quarter and full year 2026 financial results. With me on the call today are Co-Chief Executive Officers Steve Fence and Mark Thurmond, and Chief Financial Officer Matt Brown. Prior to this call, we issued a press release announcing our financial results for the quarter. You can find the press release on our IR website at tenable.com. We will make forward-looking statements during the course of this call including statements relating to our guidance and expectations for the second quarter and full year 2026, growth and drivers in our business, changes in the threat landscape in the security industry, particularly regarding AI security, the expected impact of frontier AI models like anthropic mythos on accelerated vulnerability discovery, and the shift to preemptive security, our competitive position in the market, Growth and customer demand for and adoption of our solutions, including Tenable One, our exposure management platform, the expansion of Tenable One, including agentic AI security and orchestration through HEXA AI, and OT discovery. Research and development investments in Tenable One and our future results of operations and financial position. These forward-looking statements involve risks and uncertainties, some of which are beyond our control, which could cause actual results to differ materially from those anticipated by these statements. You should not rely upon forward-looking statements as a prediction of future events. Forward-looking statements represent our beliefs and assumptions only as of today and should not be considered representative of our views as of any subsequent date. And we disclaim any obligation to update any forward-looking statements or outlook. For further discussion of the material risk and other important factors that could affect our actual results, please refer to those contained in our most recent annual report on Form 10-K and subsequent reports that we file with the SEC. In addition, all of the financial results we will discuss today are non-GAAP financial measures with the exception of revenue. These non-GAAP financial measures are in addition to and not a substitute for or superior to measures of financial performance prepared in accordance with GAAP. There are a number of limitations related to the use of these non-GAAP financial measures versus their closest GAAP equivalents. Our press release includes GAAP to non-GAAP reconciliations for these measures. I'll now turn the call over to Steve.

Thanks, Erin. In Q1, we exceeded all of our guided metrics with 10% year-over-year revenue growth and 24% operating margins. Tenable One, our AI-powered exposure management platform, was 41% of new business this quarter, an eight-point increase from Q1 last year. In addition, we added 406 new enterprise platform customers and 43 net new six-figure customers. New customer ads and large deals with Tenable One continue to underscore our strong financial performance and balanced growth approach. The rapid advancement of frontier AI models is having a profound impact on cybersecurity, and there is understandably a lot of noise in the market. Recent announcements, including anthropic mythos, have demonstrated that AI can now autonomously discover software vulnerabilities at scale and speed we have not seen before. As a result, the number one question we are getting from investors is, what does this mean for the future of cybersecurity, and what does it mean for Tenable in particular? To start, as part of our ongoing research and development efforts, we are actively engaging with leading frontier AI model providers, including Anthropic, to better understand these advancements and help customers prepare for what's next in the cybersecurity industry. This is top of mind for customers, as we've seen a significant increase in inbound inquiry from our customers over the past couple of weeks, which Mark will cover later on the call. Our view is this. AI models are incredibly proficient at discovering previously unknown vulnerabilities. Number two, AI is also changing low risk vols in software quickly and at scale. And third, and finally, these two things will lead to a proliferation of new vulnerabilities and attack paths in customers' environments, overloading operational workloads for defenders. On that note, Let me be precise about where these models operate and where we operate because the distinction matters here. Frontier models like Mithos read and reason about source code. They find vulnerabilities such as logic flaws, injection weaknesses, and authentication bypasses by tracing data flows through a code base. That is application security research at the source code layer. It is genuinely impressive. and it is one stage of a much longer lifecycle for managing risk. Tenable operates on the other stages of that lifecycle, the ones that determine whether a vulnerability actually creates risk in a real customer environment. Specifically, customers need to understand their entire digital footprint and then assess for critical exposures. Exposures are much broader than vulnerabilities. They include overprivileged access, misconfigurations, shadow AI, and the real-world impact of vulnerabilities as they exist in our customer's environment. From there, Tenable works across all of these signals to prioritize and identify the likely and most critical paths of exploit by threat actors. So let me put this in pragmatic terms. There will be a window where adversaries hold a clear advantage in the AI era because we will see more exploits due to a tsunami of new vulnerabilities. That's exactly why the urgency for exposure management has never been higher. Organizations need to understand what exposures exist and which ones create real immediate risk in their environment. and then ensure those risks are remediated and verified. That is exactly what Tenable One is designed to deliver. For over two decades, we have built one of the industry's most comprehensive and proprietary data sets across IT, cloud, OT, which we have also expanded to AI infrastructure and apps and third-party data to solve the hardest problems in cybersecurity. Tenable One leverages this expansive data set of exposure intelligence to unify visibility across assets, vulnerabilities, identities, and misconfigurations, then applies business context and drives prioritized remediation across the environment. And that brings me to Tenable EXA AI, our new agentic engine, which we announced in Q1. TEXA is designed to take the prioritized exposures we identified, primarily in runtime infrastructure, and turn them into a coordinated action. It operates as an orchestration layer across the security ecosystem, automating, triage, and executing multi-step remediation workflows across a wide range of domains. Where Tenable One serves as the system of record for risk management, At its core, HEXA serves as a system of action for proactive risk reduction, coordinating work across humans and agents autonomously. It determines what matters most in the broader security context and drives the steps required to reduce exposure. This is a critical shift. Security teams today are not just dealing with more vulnerabilities. They are managing fragmented workloads across tools, teams, and systems. EXA brings all of that together, transforming exposure intelligence into coordinated execution at scale. EXA is built to execute automating complex tasks and orchestrate the right fixes across the enterprise before exposures are exploited. The result is a move from reactive response, where you wait for vulnerabilities to come, to consistent machine speed risk reduction, enabling defenders to operate with the speed and precision required in an AI-driven threat landscape. Now, with that said, we're also continuing to broaden our capabilities across asset types. We recently announced OT discovery to secure cyber-physical systems. These systems have historically required time-consuming deployments of specialized hardware, new agents, and bolt-on software to gain visibility. We've eliminated this friction by integrating OT discovery directly into our core solution inside the Tenable One platform. This is particularly important as the number of OT devices explodes with AI data centers and build-outs. And finally, before I turn the call over to Mark, I want to remind everyone we will be hosting an Investor Day as part of our Exposure 2026 Industry Conference. Investor Day will take place the afternoon of May 21st in Boston. We hope to see you there. With that, I'll turn the call over to Mark to walk through what we are seeing with our customers.

