This conference call transcript was computer generated and almost certianly contains errors. This transcript is provided for information purposes only.EarningsCall, LLC makes no representation about the accuracy of the aforementioned transcript, and you are cautioned not to place undue reliance on the information provided by the transcript.
spk11: Good day, everyone, and welcome to the rubric first quarter fiscal year 2025 results conference call. At this time, all participants are in a listen-only mode. Later, there will be an opportunity for a question and answer session. If you would like to register to ask a question, please press the star and 1 on your telephone keypad. and you may withdraw yourself from the queue at any time by pressing star 2. Please note today's call will be recorded and I will be standing by should you need any assistance. It is now my pleasure to turn the conference over to Melissa Franke, VP and Head of Investor Relations. Please go ahead.
spk00: Hello, everyone. Welcome to Rubrik's first quarter fiscal year 2025 financial results conference call. On the call with me today are Bipul Sinha, CEO, chairman, and co-founder of Rubrik, and Karen Chowdhury, chief financial officer. Our earnings press release was issued today after the market closed and may be downloaded from the investor relations page at www.ir.rubrik.com. Also on this page, you'll be able to find a copy of today's prepared remarks and a slide deck with financial highlights that, along with our earnings release, include the reconciliation of GAAP to non-GAAP financial results. During this call, we will make forward-looking statements, including statements regarding our financial outlook for the second quarter and full year fiscal 2025, our expectations regarding market trends, our market position, opportunity, including regarding generative AI and growth strategy, product initiatives, and expectations regarding those initiatives, and our go-to-market motions. These statements are only predictions that are based on what we believe today, and actual results may differ materially. These forward-looking statements are subject to risks and factors that could affect our performance and financial results, which we discussed in detail in our filings with the SEC, including our final prospectus filed with the SEC pursuant to Rule 424B, dated April 24, 2024. Rubrik assumes no obligation to update any forward-looking statements we make on today's webinar. With that, I'll hand the call over to Bipul.
spk14: Thanks, Melissa. And thank you, everyone, for joining us for the first quarterly earnings call as a public company. Rubrik's first fiscal quarter of 2025 was another quarter of strong and efficient growth. We finished Q1 with subscription ARR of 856 million, growing 46% year over year, and average subscription dollar-based net retention rate of over 120%. We now have 1,859 customers with over $100,000 in subscription ARR, including 114 customers with over 1 million in subscription ARR. I am pleased with our first quarter results and I believe we are well positioned to take advantage of the massive market opportunity created by explosion of data, especially by AI. I would like to thank 3000 plus rubricans who worked so hard to carry out our mission of securing the world's data and are helping to pave the way for a more secure and digital future. As this is our first earnings call, I want to share with you some context on our journey. We founded Rubrik in December 2013, and our mission is to secure the world's data. We believe that data is every organization's most valuable asset. As the world has digitized, we have seen exponential growth in data. Today's modern enterprise has massive data sprawl across multiple categories including cloud data, enterprise data, and SaaS applications. Additionally, generative AI breakthroughs have lowered the barrier to enterprise AI adoption and we believe will add another layer of growth in data that needs to be secured. This data sprawl has expanded the surface area of potential attack and has left organizations vulnerable in the face of an exponential rise in the amount and complexity of cyber attacks. According to a survey by our own rubric Zero Labs, 94% of IT and security leaders reported a significant cyber attack last year, and one-third of these victims endured at least one ransomware attack. The cybersecurity space has focused on cyber prevention strategies for the last 20-30 years, which is clearly not enough given the increasingly rampant and sophisticated attacks on the critical data. Building taller walls and wider modes cannot prevent attacks from getting to the data. On the other hand, the legacy backup and recovery solutions have been highly ineffective for cyber recovery because their architecture was built for operational recovery. They were not designed to enable reliable recovery from cyber attacks, In fact, the infrastructure of legacy backup and recovery itself is vulnerable to cyber attacks. While cyber recovery prevention strategies are important, enterprises need to assume that cyber attacks are inevitable. We believe enterprises have to have a comprehensive cyber resilience strategy to be able to quickly recover from a cyber incident and minimize operational disruption in the midst of cyber breaches and attacks. Rubrik was founded on a vision to deliver business resilience by securing the most critical asset of any organization, that is data. Our idea was to take the backup and recovery concepts and combine it with modern cybersecurity principles into a brand new software platform to deliver complete cyber resilience. At the outset, we built a unique zero trust architecture that combines data and metadata from business applications across enterprise, cloud, and SaaS applications to create self-describing data as time series. Self-describing data includes application context, user identity, data sensitivity, and application lineage. This allows us to apply artificial intelligence and machine learning directly to the business data to understand emergent data security threats and deliver cyber resilience against cyber attacks. In fiscal 2023, we introduced Ruby Security Cloud, or RFC, which provides a single platform to help enterprises secure their data across enterprise, cloud, and SaaS applications. RFC combines data protection and cyber resilience into a single cloud-native SaaS platform that detects, analyzes, and remediates cybersecurity risks and unauthorized user activities across all enterprise data states. This platform is architected to help organizations achieve cyber resilience, which encompasses cyber posture and cyber recovery. Our platform is ultimately designed to enable organizations to confidently accelerate digital transformation and leverage the cloud to realize business agility. Our unique and purpose-built Zero Trust data security approach is first of its kind and differentiates us from the alternative solutions our customers have access to. I would like to expand upon why we believe we win in the marketplace. First, our Zero Trust architecture combines backup and recovery and cybersecurity in a single software platform that significantly shrinks the tag surface that exists with legacy solutions. Our zero trust data security platform assumes that IT infrastructure will be breached and nothing can be trusted without authentication. As a result, our architecture delivers data availability that withstands adverse conditions and allows businesses to restore their data when infrastructure is attacked. We have a history of pioneering innovation as highlighted by our recent win of two Global InfoSec Awards for pioneering cyber resilience, and pioneering data security posture management. Second, our cloud-native Rubrik Security Cloud offers customers a single point of control from one user interface to secure data across disparate sources, including enterprise, cloud, unstructured data, and SaaS applications. We build products on top of Rubik's Security Cloud to address a myriad of use cases that help our customers achieve cyber resilience from hardening their data security posture to recovering from a cyber attack. As an example, we recently announced