SolarWinds Corporation

Ladies and gentlemen, thank you for standing by, and welcome to the SolarWinds fourth quarter 2020 earnings call. At this time, all participants are in a listen-only mode. After the speaker's presentation, there will be a question-and-answer session. To ask a question during the session, you will need to press star 1 on your telephone. If you require any further assistance, press star 0. I would now like to hand the call over to your host, Howard Ma, Senior Director of Investor Relations. Please go ahead.

Thank you, Operator. Good morning, everyone, and welcome to SolarWinds' fourth quarter 2020 earnings call. With me today are Sudhakar Ramakrishna, our President and CEO, and Bart Kalsu, our EVP and Chief Financial Officer. Following prepared remarks, we'll have a brief question and answer session. This call is being simultaneously webcast on our Investor Relations website at investors.solarwinds.com. On our investor relations website, you can also find our earnings press release and a summary slide deck, which is intended to supplement our prepared remarks during today's call. Please remember that certain statements made during this call are forward-looking statements, including those concerning our financial outlook, the impact of the cyber attack on our business, our market opportunities, the impact of the global economic environment on our business, and the updates on the potential spinoff of our MSP business. These statements are based on currently available information and assumptions. and we undertake no duty to update this information except as required by law. These statements are also subject to a number of risks and uncertainties, including the numerous risks related to the impact of the cyber attack on our business and the potential spinoff of our MSV business. Additional information concerning these statements and the risks and uncertainties associated with them is highlighted in today's earnings release and in our filings with the SEC. Copies are available from the SEC or on our investor relations website. Furthermore, we will discuss various non-GAAP financial measures on today's call. Unless otherwise specified, when we refer to financial measures, we will be referring to the non-GAAP financial measures. A reconciliation of the differences between GAAP and non-GAAP financial measures discussed on today's call are available in our earnings press release and summary slide deck on the Investor Relations page of our website. With that, I'll now turn the call over to Sudhakar.

