CyberArk Software Q2 2024 Earnings Call Transcript

There are 11 speakers on the call.

Operator

Good morning, and welcome to the Second Quarter 2024 CyberArk Software Earnings Conference Call. All lines have been placed on mute to prevent any background noise. After the speakers' remarks, there will be a question and answer session. Thank you. I would now like to turn the call over to Sri Anantha, Vice President, Investor Relations.

Operator

Please go ahead.

Speaker 1

Thank you, operator. Good morning. Thank you for joining us today to review CyberArk's Q2 2024 Financial Results. With me on the call today are Matt Cohen, our Chief Executive Officer and Josh Siegel, our Chief Financial Officer. After prepared remarks, we will open up the call to a question and answer session.

Speaker 1

Before we begin, let me remind you that certain statements made on the call today may be considered forward looking statements, which reflect management's best judgment based on currently available information. I refer specifically to the discussion of our expectations and beliefs regarding our projected results of operations for the Q3 full year 2024 and beyond. I also refer to our expectations and beliefs regarding our proposed acquisition of Genify. Our actual results might differ materially from those projected in these forward looking statements. I direct your attention to the risk factors contained in the company's annual report on Form 20F filed with the U.

Speaker 1

S. Securities and Exchange Commission and those referenced in today's press release that are posted to CyberArk's website. CyberArk expressly disclaims any application or undertaking to release publicly any updates or revisions to any forward looking statements made herein. Additionally, non GAAP financial measures will be discussed on this conference call. Reconciliations to the most directly comparable GAAP financial measures are also available in today's press release as well as in an updated investor presentation that outlines the financial discussion in today's call.

Speaker 1

A webcast of today's call is also available on our website in the IR section. With that, I would like to turn the call over to our CEO, Matt Cohen.

Speaker 2

Thanks, Sri, and thanks, everyone, for joining the call today. We started the year with a clear vision and strategy to strengthen our position as the Identity Security Company. In the Q2, we executed against this strategy exceptionally, and the results exceeded expectations with momentum continuing to build across all aspects of our business. After a strong first half to the year and with our proposed acquisition of Venafi in the second half on track, we are well positioned to extend our leadership across all identity use cases with our industry leading platform and solutions. More on Venafi later, but first, a few highlights from our strong second quarter.

Speaker 2

Net new subscription ARR was 56,000,000 dollars That's a record outside of our seasonally strong Q4. Subscription ARR of $677,000,000 grew 50% year over year. Total AR of $868,000,000 grew 33% year over year. And our Q2 results significantly exceeded guidance across revenue, operating income and EPS. We delivered record total revenue of $224,700,000 growing 28% year over year.

Speaker 2

Non GAAP operating income came in at $23,700,000 highlighting the operating leverage in our business model. Non GAAP earnings per share was $0.54 and we are pleased to report $41,700,000 in free cash flow or a 19% free cash flow margin for the quarter, another proof point of the subscription flywheel effect and the power of our business model. We are incredibly proud to be among an elite class of software companies that delivered faster than 30% ARR growth, increased net new ARR year over year and drove meaningful upside in profitability and free cash flow. That's a testament to our relentless focus on driving profitable growth, our expanded position as the leader in Identity Security and the unique value proposition of our unified Identity Security platform solving clear and present needs for the CISOs around the world. The strength of our results and business momentum gives us the confidence to raise our guidance for the full year 2024 on all metrics, which Josh will discuss later.

Speaker 2

Today, CISOs recognize that traditional methods of securing identity no longer work. Three forces, new identities, new environments and new attack methods are fundamentally redefining the market. The modern enterprise has to secure 4 different types of identities or personas with each one having unique challenges and levels of complexity. The 4 groups are workforce, IT, developers and machines. These identity groups are increasingly accessing heterogeneous targets located on prem and in hybrid and multi cloud environments, meaning security has moved from perimeter based to identity centric.

Speaker 2

Given this complexity, it's no surprise that in today's threat landscape, all roads lead back to identity. Last year, 93% of organizations were victims of an identity related cyber attack and nearly all of them more than once. As I talk with customers and experts around the world, it's evident that a new paradigm for securing identity is required. This new paradigm centers around our fundamental vision that every identity, human and machine, needs to be secured with the right level of privileged controls. CyberArk's unified end to end platform is the only one to deliver on this vision.

Speaker 2

Increasingly, this is resonating with customers and it's driving tremendous business momentum and fueling our growth. In Q2, the strength of our platform and land and expand execution resulted in strong close rates and robust pipeline build. Customers are allocating significant portions of their budget to Identity Security, consolidating spend and most importantly consolidating trust with CyberArk. As an example of all these factors coming together, we can look at our strategic customer protest. Less than a year ago, the international government guests.

Speaker 2

Less than a year ago, the international government agency landed as a new logo with a 7 figure deal that secured IT users with PAM, workforce identities with identity and EPM and machines with secrets management. Since then, they have grown with CyberArk. And this quarter, they further expanded their workforce protection with another 7 figure ACV deal. The deep relationship we have formed with ProDesk and the speed of expansion after initial land shows the power of our identity security platform and how it is well aligned with what great organizations like Prodesk need to do to be secure. As the scope of PAM programs continues to expand to include shadow IT, database and cloud administrators as well as high risk workforce users, we are continuing to help our customers modernize their identity security programs with broader, more agile, privileged controls across these personas.

