TENB - NASDAQ

Greetings, and welcome to the Tenable Second Quarter 2025 Earnings Conference Call. [Operator Instructions] As a reminder, this conference is being recorded. It is now my pleasure to introduce your host, Erin Karney, Vice President, Investor Relations. Thank you. You may begin.

Thank you, operator, and thank you all for joining us on today's conference call to discuss Tenable's second quarter 2025 financial results. With me on the call today are Co-Chief Executive Officers, Steve Vintz and Mark Thurmond. Prior to this call, we issued a press release announcing our financial results for the quarter. You can find the press release on our IR website at tenable.com. We will make forward-looking statements during the course of this call, including statements relating to our guidance and expectations for the third quarter and full year 2025, growth and drivers in our business, changes in the threat landscape in the security industry and our competitive position in the market; growth in customer demand for and adoption of our solutions, including Tenable One, Cloud Security and exposure management, our ability to expand integrations with third-party tools and data sources, planned innovation and new products and services, including new capabilities from our acquisition of Apex and our expectations regarding long-term profitability and free cash flow. These forward-looking statements involve risks and uncertainties, some of which are beyond our control, which could cause actual results to differ materially from those anticipated by these statements. You should not rely upon forward-looking statements as a prediction of future events. Forward-looking statements represent our beliefs and assumptions only as of today and should not be considered representative of our views as of any subsequent date, and we disclaim any obligation to update any forward-looking statements or outlook. For a further discussion of the material risks and other important factors that could affect our actual results, please refer to those contained in our most recent annual report on Form 10-K and subsequent reports that we file with the SEC. In addition, all of the financial results we will discuss today are non-GAAP financial measures with the exception of revenue. These non-GAAP financial measures are in addition to and not a substitute for or superior to measures of financial performance prepared in accordance with GAAP. There are a number of limitations related to the use of these non-GAAP financial measures versus their closest GAAP equivalents. Our press release includes GAAP to non-GAAP reconciliations for these measures. I'll now turn the call over to Steve.

Thank you, Erin. We're excited to share our strong results for the quarter, discuss momentum and recent enhancements to our exposure management platform, including recent investments in AI and highlight some key customer wins for the quarter. In Q2, we beat all of our guided metrics, delivering 12% revenue year-over-year growth and 19% operating margin. We attribute our performance in the quarter to the growing adoption of our exposure management platform, Tenable One, which was 40% of total new sales this quarter. Exposure management is about providing the unified risk-based and business contextualized view of an organization's cyber risk, enabling them to continuously prioritize and remediate the most critical exposures before they can be exploited. And the benefit of exposure management to our customers is clear, unified visibility, smarter data-driven decisions and faster, more effective risk reduction. For Tenable, this important secular shift in the market to preemptive security is resulting in broader asset coverage and larger deal sizes, including a growing number of 6- and 7-figure deals. Mark will delve into our customer wins in the quarter as we are seeing more customers consolidate on Tenable One. And now with the acquisition of Apex Security, which closed during the quarter, we are expanding our AI Aware and AI SPM capabilities in the platform to secure the rapidly expanding AI attack surface. Drilling a little further into the specific areas of traction in the quarter, cloud and VM continue to be critical priorities for our customers within Tenable One. We also saw strong adoption with OT. As you recall, in April, we highlighted public sector as an area where we were expecting to experience some pressure. The quarter played out slightly better than expected in PubSec, driven largely by strong platform sales in our SLED business, which was aided by their June fiscal year-end. Specifically with regard to U.S. Federal, we feel incrementally more positive as we head into the second half of the year, particularly in our renewal base, where visibility is improving despite a spending environment with heightened levels of review and scrutiny. Momentum we're experiencing with our platform is a reflection of the importance our customers are placing on preemptive security, which is the practice of reducing risk breach occurs rather than solely detecting and responding after an attacker has already gained access. We're building on that momentum by continuing to advance our product road map and extend our leadership in this category Exposure management as a discipline is built on 3 foundational pillars, unifying visibility to discover and monitor every asset, unifying insight to contextualize and prioritize risk and unifying action to mobilize remediation and measure impact. These pillars are essential to reducing cyber risk at scale and Tenable is leading the way across all three. First unifying visibility, effective risk reduction starts with comprehensive visibility, that's why broad, continuous discovery is foundational to exposure management. Tenable continues to make strong progress here, particularly in expanding third-party integrations across the security stack. We recently surpassed 300 validated integration spanning cloud, application security, identity and more, making Tenable One the most open and interconnected exposure management platform in the market. These connections not only expand visibility, but also lay the groundwork for deeper insight and smarter action. AI is also enhancing visibility by helping customers discover and classify assets that might otherwise remain hidden from misconfigured cloud workloads to unmanaged devices and ephemeral containers. By analyzing network traffic, configuration drift and usage patterns, our AI reduces blind spots and ensures customers a more accurate and comprehensive view of their attack surface. Second, unifying insight. Once assets and exposures are discovered, the next challenge is understanding what matters and what needs to be prioritized. That's where context comes in and it's where Tenable sets itself apart. Our integrated dataset enriched with over 2 decades of exposure telemetry and real-time threat intelligence powers a suite of AI capabilities, purpose-built for exposure management. Tenable's AI doesn't just detect known risk, it's evolving to proactively identify emerging threats, map likely attack path and surface exposures that are most likely to be exploited in our customer-specific environment. It's being designed to use predictive modeling to assess the blast radius of vulnerabilities, analyze attacker behavior to anticipate their next move and continuously update prioritization and conditions as they change. This isn't just a smarter way to triage alerts, it's a more strategic way to understand interconnected risk across hybrid environments and focus on what truly matters. And finally, unifying action. Insight is only valuable if it drives results. That's why we're transforming Tenable One from a system of record into a system of action. Our AI now delivers intelligent, environment-specific remediation guidance designed to help security teams reduce mean time to remediate and focus on what matters most. The majority of breach victims are compromised by known vulnerabilities that went unaddressed, not because the risk weren't identified, but because they weren't acted upon. It's a clear example of the last-mile problem, which is getting the right exposure data into the right teams with the right context to drive resolution. And remediation isn't just patching, it's adjusting configurations, disabling risky accounts, tightening access controls and more. Exposure management demands a broader, more adaptive response than traditional vulnerability management. That's why we're embedding automation, analytics and decision support directly into customer workflows, closing the gap between insight and action. The result here is faster remediation, broadening adoption, and we believe a stronger position for Tenable as a leader in exposure management. And remember, in this new AI-powered world, we're seeing more frequent pervasive attacks leveraging AI, resulting in shorter meantime from known vulnerabilities to exploitation, which demands faster remediation. In short, while understanding, contextualizing and prioritizing risk is critical, preemptive security increasingly means leveraging that visibility and insight to empower customers to act in real time and seamlessly integrate remediation into their process. I'd now like to turn the call over to Mark.