Thanks, Steve. As Steve outlined, the cyber landscape is shifting at an unprecedented pace, and the conversations we are having with customers and partners reflect that shift. We are seeing a level of urgency that is different from even a month ago. not just at the practitioner level, but across the C-suite and the board. Initiatives like OpenAI TAC program and Anthropic Mythos have triggered a surge of inbound strategic customer conversations as organizations work to understand how to prepare for a world where vulnerabilities are discovered and exploited at machine speed. And the concerns we are hearing are consistent. First, customers are preparing for a massive increase in the volume of discovered vulnerabilities. They're concerned about the real possibility that AI models, like mythos, can potentially chain multiple flaws into full system compromise. Second, they are realizing that their current remediation process will not scale to meet this new reality. A reoccurring theme from the hundreds of customer conversations we've had since these announcements is that our customers now see an increased urgency to prioritize and remediate exposures. Importantly, this is not just our perspective. Industry leaders and cybersecurity experts have been aggressively validating these points. For example, JPMorgan Chase published a blog that highlighted that AI is compressing the time from vulnerability discovery to exploitation. while patch cycles are often exceeding organizations' capacity. They also recommended that organizations need to focus effort where risk is highest, rather than chasing volume indiscriminately. Additionally, a highly respected cybersecurity consulting firm recently noted that in an AI-driven world, sustainable advantage will belong to companies that own differentiated data and are embedded in mission-critical workflows. They also highlighted a shift from software that helps users do work to platforms that automate and execute that work directly. As Steve discussed earlier, this is where we believe Tenable is uniquely positioned. Our differentiation is rooted in four main pillars. First, our unmatched breadth of telemetry, combining native and third-party signals across the modern attack surface. Our proprietary exposure data fabric, which transforms fragmented signals into authoritative context. Third, our market-leading research and exposure intelligence, which continuously enriches and prioritizes the exposures that matter most. And fourth, tenable HEXA AI within our platform, which is designed to help automate prioritization in remediation workflows to drive action at scale. Taken together, these advantages help position Tenable to lead as the market shifts towards exposure management. We believe this creates a meaningful tailwind for Tenable. As organizations adapt to this new environment, we see evidence that many organizations are recognizing that traditional siloed tools are no longer sufficient. and that consolidating onto a platform that provides unified visibility, contextual prioritization, and increasingly automated remediation is even more essential. We saw that play out in the quarter in several ways. First, our largest new logo of the quarter for Tenable One was a seven-figure transaction with a major financial institution in the Middle East. In this case, the customer displaced an incumbent competitor and chose Tenable One because they needed a more unified approach to understanding and prioritizing exposures across a large and complex environment. Second, we secured a new six-figure Tenable One deal driven by the need to secure the company's use of AI. This organization is proactively investing in to prepare for the wave of AI-driven threats and vulnerabilities that we've been discussing, and to ensure they can identify and remediate AI risk faster. And third, we closed a significant six-figure OT deal with a large public sector organization responsible for critical infrastructure. As AI accelerates vulnerability discovery and exploitation, we are seeing more organizations focused on securing operational environments where the consequences of disruption extend well beyond IT. These wins reinforce what we see as a broader market shift. Customers are moving away from tools that create more noise and toward exposure management platforms that provide context, prioritization, and automated action. This is a key area of differentiator for Tenable One. Our current momentum reinforces our conviction that our strategy is aligned to where the market is going with Tenable One and HEXA AI at the forefront of this shift towards exposure management and automated action. And finally, this week we announced an important step forward in how customers buy and adopt Tenable One with new flexible pricing and packaging. As AI drives an explosion in vulnerability discovery and increases the urgency to prioritize and remediate exposures at scale, customers are looking for platforms that can deliver value quickly without adding complexity to procurement or budgeting. Our new flex model continues to price per asset. However, pricing will be consistent across all asset types, which creates predictable spend and removes frictions as customers scale their exposure management program across their entire attack surface. Ultimately, we believe this new flex pricing will help us reach more customers, accelerate adoption, and create a clear path to broader platform deployments over time. With that, I'll turn the call over to Matt to discuss our financial results.