Speaker 2

In a rip and replace new logo win, a leading biotechnology company signed a 6 figure deal to replace a competing PAM vendor. CyberArk's comprehensive identity security platform was a key differentiating factor as the customer wanted to modernize not just the protection of the IT user with privileged cloud, but also enhance security for their workforce with workforce password manager and protect machine identities with secrets management. Every organization today has a substantial and rapidly growing developer population. In the pursuit of speed and efficiency, developers are often afforded always on privileges with only light if any security in place. Here too, we have to shift the paradigm to 1 of security first without interfering with the developers' pace of innovation.

Speaker 2

At the foundation of our developer solution is our secure cloud access or SCA functionality. SCA applies the principle of least privilege access to developers, data scientists and cloud engineers, while allowing them to work natively and efficiently without having to change their preferred workflow. In the Q2, we continue to see strong traction with this offering. In a deal that included SCA and Privileged Cloud, leading enterprise software company SAP saw standing access, just in time access and 0 standing privilege from a unified solution as the key differentiator for choosing CyberArk. With SCA, they can now seamlessly enable a zero standing privilege approach while fully securing their modern cloud environments.

Speaker 2

On the spectrum of identities, the need to do things differently is especially top of mind for securing workforce users. Each workforce identity is more powerful today than ever before and can become privileged throughout the workday. Traditional SSO and MFA functionality on their own don't provide the security needed as evidenced in many high profile breaches. In the Q2, our workforce solution was once again one of the strongest performers because we are solving this critical customer problem. We reimagined workforce identity by wrapping MFA and SSO with more controls that secure web sessions, the browser and manage passwords.

Speaker 2

In addition, workforce protection extends to the endpoint with endpoint Privilege Manager. The following two deals showcase the power of bringing privileged controls to the workforce. A U. S. Financial services company who's a long time site where customer had a need to keep its workforce more secure by managing passwords.

Speaker 2

With WPM, they can now do exactly that. The ability to add secure browser and secure web sessions on top of their existing vendors, SSO and MFA, means they can also benefit from the additional security layer of CyberArk's broader access suite that's integrated within our platform. In a different example of the importance of least privilege at the endpoint when securing the workforce, a major aviation company chose to protect their workforce workstations by implementing our EPM solution. Choosing to deploy EPM with our FedRAMP High certification, they landed with a high 6 figure deal that closed through the AWS marketplace. In machine identity, we had an outstanding quarter and our momentum continues to build.

Speaker 2

Underpinning our current machine identity solution are ConjurCloud and SecretSite, which when combined empower the developer with agility and security within their native workflow. In one outstanding deal from the quarter, a major airline who is a long standing cyberware customer recognized the need to move its secrets management strategy within the security team's remit. We quickly demonstrated the value of CyberArk Secrets Hub resulting in a mid 6 figure ACV deal. We believe that the market for protecting machine identities is inflecting and we have increasingly heard from customers that there's an urgent need to protect all machine identities. Machine identities themselves are growing exponentially due to the increase in cloud computing and the rise of AI.

Speaker 2

The machine identity landscape is also becoming more complex with increasing regulatory scrutiny and emerging standards like Google's guidance to rotate certificates every 90 days. All of this is happening as machine identities are increasingly targeted by adversaries as a weak point in organizational security controls. We are very excited to be building out and expanding our leadership position in machine identities with the pending acquisition of Nify, which is undergoing regulatory review. All machine identities need to be discovered, secured, managed and automated to keep their connections and communication safe. Venafi's machine identity management solutions are complementary to CyberArk with no technology overlap.

Speaker 2

We believe that by combining our secrets management with Venafi's modern machine identity management, Certificate Lifecycle Management and SSH Key Management, we will set a new standard for end to end machine identity security. As you can see from these deal examples, our platform provides the ability to land in multiple spots and with multiple products. In the Q2, we signed 245 new logos and approximately half of these new logos landed with 2 or more solutions. In other words, customers are protecting multiple types of identities with CyberArk from day 1. In addition, we had a strong quarter of expansion within our base across all our solutions, but machine identities with secrets management and workforce identities with our access offerings were particularly strong.

Speaker 2

At Impact, our marquee customer event held in May, attendance was up more than 25% compared to last year. We showcased that we are the front runner in innovation and are expanding the capabilities of our Identity Security platform, all serving our fundamental vision of securing every identity, human or machine, with the right level of privilege controls. We announced exciting product innovations across the whole portfolio, but I want to highlight 2 of them here: CoreAI and ITDR. CyberArk's CoreAI provides identity security focused artificial intelligence embedded within our identity security platform. Our unique data set on the behavior of all identities enables Cora AI to do more and ultimately effectively analyze sessions, detect threats and recommend action.

Speaker 2

In addition, user and admin lives are made easier and adoption is faster with an Identity security assistant that understands natural language. This will fundamentally transform how users interact with our platform, significantly reducing the time it takes to deliver critical information and analysis. Identity Threat Detection and Response or ITDR is sometimes discussed as a separate market or product. We at CyberArk believe ITDR capabilities need to be part of a broader platform. They should not just be about monitoring the vendor's infrastructure or limited to Active Directory.