the general availability of DSPM everywhere. We believe this is the industry's only data security product suite that combines data security posture or DSPM with cyber recovery designed for complete cyber resilience. Our DSPM solution provides visibility into where all of an organization's data lives, who has access to the data, how is it being used, and sensitivity of the content, therefore reducing the risk of data exposure and exfiltration. This comes On the heels of our acquisition of Laminar, the leading DFTM company focused on the cloud. Third, we offer customers simplicity and ease of use at scale. From the beginning, we have built our platform to be easy to use from deployment to ongoing operations, even when managing complex environments at large scale. Our platform is also fully extensible with APIs that enable the integration with organizations, ecosystem of technologies and systems. This differentiated approach allows us to integrate end to end with an array of cybersecurity products, extending protection from the perimeter to the data layer. We are further enhancing our leading products by partnering with other leaders in the broader cybersecurity landscape. In Q1, we announced a new strategic partnership with CrowdStrike, which unifies rich data-centric attack context from RSC with security telemetry from CrowdStrike's Falcon XDR platform. With this partnership, enterprises gain context-rich insights, such as attack behavior and critical data being targeted. That drives accelerated detection, investigation, and recovery Organizations can unify security and IT operations and focus effort on protecting critical data. We also have a strong partnership with Zscaler, who recently awarded Rubrik as its emerging tech partner of the year. Zscaler and Rubrik partnered together to help customers secure sensitive data by combining Rubrik's data at rest intelligence with Zscaler data in motion security. We are incredibly proud of the success we have seen to date with RFC and its adoption by leading global organizations. In Q1, we continue to see a strong new logo addition as well as expansion from existing customers. Today, we have over 1,800 customers with 100,000 or more in subscription ARR up from 1,300 in the year-ago period. We secure data for many large organizations across all major verticals. But I will detail two notable new lands in the healthcare space. First is a new Fortune 50 health insurance provider with a multi-million dollar ARR transaction. After an audit found the company was unlikely to recover from a mass cyber event, its board of directors mandated the evaluation of alternatives to its existing legacy backup and recovery footprint. The company conducted a thorough proof of concept and selected rubric to address the organization's requirement to mitigate the risk and impact of a cyber attack. The customer purchased our full cyber recovery offering, which included RSC enterprise edition with cloud native protection for the company's critical data across its enterprise, private cloud, and public cloud environment. Another example in the healthcare space is a large healthcare provider who replaced their legacy backup and recovery provider after a significant ransomware attack that resulted in a lengthy outage and an inability to recover critical data. After careful evaluation with board-level visibility, this organization selected RSC Enterprise Edition with unstructured data protection to secure workload on-premises and in the cloud. The customer selected Rubrik because of our ability to address their cyber resiliency needs for both on-premises and cloud workloads from a single pane of glass. The company also purchased Rubrik data security posture management from our laminar acquisition to reduce sensitive and regulated data exposure and manage exfiltration risk across their cloud workloads. we have seen meaningful multidimensional expansion within existing customer accounts. Our average subscription dollar-based net retention rate in Q1 was over 120%. As customers increase the data they secure with us, adopt new workloads and applications secured with Rubrik, and upgrade their subscription to higher-valued editions. This quarter, we saw a seven-figure upgrade and expansion deal at a large agricultural organization. This organization upgraded from our Foundation Edition to the Enterprise Edition with unstructured data protection, noting rubric anomaly detection and threat monitoring as significant value drivers. This organization also expanded their use of rubric cloud native protection to secure their large cloud data footprint and to save cost relative to cloud native data. In addition to our continued success, we also want to highlight our future growth opportunities and areas of strategic focus. We believe there is a large and growing market opportunity for our RSC platform as more customers move their applications and data to the cloud and as generative AI amplifies demand for securing unstructured data. We plan to continue to invest in the development of RSC and in our accompanying go-to-market motion to capitalize on this opportunity. We have a history of innovating with disruptive technology, and we intend to continue to make significant investments in research and development to further increase our product differentiation. This includes new data security functionality, the continued expansion of applications secured by rubrics, and generative AI applications that will help organizations achieve business resilience and improve productivity. Now let me address the area we are focused on from the go-to-market perspective. As a quick background, we sell our subscription offerings into the mid-enterprise and above through our channel partners. At the high end, our field sales work with regional and global system integrators. At the lower end of our market, we use inside sales and value-added resellers. We are focused on growing our customer base. We believe any organization with any application and data of any significance is a potential rubric customer. As cyber attacks increase in scale and sophistication, amidst accelerated digitization and ever-evolving data regulation, organizations are rethinking how to secure data across the entirety of their topologies. We continue to invest in customer acquisition to meet the growing needs of these organizations seeking to achieve data security. We are also focused on expansion within our existing customer base by continuing to move customers to our more premium subscription edition and by covering additional scale and scope of data managed, particularly as cyber resilience is a growing focus in cloud and SaaS environments. We continue to refine our go-to-market to accelerate cross-sell of our newer solutions, such as DSPM, and newer application footprint in SaaS and in the cloud. Lastly, we believe we have a substantial international opportunity as international organizations struggle with the same data protection and security challenges that we are currently solving for our U.S. customers. We plan to continue to expand our global footprint into existing and new international markets. We generated approximately 32% of our total revenue in fiscal 2024 from customers outside of the US, which highlights the room for growth. In closing, I would like to thank all Rubricans, our customers, partners, and investors for their support and dedication in helping us achieve the important milestone of becoming a public company and being partners on our journey ahead. We are proud of our mission of securing critical business data, enabling enterprises to remain resilient in the face of cyber attacks and helping them accelerate their digital transformation. Our Zero Trust architecture is unique and positions us as a differentiated leader in a large marketing transition and filled with legacy incumbents. Our strong Q1 results highlight this exciting market opportunity, our multiple drivers of growth, and our strong go-to-market execution, key components to building an enduring company. We are on a mission to secure the world's data, and we are just getting it started. With that, I will now turn the call over to Kiran to review our financials. Kiran.
