Qualys, Inc. (NASDAQ:QLYS) Q1 2024 Earnings Call Transcript May 7, 2024
Qualys, Inc. misses on earnings expectations. Reported EPS is $1.05 EPS, expectations were $1.31. Qualys, Inc. isn’t one of the 30 most popular stocks among hedge funds at the end of the third quarter (see the details here).
Operator: Good day and thank you for standing by. Welcome to the Qualys First Quarter 2024 Investor Call. At this time, all participants are in a listen-only mode. After the speakers’ presentation, there will be a question-and-answer session. [Operator Instructions]. Please be advised that, today’s conference is being recorded. I would now like to hand the conference over to your speaker today Blair King. Please go ahead.
Blair King: Good afternoon and welcome to Qualys’ first quarter 2024 earnings call. Joining me today to discuss our results are Sumedh Thakar, our President and CEO; and Joo Mi Kim, our CFO. Before we get started, I would like to remind you that our remarks today will include forward-looking statements that generally relate to future events or our future financial or operating performance. Actual results may differ materially from these statements. Factors that could cause results to differ materially are set forth in today’s press release and in our filings with the SEC, including our latest Form 10-Q and 10-K. Any forward-looking statements that we make on this call are based on assumptions as of today, and we undertake no obligation to update these statements as a result of new information or future events.
During this call, we will present both GAAP and non-GAAP financial measures. A reconciliation of GAAP to non-GAAP measures is included in today’s earnings press release. And as a reminder, the press release, prepared remarks, and investor presentation are available on the Investor Relations section of our website. With that, I’ll turn the call over to Sumedh.
Sumedh Thakar: Thank you, Blair, and welcome to our first quarter earnings call. Qualys delivered another quarter of healthy revenue growth, strong profitability, and cash flow generation reflecting our ongoing commitment to rapid innovation and customer success. Given the accelerated growth in scope and complexity of cyber threats alongside an intensifying regulatory environment, Boards and C-level executives are increasingly focused on the business outcome of cybersecurity. This requirement makes seamlessly integrated security solutions a necessity for customers to effectively measure, communicate, and fortify their security posture. We believe the Qualys Enterprise TruRisk Platform, designed to reduce friction, risk, and cost, provides organizations with a foundational risk management platform for the future and serves as a structural competitive advantage for both our customers and for Qualys.
As a result, our VMDR solution with TruRisk is not only fueling new logo lands, but also increases platform adoption, especially in the areas of Cybersecurity Asset Management with External Attack Surface Management, Patch Management, and Cloud Security. In Q1, Healthcare, technology, retail and financial services verticals all demonstrated strong VMDR demand with large deal sizes. Further underscoring the power of our platform, I’ll take a moment to share a couple of examples of how our customers and partners continue to expand their use of Qualys’ capabilities to consolidate their security stacks. On the customer front, a marquee high six-figure bookings enterprise customer win in Q1 was with a leading Business Services Company in the Forbes 1000.
This customer expanded its VMDR with TruRisk and Patch Management deployments while adopting Cybersecurity Asset Management with EASM as part of an initiative to detect end-of-life and end-of-service software, monitor sub domains of its infrastructure and transform its IT security architecture while replacing point solutions from three vendors with a single platform. The ability of this customer to significantly enhance its security program with comprehensive internal and external asset criticality, holistic risk scoring, ticketing and automated patching across its on-prem, cloud and container environments through a natively integrated platform and unified dashboard were all key differentiators compared to alternative next-gen and legacy technologies.
The next win demonstrates how Qualys helped an existing Forbes 100 manufacturing company standardize on the Qualys Enterprise TruRisk Platform and consolidate risk factors from different Qualys modules into a single risk score with business context. This existing VMDR and TotalCloud customer was struggling with connecting disparate asset management tools and business processes across several subsidiaries and environments and needed to gain better visibility into its attack surface to uniformly contextualize, communicate and manage risk. Recognizing the increased value they could gain by further consolidating on Qualys, this customer replaced its existing asset management tools and adopted our Cybersecurity Asset Management with EASM solution in a six-figure bookings upsell.