Speaker 2

They need to look across all identities to detect identity risk and then be able to take automated response before damage is done. Our ITDR capabilities powered by CoreAI will detect and identify risky behavior, anonymous use of secrets and much more. The powerful combination of CoreAI and ITDR enhances security, improves resiliency, drives increased productivity and enhances engagement with our platform. In summary, I want to leave you with the following takeaways from today's. 1st, momentum continues to accelerate in our business.

Speaker 2

Identity security is a top priority for CSOs and customers are consolidating spend with CyberArk. 2nd, our solution selling is increasing our momentum in the market. Applying the right level of privilege controls to every identity is a security imperative that is recognized by Boards, by the C suite, security teams and increasingly by operations and developers. 3rd, we are leading the charge when it comes to thought leadership and execution in the identity security space. Our ongoing innovation and pending acquisition of Venafi will further extend our leadership position and competitive moat and help further solidify our position as the Identity Security Company.

Speaker 2

And lastly, we are executing. Deals are progressing at a faster pace and our close rates remain strong, a clear testament to the fact that customers are allocating budgets to Identity Security. Momentum continues to build across our entire business and the strength of our platform is driving our outstanding results. With our 28% revenue growth and our 19% free cash flow margin, we were a solid rule of 40 company in Q2. I'll now turn the call over to Josh, who will talk about our strong financial results and the increase in our yearly guidance.

Speaker 3

Thanks, Matt. Q2 was another strong quarter for CyberArk. Once again, we exceeded our guidance across all metrics, highlighting our strong execution and durable demand for our identity security platform. We delivered strong net new ARR growth, 2 45 new logos, solid top line growth and our subscription flywheel is helping us drive robust operating leverage and healthy free cash flow. Now moving into the results.

Speaker 3

Total revenue grew 28% year on year, reaching $224,700,000 and exceeding the top end of our guidance range. Annual recurring revenue reached $868,000,000 that's growing 33% year on year with $57,000,000 in total net new ARR. As expected, SaaS made up a larger share of our bookings in the 2nd quarter compared to the year ago period from last year. Subscription ARR grew 50% and reached $677,000,000 and is now 78% of total ARR. We added $56,000,000 in net new subscription ARR.

Speaker 3

That's an increase from the $49,000,000 in the Q2 last year and a record for any non Q4 quarter. Maintenance ARR was $191,000,000 Like for like conversion activity still represents a single digit percent of our year on year ARR growth. Our business continues to benefit from the momentum we are seeing in up selling and cross selling new solutions across our platform, which is a significant factor in our strong growth. In the Q2, the cohort of customers with more than $100,000 in ARR grew to nearly 1900. And the cohort with ARR of more than $500,000 is now over 3.40 customers that grew 38% year on year.

Speaker 3

Moving into the details of the revenue lines for the 2nd quarter. Recurring revenue reached $208,000,000 growing 32% year on year and accounting for 93% of total revenue continuing to go up from the 90% in the Q2 last year. Subscription revenue was $158,400,000 growing 49% year on year and representing 70 percent of total revenue. Maintenance and Professional Services revenue was $62,700,000 Of that, recurring maintenance revenue was $49,600,000 compared to $51,600,000 in the year ago period, and our maintenance renewal rates remained strong and in line with historic levels. Professional services revenue was $1,000,000 From a geographic perspective, all regions showed healthy growth.

Speaker 3

Americas was $129,200,000 growing 21% year on year. EMEA revenue was $69,900,000 up 39% year on year. And APJ revenue was $25,600,000 growing 40% year on year. All P and L items now will be discussed on a non GAAP basis. Please see the full GAAP to a non GAAP reconciliation in the tables of our press release.

Speaker 3

2nd quarter gross margin gross profit was $186,900,000 or 83.2 percent gross margin, that's up from 81.5% in the Q2 last year. In the second quarter, our operating income was $23,700,000 or 10.6 percent operating margin, also up compared to the operating loss of $5,600,000 in the Q2 of last year. The significant improvement from the year ago period highlights the inherent operating leverage of our business model. Net income came in at $26,100,000 or $0.54 per diluted share, also significantly outperforming our guidance and up from earnings per share of $0.03 in the year ago period. We ended June with 3,200 employees worldwide, including about 13.70 in sales and marketing.

Speaker 3

We are pleased to deliver another strong quarter of free cash flow, which was $41,700,000 in the 2nd quarter as compared to a negative $12,600,000 in the Q2 of last year. That means we have delivered $108,000,000 in free cash flow in the 1st 6 months of the year. That's well ahead of our expectations. We believe this is a clear demonstration of the inherent cash flow potential in our recurring revenue model. Before going into guidance, I want to briefly touch on our proposed Venafi acquisition, which is still expected to close in the second half of twenty twenty four.

Speaker 3

As we noted previously, Venafi had approximately $150,000,000 in ARR with more than 5.50 customers. Like CyberArk, about 95% of Venafi's revenue is recurring, adding to our durable subscription revenue model. Importantly, we expect Venafi to be immediately accretive to non GAAP margins. It's rare to find an acquisition opportunity that meets both strategic and financial objectives. We're confident with Venafi.

Speaker 3

We did exactly that. Now let's turn to our guidance. For the Q3 of 2024, we expect total revenue of $230,000,000 to $236,000,000 which represents 22% year on year growth at the midpoint. We expect non GAAP operating income in the range of $20,500,000 to $25,500,000 for the 3rd quarter. We expect our non GAAP EPS to be in the range of $0.38 to $0.49 per diluted share.