Thanks, Mark. Q1 was another quarter of very strong and steady execution. Revenue increased year over year by nearly 10%, and even more impressive, we converted more than half of that increase into operating income, once again demonstrating our ability to balance growth and profitability. We were pleased to have exceeded the high end of the range on every metric we guided to for the quarter and are raising our full-year outlook. Let's dive into the details. Revenue for the quarter was 262.1 million, representing growth of 9.6% year over year. The year over year growth in revenue for the quarter, as well as outperformance relative to guidance, was underpinned by a solid foundation of renewal business and an increase in new business growth. Professional services also drove upside to expectations. Our percentage of recurring revenue remained high at 96% for the quarter. We're continuing to see growing momentum in Tenable One, with 41% of new business coming from the platform, an increase from Q1 in the prior year. Customers are increasingly turning to our platform as their solution of choice to manage risk across their attack surface, including AI. We added 406 new enterprise customers in the quarter, an increase of 12.5% compared to Q1 in the prior year, many of which came directly into Tenable One. We added 43 net new six-figure deals, and our net dollar expansion rate landed at 105%. Non-GAAP gross margin was 82.2% for the quarter, an increase from 81.9% in Q1 2025. Once again, we've demonstrated our ability to slowly but steadily increase non-GAAP gross margin year over year, while sales within the Tenable One platform continue to represent a larger share of the total. Non-GAAP income from operations for the quarter was 61.9 million, or 23.6% of revenue. compared to 48.7 million in Q1 2025, an increase of 27.1%. We're beginning to see the first signs of AI-driven operational efficiencies. As our internal use of AI capabilities expands, we're able to minimize headcount growth due to the increased productivity the technology is offering, which is a trend we expect to continue throughout the year. Non-GAAP earnings per share for the quarter was $0.47 compared to $0.36 in Q1 2025, an increase of 30.6%. The increase year-over-year reflects the increase in profitability combined with the decrease in diluted shares outstanding.

Turning to the balance sheet.

Cash and short-term investments totaled $360.3 million. We generated $88.6 million of unlevered free cash flow during the quarter, which is an all-time record and represents 33.8% of revenue. During the first quarter, we repurchased 6.1 million shares for $130 million. and have 207.6 million remaining on our current share repurchase authorization as of the end of the quarter. We continue to believe that our current share price trades at a discount relative to our true value and that utilizing our strong balance sheet and cash flow generation to more aggressively repurchase shares is an effective use of capital. We are realizing the benefit of these share repurchases as our weighted average diluted shares outstanding in Q1 decreased 5% year over year and is now the lowest it has been in more than three years. Turning to the financial outlook for Q2 and full year 2026. For Q2, we expect revenue to be in the range of 263 to 266 million, representing a year over year increase of 7.0% at the midpoint. For full year 2026, we are raising our guidance range to 1.068 to 1.078 billion, representing a year-over-year increase of 7.4% at the midpoint. We expect non-GAAP income from operations for Q2 to be in the range of 61 to 64 million, or 23.6% of revenue at the midpoint. For full year 2026, we are raising our guidance range for non-GAAP operating income to 252 to 262 million, or 24.0% of revenue at the midpoint, representing a year-over-year increase of 210 basis points. We expect non-GAAP net income for Q2 to be in the range of 53 to 56 million. representing a year-over-year increase of 31.5% at the midpoint. For full year 2026, we are raising our guidance range for non-GAAP net income to $222 to $232 million, representing a year-over-year increase of 16.8% at the midpoint. We expect non-GAAP earnings per share for Q2 to be in the range of 46 cents to 48 cents per share, representing a year-over-year increase of 38.2% at the midpoint. For full year 2026, we are raising our guidance range for non-GAAP earnings per share to $1.90 to $1.98 per share, representing a year-over-year increase of 22.0% at the midpoint. We're pleased to have been able to carry forward the momentum we saw in the second half of 2025 into the first quarter and are excited about the growing opportunity we are seeing as customers lean into exposure management to reduce risk. Demand continues to be driven by Tenable One, where we see tremendous benefits both for our customers and as a foundation to continue to drive balanced growth. We hope to see you all at Investor Day on May 21 in Boston, where we will provide even more context around the impact of AI, our roadmap, and midterm financial expectations. Finally, thank you to the entire Tenable team for their contribution to our strong results. With that, we are happy to open the call up for questions. Operator?

Thank you. We will now be conducting a question and answer session. If you would like to ask a question, please press star 1 on your telephone keypad. A confirmation tone will indicate that your line is in the question queue. You may press star 2 if you would like to remove your question from the queue. For participants using speaker equipment, it may be necessary to pick up your handset before pressing the star keys. We ask that analysts limit themselves to one question so that others may have the opportunity to do so as well. One moment, please, while we poll for questions. Our first question comes from Saket Kalia with Barclays. Please proceed with your question.

OK, great. Hey, guys. Thanks for taking my question here. I'll keep it to one. Steve and Mark, it's clear that the newly discovered vulnerabilities through METHOS are driving more interest in exposure management. I think that shows in a lot of your commentary. But I want to zoom out from some of your prepared remarks I guess I'm curious how you think about frontier models longer term in the exposure management space. And maybe specifically, do you think customers are going to look to these models as alternatives to VM tools? Or do they actually heighten awareness on exposure management tools? And therefore, this is maybe more of a compliment to the industry long term. Sorry, I know there's a lot there, but does that make sense?