This customer is now leveraging multiple aspects of the Qualys Enterprise TruRisk Platform, spanning on-prem, cloud, and multi-cloud assets to quantify and prioritize risk reduction initiatives, increase organizational resilience, and give its CISO a peace of mind. Investing in our partner program continues to be a key pillar of our go-to-market agenda as it bolsters our capacity, harnesses transformative solution sales, and brings new business to Qualys. Through these investments, we continued to advance our evolving partner ecosystem with two leading Managed Security Providers in North America. One recently expanded its offerings beyond VMDR to include our Patch Management capabilities, and the other standardized on Qualys as its preferred partner for VMDR, Cybersecurity Asset Management with EASM, and Patch Management spanning both its federal and commercial verticals.
The latter of these two wins is a testament to the investments we’re making to expand our Federal business and we’re looking forward to hosting our first public sector cyber risk conference later this month. And, with nearly 50 partners already on our recently announced new MSSP partner portal to simplify their operations, launch and manage Qualys’ capabilities, and significantly reduce remediation times for their customers, we are increasingly well-positioned to expand our reach to customers of all sizes. Additionally, we strengthened our alliance with a leading systems integrator, which is now actively bringing our TotalCloud CNAPP solution to customers. We believe the broad expansion of our partner program over the past several quarters continues to reflect our strengthening brand awareness, strategic position, and value proposition in the market.
With tightly integrated solutions delivered through a natively integrated platform to solve modern security challenges, more and more Qualys customers are beginning to understand how cybersecurity transformation drives better security outcomes, saves time, and costs less. As a result, customers spending $500,000 or more with us in Q1 grew 19% from a year ago to 192. Since our inception, driving innovation is at the core of Qualys’ mission. We are excited with our upcoming Enterprise TruRisk Management application which marks the next phase of expansion of our platform, building on top of the success we have seen with VMDR with TruRisk. The ETM capability will enable VMDR customers to upgrade to a more holistic cyber risk management platform that goes beyond vulnerability management.
The Enterprise TruRisk Management solution holistically aggregates and normalizes trillions of first and third-party data signals, correlates risk factors with asset, threat and business context; detects, visualizes, quantifies, and prioritizes risk, and makes remediation frictionless and immediate with a simple click of a button. With these newest capabilities all natively integrated on a single unified dashboard, Qualys is once again well-armed with powerful new platform capabilities that broadly measure, communicate and remediate risk across the entire attack surface, including IT, OT, applications, cloud and multi-cloud assets. Moreover, our comprehensive AI-powered insights are now converting detected risks into optimized remediation actions across our platform solutions with our out-of-the-box, instant and actionable insights mapped to an organizations own data to preemptively reduce risk in their environments.
The feedback from many of the CISOs I met with at our recent QSC EMEA event in London has been quite positive with respect to their deployment agendas, excitement about the rapid pace of new capabilities we’re delivering, and their ability to monitor and measure risk reduction ROI from their cyber security spend. Further advancing our TruRisk capabilities, I’m pleased to announce we recently brought MITRE ATT&CK Matrix Prioritization into The Qualys Enterprise TruRisk platform. By combining over 25 sources of threat intelligence with the MITRE ATT&CK framework, we are now further enabling organizations with a holistic attacker-centric view to predict and identify critical risks to their business based on ATT&CK tactics and techniques. With this advancement, we believe Qualys stands out as the only enterprise-scale solution to combine contextualized risk quantification and the MITRE ATT&CK framework to help organizations proactively prioritize, manage, and reduce cyber risk with enhanced detection, integrated risk quantification and automated response for a threat informed defense in a single platform.