Speaker 3

Our guidance also assumes $48,200,000 weighted average diluted shares and about $12,000,000 in taxes. For the full year 2024, we are increasing our guidance across all our metrics. We now expect total revenue in a range of $932,000,000 to $942,000,000 representing 25% year on year growth at the midpoint of the range. As we look at our pipeline for the remainder of the year, SaaS continues and to be expected to lead the way. Reflecting the power of our subscription model and our continued commitment to driving operating leverage, we are increasing our full year operating income to a range of 100 $107,500,000 to $116,500,000 We expect our non GAAP earnings per share to be between $2.17 $2.36 per diluted share.

Speaker 3

We expect about 48,200,000 weighted average diluted shares and about $53,000,000 in taxes for the full year 2024. We are also raising our annual recurring revenue to a range of $985,000,000 to $995,000,000 at December 31, 2024, or about 28% year on year growth at the midpoint. We are significantly increasing our free cash flow guidance for the full year to a range of $145,000,000 to $155,000,000 that will represent 16% free cash flow margin at the midpoint. I want to note that our guidance for the Q3 and full year 2024 does not include contribution from the proposed acquisition of Venafi. We will update our guidance for the Venafi acquisition in the 1st quarterly earnings call after we close the transaction.

Speaker 3

To sum up, we are thrilled to report another strong quarter to finish out a strong first half of the year and confidently raise our guidance. We are pleased with the progress we have made towards closing the Venafi acquisition and look forward to the industry leader joining CyberArk later this year. With reporting now the 33% ARR growth, 11% operating margin, 19% free cash flow margin, we are firing on all cylinders. Identity security is a top priority for CISOs and our platform is a clear industry leader delivering tremendous value for our customers. And I will now turn the call over to the operator for Q and A.

Speaker 3

Operator?

Operator

Thank you. Your first question comes from the line of Saket Kalia with Barclays. Please go ahead.

Speaker 4

Okay, great. Hey, good morning guys. Thanks for taking my questions here and congrats on the strong execution.

Speaker 2

Thanks Saket. Appreciate it.

Speaker 4

Absolutely. Matt, maybe just to start with you. I think we all understand CyberArk's sort of undeniable leadership, right, in the PAM market. But I was wondering if you could just talk about how you feel like you're differentiating in areas like workforce identity and secrets management. Because during your prepared remarks, it just sounds like there's a lot more functionality that you could offer in at least those two areas versus competitors.

Speaker 4

But just wanted to hear how you think about that?

Speaker 2

Thanks Saket. I actually love that question. I might spend a little bit more time on answering it because I think it's core to kind of our growth strategy here is our ability to be able to differentiate on those two pillars versus the market competitors. So if we start with securing the workforce and you've heard me say this before, but we really have taken a stance that we need to reimagine how we secure workforce identities. And for a long time now, we've been securing the workforce, the general workforce with single sign on and multi factor authentication.

Speaker 2

And those are really important core security controls. And we offer it and the competitors offer it. But the reality is in this breach environment, we need to go beyond those basic security controls. We need to do things like extra security when a high risk user is accessing the increasing number of SaaS applications. That's our secure web sessions.

Speaker 2

And the idea there is a normal user who's going through their daily work, they can look like a regular user when they're accessing certain applications. But if you're the admin in HR accessing the Workday system, you're actually a high risk privileged user every time you go into that SaaS tool. And so we need to be able to wrap extra security controls for those use cases. We add in our secure browser. The idea of really enterprise grade security browsing for these users so that we can tie in things like cookie less browsing.

Speaker 2

We can have the ability to be able to monitor sessions. The idea of workforce password manager, which we heard us talk about in the release. So these ideas together into one integrated solution puts our package, our solution versus the competitors and the customers are increasingly saying, wait, I can get that, Why wouldn't I go with that? Because we need to think about how we substantiate a better security posture for the workforce. So we are having a higher win rate.

Speaker 2

We are seeing strong growth on the workforce side and you hear the excitement as I'm describing it. It's a similar story over on the machine side. I'd say it's a story that's even going to get better post Eventify acquisition. But here we're talking about the idea of how do we get control across the broad spectrum of machine identities that sit out there. And we can be talking about legacy applications that are still sitting in the data center.

Speaker 2

We can be talking about modern container based applications coming out of the developer group. We can even be talking about the idea of the microservices or the workloads that sit underneath all these modern applications. They all have identities. And we need to be able to make sure that we can discover them, we can secure them and we can manage them. But we have to do it in a way that's native to the workflow of the people who are actually building these applications.

Speaker 2

And our combination of ConjurCloud and Secret Hub allows us to differentiate both the ability to offer a full scale solution like Conjure Cloud, but also to be able to add or layer on top of the secret stores that sit within the hyperscalers AWS, Microsoft, Google, so that the developers can actually choose what tools they want to use, but security can layer the right controls on top. And you heard that in the example I used in the script of the airline, who basically made a decision that machine identity security was going to be under the control of the security team. And the minute that decision was made, CyberArk became the only choice. So I think this is what we're seeing out there in the market. And as we think about Venafi and the expanding opportunity to actually go certificates and other forms of machine identity, we just see a long runway of growth ahead of us.

Speaker 4

That makes a ton of sense. Josh, maybe for my follow-up for you, the inflection in free cash flow is just great to see. I know that billings isn't a metric that we've really focused on much in the past. But I'm just wondering, as that sort of flywheel with subscription renewals grows, how do you sort of think about when that metric becomes more meaningful?