Thanks, Steve. Our customers consistently face the same challenges, complex hybrid systems to secure, interconnected systems with siloed views and new technologies evolving faster than they can be secured. Our mandate is to help our customers identify and address the risk these problems introduce, and that's precisely what we're doing. Our deep roots in VM are the foundation of our EM leadership, enabling Tenable One to provide a profound understanding of hybrid environments and our expansion into other areas of the attack surface uniquely position us to break down silos. This is why we're seeing constant traction with Tenable One. This quarter, that partnership was on full display with major Tenable One expansions across industries. We secured strong wins against major players in VM, EM and in cloud, directly resulting from not just extending our leadership, but also shaping what exposure management looks like. During the quarter, we had a number of notable wins spanning products, theaters and industries. I'd like to take a moment to highlight a few that are a good reflection of what we're seeing broadly across the business and what we've highlighted in our prepared remarks today. We kicked off the quarter with a major win at the state level, 1 of 2 significant public sector victories this quarter, which started as a straightforward VM expansion quickly evolved into a full Tenable One adoption. The customer expanded beyond VM to include cloud, identity and web app security, consolidating multiple capabilities into a single unified platform. It's a great example of a growing trend. Organizations are turning to Tenable One to streamline and strengthen their preemptive security strategies. That momentum carried into the private sector as well. A standout example is a major entertainment company that turned to Tenable One to secure its OT environments and gain a more complete view of risk. What began as a search for better OT coverage quickly led to consolidation on Tenable One with a focus on both VM and OT. This is where we shine. Tenable's ability to span IT and OT environments with unified visibility gives us a competitive edge. Not every customer is looking to rip and replace, and that's where our flexibility truly stands out. A European global luxury brand with a mature security program wanted deeper risk insights and stronger preemptive security without disrupting their existing stack. They chose Tenable to expand their third-party asset and risk management program, tapping into the power of Tenable while maintaining the tools they already rely on. It's a great example of how we meet customers where they are, delivering value without forcing a full consolidation. What is increasingly clear from all these customer examples is that as cyber threats become more frequent and sophisticated, customers are shifting their focus toward preemptive strategies and industry analysts and others are following suit, placing greater emphasis on exposure management and the platforms that enable it. This growing momentum was reinforced by 2 key pieces of industry research that were recently released. Last week, Forrester named Tenable a leader in unified vulnerability management, awarding us the highest score for the strength of our strategy. In fact, Tenable received the highest possible scores in 7 different categories, more than any other vendor, including vision and road map. In addition, Tenable was recognized as a major player in IDC's inaugural CNAPP MarketScape. We were chosen from a very substantial list of vendors for our ability to enable customers to reduce their risk by reducing noise and prioritizing remediation through clear, actionable insights. We see this recognition as validation of our strategy and further evidence that exposure management is becoming central to modern cybersecurity. Finally, Gartner now predicts that by 2028, investments in technologies that reduce threat exposure will grow twice as fast as those focused on detection and response. The takeaway is customers recognize the value of a unified exposure management platform and Tenable is leading the shift to exposure management. As organizations modernize with cloud, AI and hybrid IT/OT environments, they're turning to us to unify and simplify their security strategy. Our platform is the foundation for how forward-looking teams manage risk. Looking forward, as Steve highlighted, we are investing in areas that are tackling our customers' largest pain points. Knowing how to secure AI is one of the greatest frustrations facing customers today. With our acquisition of Apex, we plan to offer a holistic approach to understanding their AI risk. By providing visibility into AI usage, detecting AI-related vulnerabilities, securing AI resources and data configurations and integrating AI security into our broader exposure management platform, we believe we will be able to make AI security a key part of our customers' preemptive security program. With that, I'll turn the call back over to Steve to dive deeper into our results for the quarter. Thank you.