Continuing this pace of disruptive innovation, we are now organically unifying Cloud Infrastructure Entitlement Management CIEM into our TotalCloud CNAPP solution. With this new capability, customers can manage cloud identities, entitlements, and enforce the principal of least-privileged access to cloud infrastructure and resources. Combined with additional newly introduced capabilities, such as Container Runtime Security and Kubernetes Posture Management, we’ve created what we believe is one of the most comprehensive cloud-native security solutions in the market with a unified, actionable dashboard for immediate threat prioritization and remediation from build through runtime with built-in drift detection capabilities. Finally, as we continue to extend our technology leadership across the entire platform, I am pleased to announce our Cybersecurity Asset Management 3.0 solution with highly differentiated new capabilities in External Attack Surface Management and third-party integration for comprehensive asset inventory.
With these innovations, security teams can now leverage our patent-pending technology to reduce accuracy and detection gaps with immediate lightweight vulnerability scanning, seamlessly attribute previously unmanaged external assets to the organization with confidence, and evaluate asset-based business risk per subsidiary or acquired entity. Combining this unique approach to EASM with integrated TruRisk scoring capabilities and actionable dashboards to proactively manage tech debt further strengthens our position in the market while enabling customers to de-risk the entire attack surface. In summary, companies uniformly recognize security transformation is fundamental in combating today’s heightened threat and regulatory environment. As a result, customers are increasingly looking to reduce their risk exposure through the adoption of a natively integrated risk management platform instead of deploying a collection of disparate point solutions stitched together through the invoice.
We believe that with our organically integrated, cloud native platform built to holistically measure, communicate and ultimately eliminate cyber risk; Qualys is laying a foundation for future growth and is well-positioned to drive long-term shareholder value with a balanced approach to growth and profitability. With that, I’ll turn the call over to Joo Mi to further discuss our first quarter results and outlook for the second quarter and full year 2024.
Joo Mi Kim: Thanks, Sumedh, and good afternoon. Before I start, I’d like to note that, except for revenue, all financial figures are non-GAAP, and growth rates are based on comparisons to the prior year period, unless stated otherwise. Turning to first quarter results, revenues grew 12% to $145.8 million with channel continuing to increase its contribution, making up 45% of total revenues compared to 43% a year ago. As a result of our continued commitment to leverage our partner ecosystem to drive growth, we were able to grow revenues from channel partners by 18%, outpacing direct, which grew 7%. By geo, 13% growth outside the U.S. was ahead of our domestic business, which grew 11%. Looking ahead, we expect our U.S. and international revenue mix to remain roughly at 60% and 40%, respectively.
Turning to land-and-expand results, we continued to witness deal scrutiny persisting for many organizations with the upsell environment remaining challenging, resulting in 104% net dollar expansion rate, down from 105% last quarter. Offsetting this was a positive growth trend in new business, achieving double-digit growth rate for the third consecutive quarter. As we continue to prioritize increasing market share in 2024, we plan to launch new customer acquisition campaigns and incentives in addition to streamlining sales cycle and operations with better use of technology and systems. In terms of product contribution to bookings, Patch Management and Cybersecurity Asset Management combined made up 13% of LTM bookings and 23% of LTM new bookings in Q1.
With the rapid pace of innovation associated with our TotalCloud CNAPP offering, our Cloud Security solutions made up 4% of LTM bookings. We attribute this success to an increasingly complex threat and regulatory environment that underscores the relevance of our Enterprise TruRisk Platform to holistically assess, manage and remediate risk. Turning to profitability, adjusted EBITDA for the first quarter of 2024 was $69 million, representing a 47% margin, compared to a 45% margin a year ago. Operating expenses in Q1 increased by 5% to $56.8 million, primarily driven by an 11% increase in Sales & Marketing investments. As we continue to increase our investment intensity and focus on Sales & Marketing enablement, customer success, and productivity, we believe we will be able to drive wallet share and long-term returns while balancing growth and profitability.
EPS for the first quarter of 2024 was $1.45, and our free cash flow was $83.5 million, representing a 57% margin, compared to 48% in the prior year. In Q1, we continued to invest the cash we generated from operations back into Qualys, including $2.1 million on capital expenditures and $18 million to repurchase 105,000 of our outstanding shares. As of the end of the quarter, we had $265.7 million remaining in our share repurchase program. With that, let us turn to guidance, starting with revenues. For the full year 2024, we are now expecting our revenue to be in the range of $601.5 million to $608.5 million, which represents a growth rate of 8% to 10%. This compares to revenue guidance of $600 million to $610 million last quarter. For the second quarter of 2024, we expect revenues to be in the range of $147.5 million to $149.5 million, representing a growth rate of 8% to 9%.