Thank you, Howard. Good morning, and thank you for joining us today. I hope you're doing well and staying safe. As you know, I joined the company earlier this year on January 4th, and this is my first earnings call with the company. I want to start by first thanking our employees, customers, partners, and our shareholders for their ongoing commitment to and for their support of SolarWinds. I have long been a student of SolarWinds' high-velocity go-to-market model. Our broad portfolio of solutions, low customer concentration, strong revenue recurring base, strong balance sheet, and the opportunity to apply my background to address an expanding market opportunity to support the needs of IT ops, DevOps, and SecOps professionals made it easy for me to say yes when I got the opportunity to lead the company as president and CEO. In the seven weeks, that I have been with the company, I have had the opportunity to spend a lot of my time with customers and partners. The vast majority of the customers that I have spoken to understand that the cyber incident that affected us and others could have happened to any vendor, and especially a broadly deployed vendor like SolarWinds. Equally, they are eager to see us address the issue and share our learnings which we are doing. The other opportunity that keeps coming up in these discussions is our ability to provide guidance and input to protect the entire environment of our customers as opposed to just focusing on our products, making us a more strategic partner. The majority of our customers that downloaded a version of the affected code have upgraded to our latest version and continue to renew their contracts with us. While the first priority continues to be ensure the safety and security of our customers, our conversations with customers and partners have also given us the opportunity to discuss the strength of our entire portfolio and of our future plans. I have also spent a significant amount of time on the cyber attack on SolarWinds both in managing the investigation as well as working closely with our employees, customers, and partners. I'll elaborate on our investigation, learnings, and future plans, but first, I'll touch on a few financial and operational highlights in Q4 and 2020. Our teams did a solid job of executing throughout the year in the face of a global pandemic. We hit a significant milestone that many companies aspire to, achieving non-GAAP revenues of over $1 billion in 2020. We grew non-GAAP revenues by 9% year-over-year for the full year 2020 and 6% year-over-year in Q4. We delivered an adjusted EBITDA margin of 48% for each of the full year and in Q4. Our non-GAAP subscription revenue grew by 22% for the full year 2020, and our net retention rate was approximately 105% on a trailing 12-month basis. We sustained strong maintenance renewal rates north of 90% in 2020, and the fourth quarter renewal rates held up well despite the cyber attacks on SolarWinds, which we announced on December 14th. We completed the SentryOne acquisition in the fourth quarter. Between our database performance analyzer, database performance monitor via the acquisition of VividCortex, and SentryOne, we now have a comprehensive analysis and monitoring portfolio supporting a broad range of database platforms across on-premises, native cloud, and hybrid IT environments. Revenue for our database management products continued to grow in the fourth quarter, consistent with recent trends. We expect Century One to help sustain that growth. The database solutions complement our already strong network systems and application monitoring solutions, as well as our efforts to become a leader in hybrid IT monitoring. Our core IT management subscription growth continues to be fueled by Service Desk, which is our ITSM products, and our cloud infrastructure and application management solutions. Additionally, our MSP business again delivered double-digit 15% growth in both the fourth quarter and the full year, surpassing $300 million in revenue in 2020. We ended the year with more than 25,000 MSP partners that service over 500,000 small and medium enterprise customers, reflecting our status as a leading provider of remote monitoring and management, security, data protection, and business management solutions for MSPs around the world. In December, we announced the confidential submission of a Form 10 registration statement with the SEC for the potential spinoff of our MSP business. While the process is difficult to predict, we continue to target completing the transaction in the second quarter. As part of the preparation for the spinoff, the MSP business, formerly known as SolarWinds MSP, also announced a new brand in December. Moving forward, the business will be known by a familiar name, Enable, extending the roots of the company to reflect the performance, protection, and partnership our MSP partners need to power their clients and businesses forward. Now let me turn to the cyber attack. Since we learned of it in December, our top priority has been to ensure that our customers are safe and protected. And the entire company has been working tirelessly to provide remediation, support our customers, cooperate with government authorities, and share our learnings publicly. I want to take a moment to personally thank our customers, employees, and partners around the world for their trust, patience, dedication, understanding, and support during this time. As I came on board and learned more, it became clear that any company would be hard pressed on its own to withstand this type of dedicated and sophisticated attack by a determined nation state. It also became clear that the scope of the attack was much broader than Sullivan's as news and public disclosures emerged about breaches and compromises of other companies unrelated to us. We believe our Orion platform was targeted in this campaign to create a backdoor into IT environments of select customers. The threat actor did this by adding malicious code known as Sunburst to versions that we released between March and June of 2020. Sunburst has since been removed and is not an ongoing threat in current versions of Orion. Additionally, after extensive investigation, we have not found Sunburst in any of our more than 70 non-Orion products. One update that I believe is critical to share is that we previously disclosed that the number of customers that may have installed an effective version of the Orion software platform was fewer than 18,000. Based on our discussions with customers and our investigations into the nature of Sunburst's malicious code and the advanced tradecraft of the threat actor, we believe the number of organizations actually exploited through Sunburst is substantially fewer than the number of customers that may have installed an affected version of the Orion platform. This is consistent with statements by National Security Advisor for Cyber and Emerging Technology, Ann Neuberger, that as of February 17th, nine federal agencies and about 100 private sector companies were compromised. While our attitude will always be that of one impacted customer is one too many, we currently believe the total number of customers potentially impacted is significantly lower than what was originally feared. We are applying our learning from this event and sharing our work more broadly. Internally, we are referring to our work as secure by design and its premise on zero trust principles and developing a best in class secure software development model to ensure our customers can have the utmost confidence in our solutions. We see these investments as consistent with our goal of being a best in class provider of powerful, affordable, and secure solutions. We have published details regarding our efforts But in summary, they're focused on three primary areas. First, further securing our internal environment. Second, enhancing our product development environment. And third, ensuring the security and integrity of the products we deliver. We've added a level of security and review through tools, processes, automation, and where necessary, manual checks around our product development processes that we believe goes well beyond industry norms to ensure the integrity and security of all of our products. We firmly believe that the Orion software platform and related products, as well as all of our other products, can be used by our customers without risk of the sunburst malicious code. We also formed a new technology and cybersecurity committee of our board. Two current sitting members of our board, who are CIOs with significant cybersecurity experience, and I formed the three-member committee. This committee has the responsibility to assist our board in overseeing our response to the cyber incident and provide advice to management and oversight of our improvement initiatives. Given our unique experience, we are committed not only to leading the way with respect to secure software development, but also to sharing our learnings with the industry. Now, let me turn the call over to Bart to provide you details of our financial performance. Bart?