Yes, Hackett. Hi, this is Steve. I'll take a stab at this. First and foremost, AI is a massive opportunity for Tenable. I want to be very clear about that. Mark and I cannot be more excited, more energized about the opportunity that's in front of us. We are and will partner with the frontier model companies to help our customers reduce risk at machine speed. It is not AI versus security or AI versus Tenable. It is AI enables Tenable technology. In the AI era, it's going to be more infrastructure, more identities, more applications, more agents, and therefore more speed and more exposures. And that's why exposure management is more important now than ever. And so the frontier model companies make us better. It starts with our data. It's something I talked about earlier in the call, the breadth and depth of the data we've collected over two plus decades is unparalleled. We're deeply embedded behind the garden wall and runtime infrastructure. The data we collect is unique. It's based on domain expertise, years of trust, continuous scanning and exposure analysis. This is something that general models can't replicate. And at its core, the frontier model companies are reasoning engines. They're not in the business of deploying agents and sensors on your network, and they're not in the business of deploying those in your OT and industrial control systems environments or auditing configs and scanning images in your public cloud environment, but we are. And that's something that we want to make clear. And the last comment I'll say here is that we're applying AI. AI makes us better, allows us to reimagine the value that we can deliver to customers and the bigger problem that we can solve. The data we have delivers valuable insights to customers so they can take action deterministically to reduce risk. And for that, AI is at the center of what we do to not only augment human operators, but also gives us the critical context to develop a deeper understanding of exposure so we can help our customers provide and orchestrate the fixes and move at machine speed and move at the speed of trust.

Yeah, and listen, I'll just add from the field perspective, literally having hundreds of calls here over the last few weeks, this is a force multiplier for us. You know, the amount of feedback we're getting from our customers, this is a massive opportunity. This is like a game-changing opportunity for us in the exposure management space. And as Steve discussed, it needs to be very clear. We are partnering with Anthropic, and we are partnering with OpenAI. We are building Claude into EXA, right? So when you look at this partnership, it is just going to strengthen tenable and tenable ones. and it will drive more demand, right? There is no question about that, and we're kind of seeing that in these initial conversations. And then when you take what the frontier labs are doing and then building out and continuing to drive our innovation with Tenable One, focus on the entire attack surface, focus on world-class pinpoint prioritizations, Because now when you're dealing with thousands or hundreds of thousands of vulnerabilities, you need to be damn accurate where you need to apply your resources. And prioritization has never, ever been more important and one of the massive gold standards we have here at Tenable. You take a look at the reporting, the governance, the compliance needs you need when you've got this massive tsunami of bonds coming in, the agentic workflows we're now doing with HEXA, the remediation capability, going into OT environments, So it's a bit long-winded, but we've been dealing with this for the last few weeks with customers, and I'm telling you, we feel unbelievably optimistic that this is going to be a force multiplier for the exposure management category moving forward.

That's super helpful, guys. Thanks very much, and look forward to the analyst day.

Our next question comes from Brian Essex with J.P. Morgan. Please proceed with your question.

Hi, good afternoon, and thank you for taking the question. You know, Steve, question for you, you know, we're hearing a lot about security software getting access to budgets outside of traditional IT security budgets, particularly as business unit leaders, you know, slap AI on top of their budgets and get more allocation. And I think you guys alluded to it a bit last quarter. We heard it from Varonis last night, but I wonder if you could update us to your conversations and what you're seeing, maybe the puts and takes involved. Are you getting meaningful incremental budget and is this a tailwind to close rates or are the additional stakeholders extending sales cycles? We'd love just a little bit more color on that. Thank you.

Sure. I think a couple of things here. Certainly with Mithos and other frontier model companies, We have to acknowledge the offense just got an upgrade. And I think we all know that, but our customers know that. I think boards and CEOs also realize that outside of the security community. And so consequently, it means more vulnerabilities, more threats, more exploits. And so there's a window here where adversaries hold an early advantage, and that's exactly why the urgency around exposure management's never been higher. I will tell you this, you know, the... threat of the impending tsunami of new vulnerabilities. We're talking about an order of magnitude of 10 or 20x more than what we currently have today. There's roughly 300,000 CVEs. We're likely to see 3 million, maybe 6 million over the course of time, an increase in the known deaths. I think people realize that the threat's real. This is a security challenge. Boards and CEOs are getting involved, number one. Number two, we will likely see This is not tied to guidance or anything like that that we're providing today, but we will likely see sizable increases in security budgets. We'll likely see a healthy spending environment. We will likely see the acceleration of security projects, not only in the private sector, but also in the public sector. We're having regular and ongoing conversations with the ONCD, the Office of the National Cyber Security Director. They arguably have the best Intel on Anthropic and some of the other frontier model companies. I think they realize what's potentially coming our way and they're moving quickly. So I think all of this creates an incredible opportunity for us in exposure management. And yes, I think it's fair to say Mark can provide more perspective here factoring into every sales conversation.

Yeah, no question. We highlighted it on one of the deals that we discussed, right? There is definitely... spend, you know, and I'll call it there is security AI spend that is becoming clean, and you can see it when you're talking to CISOs, but there's also discretionary spend, right? We saw in a bunch of deals, right, where we're working with the security contacts that we have, where they were then, when we start talking about especially, you know, AI exposure, looking at discovering shadow AI, looking at protecting and configuration best practices for AI-related deployments in the cloud, and governing, there was budget that they pulled in to add on to these tenable one deals. So I think that will become more mainstream over time. It won't be so much discretionary. It will be built in and moved in to the cybersecurity budget. But there's no question, as Steve said, every single call starts off with the AI security discussion. It's that omnipresence.