This guidance assumes continued deal scrutiny resulting in a tougher upsell environment partially offset by investments in the business to drive new customer growth. Shifting to profitability guidance, for the full year 2024, we continue to expect EBITDA margin to be in the low 40s, and free cash flow margin in the mid-30s. We expect full year EPS to be in the range of $5.06 to $5.30, up from the prior range of $4.95 to $5.27. For the second quarter of 2024, we expect EPS to be in the range of $1.27 to $1.35. Our planned capital expenditures in 2024 are expected to be in the range of $13 million to $18 million; and, for the second quarter of 2024, in the range of $4 million to $6 million. Consistent with prior guidance, for the remainder of 2024, we intend to align our product and marketing investments to focus on specific initiatives aimed at driving more pipeline, enhancing our partner program, expanding our federal vertical, and supporting sales while maintaining a disciplined approach to unit economics.
As a percentage of revenues, we expect to prioritize an increase in investments in Sales & Marketing as well as related support functions, systems, and people with more modest increases in engineering and G&A. In conclusion, in Q1, we delivered healthy top-line growth and industry-leading profitability while making progress in executing our long-term strategic agenda. With our comprehensive risk management platform delivering immediate time to value for our customers, we are confident in our ability to deliver on our growth opportunity long-term and remain committed to maximizing shareholder value. With that, Sumedh and I would be happy to answer any of your questions.
See also 20 Best Business Ideas According To Reddit and Largest Insider Buys: Top 10 Stocks.
Q&A Session
Follow Qualys Inc. (NASDAQ:QLYS)
Follow Qualys Inc. (NASDAQ:QLYS)
Operator: Thank you. [Operator Instructions]. Our first question will come from the line of Mike Walkley from Canaccord Genuity. Your line is open.
Daniel Park: Hey guys, good afternoon. It’s Daniel on from Mike. Thanks for taking the question. So it seems like that dollar retention came down a little bit to 104%. I think you guys called out the tough upsell environment despite the new or I guess improvements in new additions. Could you just provide maybe some color for us on what’s impacting your upsell business and some of the changes you’re making to make some improvements here?
Sumedh Thakar: That’s a great question. So with existing customers who have invested with Qualys and other security platforms, they are continuing to work with us to in many cases, sort of optimize the, spend that they have done with Qualys continuing to get additional value. We talked a little bit about this last time, in some cases, they might be looking at adjusting some of the VMDR licenses, but bringing in patch management and cybersecurity asset management as part of that, which is where you see the percentage of bookings that are going up. So which overall, in the longer-term is good because it gives us an opportunity to introduce additional products in smaller quantities right now that will help us get the upsells to be better and increasing in the future.
But currently it is — the review times are long as they have been, and customers just continue to take longer to make decisions on larger projects where they’re looking to bring on, like a whole new product from Qualys. And that’s where we are working with them to, first of all, make sure that we are putting some of our marketing engine behind generating additional opportunities. We are doing a lot of CISO education right now. The CISO Connect program, CISO recently launched have been quite helpful as we talk the language of risk management, which is really where our ETM platform is quite interesting for the CISOs, which is all of our CISO events recently have been completely overbooked because they really want to come in and talk more about how policy is going to help them with cyber risk quantification and being able to look at cyber risk holistically and then eliminate that.
So there’s a few things that we’re doing on that side. But right now, while new business, we’re seeing good execution. We do definitely see opportunity for us to execute better in the tougher climate that we’re seeing for upsells with existing customers.
Daniel Park: Great. And just as a quick follow-up, maybe Joo Mi for you. Joo Mi, could you maybe walk us through some of the assumptions within your decision to narrow the full year revenue guidance band?