spk15: Thank you, Bipol, and good afternoon, everyone. I'm pleased to report that we delivered a strong start to fiscal 2025 with strength across all our key operating metrics, including subscription ARR, subscription contribution margin, and free cash flow. Rubric was started 10 years ago with a vision of data security and cyber resilience, and our recent performance highlights the momentum around this market transformation. Before we go through our financial performance for the first quarter, I'd like to give you a brief overview of our business model to contextualize our results. Unless otherwise noted, Growth rate comparisons are on a year-over-year basis. We launched our first commercial product, Converge Data Management in fiscal 2016. This platform combined data and metadata into a single layer of software to provide zero trust data protection. This was our original data protection platform that secured enterprise applications and was sold under a perpetual license with associated maintenance contracts. By fiscal 2020, we had expanded the use cases of our platform to secure cloud-native applications, in addition to enterprise applications. We rebranded Converged Data Management to Cloud Data Management, or CDM, and introduced our first subscription term-based licenses. By this time, we had also launched our first SaaS data security products, which was built on top of our cloud data management platform. This includes ransomware monitoring and investigation, which is known as anomaly detection, and Sensitive Data Monitoring and Management, which is now known as Sensitive Data Monitoring. We sold the solutions on a standalone basis. In fiscal 2023, to meet customer demands for data security and a single unified cloud-based control plan, we launched Rubric Security Cloud, or RSC, after five years of R&D. RSC provides one point of control to secure data regardless of where it lives across enterprise, cloud, and SaaS applications, and this enables seamless adoption of RSC by our customers. In addition, as part of our cloud transformation, we began transitioning the sale of rubric-branded appliances, which our customers use to secure enterprise data from us to our partners. Today, we primarily sell RSC subscriptions. We currently go to market with RSC in the form of subscription editions, Foundation, Business, and Enterprise. We also recently announced the Enterprise Proactive Edition, which includes DSPM everywhere. These additions all offer data protection for the data types our platform can secure, and there are data security products that are included in each subscription tier. We price our additions primarily based on data volume secured and data security capabilities. Our key top line metric is subscription ARR, which we believe best illustrates our success in acquiring new customers and maintaining and expanding our relationships with existing customers. Our cloud ARR includes RSC, as well as our mostly previously sold standalone SaaS-based data protection and data security products. We ended the first quarter with subscription ARR of $856 million, up 46%. Net new subscription ARR was $72 million, up 32%, a record high over the last year. These strong results were driven by the combination of solid new logo LANs, ongoing customer expansions, large transactions, and strong linearity. We also had notable strength in large transactions in the quarter, as highlighted by some of our earlier customer stories. We now have 114 customers with over $1 million in subscription ARR, up from 99 last quarter and 71 in the year-ago period. Of the 46% subscription ARR growth in Q1, we believe approximately 3 percentage points are a result of transitioning our existing maintenance customers to Rubrik Security Cloud. This compares to 4 percentage points of benefit last quarter and 13 percentage points in the year-ago period. We expect this benefit will continue to moderate over the next few quarters. We continue to drive sales of our SaaS solutions as evidenced by our cloud ARR of $606 million in Q1, up 104%. We have a compelling land and expand model that allows for a significant expansion opportunity after our initial contract. The three main vectors that drive expansion with our customers are, one, the growth of data from applications already secured by Rubrik, two, additional applications secured on our platform, and three, adoption of additional data security products. Our four-quarter average subscription dollar-based net retention rate was over 120% in Q1, and we saw a 41% increase in customers with subscription ARR of $100,000 or more to $1,859. We have rapidly progressed through our cloud transformation. Our subscription revenue was $172 million, representing 92% of total revenue. Subscription revenue growth was 59%, as headwinds to our revenue growth from more rentable revenue are moderating. Total revenue was $187 million, up 38%. Before turning to gross margins, expenses, and profitability, I would like to note that I will be discussing non-GAAP results going forward, unless otherwise noted. As a reminder, our GAAP financial results, along with the reconciliation between GAAP and non-GAAP results, can be found in our earnings press release and supplemental financials. We are focused on delivering strong gross margins, improving our subscription ARR contribution margin, and growing free cash flow. Our non-GAAP gross margin was 75% in Q1 compared to 74% in the year-ago period, driven by a change in product mix including the transition of the sale of rubric branded appliances from us to our partners and the improved efficiency of our customer support organization. This was partially offset by higher cloud hosting costs due to the development and growth of our SaaS solutions, which we expect to continue to scale in the future. We look at subscription AR contribution margin as a key measure of profitability. This is calculated as subscription AR less non-gap cost of subscription revenue and less non-GAAP operating expense and then divided by subscription ARR. We find this to be a more relevant metric to demonstrate improvement in operating leverage than operating margins or free cash flow because it removes