Thanks, Thadakkar, and thanks again to everyone joining us on today's call. Our fourth quarter financial results reflect solid execution while demonstrating the resiliency of our model in the face of the cyber attack. We finished near the high end of the range of our outlook the fourth quarter for non-GAAP total revenue, ending the quarter with $265.5 million in revenue, representing year-over-year growth of approximately 6%. Non-GAAP maintenance revenue was $124.3 million in the fourth quarter, up 8% versus the prior year. driven by consistent maintenance renewal bookings and reflecting sequential acceleration in maintenance revenue growth since the second quarter, which was impacted the most by the pandemic. This growth was driven by solid customer retention, as evidenced by maintenance renewal rates of over 90% in the fourth quarter. For the fourth quarter, non-GAAP license revenue was $34.5 million, which represents a decline of approximately 23% as compared to the fourth quarter of 2019. The decline in license revenue resulted from the continuing impact of the global COVID pandemic, the impact of the cyber attack, and our continued evolution to subscription sales for our on-premises products. We continue to see quarter-over-quarter sequential growth in sales and subscriptions for our on-premises products in the fourth quarter. On-premises subscription sales resulted in an approximately three percentage point headwind to our license revenue for the quarter. Total non-GAAP license and maintenance revenue was $158.8 million in the fourth quarter, down 1% versus the prior year. Looking ahead, we expect near-term headwinds on our business due to the cyber attack and the pandemic. That said, we continue to see demand from both new and existing customers for our products and continue to renew existing customers, although at lower rates. Total ARR reached approximately $960 million as of December 31, 2020, reflecting year-over-year growth of 14%, which includes approximately 2 percentage points of contribution from our Century 1 acquisition in the fourth quarter. Subscription ARR grew 17%, reaching $435 million at the end of the quarter. Subscription ARR growth was not materially impacted by our Century 1 acquisition. Moving to our subscription revenue, fourth quarter non-GAAP subscription revenue was $106.6 million, up 20% year-over-year, which was driven by 16% year-over-year growth in our MSP business, as well as solid performance in our core IT management subscription business. Our land expand and retain model has successfully driven sustained growth in our customer relationships. Our subscription net retention rate for the year was 105%. Over the last year, We believe the pandemic has validated the importance of digital transformation to the medium-sized enterprises that depend on our MSP partners for IT management and security, and has given us confidence in the strength of our business model. While we've seen some reduction in spending among some SMEs, we've also seen promising trends and uptake of our solutions, as well as consistency among our larger MSP partners, resulting in stable net retention rates in 2020. Total non-GAAP revenue for the year ended December 31, 2020 was $1.02 billion, which represents a major milestone as we broke the $1 billion mark in annual revenues threshold while delivering 9% growth over 2019 total revenue of $938.5 million. For the year ended December 31, 2020, non-GAAP subscription revenue was $399 million, which represents growth of 22% year over year. The growth was led in dollars by our MSP business and from a full year of revenue from our ITSM and VividCortex products that were acquired in April and December 2019, respectively. Non-GAAP license and maintenance revenue for the full year in 2020 increased 2% year-over-year to $622.7 million. Non-GAAP maintenance revenue grew at a rate of 7%, reaching over $478 million. This growth was driven by solid customer retention, as evidenced by a maintenance renewal rate of 91.5% in 2020. License revenue for the full year was negatively impacted by a combination of the slowdown in on-premises purchasing as a result of the COVID pandemic, the cyber attack in the fourth quarter, and the impact of offering previous perpetual license products on a subscription basis, which we expect to yield more revenue over the full duration of the typical customer lifetime. We finished 2020 with 1,057 customers that have spent more than $100,000 with us in the last 12 months, which is an 18% improvement over year-end 2019. We are continuing our efforts to build larger relationships with our enterprise customers. We also had a solid quarter of non-GAAP profitability in the fourth quarter. Fourth quarter adjusted EBITDA was $127.1 million, representing an adjusted EBITDA margin of 48%. exceeding the high end of the outlook for the fourth quarter. And for the year ended December 31, 2020, adjusted EBITDA was $489.7 million, representing an adjusted EBITDA margin of 48% for the full year as well. Unlevered free cash flow for the full year totaled $431 million, which reflects an adjusted EBITDA conversion rate of 88%. The conversion rate was positively impacted by lower interest payments on our debt and improved net working capital. Net leverage at December 31 was 3.2 times our trailing 12 months adjusted EBITDA, despite the use of $142 million of cash on the acquisition of Century 1 in the fourth quarter. For the full year in 2020, we reduced our net leverage ratio from 3.9 times to 3.2 times, reflecting the power of our model to complete an acquisition the size of Century 1 and still deleverage significantly over the course of the year. With $370.5 million in cash at December 31, we are well positioned from a financial standpoint to continue to invest in the future growth of our business. I will now walk you through our first quarter outlook before turning it over to Sudhakar for some final thoughts. As it relates to the full year, there is uncertainty around the impact of the cyber attack on top of the continuing impact from the global pandemic. We are encouraged by recent engagements with both prospective and existing customers, and we are cautiously optimistic about growth of our business in 2021. While ongoing customer renewals and pipeline growth are indicators of the health of our business, we feel it is still too early to predict the range of outcomes with the level of precision we have provided in the past. As such, we believe it is prudent to only provide first quarter of 2021 outlook for total revenue, adjusted EBITDA, and earnings per share at this point. For the first quarter of 2021, we expect total non-GAAP revenue to be in the range of $247 million to $252 million, representing year-over-year growth of negative one to positive 1%. Adjusted EBITDA for the first quarter is expected to be $98 to $101 million, which implies an approximately 40% EBITDA margin. As a reminder, our adjusted EBITDA margin is typically at its lowest level in the first quarter of every year due to lower license revenue and an increase in expenses, particularly around Social Security and payroll taxes. That said, the year-over-year decline in adjusted EBITDA also reflects incremental spending related to the Century 1 acquisition, investments in our MSP business in advance of the spend, and the incremental expenses we are making in our security-related initiatives. As it relates to 2020 and 2021 adjusted EBITDA, we expect our investments in security-related initiatives to be approximately $20 to $25 million. Non-GAAP fully diluted earnings per share is projected to be 19 to 20 cents per share, assuming an estimated 318 million fully diluted shares outstanding. Our outlook for the first quarter assumes a non-GAAP tax rate of 22%, and we expect to pay approximately $17.2 million in cash taxes during the first quarter of 2021. And finally, our first quarter outlook assumes a Euro to dollar exchange rate of 1.19 and a pound to U.S. dollar exchange rate of 1.34. While we are not providing full-year outlook, I will say that we expect license revenue growth to improve as we move through the year in all regions, and particularly in our EMEA and APJ regions. Based on what we've seen so far in the first quarter, maintenance renewal rates are expected to be in the low to mid-80s in 2021, and we are targeting to return to historical performance in 2022 as we work with our customers to ensure their success and as we continue to further enhance our product portfolio. Increasing the percentage of our recurring revenue has been a focus of ours over the past five years, and recurring revenue is now 86% of our total revenue. we will continue to expand the subscription offerings of our on-premises products in 2021 and make new subscription sales a priority with our sales teams. As we said previously, we continue to explore the previously announced potential spinoff of our MSP business, now known as Enable, and continue to target having that transaction occur in the second quarter of this year. With that, I will now turn the call back over to Siddhartha for his closing remarks.