Thanks, Mark. As a reminder, our results include the impact of the Apex Security acquisition, which closed on June 6. Calculated current billings, defined as revenue recognized in the quarter plus the change in current deferred revenue grew 8% year-over-year to $238.6 million. Our growing momentum with Tenable One is inflecting deal sizes higher as we added 76 net new six-figure customers during the quarter on an LTM basis. We also added 367 new enterprise platform customers, and our net dollar expansion rate was 107% this quarter. We continue to have strong gross dollar renewal rates. We're also pleased to continue to see our backlog accelerate significantly during the quarter. Current RPO grew 12% year-over-year, 400 basis points ahead of CCB growth, while total RPO growth was 19%, reflecting over 40% year- over-year growth in long-term RPO. RPO reflects the increasing momentum with our Tenable One platform as more customers are making multiyear commitments to more fully deploy exposure management solutions given the strategic importance to understand and reduce risk holistically across the enterprise. Now on to the P&L for the quarter. Revenue was $247.3 million, which represents 12% year-over-year growth. Revenue in the quarter exceeded the midpoint of our guided range by $5.3 million. This level of outperformance was driven in part by a more favorable mix of business with upfront revenue recognition that we're not anticipating in the second half of the year. Our percentage of recurring revenue remains high at 96%. Gross margin was 82% this quarter, flat relative to last quarter. Looking at the second half of the year, we expect gross margins to be flat to modestly lower due to the launch of third-party data, remediation automation workflows and new AI security capabilities. Sales and marketing expense was $8 million, up from $85.5 million last quarter and as a percentage of revenue was 36%, flat relative to last quarter. Sales and marketing expense was higher sequentially primarily due to industry events and incremental investments in sales capacity, partially offset by costs in Q1 related to our annual sales kickoff conference. Looking ahead, we expect sales and marketing as a percent of revenue to trend somewhat lower, reflecting higher levels of sales productivity and greater efficiency in our go-to-market organization. R&D expense was $43.4 million, which is up from $39 million last quarter. As a result, R&D expense as a percentage of revenue was 18% this quarter, up from 16% last quarter. This increase on both dollar basis and as a percentage of revenue was primarily related to the continued investment in R&D, including additional personnel costs related to our acquisitions of Vulcan and Apex. G&A expense was $22.7 million, which was flat relative to last quarter on an absolute dollar basis and as a percentage of revenue. Income from continuing operations was $47.7 million and exceeded the midpoint of our guided range by nearly $4 million. Operating margin for the quarter was 19%, which is approximately 100 basis points better than the midpoint of our guided range. We are very pleased with our ability to drive continued leverage in the business while investing for growth and absorbing the additional OpEx related to our acquisitions completed in the first half of the year. EPS for the quarter was $0.34, which was $0.04 better than the midpoint of our guided range. Now let's turn to the balance sheet. We finished the quarter with $387 million in cash and short-term investments. Accounts receivable was $181 million and total deferred revenue was $798 million. Current deferred revenue was $625 million, which gives us a lot of visibility into expected revenue over the next 12 months. We generated $44 million of unlevered free cash flow during the quarter, bringing year-to-date $131 million of unlevered free cash flow, putting our annual guide well within reach. During the quarter, we utilized $48 million of net cash for the Apex acquisition as well as $65 million to repurchased 2 million shares. In total, we've now repurchased 6.3 million shares for approximately $240 million since November of '23 and have $60 million of the previous repurchase authorization remaining. With our strong operating leverage and increasing free cash flow generation, we are very pleased to announce today an additional $250 million increase to our share repurchase program, which demonstrates our continued commitment to effectively deploy and return capital to shareholders. We have confidence in our ability to drive continued leverage in the business while investing for growth and delivering compelling unlevered free cash flow margins over time. With the results of the quarter behind us, I'd like to discuss our outlook for Q3 and the full year 2025. For the third quarter, we currently expect revenue to be in the range of $246 million to $248 million; non-GAAP income from operations to be in the range of $52 million to $54 million; non-GAAP net income to be in the range of $44 million to $46 million, assuming interest expense of $7.2 million, interest income of $3.3 million and a provision for income taxes of $3.4 million and non-GAAP diluted earnings per share to be in the range of $0.36 to $0.37, assuming 123 million fully diluted weighted average shares outstanding. For the full year, we currently expect calculated current billings to be in the range of $1.038 billion to $1.048 billion, revenue to be in the range of $981 million to $987 million. Non-GAAP income from operations to be in the range of $205 million to $215 million; non-GAAP net income to be in the range of $179 million to $189 million, assuming interest expense of $28.5 million, interest income of $15.6 million and a provision for income taxes of $12.8 million. Non-GAAP diluted earnings per share to be in the range of $1.45 to $1.53, assuming 123.5 million fully diluted weighted average shares outstanding and unlevered free cash flow to be in the range of $265 million to $275 million. As discussed, since our last earnings call in April, we continue to gain traction with our Tenable One platform and visibility into the spending environment in public sector has improved, specifically with respect to renewals. As a result, we raised the midpoint of our guided range by $8 million and the high end by $3 million. This improved outlook will modestly benefit Q3 and Q4 to a greater degree. Turning to operating income. The outlook today reflects our strong outperformance in the second quarter as well as the improved outlook for the rest of the year, offset by the incremental OpEx related to the Apex acquisition. Therefore, we are pleased to reiterate our expectations for the full year. Similarly, we reiterated our unlevered free cash flow guidance of $265 million to $275 million, while absorbing approximately $6.5 million of expected impact from Apex. The takeaway here is we are pleased with the results of the quarter, balancing growth with profitability while expanding our market opportunities. Moreover, we're excited for the second half of the year. That said, Mark and I would like to thank everyone for joining us today on the call. We're very excited about the opportunity ahead and look forward to updating you throughout the year. We also hope to see you at the Stifel and Piper Sandler conferences in the coming weeks. We'd now like to open the call for questions.