Great. That's helpful, Collin. Mark, thank you for, I'm sure CISO appreciates you flagging his blog.

So thank you on behalf of him. Very, very, very well done blog, by the way. A lot of people download.

It's phenomenal information there.

Our next question comes from Rob Owens with Piper Sandler.

Please proceed with your question. Rob Owens with Piper Sandler. Okay, we'll move on. Sorry about that. Are you there? Hello?

There you go. I apologize. I had the mute on. I think I'd learn after all this time. Mark, Steve, very bullish comments from both of you, and clearly this could be a watershed moment for the industry overall, but I wanted to pivot a little bit towards sales capacity and noting sales and marketing growing less than 5% year over year this quarter. Maybe help us understand where you guys are from a capacity standpoint as this opportunity is in front of you right now, and what are your intentions with the new CRO in place to maybe lean in a little bit in terms of that sales and marketing line as we move forward? Because I think investors would prefer points of growth over points of margin at this point in your life cycle. Thanks.

Yeah. No, awesome question. And yeah, no question. And as we discussed numerous times, we are laser focused on growth, right? Number one factor here at Tenable is getting the growth accelerated. Yeah, super excited to have a new CRO, Dino DiMarino, who joined Tenable. Our CRO, Dave Ferringa, had retired. We did an incredible job here at Tenable, but Dino is phenomenal. And yeah, you know, has been here for a short time period, but already making an impact. And when we look at sales capacity, it's something literally we look at on a weekly basis. We made some decisions coming into 2026 to add some incremental capacity, and we're actually seeing that pay off, which is great. We are evaluating some of the faster growing regions and countries to look at adding additional sales capacity, especially when we start seeing some of the pipeline growth and we see some of the tenable one activity in some of these faster growing regions. So it is something we are absolutely evaluating. We also, though, are spending a huge amount of time on productivity per seller. So we're using a bunch of AI technology to get more efficiency out of our sellers so our sellers can produce more at a lower cost taking away a massive amount of manual processes and tasks that slowed them down, that took away from customer-facing time. We're removing those obstacles, and we're literally returning a significant amount of time back where our sellers are in front of more customers and partners on a daily basis. So we are all over it. We're evaluating it. We made that move to add some capacity, and we're going to continue to tweak that as we see kind of the productivity improve and we see pipeline build continue to grow.

Yeah, and Rob, this is Matt. I'll just add on to what Mark was saying there. You heard in some of my prepared remarks I called out our use of AI and beginning to see the impact on the efficiency we're gaining there. That's exactly what Mark is talking about there, where we're able to actually increase sales capacity and quota capacity while reducing costs overall because we're rotating those dollars out of other non-quota-carrying areas, and that's helping. We're able to do that through the use of some AI technology.

All right, thank you.

Our next question comes from Adam Board with Steeple. Please proceed with your question.

Great, and thanks so much for taking the question. Maybe just building off the last question around some of the operational efficiencies, Matt, maybe a follow-up is, as you continue to introduce HEXA and introduce more AI into the offerings, and maybe we'll hear a lot more about this at the analyst day in a month, but how do we think about the flip side to the efficiencies with higher spend and the impact that could have on gross margins? Thanks.

Sure. Yeah, as you know, cloud costs are one of our largest expenditures, and it's something that we focus quite a bit on optimizing. But the truth is today we get a better trade in leaning into AI spend and compute power. There's a bigger payoff there on the extra efficiency and capacity that we're able to gain. As you look in total at our P&L, that model that I laid out in terms of adding incremental margin, I think I've said this over the past couple quarters and it holds true today, where that's going to show up is mostly in G&A, a little bit in sales and marketing, a tiny bit in gross margin, and then R&D is probably going to be roughly consistent as a percentage of revenue. And we're doing that through making sure that we're optimizing our cloud costs, for sure, and that gross margin remains strong, but also just optimizing some of the tools that we have at our disposal now, which is really powerful.

Great. Thanks so much.

Our next question comes from Mike Sikos with Needham & Co. Please proceed with your question.

Hey, team. Thanks for taking the questions here, and congrats on a strong start to the year. I just wanted to come back to the... I know CCB is a weaker indicator here, but we've been looking, obviously, at the CCB versus the CRPO and that delta that's widened in recent quarters. It seemed to converge this quarter, and I just wanted to get a better sense of how CCB slash CRPO played out in Q1. Should we expect this convergence to play out, or no, we should expect a widening now over the rest of the year? Any code there would be beneficial. Thank you.

Sure. Yeah, you're going to continue to see some fluctuation there, and the delta between CCB and CRPO will likely bounce around a bit because, number one, seasonality plays a role. And number two, we're continuing to work through an anniversary sum of the noise that we saw in both billings duration and contract duration. So it narrowed this quarter. It will likely widen again next quarter. There's not much to read into there, actually. Having said all of that, we're happy with where our billings came in, our commitments came in this quarter, which gave us the confidence to not only beat revenue for the quarter, but then to take up the guidance for the full year. So we're happy with where things are coming in.