Thank you, Bhatt. In my various executive assignments, I have sought to let humility, ownership, transparency, focused action, and a bias towards customer success be my guiding principles. We are committed to practicing these principles actively at SolarWinds, and as we do, we will emerge stronger as a business. Over time, we see significant opportunities to increase our relevance to customers and to expand our market by leveraging our network, systems, application, and database analysis and monitoring tools, along with our excellent IT service decks and tools portfolio. We intend to integrate our platforms and serve the evolving hybrid IT needs of our customers. We will enable IT ops DevOps and SecOps professionals to have integrated experiences across automation and configuration, monitoring, visibility, alerting, and remediation. These moves will further accelerate our progress towards a greater mix of subscription and recurring revenues. As we look to the next several quarters and years, we believe that we have a growing market opportunity and we intend to organize our activities and plans to achieve and in some segments exceed market growth rates over the long term even as we deliver strong EBITDA margins as a result of the operating leverage that we have created in our business. To achieve a balance between sustained growth and strong profitability, we expect to take the following key actions. Expand our international go-to-market investments to capture additional growth and market opportunities. Accelerate our evolution to a customer success model and further enhance our sales team's ability to land new customers and expand. We believe this critical evolution will lead to a better customer satisfaction and, over time, increase the lifetime value of our customers. Continue to nourish our high-velocity go-to-market model while also expanding with the enterprise and global system integrator motion we started in 2020. We are embarking on additional portfolio integration and packaging efforts to support enterprise customers. Accelerate our offering strategy to comprehensively address the needs of hybrid IT deployments with flexible deployments, that is, cloud, SaaS, and on-premises with an associated evolution to a greater subscription mix. selectively expand via inorganic investments that both round out our portfolio as well as enhance our ability to capture market opportunity faster. I'll conclude again by thanking our employees, partners, and customers for their commitment to and support of Prolovin. Over 20 plus years, We have earned the trust of our customers by delivering powerful and affordable solutions, and I'm confident that going forward, we will be known for delivering powerful, affordable, and secure solutions. Bart and I will now be happy to address your questions.

Operator, we're ready for questions.

At this time, if you would like to ask a question, press star. And the number one on your telephone keypad, that's star one to ask a question. And your first question comes from the line of Sterling Autry with JPMorgan.

Yeah, thanks. Hi, guys. You touched upon a number of the key elements, but I wanted to dive back in specifically around kind of the comments that you made about improvement through the year on kind of the demand picture in two ways. Number one, I want to make sure I understand how much Are you kind of baking in in terms of improvement in the small piece, which is the licensing, but more specifically the subscription? Are you expecting that the demand for subscriptions will bottom in March and then start to show some improvement through the year?

So yeah, Sterling, I mean, we talked about what we've done so far in the fourth quarter as it relates to subscription sales being a 3% headwind to license revenue. That's fairly consistent with what we saw in the other quarters in 2020, right? And so we're expecting that headwind to continue in 2021. And like we said, we're going to make subscription sales a priority. So if anything, that headwind is only going to be even a little bit stronger as we move through 2021.

Right, but I guess what I'm asking is the demand impact from the breach, are you expecting the demand for your subscriptions, you know, not the mix, but just demand for subscriptions in general to kind of hit a bottom here near term and then show improvement through the year?