Speaker 3

Yes. Hi, Saket. Thanks. First of all, you're right, we're really excited with the free cash flow that we generated in not only in Q2, but really for the whole first half of the year and also excited that we're able to continue to raise the guidance significantly for the full year. And it's really based off of the factors around just really strong renewal rates, strong bookings as well.

Speaker 3

And I think when we think about billings, one of the things that it's the reason why we've always kind of shied away is the noise that comes from the maintenance piece of the component within the deferred revenue for that goes into the billings calculation. So I think to the extent that when ARR for the maintenance goes down dramatically and we become where everything around the ARR growth and the deferred revenue is focused around the subscription SaaS, I think that's where billings becomes a lot more of a clear predictor or indicator of the growth in the business. And that's why we're still really focused today on our ARR growth, which is really the strongest indicator because it kind of helps to wash out any impact from the tail of our transition out of the perpetual business model.

Speaker 4

Makes a ton of sense. Thanks guys.

Operator

Your next question comes from the line of Jonathan Ho with William Blair. Please go ahead.

Speaker 5

Hi, good morning. Matt, can you maybe give us a little bit of additional commentary on how your platform vision is resonating with customers? And are you perhaps seeing channel partners start to bring you more into these types of deals as well?

Speaker 2

Yes. Hi, Jonathan. So absolutely, I mean, I think the platform is the very foundation of our ability to do solution selling. And it's the combination of both that is actually differentiating us in the market. So we come to the customers and we're talking about these 4 personas, these 4 identity groups workforce, IT, developers and machines.

Speaker 2

And then we're talking about this vision, which is the idea to be able to secure every identity with the right level of privilege controls. The only way that that's possible is with an integrated platform with the ability to be able to understand the behaviors of each identity group and apply the right level of controls. We call that intelligent privilege controls based upon what behaviors we're seeing, what the user is trying to do, what the target they're trying to access. And so we're not even into the discussion expand across all their identity groups. That introduces the expand across all their identity groups.

Speaker 2

That introduces the notion of the how. Well, how do we do that? Well, we do that with one integrated platform, one user experience, one ability to be able to run unified audit and unified reporting. And absolutely, that is not only resonating with customers, but I think it's the backbone of the relationship. Because even if a customer decides, you know what, you're the PAM leader, I want to get started with securing IT, They feel future proof.

Speaker 2

They feel safe in the relationship because they know they can expand off of one platform into those other identity groups when the time comes. Now of course, as we mentioned, about half of our new logos land with more than one solution, more than one identity group because customers actually from the get go want to get started with leveraging more and more of the platform. So I do think it's fundamental to our strategy and it's fundamental actually to the elevation of our relationships with our customers as we map out their long term identity security strategy.

Speaker 5

Got it. Got it. And then just in terms of a quick follow-up, when we look at the strength in the free cash flow margins this quarter, I mean, is this sort of the new normal level? Or should we expect there to be additional leverage just given the strength in your performance? Thank you.

Speaker 3

Yes. Thanks, Jonathan. So I think we guided and increased our guide for the full year. So that's the expectation going to the back half of the year. But I do think that what the cash flow from the Q2 and also from the first quarter indicated that, yes, we do have a lot of leverage in our model to be able to continuously increase our cash flow margin, our free cash flow margin against revenue going forward, and we anticipate doing that in the years to come.

Speaker 6

Thank you.

Operator

Your next question comes from the line of Madeline Brooks with Bank of America. Please go ahead.

Speaker 7

Great. Thanks for taking my questions. And nice performance this quarter. Just two quick ones from me. First of all, Matt, in your prepared remarks, you called out some nice wins.

Speaker 7

And I just wanted to double click on those and try to understand that or I guess confirm with you that Q2 was really driven by a host of different deals versus 1 or 2 really oversized large ones. And then second question for me both for Matt as well as for Josh is just getting an update on some of those other business metrics. I know you mentioned that over 50% are landing with 2 or more solutions. So how should we think about growth in just core PAM versus the other areas in your portfolio? And additionally, too, if you could just touch on any type of NRR type of a metric.

Speaker 7

I know last time you spoke, I think it was still trending above 125. So if you could just kind of get an indication of where it is now, that would be helpful. Thanks so much.

Speaker 2

Percent makeup from the top 10 deals as a percent of our overall bookings. And we continue to see a really strong breadth of business across all our markets actually driving our results. So it's a great indication actually of the strength of the business when we look under the covers from that perspective. I think when you think about the metrics that we're seeing out there, I think we're continuing to feel, we feel good about all of them. I think when we think about our new logo lands, we were really happy with that.

Speaker 2

So yes, multiple solution lands, but just in general, getting to 245 new logos in this economy, it feels like a strong landing spot for us and we continue to plant seeds across the board. And we plant seeds across the board across all of the product lines. And I think that's the other kind of underlying message. We've talked about this mix or this pie for a while and the pie continues to maintain in the consistent kind of slices as we've seen in prior quarters. And the reason for that is that PAM continues to grow.

Speaker 2

So our newer areas obviously are growing faster and they're performing well. But the core PAM business itself from an ARR perspective continues to grow. And so the overall shifting of the underlying pie doesn't change all that much, which is where you want to be, right? You want your core business to continue to perform and you want your emerging businesses to perform even better, but not catch up so much because you have any weakness in your core. And so this is what we're seeing.