[Operator Instructions] Our first question comes from Rob Owens with Piper Sandler.

Would love for you to compare and contrast a little bit this quarter with, I guess, where you were 90 days ago. I mean, clearly, we're a little closer to the Fed fiscal year-end. And Steve, you talked about U.S. Fed, how you're getting incrementally more positive. It does feel like we're getting cross currents from other vendors out there talking about potential truncation of deals, things going maybe even less than 1 year. So I'd love to better understand how your visibility is better here and your confidence is better. And on the commercial front, maybe just help us understand, it seems like you're seeing a nice upsell relative to Tenable One in consolidation. Just what's driving some of those underlying trends and strength there?

Rob, this is Steve. I'll talk about what's different now versus 90 days ago. And First, we're delighted to deliver upside in the quarter. We beat our expectations for CCB. And consequently, we're raising the guide, $8 million at the midpoint and $3 million at the high end of the range. And as we commented earlier, visibility, we believe, particularly with our federal business, where we provided some cautionary comments on our last call, seems to be improving there, most notably in our renewal base. We have a major leadership position in U.S. federal, specifically with regard to VM, and we have a sizable customer base there as we head into the second half of the year. We have a strong pipeline, lots of opportunities. We do recognize that some of those opportunities will take longer to transact, perhaps more so on the civilian side, but just more broadly across U.S. Federal. And we have greater visibility into our renewal base, and that's what's reflected into the outlook today. So in short, we have a lot of confidence in our ability to continue to drive momentum in the business. And we're getting a lot of traction with Tenable One. It's now 40% of our total sales, 30% -- 40% of our total new sales and 30% or more of our total sales. And we're seeing some of the highest selling prices, some of our highest close rates and some of our highest renewal rates with the platform.