Yeah, absolutely. As we've been building out our forecast for 2021, Sterling, you know, we expect the biggest impact to be in the first quarter. And then as we move through the rest of the year, we expect demand to continue to improve.

and then just one follow-up on the maintenance you gave us maintenance renewal rates but i want to understand when you think about the seasonality of when those maintenance renewal contracts come up what does that mix look like because i would imagine that that would be more weighted towards a q4 so are are you expecting that the biggest maintenance hit might actually not come until q4

You know, Sterling, there's not really a lot of seasonality as it relates to our business. You know, when I look at what our bookings are from a maintenance standpoint, they're consistent, you know, quarter in and quarter out. So although we have some of our customers that like to co-turn to a fourth quarter, you know, maintenance renewal date, that's just not a trend that we've seen historically.

Understood. Thank you.

Your next question comes from the line of Brett Zelmick with Credit Suisse.

Great. Thank you so much and good morning. Sudhakar, I think it's pretty clear that Sunburst is a wake-up call for the entire industry. This is not a SolarWinds issue, but an industry issue, and it's good to see SolarWinds taking a leadership position in addressing these types of attacks. I wanted to ask a question that I think may be difficult for you to comment on, but just on the future liability and potential litigation related to Sunburst. How are you thinking about any of these liabilities and customer claims and the degree to which SolarWinds might be covered by its licensing agreements?

Thank you for the question. The point you made last is the most relevant one, which is much like most software companies, we are covered through our end-user licensing agreements. And as you mentioned, Sunburst is not just a SolarWinds specific issue, but it's a broader industry issue. And as you also know, most software vendors unfortunately have vulnerabilities that they disclose and correct on a go-forward basis, and so we have similar practices at SolarWinds as well.

Okay. And maybe just to follow up for Bart, I want to make sure I heard something that you called out, and I heard it correctly, which is 20 to 25 million in security-related initiatives. Can you maybe put a finer point to the timeframe and the cost of remediation related to the incident versus ongoing changes to your business process related to Sunburst?

So, yeah, the 20 to 25 million initiative, Brad, is the cost that we expect to incur throughout all of 2021. And that's a combination of both security initiatives that the doctor talked about, as well as just some general increases in some of our expenses, such as, you know, we expect our insurance costs to go up in 2021. And then there's other charges from some of our professional fees will go up as a result of the cyber attack as well. So, Really, just the $20 million to $25 million number was to give you some context of what we expected the increase in our expenses to be, not just for 21, but as we move forward as well.

But I'd also like to clarify that these are not necessarily related to remediation as much as we are looking at these as extensions and investments for us going forward. And as I mentioned in my remarks, that our aspiration is to support the broader needs of IT, dev, and tech ops professionals.

Very good. Thank you so much for taking the questions, guys.

Your next question comes from the line of Matt Hedberg with RBC Capital Markets.

Hey, thanks, guys, for the questions, and welcome, Sudhakar. And thank you for the transparency on the cyber attack. I know it's a fluid situation, but I think we all appreciate the details here. Maybe the first question, can you talk, I mean, we're effectively two months into the Q1 quarter here. I'm wondering if you could talk about the pace of new business, kind of the linearity through two months versus sort of what you would expect in a normal Q1, and then secondarily on the maintenance side of it. You talked about mid, I believe, low to mid 80s renewals this year. Is there a difference between your public and private sector maintenance renewal rates?

You know, Matt, first of all, the renewal rates that we gave you, the low to mid-80s, that takes into account both our federal as well as our commercial customers. So that's not a renewal rate that we've historically broken out between those two pieces of our business. So the low to mid-80s range that we gave you reflects both of those as well. And then as far as the pace of our business, you know, the pace of our business in the first quarter, obviously it's been impacted by the attack. But we're seeing positive trends. And, you know, like I said, we expect the first quarter of 2021 to be the one that's the most heavily impacted as it relates to new license sales.

And just to add on to Bart's comments, I have been spending a lot of my time with our customers, both in the public and in the private sector, and especially with the federal government customers. spending time with their CIOs, CISOs, highlighting, as you put it transparently, the findings from Sundance as well as the remediation steps. A lot of our customers, as I mentioned in my remarks, their reaction has been one of understanding, and many of our customers, including in the public sector, have already upgraded to our remediated code.

That's great. And then, On Enable, the MSP business, when I think of growth there, I think both expanding the number of MSPs, but also expanding what you can sell to them. I guess on that second part, as we progress through this year and beyond, how do you think about adding more services to that business?

I'll take that back. So the Enable business, as we're going to be branding it going forward, will continue to expand its portfolio. We recently made some strategic announcements as it relates to our partnership with Sentinel, as an example. So for a business that was largely focused on remote monitoring in the past, it has already evolved and continues to evolve into data protection, into security. And in the future, I'm sure we'll explore additional avenues like analytics and insights as well.