the impact from our cloud transformation as well as changing billings and payment terms. We believe the improvement in our subscription ARR contribution margin demonstrates our ability to drive operating leverage at scale. Subscription ARR contribution margin was negative 11% in Q1 compared to negative 32% in the year-ago period as we saw strong subscription error growth and efficiency gains across the business. Operating expenses this quarter also included $23 million in employer payroll taxes associated with our IPO. Adjusting for this one-time expense in Q1, our subscription error contribution margin would have been negative 8%. Pre-cash flow is negative $37 million compared to negative $23 million in the year-ago period. This quarter included a cash outlay of $21 million for the aforementioned employer payroll taxes associated with our IPO. Adjusting for employer payroll taxes, the improvement in free cash flow is higher due to higher sales and favorable timing of some customer payments. Turning to our balance sheet, we completed our IPO in April, which resulted in proceeds of $710 million net of underwriting discounts and commissions. We ended Q1 in a strong cash position with $606 million in cash, cash equivalents, and short-term investments, and $297 million in debt. Before I walk you through our outlook for Q2 and the full fiscal year 2025, I would like to provide some context around our guidance. We continue to see strong secular demand for our solutions. As Rubrik becomes a more strategic investment for large enterprises, we have increasing exposure to large transactions. the exact timing of which can vary between quarters. We had an exceptionally strong ARR performance in the first quarter, in part driven by some large transactions. Our guidance takes a prudent approach as it's early in the year and we still face an uneven macro environment. That being said, we have a robust pipeline and we remain confident about the demand for our differentiated offerings and the powerful secular trends fueling our growth. In addition, we'll continue to progress through our cloud transformation and cloud ARR will continue to grow faster than subscription ARR. We expect the benefit to subscription ARR growth from existing maintenance contracts to subscription to continue to taper down to low single digits through fiscal 2025. The headwinds to revenue growth from increasing gradable revenue and transition away from commodity rubric branded appliances will continue to moderate in fiscal 2025. Revenue and revenue growth can fluctuate due to a number of variables, including the pace at which we add new RSE customers and the pace at which we continue to migrate our existing customers to RSC. As an example, if we generate more cloud ARR related to non-cloud ARR than we expected, or if fewer existing customers than we expected need transition licenses because they fully migrated to RSC, we will have lower revenue in the near term because of the ratable nature of cloud revenue recognition. Because of these dynamics, we point to subscription ARR as our key top-line metric. In terms of operating investments, we continue to invest in go-to-market and R&D to drive innovation in the large and growing market we operate in. We assume billing duration and payment terms continue to contract modestly through fiscal year 2025, which will be headwinds to free cash flow. Hence, we point to subscription ARR contribution margins to measure operating leverage. Now turning to guidance for the second quarter of fiscal 2025. For the second quarter of fiscal 2025, We expect total revenue in the range of $195 million to $197 million, implying 29% to 30% growth as the cloud transformation headwinds continue to moderate. We expect non-GAAP subscription ARR contribution margins between negative 13.5% to negative 12.5%. We expect non-GAAP EPS of negative 50 cents to negative 48 cents based on approximately 179 million weighted average shares outstanding in the second quarter. For the full year fiscal 2025, we expect subscription ARR in the range of $983 million to $997 million, reflecting a year-over-year growth rate of 25% to 27%. To help with modeling seasonality for the year, we expect the net new ARR in the first and second half of the year to be roughly equal. We expect total revenue for the full year fiscal 2025 in the range of $810 million to $824 million, implying 29% to 31% growth. We expect non-GAAP subscription ARR contribution margins between negative 12.5% and negative 11.5%. We plan to continue to invest in this enormous opportunity ahead of us while delivering efficient growth at scale. We expect non-GAAP EPS of negative $2.35 to negative $2.25 based on approximately 154 million weighted average shares outstanding for the full year. We expect free cash flow of negative $115 million to negative $95 million, or negative $92 million to negative $72 million without the one-time payroll taxes related to the vesting of equity awards in connection with our IPO. In closing, we are proud of our performance this past quarter and look forward to continuing the momentum into year-end and beyond. With that, we'd like to open up the call for any questions.
spk11: At this time, if you would like to ask a question, please press the star and 1 on your telephone keypad. You may withdraw yourself from the queue at any time by pressing star 2. We do ask that you limit yourself to one question to allow time for everyone to ask their question. We'll move first to Cash Rangan with Goldman Sachs. Your line is open.
spk16: Hi. Thank you very much, Bipol and team. Congratulations on your IPO and the first quarter as a public company. Bipol, if you could talk about the month of April and also the month of May, the last month of the quarter and the first month starting the quarter. Did you notice any changes in business conditions? And one for you, Kiran, to just keep it short and sweet. What are the fundamental drivers of free cash flow? conversion from revenue, be it unit economics, cost to acquire, lifetime value of the customer. How should we think about Rubrik's position to be able to generate free cash flows in the future? Thank you so much.