Speaker 2

I think we're still too early to really talk about as a number out there. We want to get through some more cycles. So it's actually not a number that we've disclosed out there, but I think we feel very strong in our ability to be able to harvest deals within our base. And we see really strong expansion within that base.

Speaker 7

Thanks so

Operator

much. Your next question comes from the line of Rob Owens with Piper Sandler. Please go ahead.

Speaker 8

Yes. Thanks for taking my question this morning. And Matt, you're coming in at the tail end of earnings and your call sounds quite different than pretty much what we've heard out there. And so I want to drill down a little bit into that relative to, is there a sense of urgency you're finding from companies or customers, excuse me? I mean, your new logo count is up.

Speaker 8

Few companies have had the net new ARR growth in the first half that you guys have. So is it just all coming together at this point? Or is there some sense of urgency because the economy has been relatively uneven or flat at best for most?

Speaker 2

Yes, Rob, it's a good question and I think it is indicative of what we're seeing out there. So let's break down again what the landscape looks like. At the moment in time, the threat vectors, the adversaries out there, it continues to elevate, right? And so the breach environment, the risk environment increases. And CISOs and security teams are under a tremendous amount of pressure.

Speaker 2

And within that construct, they're asked by their boards, by their C suite to focus in on what's most important, what's most likely to reduce risk and that's the ability to actually secure environments. And then frankly also what's most likely to help them be resilient if risk materializes. And we within the identity security space as a whole and as the leader in identity security are just at the forefront of those conversations because ultimately the CISOs prioritize Identity Security at the top of the list. So the answer of what they can do to reduce risk is implement core controls, implement privilege controls, understand how to protect the workforce more securely than just MFA SSO, Go and attack the machine identity environment that has been neglected for years. Expand out or modernize how we secure IT to make sure that we're not just doing the basics, but we're moving beyond that to actually, for example, secure access to VMs into cloud.

Speaker 2

And so all of that then becomes a conversation with us and the customer about, all right, how do we move and how fast can we move? Our partners get it, so they're pushing it harder. So we become a top priority for our partner ecosystem. And ultimately, it materializes in the results that we see. I think independent of macros and independent of other factors out there and uncertainty, ultimately, securities teams have a mission.

Speaker 2

And it's the same mission of ours, which is to secure their environments, to protect their organization and their digital transformations. And I think we're just top of mind for that and then we're able to go deliver and we see that in the results and we see it in even the outlooks of what we see in the pipe moving forward.

Speaker 8

Thanks for your commentary there. Josh, just a quick one on free cash flow margin. If I look on a trailing 12 month basis, you're closer to about 20%. Historically, the shape of free cash flow in any given year is a little more second half weighted, if not even throughout the year. So is there something unique in this year relative to that second half?

Speaker 8

Because I think you're guiding to roughly 16.5% of the cash flow margin at the high end of the range, which is actually below your TTM numbers? Thanks.

Speaker 3

Yes. Thanks, Rob. So when we look at the guidance for the full year that we raised, I think, by $30,000,000 but we're still handicapping, so to speak, for the impact of the Venafi transaction or the investment that we're doing today around it and related costs. We're also taking into consideration potential rate cuts in the second half that could be significant on the interest income. And 3rd, I would say that there's consideration of tax obligations in the second half.

Speaker 3

So when we kind of think about that and we obviously, we're much more bullish on our free cash flow this year than we had started out in February. And we were glad that we were able to still increase the guidance for the full year, but we did consider some of these other factors about to the extent that we increased our guidance.

Speaker 8

Thank you.

Operator

Your next question comes from the line of Shaul Eyal with TD Cowen. Please go ahead.

Speaker 6

Thank you. Good morning, good afternoon, guys. Congrats on the ongoing consistent execution. Guys, any views on how the public vertical has performed this quarter? Maybe just to word about linearity trends during the quarter and maybe how it's been performing during the month of July?

Speaker 6

Thank you.

Speaker 2

Sure. I'll take that. So I think we've talked about this before, but as the nature of our solutions have become more mission critical, we've seen kind of more even distribution in our federal government space, kind of across the board. And so we don't generally see a huge tick up. We actually are seeing just good solid behavior across government, global government, across SLED, and state and local, which is a growth area for us.

Speaker 2

And so I think we're happy with our performance overall. We expect it to continue. But I wouldn't say there was any outsized differences in the quarter. And frankly, I don't think there'll be any outsized differences in the quarter to come. I think we're just going to continue to see strong growth.

Speaker 2

I think our global government vertical represents about 10% of our overall ARR and I think we continue to see that perform well.

Speaker 6

Any views about seniority trends?

Speaker 2

Across the entire business, we continue to see we see our normal hockey stick. So we are always back end loaded in the quarter. We saw Q2 perform kind of consistent with normal Q2s. I would say we've had a strong start to Q3 here. So we're feeling pretty good.

Speaker 2

But I haven't quite solved the quarterly hockey stick. It's one thing yet to be solved here at CyberArk.

Speaker 6

Thank you so much.

Operator

Your next question comes from the line of John DiFucci with Guggenheim. Please go ahead.