Terrific. Thank you.

Our next question comes from Meta Marshall with Morgan Stanley. Please proceed with your question.

Great. Thanks. Maybe just coming back to the influx of business that you guys are seeing for Tenable One and exposure management, just driven by the AI risk headlines customers are seeing, Do you think that they have enough knowledge of what, you know, that customers have enough knowledge of what they need or what the potential weaknesses are to speed up decision-making processes? Or are they still, you know, are some of these sales cycles potentially longer just as they try to evaluate kind of what the changes to the environment are? Just any reflection on sales cycle.

Yeah, no, no, totally. Very, very good question. A couple points there. We are still doing a lot of education. As we hit on in the beginning of this call, we've taken hundreds of calls over the last few weeks with customers literally asking for our advice, giving them guidance, getting on the phone and Zoom sessions with our CISO and getting guidance and leadership from that perspective. Just to put a small example, we're actually doing a webinar in 24 hours in regards to doing some education around the frontier AI models, and we have over 1,000 people registered. It's one of the fastest 1,000-person webinars we've generated since the last 12 to 13 months. So incredible amount of evangelizing and education. We are sensing now that people are getting it. Like these conversations are going from less of an enablement in education, saying, okay, let's come in here, let's talk about exposure management, let's talk about tenable one, what would be the deployment strategy, how do we get full visibility across the entire attack surface, and then digging in on some of the relationships and partnerships that we've got with Anthropic and OpenAI and building some of that capability in the product. So there's still some evangelizing education, but customers are definitely getting smarter. And as I said before, we see it as a tailwind here in 2026.

Great. Thanks so much.

Our next question comes from Jonathan Rexhaver with Cantor Fitzgerald. Please proceed with your question.

Yeah. Nice execution. So I'm just curious if you could comment on the platform expansion opportunity relative to new ads. We did see a nice uptick in six-figure customers sequentially. So how should we be thinking of that platform customer growth versus expansion? It does seem like there's a nice opportunity as well to drive NRR incrementally higher as we move through the year. How are you looking to balance those two growth drivers?

Hi, this is Steve, Jonathan. I would say, look, in any given quarter, there's always some variability between expansion opportunities and pipeline opportunities for new customers. This quarter, the number of new customers was extraordinarily strong. It was 400 plus. It was one of our stronger quarters. Specifically here in Q1, we're off to a great start. So we're really pleased with the ability to continue to take and win customers that we've never had a relationship with. Customers who recognize and appreciate the importance of exposure management in the authentic era. The expense rate, Matt can provide more color about it, but played out as expected. But expansion remains certainly a big opportunity for us. We have one of the largest customer bases in all of security. We have certainly demonstrated an ability to move customers into the exposure management platform, into Tenable One, to drive higher selling prices, and remains certainly a focus for us going forward.

Yeah, I would just add there, we were pleased with with the new business, which includes new and expansion business, into Tenable One in Q1, we saw 41% of that new business coming into the platform, which is an increase year over year of about 8 percentage points. So it was a nice uptick there, and we expect to continue to carry that momentum forward.

Helpful. Thank you.

Our next question comes from Michelle Ayal with TD Cohen. Please proceed with your question.

Congrats on the performance and the little beat and raise. Steve, on that seven-digit EMEA win, can I ask how many vendors did you displace or consolidate?

Yeah, hey, Mark here. Yeah, so we consolidated one major player that was in there, that was an incumbent that was in this account for multiple years. This was a strategic decision that they were working on. out of the Middle East, and you guys, everyone knows all of the distractions and the geopolitical situation over there. So for them to make a move off an incumbent player, an incumbent VM player, and move to Tenable One, I think shows you the power that we are able to show and be able to give this customer around not just Tenable One, the platform, But being able to evaluate and look at all of those incremental assets that they're struggling to get visibility on, which is one of the biggest drivers. And so it was a one vendor situation that we replaced an incumbent that was in there for multiple years. Great tenable one victory.

Thank you so much for that. Appreciate it.

Our next question comes from Rudy Kissinger with DA Davidson. Please proceed with your question.

Hey, guys. Thanks for taking my question. Matt, when I asked about CRPOs, I know the CRPO growth has actually been trending ahead of revenue growth, basically for the same reason as why CCP has been below. But we saw that B-cell three points from 13% last quarter to 10% this quarter. Any comment there you can, or colors you can provide and just what drove that decel and how that line should trend throughout the year? Yeah, thanks for the question. There is seasonality at play. So if you look at kind of growth rate quarter on quarter from Q4 to Q1 in any year, typically there is a downward tick on CRPO. And so that's at play. And then there's also the normalization of some of the contract duration noise that was in that number. That starts to work its way through as we anniversary some of the policy changes that we had. And so that creates some noise in there as well. I do expect that that number is going to continue to fluctuate quarter to quarter throughout the year. And as I mentioned a few moments ago, The delta between CCB, let's say, and CRPO is likely to continue to fluctuate as well.

Our next question comes from Gray Powell with BTIG.

Please proceed with your question.