spk14: Thanks, Kash. Appreciate it. In the month of April, we did not see any significant change in the customer buying behavior. Having said that, macro environment remains uneven, and as a newly established public company, we are prudent in our approach. But in the month of April, we didn't see any significant change.
spk15: Akash, I'll just add here on your question on free cash flow. So as you know, we collect cash upfront in our transactions. So we benefit from that. But fundamentally, free cash flow leverage is driven by operating leverage. And for us, operating leverage, the best metric right now through our cloud transformation is the sub-ARR contribution margin, which we have improved over the past few years. So that will be a key driver and obviously the collections dynamic, which we're increasingly collecting more annual payments, but multi-year payments are still the majority. Those are the two drivers for free cash flow.
spk16: And just on the subscription gross margin, what are the drivers? Is it scale or cost of acquisition, improved retention, improved upsell? What cost is the number two?
spk15: So subscription and contribution margin, the two drivers are obviously gross margin and operating leverage. So gross margin, we have seen leverage over the last few years with the exit of the hardware business, and we are in a long-term range of 75% to 80%. And then when you look at the operating expense line items, starting with R&D, we are hiring globally now, and at scale, we are getting more leverage with the balance of great talent as well. And in sales and marketing, with the growth of renewals in our business, it's still not the majority, as well as increasing scale on our newer investments, international, federal as well. we'll see increasing leverage on the sales and marketing line. And lastly, on GNA, we did step up GNA costs as a public company, but you'll see benefits of scale as well there.
spk16: Awesome. Thank you so much.
spk00: Thank you, Kash.
spk11: We'll move next to Saket Kalia with Barclays. Your line is open.
spk05: Okay, great. Hey, guys, thanks for taking my questions here, and I echo my congrats on your first quarter as a public company. Bipple, maybe just to start with you, you know, a lot of great customer examples in your prepared remarks. And can you just talk about the growing security tools that Rubrik is adding on top of secure backup? You know, I think more of your customers are opting for higher end bundles, which of course include more security. Talk to us a little bit about how they're using those tools and what you're hearing from those customers that are increasingly using the security components.
spk14: Thanks, Saket. So as you reckon, Rubik has built a comprehensive cyber resilience platform that combines data security posture management as well as cyber recovery in a single zero trust architecture to deliver true cyber recovery and cyber resilience. Our core assumption is that enterprises will get breached and you cannot stop the unstoppable. So how do enterprises prepare themselves for inevitable cyber attack and to deliver quick recovery so that their services are back up and running and they can continue their business. So we have built a set of capabilities on top of our platform from anomaly detection, which actually tells you the point of infection and the scope of an attack, to threat hunting and monitoring to be able to detect malware in your data stream so that you are delivering clean recoveries, to be able to sensitive data classification, to understand exfiltration risk, to understand what has been exfiltrated, and understand double extortion ransomware risk. We have the user access intelligence to understand the surface area of attack. So we have built a comprehensive data security solution suite on top of our Rubik's Security Cloud platform to really deliver end-to-end comprehensive cyber resilience and cyber recovery.
spk05: Got it. If I could sneak in a follow-up here, and maybe for you for the follow-up, it was a great beat on ARR this quarter. You know, I saw that we flowed through some of the upside, but not all of it. Just to make sure the question is asked, are there any timing elements that we should consider for ARR this year, given the beat and given the adjustment to guide? To your point, still very early in the year, but want to make sure the question is asked.
spk15: Sure, Sarkat. So obviously, we got off to a very strong start to the year. It was an exceptional quarter, but we benefited from some large transactions. And still early in the year, we had a recently public company, and the environment going ahead could be uncertain in the election year. So we wanted to be prudent with our guidance and feel really good with the numbers we're putting forward in terms of guidance, which we're very confident in terms of the outlook.
spk05: Thanks very much for the time, guys. Congrats again.
spk11: We'll move next to Fatima Boulani with Citi. Your line is open.
spk10: Thank you for taking my questions. Bickel, I wanted to unpack some of the broad-based strengths in business activity and specifically wanted to hear some of your comments on what type of procurement and buying behavior you're seeing from midsize enterprises versus larger enterprises. And the spirit of the question really here is, you know, it is an uneven macro, and a lot of your peers in the software complex have just experienced a lot of volatility, certainly with some of the smaller customers, and just deal cycle elongation on the larger side. So I'm curious how you've sort of been able to buck the trend in executing well across both those vectors. Thanks very much.
spk14: Thanks, Fatima. If you look at a rubric offering, we are delivering cyber recovery, cyber resilience solution to ensure that enterprises can recover from ransomware attack and other kinds of cyber attacks, which are inevitable. So we are at the top of the heap when it comes to investing in cybersecurity, particularly around ransomware incident. And we have a very unique and differentiated platform. So, so we are not seeing any significant impact in the demand. And what we are also seeing is the customer's sense of urgency in having these solutions. And also if you look at the broader landscape, there has been a lot of investment in cyber prevention solutions around network, endpoint, perimeter, cloud. But the cyber recovery is a little bit of an afterthought. And now folks are realizing that recovery has been underinvested. And to ensure continuing operation, they need to have solid cyber resilience, cyber recovery, because attacks are, again, inevitable. So we are seeing significant strength in terms of the demand. Obviously, procurement dynamics, given the macro, sometimes can be a little cumbersome because there's more deal scrutiny in terms of more people involved in getting deals, but we are not seeing any significant change in the demand landscape.