Thanks, guys. Actually, maybe, Bart, just a quick last one here. Can you remind us again about your exposure to the federal segment? Roughly what percentage of total revenue is that? Federal, state, local?

Yeah, I mean, that's not a number that we've historically broken out, Matt. You know, our federal business is, you know, it obviously is a big piece of our revenue, but it's not a number that's been big enough that we've had to disclose separately. Got it. Thanks a lot, guys.

Operator, we're ready for the next question.

Your next question comes from the line of Sanjit Singh with Morgan Stanley.

Thank you for taking the questions, and congrats on the role to do here, and even bigger kudos for accepting the role, just given the headlines in December. But it does seem like the business is proving resilient. And I just wanted to dive into a couple of topics. One on sort of the comment around this could have happened to anyone. I think most of us would certainly agree. But is there any sort of, and we sort of look at solar winds was there any sort of things from an operations perspective that made the company more or less vulnerable relative to your peers whether it comes from um you know having a distributed product engineering teams or anything that like the company is going to do you know better um to i'm sure of any any potential vulnerabilities from the operations side that's my first question uh thank you thanks for the the bacon

As it relates to why we believe it could have happened to anyone, as we deconstructed what the threat actors did, we found malware that essentially can be injected into any supply chain. That's the reason why we publicly disclosed it, so that other companies can look at their own supply chains and potentially protect themselves from both current and future attacks. As it relates to was there anything specific to the SolarWinds environment, we could not find anything that was idiosyncratic to the SolarWinds environment. And if anything, both our security hygiene, security posture, security tools are consistent with what is practiced in the industry. Okay.

Got it. And then as you sort of manage through the solar storm compromise and work with your customers, I guess the larger question is what is your vision for SolarWinds as the company sort of comes out of this? And as you look at what the company has been focused on, the strategy, how they sort of balance growth versus margins. Should we see your tenure sort of, you know, extending that line of thinking, or are you looking to change things fundamentally from a strategic perspective? What's sort of your initial thoughts on how the business will be run and managed going forward relative to the past? Definitely.

My focus will be to essentially extend the strategy in the following way. I personally believe we have the broadest portfolio, if I may use that term, in network systems application and database monitoring combined with our IT service desk as well as our tools portfolio. Going forward, what we intend doing is integrating them into a way that we can support the hybrid needs of our customers so that they can deploy on premises or in the cloud, and we will be able to provide them consistent capabilities with one integrated platform. Additionally, we feel there is a significant opportunity for us to expand from monitoring to first into the automation and configuration aspects of things, then on to alerting and remediation with our IT service desk as an integrated portfolio such that we are able to support the entire lifecycle of our customers. That is what we see as a market opportunity for growth going forward. And as we do that, we will continue to balance between growth and profitability and continue to demonstrate the operating leverage that we have created in our business.

understand. That's a great overview. If I could speak one in for Bart. Part of the question is, why is there sort of lingering hesitation on guiding for the full year? If I look at some of your cohorts that fell into similar segments, they've sort of gotten back to an annual guidance ARR accelerated this quarter. Your Q1 guidance is more or less in line with consensus. So the question is, what is the fear around providing guidance, given that the business was relatively some impact, but it doesn't seem like there's tons of volatility in the numbers, at least so far.

Yeah, you know, Sanjay, thanks for the question. You know, we like to talk about the fact that recurring revenue is 85% or 86% of our total revenue. But we do still have a license piece, a license component as it relates to our revenue. And there's just enough variability in the full year of 2021. and enough, you know, there's enough uncertainty around what our new license sales are going to be that we just weren't confident enough to give a full guide. You know, we like to be pretty precise when it comes to guidance, and there's just enough, there's a broad enough range of outcomes that we just weren't confident to give a full year guide at this point. Understood. Thank you for taking the question. Mm-hmm.

Your next question comes from the line of Eric Superger with JMP Securities.

Yeah, thanks for taking the question and welcome Sudhakar. One, can you provide some context around the churn in the federal sector versus the non-federal sector? Clearly this attack was primarily targeted to the federal customers, and it would be helpful for us to understand what impact this is having on the non-federal sector in particular.

Sure. I would say at this point it's too early to quantify churn as it's been about a little over two months since this whole event occurred. The way I would describe our activities are one of engagement and one of helping customers remediate and look forward. So through our conversations, and as I mentioned, I personally have had many conversations with both private and public sector customers. I would say some customers have taken a wait-and-see attitude, but not necessarily a focus on churn or replacement at this point in time. Additionally, as I mentioned, The vast majority of the customers that I have spoken to and we continue to engage with have not only upgraded, but many of them also have renewed their contracts. So those are the indicators I can present to you at this point in time, not so much as specific churn indicators.