Joo Mi Kim: Yes. The primary reason why we decided to narrow it was just because Q1 became more or less in line with what we had anticipated at the mid-point of the revenue guidance. And the way we see it right now is, of course, we had hoped to do a little bit better with the net dollar expansion rate having ticked down by a percentage. And the underlying assumption for the full year revenue guidance is that we don’t anticipate any material improvement in the net dollar expansion rate today, especially because we do see continued challenges, kind of at least continuing into Q2. So because of that, we’re assuming that net dollar expansion rate stays as it is or maybe take down a percentage. On the new business though, we are seeing some trends where we’re pleased to see the traction in the business today, but love smaller numbers.
It is a smaller portion of our business. So even if it continues at the current growth rate that we see today, it won’t have a material impact in terms of the uplift to revenue.
Operator: One moment for our next question. And our next question will come from the line of Shrenik Kothari from Baird. Your line is open.
Shrenik Kothari: Hey, thanks for taking my question. So Sumedh, you mentioned that you’re looking to expand the federal business and expand the public sector presence and kind of hosting your first public sector conference. Just curious like can you elaborate on the traction of the GovCloud platform so far? What trends are you seeing there and how has it performed relative to your expectations? And can you discuss like the opportunity that you see in terms of expanding it within the public sector?
Sumedh Thakar: Yes, great question. Look, the opportunity in the federal is definitely large and we are really working towards investing in the right way so that we can take advantage of that opportunity. And so from that perspective, we have recently hired a leader for federal that we’re happy about, funded our federal team. We have hired somebody to focus on federal marketing. As you can see, we’re really putting in place our first conference for federal, which already we have over 200 people who signed up more than what we were anticipating from a capacity perspective. So those are really positive signs. In the last few quarters, we’ve talked about certain wins that we have had with government, federal government agencies.
So the way we look at that is it’s an extremely small percentage of our overall bookings and we have a good opportunity to grow in that direction. And so we’re making the right investments. But of course, as it is with the federal market, it is something that takes time and we are building the relationships with partners. As you can see, we signed up our federal partner that’s taking Qualys and our patch management along with VMDR, two agencies we invested in the FedRAMP program. So we have already FedRAMP moderate, which we have a large number of ATO’s from many government agencies that are providing is ATO. And then we are on track now working with the PMO’s office to get our FedRAMP High final certification. We are already FedRAMP High ready right now.
And so once you get our FedRAMP High certification by which we anticipate towards the end of the year that is something that will give us even additional opportunity to take our GovCloud platform deeper into more agencies that are looking to go and modernize their infrastructure and go into a federal sort of a SaaS platform and move out of current very heavily on-prem solutions. And so with the FedRAMP High that will enable us to be the only FedRAMP High vulnerability and patch management combined solution together that will be available for these customers. And as we saw with some of our federal wins as well, the reason for them to change out the current provider is because the current providers are only doing scanning and they have to have a separate patch management tool.
So even in the federal government, some of the recent wins that we have seen have enabled us to feel confident in our direction, so that we can continue to take the Qualys combined platform with patch management, et cetera. And this is something that federal agencies are also looking for to reduce their Tool Sprawl as well as expand into the cloud environment as well. So it’s an area that we are continuing to invest. We’re just at the very early stages of that investment and we are pleased with the traction that we are seeing in this early stage.
Shrenik Kothari: Got it, helpful. Thanks for the detailed color, Sumedh, and quick follow-up for Joo Mi. So you mentioned that you guys of course, plan to launch new customer acquisition campaigns. Can you elaborate who are you targeting and where is the increase in investment intensity in S&M going in? Is it going to be more focused on sales incentives geared towards new logos, more — much more headcount growth, partnership investments, of course, public sector? Just curious, like how are you increasing the investment intensity there?
Joo Mi Kim: Yes. So our priority has been for a while to grow our new business. And it’s part of the reason why we were really pleased to see the continued traction and the momentum and the way we see it right now where we’ve been really successful is on the enterprise side because that’s where our strength is. However, we’re pleased to see traction on both the enterprise and SME and SMB. And the way we are planning to continue to invest to support that growth is, number one, we are planning to hire more sales reps to support that growth and that’s one of our initiatives. We are planning to increase our sales and marketing headcount by double-digits this year as we had planned before. So that hasn’t changed. Number two, our partner channel, it’s been really successful for us.