Speaker 9

Thank you. I'd like to follow-up to Rob's question because the results here as everyone is saying here is they're impressive. But it's not only Matt, the CISOs that identify that have said, hey, identity is a priority here, but it's also cyber insurance companies. I know this you and I talked about this a lot in the past, but I'm just curious, are you seeing sort of any uptick in at least conversations around cyber insurance or demand? Because to Rob's point, having new logos grow year over year for the first time in a year and a half in this quarter in this IT spending environment is not only impressive, it's also very unique.

Speaker 9

Like you spoke about the origin and the strength of the CSOs need they've recognized they really need to protect identities in a more robust way. But what's the tactical catalyst to that happening other than some of the, I guess, breaches we've heard about out there? Is cyber insurance because cyber to get cyber insurance at

Speaker 8

a decent price, you

Speaker 9

have to have PAM. And is that uniqueness?

Speaker 2

Yes. Listen, I think we've talked about it. Cyber insurance is a nice tailwind for us and absolutely the cyber insurers as they've kind of perfected their models, look at core security controls that need to be in place and PAM is there. By the way, EPM is increasingly there. You see them starting to move over and look at the machine identity space given the threat vector there.

Speaker 2

For sure, MFA SSO has always been there. So I think cyber insurance is a nice tailwind. And you kind of started to hit on other factors. And what I would tell you is there's a lot of tailwinds. The regulatory environment is a tailwind for us.

Speaker 2

We're talking about DORA, regulation, of what is most important to go do. Cyber insurers, as you just talked about, create an awareness of what's most important to go do. You mentioned the breach environment and increasingly we're seeing both customers and even the IR firms making sure that the first thing they go do or recommend is come talk to us. And we see kind of post breach deals picking up, coming our way from a CyberArk perspective. So I think across the board, the tailwinds that support the fundamental thesis that I gave Rob, which is we're top of mind and we're a priority.

Speaker 2

They all kind of reinforce that point and ultimately lead to stronger results.

Speaker 8

Okay. So it sounds like

Speaker 9

a lot of things are happening out there. Okay. Well, nice job guys. Thank you. Thank

Speaker 2

you.

Operator

Your next question comes from the line of Joshua Tilton with Wolfe Research. Please go ahead.

Speaker 10

Hey guys, thanks for taking my question. Just one for me. Matt, I think you mentioned that win rates were improving on the workforce side. I know you guys talk a lot about how your workforce product portfolio is differentiated because you have some adjacent offerings that just makes SSO and MFA feel more secure. But can you talk to some of the strategic pricing initiatives you're taking that help make customers not only feel like the product portfolio is differentiated, but they're just getting much more value from it as well and how that maybe help driving those improving win rates?

Speaker 2

Sure. Hey, Josh. So thank you. I think we talked about this a little bit at our Investor Day, but we've moved to this solution motion. And it's a really simple concept, right, which is we're pricing per the persona group or we're launching solutions per the persona group.

Speaker 2

So there's workforce, again, IT, developers and machines. For each one of those personas, we've got a kind of standard and an enterprise package. And our goal is to make sure that even the standard package is better than anything you can get from any competitor out there. And obviously, the enterprise takes it one step further. And so when we think about the workforce side for a second and you think about our standard workforce solution, certainly our enterprise one, you're getting a slice of not just MFA SSO, but you're getting the first two layers of security of secure web sessions and standard and the second two layers in enterprise.

Speaker 2

You're getting a level of identity management around lifecycle management and workflow engine. You're getting the browser. You're getting an element of workforce password manager. And so as you kind of pointed out, in spaces where we're competing from the, let's say, challenger position, especially in workforce, we're not the biggest shark out there. Then we're competing on value and security and we're going in with our new solutions and we're saying, wait, you really want what they offer for SSO MFA versus what we offer as a total solution to secure your workforce.

Speaker 2

And I think that's resonating. And by the way, it resonates even if the customer doesn't want to swap out their IDP, their SSO MFA provider. And I shared that example in the script because it's an important one, which is to say, listen, if you've made a choice on Microsoft or even Okta recently and you don't want to swap that out, that's fine. We can start to wrap our security controls on top of that. We can bring you into our platform.

Speaker 2

And then over time, we can see what happens. And I think that's what the sales team is feeling energized by. And they're out there competing not only more

Speaker 10

I think also in the prepared remarks you called out how the lifetime of certificates kind of shrinking to 90 days when it used to be I think multiple years. There seems to be a lot of little incremental news headlines of just companies out there losing faith in their incumbent certificate management providers. Are you seeing a rate of change in the demand with which people are realizing that Venafi is a modern solution that can handle these new requirements that the market is impressing upon these companies?

Speaker 2

Yes. Listen, I think we remain incredibly enthused by the Venafi acquisition. We need to go finish it out, close it and get them on board. But I'm out there talking to customers, our customers really every day. And of course, as you might imagine, I'm discussing machine identities.

Speaker 2

And we're talking about this kind of broad end to end machine identity landscape. And I just want everybody to try to understand this for a second. There for each machine identity, let's take an application. It can be an application, it can be a bot, it can be an AI driven bot, it can be an IoT device, but let's take an application. That application has multiple identities.

Speaker 2

So that application can have an identity that looks a lot like a username and password. We call that a secret. It can also have an identity with its core identifying features. Think like the equivalent of a human with their passport or their driver's license. That's a certificate.