Our next question comes from Brian Essex with JPMorgan.

Maybe to pivot on that last point, Steve, on Tenable One penetration. Great to see the call out in the press release and the strength that you're seeing across the platform. But I guess what's embedded in your expectations maybe for the remainder of the year? And how meaningful can Tenable One and non-VM exposure solutions penetration be within the installed base? And maybe what might it take to get a little bit better acceleration there?

Sure. We often talk about our business in the context of this growth algo, which is exposure solutions and the underlying growth and mix of business there relative to VM, vulnerability management. And exposure solutions represents over 20% of our total sales. So mix continues to inflect higher there, and we're getting great traction and seeing outsized growth. And we're seeing good durable growth in vulnerability management. So the big opportunity for us is really with the platform we're seeing a ton of market pull. It's clear that customers want to be able to unify visibility, unify insights and unify actions. And that's a real challenge for a lot of our customers today. And we're one of the only providers in the market that has the ability to consolidate both world-class first-party assessment data as well as rich data from other security providers into a single correlated view of risk across cloud and OT and the network and SaaS. So this is really important for us and to deliver -- to our customers, and that's why we're seeing success there really with the platform. And we're focusing a lot of our go-to-market efforts around the platform, we're focusing a lot of our engineering efforts around the platform and certainly leveraging AI to be able to deliver incremental capability to customers.

Is there a level of penetration that you're targeting that could get you to -- like what would it take to get you to double-digit growth rates like from a billings perspective?

It wouldn't take a lot to inflect it higher, just looking at that mix of business. And so what we said was Tenable One is roughly 40% of our total new sales and 30% of total sales. And it just takes modest movement there, to be honest with you. And we're also -- we're going to see good stability in the federal market, right? The federal market is a little bit of a headwind right now and despite that, we're delivering better-than-expected results. It will be a major tailwind of growth for us in the future. We're certainly clear about that. We have a leadership position there. But right now, there's just a little less visibility. And as a result, we're taking a bit of a cautious approach. And deals will take a little longer to transact there and close. But it doesn't take a lot, certainly to accelerate growth higher. We're confident we can deliver on that. Mark and I are focused on that, and we're investing to do just that.

Our next question comes from Saket Kalia with Barclays.

A nice quarter. Mark, maybe for you, just to tie together some of the details that's been talked about. You had some nice examples of customer wins in your prepared remarks. Maybe the question is, could you talk about the competitive landscape a little bit in the exposure space? And maybe touch on how Tenable One is helping you differentiate versus a traditional VM player or versus other point players in other spaces? Does it make sense?

Yes. No, totally makes sense. No, I love the question because it is truly the biggest differentiator we have, right? As Steve highlighted, we have pivoted this company to be laser-focused in driving Tenable One. And that's why you're seeing some of these results, and that's why you're kind of seeing us execute on this platform play around Tenable One. And really, when you look at some of those customer examples and all of those customer examples were competitive deals, meaning we were going against either some of our traditional competitors head-to-head or nontraditional players. And we were able to beat them. A couple of those deals were 7-figure deals. And what we're able to do is when we go into Tenable One, there's a few points that absolutely differentiate us, right? First and foremost, right, very basic, but we are hybrid, right? So a lot of these environments are still on-prem and in the cloud, and we can go in and address all of these complex companies and organizations and governments that are hybrid. So that is a huge differentiator. The second part is when we go in there and we're able to have this compelling discussion around improved and unified visibility, insights and actions, it allows customers to consolidate. So if you looked at some of those examples, when we look at our largest deals, there are multiple asset types as part of the Tenable One transaction. So you're not just talking about base core VM, you're talking about cloud security, web application scanning, OT, identity, attack surface management. And right now, we are the one player that can actually go out there in a unified platform, bring it all together, be able to have it beautifully laid out elegantly in regard to dashboarding our capability to allow our users to make really fast, quick decisions and take action and get insight. And we're able to do that, our win rates this quarter were some of the highest win rates we've seen as a company. And so we feel like we are just going to continue to gain this traction account by account, installed base by installed base and show our differentiation. The one last thing, I know this is long-winded, but it is super important right, that I think people realize this isn't just Tenable saying how we've differentiated. We now have an enormous amount of analysts that are listing us, especially over the last few weeks with Forrester and IDC and others listing us as the leader in these categories in exposure management, in unified vulnerability management, right, major player in CNAPP. So you're now having analysts, right, really recognize some of the hard work we've been doing is now paying off. So short summary there, but that's really why we're differentiating and why we're doing extremely well against our competitors.