spk11: Thank you, Dhaka. I'll move next to Andrew Nowinski with Wells Fargo. Your line is open.
spk03: Okay, good afternoon, and congrats on a nice quarter as well. I want to ask a question on the security side, and specifically Laminar. I think most people understand your security capabilities and why other vendors can't provide those capabilities applied to the business data, but where there might be some overlap is on the DSPM side. So I was wondering if you could explain why Laminar is different from the other DSPM offerings in the market from CrowdStrike and Palo Alto and others, and then what you're seeing from a pipeline perspective as it relates to that new high-end bundle that you introduced that includes Laminar. Thanks.
spk14: Thank you, Andrew. So if you look at Rubric's core focus, we are focused on cyber resilience, which requires both cyber data security posture plus cyber recovery, because if you want to Assume breach posture, then you need to understand what assets do we have? What is the sensitivity of those assets? That is data. Who has access to the data and who is doing what to the data? And if something happens to your data, how do you deliver cyber recovery? So we are bringing this data security posture management and cyber recovery to deliver complete cyber resilience. And it is a differentiated technology. And if you look at the traditional cybersecurity vendors, they have no ability to do cyber recovery. So they are using the DSPM technology as a way to prioritize different threats on the infrastructure, whereas we are focused on cyber recovery, cyber resilience, and that's where we are differentiated. We are seeing strong demand for DSPM. We had a very strong quarter for DSPM, and we are continuing to see great interest in the data security posture management space. As you mentioned, we recently, like this quarter, announced Enterprise Proactive Edition. It is a new offering in the marketplace, and it is early in terms of its customer engagement and discussions. But we are seeing, again, a strong demand on the DSP in this space. Thank you.
spk11: And we'll take our next question from John DeFucci with Guggenheim Securities. Your line is open.
spk04: Thank you. This is Howard Ma on for John DeFucci. We want to add our congratulations on the strong performance in what is still a challenging selling environment. So for either Bipple or Kieran, when we think about the balance of the year, how would you rank order your growth catalyst across, call it data security-driven demand, vendor consolidation on the data protection side? And I realize the two may be hard to separate. And also AI-driven data growth and the need to secure incremental gen AI workloads. And do you think these catalysts are enough to offset the macro unevenness, to use Bipple, your words? Thank you.
spk14: Thank you, Howard. Let me give you a little bit of a business perspective, and Kiran can add a little bit of color. So if you look at the cyber resiliency space, again, it is rising up to be a top cybersecurity category. In fact, one of our financial services, large financial services customers, actually told me that the rubric allowed them to have a record-time cyber recovery audit. because it is so important in financial services to have services up and running in spite of a cyber attack. If you look at the demand in terms of CISOs focus on cyber resilience, very large global bank CISO told me that cyber resilience is now the core focus because the business service up and running is very, very critical. So we believe that we have a strong market with high demand. Obviously, no company is immune to macro, but we feel very confident about our outlook.
spk15: Howard, I'll just add a little bit here just from a model driver perspective. You know, we try to maintain a balance between new and expansion. We are still very early in the large market, 6,000-plus customers. The market resize is 60,000-plus. So we try to balance between both the contribution of new and the expansion represented by the NRR. And also I'll add that we have multiple drivers for expansion. The data within the app could grow. We add more apps to secure and then the security capabilities. And what we have seen most recently, 60% of our NRR comes from the data growth and then the rest from security capabilities. But one other driver I'd wrap up here is large deals influence the numbers in a quarter and the timing of those up can vary between quarter to quarter. So I'll just say that that's the other driver.
spk04: Great. Thanks so much.
spk11: We'll move next to Greg Moskowitz with Mizuho. Your line is open.
spk02: Thank you very much, and I'll add my congratulations. Obviously, these are a strong set of results, but what I'm maybe most impressed by is that your net new subscription ARR actually grew over 20% sequentially, and this is compared to your seasonally strongest quarter. I know that you benefited from larger transactions. You called that out a couple times. Possibly you can provide a little bit more context around that, but even so, Just wondering if there's anything else that you would expand on in terms of how you saw so much strength in a fiscal Q1, and again, in the current macro environment, no less.
spk14: Thanks, Greg. We are proud of our execution this past quarter, and obviously, 46% growth to $856 million in ARR are the strong results. We are experiencing a very secular demand in the marketplace. The cyber resilience and cyber resilience focus continues to be strong because again, as I said before, there has been a lot of investment in the cyber prevention, not enough focus on cyber resilience. And we have a differentiated technology. We built our technology platform 10 years ago as a differentiated platform that combines data security posture management and cyber recovery in a zero trust architecture that natively delivers cyber resilience. This is a large ground-trick opportunity because, again, the legacy platforms have no cyber resilience capability. If you look at our win rate, we are winning vast majority of deals against legacy as well as vendor in our space. And if you look at the customers and their focus, they are focused on ensuring that their businesses are up and running. I'll give you an example. We released our Ruby products to help productivity of IT and security operations team. Fortune 500 insurance company told me that they are using Ruby to do threat hunting and monitoring and delivering productivity enhancement through cybersecurity workflows. So the focus on cybersecurity, focus on cyber resiliency, delivering the ease of use on a differentiated platform on a circular demand in a large market are all contributing to our success.