We’re seeing increase in investments in several different funds, including the MSSP portal that we just announced as well as deal reg. It continues to be healthy and continues to increase. And our continued kind of revision the incentive structure, whether it’s partner or direct to make sure that it’s structured in a way to incentivize both direct and indirect sales force to really drive a new local growth.
Operator: One moment for our next question. Our next question will come from the line of Patrick Colville from Scotiabank. Your line is open.
Joe Vandrick: Hi, this is Joe Vandrick on for Patrick Colville. So it seems like cloud security is a big opportunity for Qualys. And you mentioned the CNAPP solution getting some solid market traction. Are you typically selling it as a bundle or are customers’ kind of deciding to buy each solution separately? And then part two of that question, are you seeing stronger demand within any one area of CNAPP, for example, CSPM or workload protection or maybe something else?
Sumedh Thakar: Yes, that’s a great question. Look, I think there is no organization out there that is cloud-only. And so every time they look at their infrastructure, they have to do cloud and non-cloud assets together. And that’s really where we see the advantage for Qualys is when they combine the VMDR capabilities on on-prem assets and then are able to use the exact same platform and expand that licensing into the cloud as well. It just makes it a lot more seamless. They get the benefit of higher volume pricing and it gives them the ability to combine the risk from their cloud and on-prem platforms together in one place. And so from — and that’s why it’s interesting for us to see that why — even in our new logo lands, customers are starting to buy the TotalCloud solution combined with VMDR upfront in the first purchase itself.
And so while its early days, that’s quite encouraging for us. We continue to work with our existing customers who have VMDR to expand those capabilities into cloud. In some cases, they don’t have any good cloud security solution. In other cases, we are displacing some of the cloud-only solutions because they need a visibility that is broader than that. Our pricing for the cloud solution given that the assets are so ephemeral, agents are so ephemeral in the cloud environment. It allows them to be flexible with the way that they can consume the cloud licenses and so that way they can use it for CSPM. They can use the same credits that they have purchased for container security; they can use the same for Cloud Identity. So the recent Cloud Identity module that we just announced is another expansion into the cloud native platform.
And so it’s a maturity level question for organizations. Organizations that are very early in the journey right now are focusing initially on the CSPM part of TotalCloud. Those who are more mature are also taking the workload protection part and then those who are going beyond that are also looking at other things like our ability to detect malware in the cloud in real time, our ability to expand uniquely into SaaS environments for SSPM, which is also part of our TotalCloud where we can do SaaS posture assessment. And then now, we are looking forward to getting these customers access to our cloud identity entitlement management as well. And so there’s a lot that we are now focusing on driving both from marketing and sales enablement perspective for us to create more opportunities on the TotalCloud side.
But we definitely are pleased with the conversations and traction that we’re seeing in the early days of this push that we are making across our sales force.
Joe Vandrick: That’s helpful. Thanks, Sumedh. And maybe one for Joo Mi if I could. How should we think about capital allocation priorities over the next year? Looks like you bought back about $18 million worth of shares in the quarter, which is a bit of a step down compared to last quarter and last year. So just curious what it would take to see you get more aggressive on share buybacks.
Joo Mi Kim: Our share buyback is based on the grid that we have in place right now and that we really think of it from the perspective of making sure that we can offset the equity dilution from the grants that we’re making. And as you can see, in the last couple of years, our dilutive also has been decreasing consistently incrementally. So the way we think about our cash and the utilization of excess cash is really looking at into 2024, we are anticipating more and more many opportunities, especially at a valuation that we think that makes sense for us. And so we are going to be taking a look at potential acquisition targets opportunistically and then taking action leveraging our balance sheet.
Operator: Thank you. One moment for our next question. And our next question will come from the line of Joshua Tilton from Wolfe Research. Your line is open.