Our next question comes from Andy Nowinski with Wells Fargo.

Wells Fargo Securities, LLC, Research Division So nice job on the quarter. You noted you're seeing these larger deal sizes, the 6- and 7-figure deals. I'm really wondering, are those coming from -- more from like new logos versus renewals? Because it looks like your net retention rate went down a little bit sequentially. And so I'm assuming that's coming from stronger new logo growth, but would love to hear your thoughts on that and kind of where you see net retention bottoming out here.

Sure. Well, our gross dollar -- let's just unpack this a little bit. Our gross dollar renewal rate continues to be very healthy, and it demonstrates strength in our customer base. But as you pointed out, our expansion rate did moderate to 107% this quarter. Now a notable contributing factor here is the constrained spending environment in U.S. Federal. And as I mentioned earlier, we have a strong leadership position there. We have a sizable customer base, and it's just taking longer to convert on some of those expansion opportunities in Fed just due to greater scrutiny and more levels of review and approval. But we believe that indeed will inflect higher certainly over a future period. It's a big opportunity. But looking more broadly at our business, there is a lot of metrics that we provide for investors to understand the overall health momentum. Of note here, as you commented, it was really the strength in new business from new logos. We added over 350 new enterprise customers in the quarter. So demand from new customers remains healthy, especially with large deals due to the growing adoption of Tenable One. And the other thing I'll say is that customers, speaking of Tenable One, are making longer-term commitments here. Our CCB growth in the quarter was 8%. But if you look at the growth overall in RPO, current RPO growth was double digits. Long-term RPO growth was about 40%. So what you're seeing is customers, 70% of all of our multiyear deals with these annual commitments are coming from the platform. So customers are not only spending more, we not only have the highest conversion rates with the platform and the highest renewal rates, but we are developing deeper and longer relationships with our customers because of the platform. So strength of the platform, obviously, is translating to incremental opportunities, not only within our customer base despite some of the uncertainty or lack of visibility around the Fed, but also is translating into a lots of new logos as well and longer-term commitments.

Our next question comes from Patrick Colville with Scotiabank.

This is Joe Vandrick on for Patrick Colville. Can you talk to us about your strategy to help secure the use of generative AI in the enterprise? With Apex and AI Aware, it seems like it's something that you're thinking pretty deeply about. So maybe go over that and why Tenable has the right to win here.

Well, let's talk a little bit about APEX in the context of our broader AI strategy. And we're transforming our customer security programs and by making Tenable One more intelligent through the use of AI. It's an arms race out there. There's lots of hackers that are leveraging AI for more advanced and persistent attacks with greater frequency. So we have to be able to leverage AI to strengthen our customers' defenses. And in terms of Apex, it really accelerates our investment in AI by adopting a government or by adding a government and enforcement layer. Prior to the acquisition, what we have brought to market Tenable organically was really twofold. Number one, AI Aware, which is all about discovery and awareness. It tells you what AI we have, what customers have and where it is and the known vulnerabilities. And then we also have AI SPM, which focuses on cloud posture and configurations, determines how your AI resources are set up in the cloud and if it's secure. Apex really extends our own capabilities with AI by going deeper into the applications by monitoring prompts and interactions for misuse and provide a clear governance and enforcement use case to our customers so they can use AI more safely. And then more broadly, AI for us is really a force multiplier for the insights we can deliver to our customers across our best data fabric, which has taken over 20 years of exposure data. And we continue to leverage Agentic to drive higher levels of remediation and really orchestration for our customers to reduce risk.

Yes. And the only thing I'll piggyback on that is just in regard to kind of seeing the customer demand. I mean it was pretty amazing after we acquired Apex, the type of interest that we saw from our installed base and from our customers. And we talked a little bit earlier in the call, the competitive dynamic. I mean, we are absolutely differentiating ourselves even to the next level in regard to our AI strategy. So a lot of our installed base was very used to using AI Aware and AI SPM. But we've got now significant enterprise customers wanting to use Apex and now that we're going to be embedding it into the Tenable One platform. This call -- this literally solves a real-world problem that customers are kind of scratching their head on how to solve. And we're now bringing it to them within the platform. And so we talk about differentiation. This is absolutely something that is gaining a ton of traction. And just keep in mind, the deal just closed in Q2, right? And so we're already seeing pretty significant pipe build and demand. So very, very optimistic. It was one of the customers kind of cheering us on in regard to doing this acquisition because it's something that solves a real problem for them. So from a go-to-market and channel perspective, people are pretty excited.