Okay, great. Thank you very much for taking the question. So, as I listen to this call, I mean, I got to say that the commentary around customer conversations and everything that you're saying about the elevated demand for exposure management just in the last month, it sounds really good. At the same time, the second half revenue guide is at about 6.5% versus a little over 9.5% in Q1. And I get that you're normally conservative. I understand that a lot of these developments are very recent, so you probably don't want to bake it in. But I guess I'm just trying to think, like, how should we think of the conservatism within guidance? And then, like, are there any underlying metrics we should be focused on going forward to prove out the bull case thesis?

Yeah, sure, sure. Yeah, I think the way to think of it is, that we came in over the top of guidance for revenue Q1, and then we're raising for the full year, which should hopefully communicate a level of conviction that we have on the rest of the year. At the midpoint, we took it up, well, actually across the entire range, we took up the full year revenue guide. And the reason we're able to do that is because of a lot of the commentary that you've heard here. It gives us that confidence. Now, of course, when you have... The midpoint of the guide for revenue is 7.4%, and you have a quarter like we just did in Q1, which is 9.6%. Obviously, the averages are going to work out such that there's something less than 7.4 to get to that number. But the takeaway is, as we sit here a quarter later, net-net, we're in a better position now than we were a quarter ago. We're feeling more bullish. We're feeling more convicted on the year. And that is what has allowed us to raise the guide for the full year.

That's really helpful. Thank you.

Sure. Our next question comes from Junaid Siddiqui with Truist Securities. Please proceed with your question.

Great. Thank you for taking my question. You've talked about remediation as the next major chapter in exposure management and a large greenfield opportunity. With the launch of Hexa AI, how do you position Tenable 1 as a system of action, not just inside-in? Where do you believe Tenable can establish a durable leadership position in driving measurable remediation outcomes versus other exposure management platforms?

Yes, like over the years, this is Steve, we've evolved from helping customers understand risk to helping customers reduce it And now in the agentic era to do that in a very deterministic way, moving at machine speed. You know, we're not in the business of building the bigger, to build the bigger telescope to watch the meteor hit. We're in the business of helping our customers reduce risk. And it all starts with the data, which we talked about earlier, but a little more color really on HECSA. It'll generally be available here in the second quarter. TEXA automates complex multi-step workflows and leverages our exposure data and turns it into action. I mean, there's a couple of types of action here and pain points that we're solving for our customers. Number one, reducing the manual toil and the drudgery, as we would say, for security practitioners. What a line rate on a wide range of manual tasks such as grouping and tagging. things that just take an extraordinary amount of time, but may take weeks here, days, we can do in short order, even in minutes. And more importantly, and this is really the bigger mandate for us, which is we can take action via pre-built agents or custom agents that practitioners can build either to patch or change configs or apply a compensating control to reduce risk. It's the action here that really matters and really depending on the maturity and the sophistication of the customer, we can do that autonomously with guardrails. We can do that with a human envelope to ensure that the action is taken in the right manner. But in the agentic era, it's really the fewest actions with the biggest impact that really matters. And that's our mandate. That's been our mandate since day one. This is exposure management's a category that we've created. It's one we're continuing to refine and evolve. and we are the unequivocal leader here. So excited about the opportunity and what AI means for us and the ability to solve the bigger problem for our customer.

Our next question comes from Todd Wheeler with Stevens.

Please proceed with your question.

Thanks for the question. Steve, to piggyback on that question, could you talk about how HEXA AI is packaged and priced, just trying to get a sense of kind of the monetization strategy for it? Thank you.

Yes, as I mentioned earlier, we have customers that have been using it with great success, and we're getting some tremendous feedback on it. It will be generally available here in the quarter. We have launched new pricing and packaging here with a foundational package. We have an advanced package. And HEXA will be available either in full form in the advanced model. We want customers to be able to use it, perhaps with greater tokenized access with HEXA in the advanced model. But HEXA will play an important role here in helping us drive our ASPs higher and developing better engagement and creating better outcomes for our customers and certainly solving the exposure management problem. So, you know, more to come on that, something we'll talk about really probably over the ensuing weeks, but we're excited about bringing HEX in the market.

Our next question comes from Jonathan Ho with William Blair.

Please proceed with your question.

Hi, good afternoon, and congrats on the strong results. You know, one thing I wanted to understand a little bit better is how are you partnering with Anthropic and OpenAI today, and can you maybe help us understand, you know, how that partnership might differ from Project Glasswing or some of the other broader platform players? Thank you.

Yeah, I mean, listen, I'll kind of kick it off, and Steve might have one or two comments. But listen, you know, what we can say is we have a very good, close relationship with both Anthropic and with OpenAI. Okay. So we're working with these folks on a bunch of different fronts. We're obviously using their technology to actually build Tenable One and build HEXA. We're taking actually their product. We're building Claude into HEXA. So there's a great partnership opportunity there. And so this is something that We've been working on for a while. We'll continue to work and continue to expand that relationship as they continue to expand their partner program and their partnering with different cybersecurity vendors. So this is something that we're extremely optimistic about and the attitude that they're coming to us with where it is truly partnering. It is this combative situation that I think a lot of people have in their minds. that they're coming after and trying to, you know, take over all of software. I mean, they're working with us, partnering with us. You know, they've got embedded engineers, you know, that we're going to be working with, with our engineering teams. There's just a massive amount of partnering that is going to be a huge benefit to the cybersecurity industry, not just Tenable, but the entire industry. So we're going to continue to drive it, and we're off to a great start with both OpenAI and Anthropic.