And, Eric, the expected renewal rates that I've provided you, the low to mid-80s for the full year, that includes both our commercial as well as our federal customers. So, yes, we are seeing a lot of questions when customers are up for renewal. But like the doctor said, right now they're taking more of a wait-and-see approach. It's not that they're immediately turning us off or not renewing their maintenance contracts.

And I also believe that is – because of two important factors. One is customers that we speak to and customers who have used multiple software vendors recognize and understand that vulnerabilities and software issues can happen to any vendor. That's number one. Number two, that it is a reflection of their confidence in the breadth of our portfolio and our ability to deliver their success.

Okay, then real quick on the on the enable spin out. Can you tell us what the growth was in fiscal 19? Obviously, it was 15% fiscal 20. So just curious what the trajectory is that

So, yeah, the MSP business, you know, Eric, just like a lot of other businesses, was impacted by the COVID pandemic in 2020. So 2019 growth would have been slightly higher than that 15% that we saw in 2020. But any of the impact as it relates to growth from 2019 to 2020 was really due to the pandemic and a little bit of the slowdown that we saw in the second quarter. And we saw really positive trends in our MSP business in Q3 and Q4.

So can we assume that that's a high teens type growth on a normal basis? Yes, that's the goal. Thank you.

Your next question comes from the line of Brent Thiel with Jefferies.

Hi, this is Bob Soda on for Brent Thiel. And welcome, Sudhakar, to SolarWinds. I wanted to ask one quick one on, you know, there has been a bit of focus on the renewals, and are you sort of offering any concessions to the customers that are renewing, or are these normal conversations that you would otherwise have?

Our conversations on the renewal front have been normal conversations. other than the fact that in some cases we have had to explain to customers what we are doing, where we are headed, why they should feel secure, et cetera. If your question is related to pricing or promotion, I would say our behavior has been per what it always has been.

Got it. And maybe one quick follow-up, if I may, on the, you know, you mentioned some of the investments you're making this year on the product side. I wanted to ask, you know, are some of these investments, be it on the product or the go-to-market side, are they more longer-term in nature or, you know, I'm trying to assess longer-term margins, impact on longer-term margins. Thank you.

What we've talked about primarily was expenses that related to the security incident. So Dr. talked a lot about our secure by design initiatives, and there are going to be some costs associated with that. But like I said, we expect those costs to be in the $20 million range in 2021. So when you're thinking about what margins are going to be long-term, What I would tell you is that we think that margins are going to be at their lowest level in Q1, and margins will improve as we move throughout the year. And then as we look at 2022 and beyond, we're going to always weigh investment decisions and try to decide between both growth and profitability.

And to your question about whether some of these investments will yield returns this year versus longer term. Some of the investments that I outlined are expected to yield returns this year, most likely in the back half of this year, and on into 2022. Great.

Thank you again.

Your next question comes from the line of Kinsley Crane.

Hi, and welcome Sudhakar, and I completely agree with you. I think the more we learn about the nature of this highly manual attack, the better we can appreciate it could happen to anyone. So it's encouraging that customers are agreeing. But in our research, we've also found that adopting zero trust is one of the more effective ways for customers and vendors to protect themselves from these types of attacks. So given your experience with zero trust, WalletPulse Securities, you see opportunities to leverage that experience in SolarWinds today.

Absolutely. So as part of our Secure by Design initiative that I outlined, as I mentioned, I don't look at this as a remediation effort as much as an ability to set the stage for a leadership effort over several quarters and years. So one of the key aspects of Secure by Design, or a couple of key aspects I would say, is is that it is premised on zero trust principles. And when I say that, that applies both to our infrastructure as well as how we plan to build products going forward. So some of the conversations that I've been having with customers, for instance, is how do we establish least privileged access models within both our products as well as other vendors' products that enable the safety and security of our customers. So this is the point I was making as I was describing that one opportunity that comes up in our conversations with customers is not only how we protect them through our products, but also provide guidance to them across their environment that is rooted on least privileged access or the zero tax principles and other related constructs.

That makes perfect sense. That's very helpful. So one more on the MSP side was encouraged to see the productivity of the name change to enable in December. We'd just love your a little bit more color and decision to adopt what's been a strong brand name for some time and how receptive customers have been so far.

That's far the exception, but from our partner community has been very strong in terms of the enable brand. And as you know, the MSP is business based. primary objective is to enable partners to, in turn, enable small-medium enterprise customers. So the partners find that this is a nod to the model and are redoubling and recommitted to expanding the business.

Okay. Thanks. That's it for me.

Your next question comes from the line of Rob Oliver with Baird.