Our next question comes from Roger Boyd with UBS.

Maybe to expand on that, I think last quarter, you provided some metrics around adoption of AI Aware and it's nice to see that pop post the Apex acquisition. But in addition to that, secondly, can you just remind us what you've said about monetization of AI Aware? I'm guessing that as you embed Apex into Tenable One, that story changes a little bit, but would love to get your perspective there.

Yes. I think what we said publicly is that we have over 6,000 customers that are using AI Aware to detect shadow AI applications, browser plug-ins, internally developed AI applications. And in terms of monetization, how we look at the capabilities that we acquired from Apex, it will not be sold separately. It will be sold as part of the platform. AI, how we look at it as an asset type, and we offer in Tenable One to help our customers secure the AI attack surface. So it's similar to an asset type like VM or cloud or OT. And as Mark mentioned, we're getting some good early traction there. But obviously, we see it as an important attack vector we need to help our customers secure and requires a platform approach.

Our next question comes from Rudy Kessinger with D.A. Davidson.

This is Andres Paroli for Rudy. Great quarter. Maybe I hear you about the level of outperformance in Q2 was driven by a more favorable mix and upfront revenue recognition. But could you maybe unpack what products and verticals did outperform your expectations in Q2? And maybe if you could give us some data points around the core VM market and what are you seeing there, that would be very helpful as well.

Okay. So just to be clear here, the upfront revenue recognition has nothing to do with CCB. We exceeded expectations for CCB in the second quarter. And that was really driven by strength of the platform. As I mentioned earlier, it's 40% of our new sales and 30% of total sales, and OT was also strong here. So the takeaway here is some of our highest selling prices, we're getting great traction. It's a large and growing market opportunity, exposure management and industry analysts and others are taking note. And it will be a catalyst of growth here, the continued traction we have with the platform. And in terms of revenue, there was -- the mix of business within revenue can vary from quarter-to-quarter and opportunities among products can also vary. And so this quarter, we -- the mix was slightly higher than expected with regard to products that have some upfront revenue recognition. We don't expect that to continue in the second half of the year, and that's factored in our outlook for the full year.

Yes. And the only thing I'll add there, you asked a question about VM. VM was strong this quarter. We hit where we thought we would hit for VM. So it wasn't like this massive outperformance, but came in exactly where we forecasted. So we feel really good about that number and about the growth there. I think when you look at some of the overachievement, as Steve kind of highlighted, it is all about driving Tenable One. It's about the multiple asset types. It's about the premium we get when we sell Tenable One. That is kind of where you saw the beat take place here in Q2. But we're very happy with our core VM business.

Our next question comes from Jonathan Ho with William Blair.

Let me echo my congratulations as well. Can you -- you mentioned strength in the OT and hybrid IT/OT environments. Can you talk about where you're maybe seeing more opportunities? And maybe what's driving sort of a resurgence on the OT side?

Yes. No, it was a great quarter for OT, and our Q3 for OT actually looks pretty strong, too. And what we're seeing there is certain verticals are really starting to play out. So we're seeing really good growth and actually data center build-out is a great example of a vertical that's doing extremely well in regard to adopting OT and then looking at a consolidated platform. You look at food processing, you look at manufacturing, you look at the entertainment industry. So think of like casinos and big, large hotels are some areas we're doing extremely well. And really, what's happening is this convergence, right? So these folks are saying, "Hey, we need OT and we also need exposure management." We need to be looking at not just our operational technology, but all of these other asset types. And so one of the deals that I highlighted was actually driven from an OT initiative. And then when the CISO fully understood what exposure management was about and then how much more visibility they could get in regard to doing exposure management and looking at VM and then other asset types, that was how we differentiated from a pure-play OT provider that cannot do that. So that consolidation story of IT/OT going into the CISO, having a massive amount of relevance right now in the market, right? And we are actually seeing this adoption pick up and as Steve kind of highlighted the numbers, we're happy with our Q2 performance, and we're looking for a strong Q3 there also. So we're encouraged with what we're seeing.

Our next question comes from Mike Cikos with Needham & Co. Mike, are you there? Mike, if you are not muted, we will put you back into the queue and we will move on the next question here. Our next question is from Jonathan Ruykhaver with Cantor Fitzgerald.

So the 360 new enterprise platform customers and the 76 net new 6-figure customers was impressive. Can you talk about that sales motion? Are there any incentives, both either direct or through the channel that might be influencing that success? And then looking at the remainder of the year, how should we be thinking of new platform adds versus expansion? Because it does seem that with Apex, OT exposure management and just the broadening product portfolio that expansion is also a compelling opportunity.