Yeah, and the one thing I would add there, just to play off what Mark said, which is, you know, we can't comment on all the specifics. What we can say is Mark mentions that we're in active and ongoing conversations with Anthropic and OpenAI on a wide range of initiatives that gives us access to non-public models. We can say we're partners of OpenAI's TAC program, which is the Trusted Access Program. for cyber program, so that will empower our researchers to be able to do greater, higher levels of innovation and do that more efficiently. So, you know, the takeaway here is we're doing joint research with the frontier model companies to help defenders leverage the most sophisticated models to fight AI with AI, and we're bringing that technology to market in our technology stack by embedding it in every level of platform. Certainly excited about what's the opportunity to continue to work with them.

Our next question comes from Joshua Tilton with Wolf Research.

Please proceed with your question.

Hey, guys. Thanks for sneaking me in here. Maybe just one on my end. I totally appreciate and understand all the commentary around the urgency you're hearing from your customers. as everybody, I guess, sort of freaks out ahead of this mythos launch. I guess what we're trying to reconcile and the question that we're getting from investors is just help us bridge that sense of urgency and everything that you're hearing from your customers with the short-term bookings growth this quarter of 0%. I think you addressed some of that around timing in an earlier question, but any incremental color that you can help us with there would be very helpful. Thank you so much.

Sure. Yeah, Josh, I'll take that. This is Matt. The short-term bookings growth, if you're referring to CCB, that was up 9.2% this quarter year over year. But I think to the broader comment around when is this going to show up in the numbers, this is still early, right? So it does take time for some of this to play out. I think the takeaway and what we're trying to communicate here is though it's early, we're seeing all the signs that point to it being a massive opportunity for us. And the takeaway is that as more vulnerabilities are exposed, exposure management becomes that much more important for our customers to be able to put those vulnerabilities in the context of their own environment and how that impacts them and then prioritize what to fix. That's really critical. So for us, the takeaway is, look, exposure management is has never been more important. It will continue to be increasingly important as some of these models continue to discover more vulnerabilities. And, of course, that ultimately, the idea that ultimately that makes its way to the numbers, of course.

Any incremental color on the CRPO bookings growth?

No, nothing more than what I've said. I guess I can say it came in line with expectations. It was not a surprise to us. It will continue to, like I said, fluctuate in the delta between CCB and CRPO. But no, it came in line with expectations. And again, it's what gave us confidence to be able to raise the full year revenue guide. So we feel good about it.

Super helpful. Thank you so much. Thanks, Josh.

Our next question comes from Srinik Kothari with Robert. Baird. Please proceed with your question.

Yeah, thanks for taking my question. So really great to see the hundreds of early customer conversations around Frontier model, what we discovered. You did announce the Flex style pricing and how it can be central in removing procurement and budgeting friction. So just curious, how do you think about the unlock opportunity here and And do you see like a clear shift in confidence from customers that they are now excited to kind of scale spending and utilization, especially in light of this AI-driven tsunami, as you described, without having to sort of rebuy that budget conversation? Just any comments on that and timing-wise, how do you see that unlock play out? Thank you.

Yeah, no, I mean, it's been extremely, extremely well received. We put a press release announcing the pricing change. We obviously have been working with our channel partners. We're 100% channel driven company. And so we gave early access to a bunch of our partners, got tremendous feedback. And yeah, we absolutely view this as something that is going to allow customers to to expand with us very, very easily. The way we now have taken out some of the complexity around our older pricing model and really having just one price per asset and a single license model, WeView is going to be able to drive expansion of asset types. So kind of think about if you were just a VM customer using OT, you now have a one license pricing model where you can easily be able to expand with not a lot of heavy lift from procurement to add cloud, to add AI, to add web application scanning, to add attack surface management, and be able to spin that up and down based on where you see demand. So this was a big initiative within Tenable, and this was very much a collaborative effort with our partner community and our customer base to make sure we dialed this in correctly. And so, yeah, we are very optimistic. This will remove a lot of friction and will drive expansion within the base.

Got it. Thanks a lot.

Our next question comes from Roger Boyd with UBS. Please proceed with your question.

Great. Thanks for taking the question. I wanted to touch on the buyback, a pretty substantial step up there. Free cash flow generation remains strong. Matt, I appreciate your commentary here, but we'd love for you to kind of expand on how the buyback factors in the capital allocation in the current environment and how you're thinking about that relative to M&A and other organic investment. I know Steve talked about investing in the sales force earlier as well too. So yeah. And any thoughts there would be great. Thanks.

Sure. Yeah. Um, Yeah, we were pleased to be able to lean in to the share buyback this quarter. As we announced last quarter, we had an increase to the share repurchase authorization, and we've been accelerating the pace of repurchases. So in Q1, we repurchased 6.1 million shares for $130 million, and that's because we believe that the stock is trading at a price that doesn't represent true value. We continue to believe that share buybacks are a good use of capital. And so we're going to continue to repurchase shares. We maintain, though, the capacity for opportunistic M&A as well. We've got a very strong balance sheet. Cash position is strong. Got access to debt. And so should the right thing come along, of course, we can be opportunistic there. So this in no way limits that. But we do believe that this is the best use of capital right now just simply because of where our share price is trading.

Thanks very much.

We have reached the end of our question and answer session, which concludes today's teleconference. You may disconnect your lines at this time. Thank you for your participation.