Speaker 2

And without the ability to be able to identify themselves through they can't for example, the application can't get listed on websites, it can't get listed in Google. So the idea here is our end to end machine identity goes across all machines. And then within each machine can manage whether it's the secrets, the credentials, it can manage the certificates, these identifying features, it can manage their key, SSH keys, modern keys. And our combination of Venafi plus CyberArk allows us to be able to be really the only provider that can do that end to end. Now diving into your question actually, that was all a long preamble is when we think about the certificate space, there has been organizations out there that aren't on the upper tier of the enterprise or aren't highly regulated that been able that thought they could do this themselves.

Speaker 2

I can create a spreadsheet and track all my certificates, which can be in the 1,000 or even more. And I can figure out when I need to rotate or issue a new certificate when it expires through an automated script. That's impractical today. If you are managing more than 5,000 certificates, the idea of doing it manually or through an automated fashion is just not possible. And so that then triggers real interest in an enterprise grade certificate lifecycle management tool in a modern SaaS environment, which is really what Venafi offers.

Speaker 2

And so I really think we're at this inflection point where the do it myself or do it with some smart people on IT is no longer applicable. So you add that with the total end to end story and that's why as you can tell because I'm going on about it, that's why you can see this idea of wow, what can we do as CyberArk as the leader in machine identity. And when we close this acquisition and we come back, we'll talk a little bit more about what that offering looks like and the momentum we'll see.

Operator

Your next question comes from the line of Fatima Boolani with Citi. Please go ahead.

Speaker 7

Good morning. Thank you for taking my question. Just one for me. Josh, you alluded to maybe bringing down the free cash flow directly in response to some of the things that you might be doing around Venafi.

Operator

So I'm wondering if you could give us

Speaker 7

a little bit more detail or maybe a taste of what maybe some of these anticipatory investments or plans or efforts or initiatives might be around Venafi provided that it hasn't closed yet, but again anything anticipatory that you're doing that you could give us a flavor on?

Operator

Thank you.

Speaker 3

Yes, I'll start and Matt if you have anything to add. But first of all, I think it's from my angle when we're trying to forecast cash flow, free cash flow for the second half of the year, it's really more around what are we doing now around PMI for the transaction, the additional investments around making sure that it's successful, the full integration, as well as of course related transactional costs that are going to be going into it, whether the dry ones of legal and various advisory costs as well. And I also would not I would want to repeat, there's also we took actually consideration of where interest rates are going in the second half of the year, which also has an impact on the free cash flow. But it's really the things around related to what we know we're doing today around direct and indirect costs related to the integration with MediPhi.

Operator

Your next question comes from the line of Junaid Sidikui with Tuuris Securities. Please go ahead. Great.

Speaker 2

Thank you for taking my question. Matt, you've talked about the importance of the MSP channel and have really leaned into it. Could you talk about the traction that you're seeing in the MSP console that you recently launched and maybe any other initiatives that are contributing to growth in new logos? Yes, sure. No, I think MSPs are important component of today and an even more important component of the future.

Speaker 2

I think more and more organizations, not just down market, but actually enterprise organizations are choosing to outsource their security stack to the MSP providers who are out there. And so, we see that as a big piece of our partner program. We talk about it actually regularly. We did launch the MSP console earlier in the year and it's gotten rave reviews. It's made the life of the MSP significantly easier.

Speaker 2

And it allows them to be able to focus on going out and helping find us customers. And once they have it, keeping those customers happy and satisfied. And the console itself really helps with kind of tenant management. It helps with the ability to understand usage. And again, just makes their life easier.

Speaker 2

So I think MSPs are a big piece of the future of CyberArk. You see more and more of the kind of non traditional kind of SIs get into MSPs, resellers become MSPs. And I think it's a big piece of how we see ourselves going forward. It also allows us, by the way, to talk about a broader portfolio stack. If you had talked to us maybe a year or 2 ago with the MSPs we did have, they were really focused in on PAM.

Speaker 2

And now we see the MSPs really embracing the full portfolio strategy, the platform itself, actually moving into machines, moving into the access side. One of the areas that all of our partners, not just the MSPs are most excited about is actually this idea of cloud access and how do we secure developers, whether they're cloud architects sitting in IT or developers sitting in the developer organization. And what we've seen here and it was evident in the SAP example, we have released a press release and I mentioned them in the script. They really wanted to think about how they expand the notion of PAM to a modern stack that actually secures the cloud environment and they adopted our secure cloud access as the fundamental component platform of how developers will access the cloud environment. It's a really exciting win for us.

Speaker 2

And those types of new use cases come to play with the MSPs as well and they realize that they can cover all of the personas of their organizations if they effectively adopt the CyberArk platform.

Operator

That concludes our question and answer session. At this time, I will now turn the call over to Mr. Matt Cohen for closing remarks. Please go ahead.

Speaker 2

Thank you. And as you can tell, we're just thrilled to deliver another strong quarter. We're delivering innovation and we're continuing to build our vision around this idea of delivering the right level of privilege controls to every identity. We couldn't be more excited about the Benefi acquisition, which remains on track to close in the second half of twenty twenty four. And we're in an amazing position overall to continue expanding our leadership position in Identity Security.

Speaker 2

I want to end by thanking the more than 3,000 employees at CyberArk all around the world for their hard work and their diligent effort in making CyberArk what it is today. Thank you and we'll talk soon.

Operator

This concludes today's call. Thank you all for joining. You may now disconnect.

Earnings Conference Call
CyberArk Software Q2 2024
00:00 / 00:00