spk15: Hey, Greg, this is Kiran. I'll just add a little bit more color on the net new ARR for the quarter. We got off to a strong start, and as you know, a strong start from a linearity perspective helps us drive the NRR throughout the quarter, or net new ARR. Another second aspect which we shared earlier is we did have favorable benefit from large transactions and the timing of which can vary quarter to quarter. that was favorable this quarter. Just to give you one data point, we had two times more ARR from million-dollar-plus transactions this quarter, Q1 versus Q1 of fiscal 24. And then we had a special example of a very large healthcare insurance customer who standardized on our cyber residency platform as well. So a couple of things to add.
spk02: Super helpful, guys. One quick follow-up, if I may. It doesn't get mentioned often, But Bipol, I was curious if cyber insurance is playing a role as well when it comes to how customers are approaching data security.
spk14: Cyber insurance definitely has an impact because if you look at the landscape of cyber insurance, many companies have seen their cyber insurance premium go up. Other companies are not getting cyber insurance altogether because for a cyber insurance underwriter, every company says that they have the best technology, best team, and best practices. So how do they differentiate? And that's where a strong cyber resilience platform that allows businesses to be up and running, even in spite of a cyber attack or breaches, is important. And just to point out, in fact, Rubik has announced a partnership with Aon for joining to go to market because their customer base has the same cyber resilience issue. Terrific. Thank you.
spk11: We'll move next. to Joel Fishbein with Truist Securities. Your line is open.
spk08: Congrats on the excellent execution. I have two follow-up questions to the last question, Greg's question. Number one, Deadpool, can you just talk a little bit more about Ruby AI? You talked about the one customer, but overall demand for Ruby AI, I'm just curious. I know it's early days, but would love to get clarification there. And Karen, for you, just in terms of large deal, can you just remind us of what the large deal pipeline looks like going forward? That would be helpful. Thank you so much.
spk14: Thanks, Joel. Let me first answer the Ruby question, and then Kiran can provide some color on the other question. So as you might recall, Ruby is the Gen AI agent for Rubric Security Cloud, and it is focused on productivity for IT and security operations team. As you know, Cyber resilience operations is largely falling on the IT department. And they have not a whole lot of training and focus on cyber or cyber resilience or cyber recovery. And they have been asked to do this cyber recovery work. So we built Ruby to help them do the cyber work without being an expert in cyber. In fact, our design goal is that if you can use Facebook, you should be able to do cyber recovery. So that's what Ruby is focused on. It's a multi-year project for us. We are adding a lot of skill sets to Ruby AI to ensure that all the activities that somebody could perform on Ruby Security Cloud can be done in natural language with ease of use and hand-holding to be able to complete the task. It is as if we are shipping a person along with our product who hand-holds our customers to a tremendous outcome. So it's a long-term project for us. It is definitely seeing a usage in our customer base, and we believe that it will be a driver for more usage and adoption of our enterprise edition.
spk15: And Joel, just on the second part of your question, as Dipal shared, we have multiple drivers on the basis of which we are becoming more strategic with the very large customers. And it's a combination of both land and expand in terms of the size of the transactions occurring. The ASPs are increasing quarter by quarter, and also a result of the moving into more larger transactions is we added 15 customers to our million-dollar-plus count this quarter, from 99 to 114 this quarter. But I will say that it varies from timing to timing, quarter to quarter, on these large transactions. But the contribution of large transactions to our pipeline is increasing.
spk08: Great. Thank you so much.
spk11: We'll move next to Brad Zelnick with Deutsche Bank. Your line is open.
spk06: Great. Thanks so much, and congrats, guys, on a really strong entree, you know, strong first quarter out of the gate. My question for you, Bipol, is forward last week, you talked about adding capabilities to the product that help better prioritize operational recovery of the most important data first to further enhance RTO for customers, and We often hear a lot about Rubrik's strengths on the security side of data resiliency, but maybe could you touch on speed of recovery and how important a factor that is for customers evaluating the product and how Rubrik stacks up against the competition? Thanks.
spk14: Thank you, Brad. If you look at the Rubrik's core strength is in cyber resilience and cyber recovery because backup is like an old 30-year-old technology. But recovery, particularly cyber recovery, is where Rubik shines. Because to be able to deliver cyber recovery, folks need to understand what is a clean data. Because if you have thousands and thousands of applications, if you have been attacked, how do you know which is a clean state of the data? How far attack has gone? Do you have sensitive data that is in the scope of the attack so that you have dark wave issue or data exfiltration issue? Do you have malware sitting in the data? Because if you recover malware, you get reinfected and you have Groundhog Day. So delivering cyber recovery requires like fundamentally new architecture. And that's what Rubrik did. We built a new software by combining backup and recovery and cybersecurity principles into a single platform to natively deliver data security patch management as well as cyber recovery in a single platform. And that's what makes the difference for our customers. We are, again, this is a mission-critical thing for our customers. We are helping our customers recover from cyber attacks such as ransomware, and they're sleeping easy because they have Rubrik.
spk06: Excellent. Thank you.
spk11: We'll move next to Eric Heath with KeyBank. Your line is open.
spk09: Great thanks for taking the question I guess people i'd love to hear more your perspective on what you see from customers as they move their core workloads and it state to the cloud. Just curious to hear more on how their spend and coverage of their environment change when they do make that move to the cloud other applications and infrastructure.
spk14: Thank you Eric so rubric took the approach from day one, while building the cloud native rubric security cloud. is that our technology and our solution is data location independent, and we sell transportable license. So, essentially, it doesn't matter whether the businesses run their applications on-premises, run their applications in the cloud, or use SaaS. We have a uniform solution, uniform way to consume rubric, and that's what we operate on. So, as we see more movement towards cloud and SaaS, it is leading to more data fragmentation and application fragmentation. When you have more application and data fragmentation, which means that you have bigger surface area of attack, which means that businesses need more data security, more ability to deliver cyber resilience, more ability to get bounced back up and running when the inevitable cyber attack happens. So we believe that we'll continue to see secular demand for our product as businesses continue their digital transformation and cloud journey.