Great. Thank you. Good morning, guys, and hope you're doing okay down there in Austin. Tough couple weeks down there. Sadakar, one for you, and then, Bart, I had a follow-up for you as well. Just, Sadakar, on the subscription products, it does sound like demand is kind of coalescing nicely around the old Symantec product, ITSM, and around database with Vivid Cortex. Is that right? And, you know, are there other products in that portfolio of, you know, SaaS subscription products that you are optimistic about? Or perhaps you could take the opportunity to talk a little bit about how you view expanding that portfolio.

Absolutely. The observations that you made on both the service desk and database are absolutely correct. In addition to that, I alluded to additional packaging and integration considerations that we are executing throughout this year. That applies broadly to our traditional products based on the Orion platform, including network and system management. So as a result of that, I expect the subscription mix of that business to continue to grow as well. Now, if you take a perspective of a few quarters out, as we integrate our platforms into much more of a singular motion, then increasingly our primary motion will become subscription on that particular platform. So over time, the goal is to improve the mix and expand it from the current 86% to something higher going forward.

Okay, great. That's helpful, Culler, and I think that ties directly, Bart, into what my follow-up question with you is going to be, which is you guys traditionally have been agnostic as to how your customers bought. So clearly a change here on this call, and I guess your comment relative to prioritizing subscription would go hand-in-hand with what Sennacher said. other incentives built in there for the Salesforce and any other, you know, changes relative to the go-to-market. And I would assume you're going to do this and keep consistent with sort of the, you know, kind of lean, you know, light go-to-market model that SolarWinds has always pioneered. Thank you guys very much.

Yeah, Rob, I mean, As it relates to our subscription offerings, like you said, we've been agnostic. At the end of the day, we want the end user to have the ability to purchase under either a subscription arrangement or under our traditional license maintenance agreements, right? And we're not going to change that. However, from an investment standpoint, we are going to put more dollars behind some of our on-premises products, and we're going to try to make that a priority as we move forward.

Appreciate it again.

Your next question comes from the line of Kurt Matern with Evercore ISI.

Hi, guys. How you doing? This is actually Peter Berkley. I'm for Kurt. Thanks for taking the time to answer a few questions here. My first one is, and apologies if I missed any prepared remarks, but just wondering if you guys have any update just on the timing of the spin out of the MSP business.

So, yeah, we're still expecting that spin-out to happen sometime in the second quarter.

Okay, great. Awesome. And then just one quick follow-up. Just wondering, I mean, it sounds like the cyber attack had more of an impact on the licensing piece of the business, which makes sense. But I'm just wondering if it had any impact on the MSP business at all as well.

You know, there was a slight impact in January just as some of our MSP partners and some of their end customers assessed, you know, the potential impact. You know, once we were able to, you know, assure them that none of our MSP products were part of the cyber attack, we started to see the MSP business get back to its form.

Okay, great. Awesome. That's helpful. All right, thanks very much, guys.

Your next question comes from the line of Mohik Gavya with Barclays.

Hey, guys. Thanks for taking my questions as well. I was wondering if you can, I mean, when you initially discussed and announced the spinoff last year, you had a framework for the SolarWinds standalone poster spinoff and the MSP business. what the growth and profitability framework and profile will look like, right? Now the systems have changed somewhat. I mean, you're discussing some incremental investments in security and also product-related investments, right? So just wondering if you can sort of like maybe touch upon if any goalposts have moved. So I think SolarWinds, standalone, you had discussed a low to mid single-digit score in the mid to long term. MSP business, I think you had discussed mid to high teens. But just curious, actually, if you can update us how you're thinking about the two separate businesses post the spin-off in terms of growth versus profitability. And then I have a follow-up question. Thank you.

Yeah, I mean, one of the reasons why we didn't provide, you know, full-year guidance is because there's still a certain amount of uncertainty as it relates to the revenue side of our business. You know, the goal is to continue, you know, when we split the MSP business and the core IT business, to have two separate companies. They'll have two, you know, somewhat different financial profiles, the core IT business, We talked about being a mid to high single-digit grower. That will obviously be impacted as it relates to the cyber attack in 2021. But we think that those impacts will be short-term in nature. And we think as we move into 2022, we will continue to look like the company we talked about when we announced the MSP spend last year.

Yeah, operator, let's take one more question.

Okay, you do have a follow-up with Sterling Aldi with J.P. Morgan.

Yeah, thanks, guys. So just actually on the spin, I've gotten a number of questions from investors around if there's any change or update in thinking in terms of how the two companies would be capitalized. In other words, where would the debt actually go and would there be any need for any financing actions along through that process?

You know, Sterling, we're still looking at the potential capital structures of both of the businesses long-term and post-spend. So when we move into the second quarter, we'll have more discussion around that. Perfect. Thank you. All right.

There are no other questions at this time.

Okay. Thank you again, everyone, for joining us. And we'll be in touch.

This concludes today's conference call. You may now disconnect.