spk11: We'll move next to Yifu Li with Cantor Fitzgerald. Your line is open.
spk12: Congrats on your inaugural earning in IPO. Thank you for taking my question. So question for Bipo or Kiran. It's related to the public sector vertical. I understand Rubik's, you know, achieved the StateRAMP certification, SLED certification earlier this year. Was wondering if you could give me some feedbacks on, you know, Rubik's Security Cloud government threat hunting module as well as other public sector vertical.
spk14: Thank you, Yifu. So let me start with this. So as you stated, we got... FedRAMP, state RAMP, sorry, state RAMP certification. And our sled business, which is a state and local business, continues to be strong. We are still going through the FedRAMP certification process, and we believe that that would be an unlock for us in the federal market. As you can imagine, the federal government data is critical, and they have a huge risk from national and state actors and cybersecurity in general. So we believe that the cybersecurity Recovery cyber resilience focus at Rubrik will find high resonance with federal customers. We are awaiting the FedRAMP before we kind of scale up in business.
spk15: Thank you.
spk11: We'll move next to Todd Copeland with CIBC. Your line is open.
spk07: Oh, good afternoon. Thanks for taking my question. I wanted to ask about market share as well. You're clearly growing faster than market and faster than public legacy peers. Can you just talk about where most of your market share has been coming, I guess, in this last quarter and over the last couple of quarters? Thank you.
spk14: Thank you, Todd. Rubrik is an equal opportunity share taker. As you can imagine, we don't differentiate between legacy competition or newer vendor in our space. because of our differentiated solution, because of our unique platform with architectural, um, difference, there is a significant opportunity, uh, for us in the marketplace because what we do is pretty unique and our customers, um, have gone through, uh, vicious ransomware and other cyber attacks and we have recovered them. So it's a market proven solution. And, and we are helping our customers again, have peace of mind. So, uh, So our win rate against our legacy as well as newer vendor competition is very, very high. We are winning vast majority of the deals against them.
spk07: And is the consolidation amongst one of your main competitors, does that change your win rate at all? Is that an opportunity for you? Just talk about that. Thanks a lot.
spk14: Obviously, the merger, the news, I wish both parties on the merger luck. But if the history is any benchmark, there has not been a lot of success by merging a growth company with a legacy platform to create a new company. And I like our chances. If you look at our product offering, our momentum in the marketplace, our differentiated solution, and the way we are delivering cyber resilience is actually... We are seeing interest and demand from legacy vendors because they feel that their roadmap is in danger. There's a general confusion around the mergers. Overall, we believe that it's positive news for us.
spk07: Thank you very much.
spk11: And we'll take our last question from Taz Kuzhalki with Wedbush Securities. Your line is open.
spk13: Hey guys, thanks for taking my question. Two questions, first one for Bipol. Bipol, can you talk about your partner ecosystem and specifically the partnership with Kindrill? What does that bring to the table? Is that focused on large customers, mid-market, and how does that change your competitive positioning? Is that fairly unique in terms of offering this managed service through Kindrill or are there other companies, your other competitors who are doing, who are offering something similar as a managed service?
spk14: Thank you, Taj. If you look at our Kindle partnership, this partnership is focused on helping our customers get cyber resilient. And Kindle has a very significant cyber resiliency practice, and they go to market with Rubrik for cyber resiliency. Kindle obviously has a lot of focus into the upper end of the market, and we are helping large organizations around the world get cyber resilient, deliver managed service through Kendra. We have a great partnership with them.
spk13: Got it. And one follow-up for Turan. Turan, very strong results in the quarter, strong NRR. If you can just comment on, within the new ARR in this quarter, how is the mix between, I guess, new logos and upsell, and then going forward in terms of the guide, like what is implied for NRR in the guide? How do you expect NRR to trend going forward for the rest of the year?
spk15: Hi, Taz. Sure. So let me start out with just broadly stating that our model supports a high NRR, just given the breadth of offering and the customer value we bring. Historically, it's benefited from the maintenance subscription transformation, just like ARR benefited as well, but it lags a little bit. But if you look at it over time, you'll see a gradual decline there without the impact of the transition. The large lands we make also impact ARR, and over time, as the business scales, the NRR will naturally come down. But we generally target, as I said in the earlier question, roughly equal from the land part of the business, which is new customers, as well as expansion on a multi-quarter basis. The last thing I will say is just if you look at the components of NRR, the data growth component, which is bringing new products under the rubric umbrella for security, as well as the security capabilities, the applications we sell on top of the data platform, it's about 60-40, 60% data growth and 40% security capabilities.
spk06: Thank you.
spk11: I would now like to turn it back to Bipul Sinha, CEO, for any closing remarks.
spk14: First of all, I want to thank everybody on this call as well as our investors around the world for their support and sponsorship of Rubrik. Us becoming a public company completes the first chapter of Rubrik and now we are in the second chapter of the company and the second decade of Rubrik and we are looking forward to partnering with all of you, everybody in the ecosystem to build an enduring business. We are dedicated to it. Thank you so much for your support. And we hope to generate good returns for all of you guys.
spk11: This does conclude today's program. Thank you for your participation. You may disconnect at any time and have a wonderful evening. Thank you for your participation.
Disclaimer