Yes. No, I totally agree, it is a compelling opportunity. But in regards to new logos, we didn't actually do anything different. I think what you're seeing is just this basic adoption of Tenable One and of the platform approach, right? So I think as everyone on this call is very aware, we are 100% channel company, so we don't do direct business. And so we've got a very loyal channel. And so they are getting more comfortable in regard to positioning Tenable One. And as you guys do your channel checks, everything, I think, comes back relatively positive in regard to what our channel is getting enabled on, how they're getting trained, their comfort level of positioning Tenable One is pretty significant. And so I think that's really where you're seeing the traction. And in regard to our own sellers, again, no real -- any major shifts, no big compensation changes or anything like that at all. I think it's just more higher activities. We're seeing good pipeline growth. Some of our marketing and branding exercises are paying off in regard to the top line pipeline build, I think, is strong. And again, I don't want to underplay the third-party analysts, when they're giving you validation in the market. It isn't just Tenable and our partner community saying we're the best EM solution. It's now analysts starting to say it. And I think that's got some forward momentum. So I think that's really it. But no big structural changes, no comp changes, nothing along those lines.

Our next question comes from Junaid Siddiqui with Truist Securities.

I just wanted to ask about your cloud strategy around CNAPP. And you talked about last quarter about Wiz being the acquisition by Google being a potential net benefit for you. Are you seeing any additional RFPs that you're being invited to? And has that contributed to any growth in your cloud security business?

Yes. I mean we had a really strong cloud security in Q2. Pipeline looks good for Q3, Q4. We did see a bit of an increase in regard to inbound inquiries in regard to RFPs once the Wiz Google acquisition was announced, you are not seeing anyone rip and replace Wiz by any stretch of the imagination. But there is a conversation at the CISO level of dual vendor strategy opening up the door, looking at other players. So we have seen a pipeline growth there. And I think one of the big factors you've got to always keep in mind with Tenable and our CNAPP solution is we sell the majority of that as part of the Tenable One platform. So when we truly go in and differentiate from a platform perspective, that's when we have success selling cloud. And so we had a good quarter, and we're optimistic about Q3, Q4 and we said it in last quarter, it's a net positive for us, bottom line, and we're going to continue to drive pipeline off it and then see how we convert.

Our next question comes from Shaul Eyal with TD Cowen.

Congrats on you quarterly performance and improved outlook. Mark or Steve, I wanted to ask specifically about your July performance, which is coming to an end tomorrow. Maybe, Mark, it comes as an easy layup with respect to your reply to Jonathan. I'm beginning to hear some bits and pieces that July has been trending ahead of historical seasonality trends, maybe anecdotally, but curious what is it that you're seeing out there as the first month of your third quarter is coming to an end?

Well, yes, good question. And today, with the end of July, we take everything into consideration when we provide an outlook for the year. And so we look at the flow of our business. And so we specifically look at the first month and look at the results for the quarter and then combine that with pipeline opportunities and our outlook for the rest of the year when we provide an update on our guidance. So as we mentioned on the top line for CCB, we raised the midpoint by $8 million just due to outperformance in the quarter due to increasing confidence in the business in the second half of the year. But I would also say that flow is no different now than any other quarter and where a lot of our new business is closed and transacted the last month. And this quarter, we're heading into what often is a seasonally strong federal quarter. And so we have a number of pipeline opportunities we're going to be working hard to close and convert. And these are very sizable opportunities and very strategic deals and all focused around not only VM, but also the platform.

Our next question is from Shrenik Kothari with Baird.

Robert W. Baird & Co. Incorporated, Research Division Congrats, Steve, Mark and team. Just a follow-up to earlier question by Andrew and your answer around federal scrutiny and net retention. And with the improved visibility in the federal renewals you mentioned, specifically on the retention expansion opportunity, can you comment on whether these federal renewals are skewing towards kind of more tactical VM or also seeing more opportunity for platform consolidation, Tenable One, for example, or cloud workloads. Like any comments on how these renewals can see potential kind of added value from Tenable One, if you may?

Sure. And to clarify, the increased visibility that we have around our renewal base in federal is specifically on the renewal itself. So we have a number of large 6- and 7-figure expansion opportunities within U.S. Federal. And so we're not saying that we have increased confidence around that or increased visibility. We're cautiously optimistic. We have a lot of pipeline opportunities. These are big meaningful deals, and we'll be working hard to close them. And we're saying we just have a little more visibility into the renewals themselves. So the expansion opportunities do cut across not only just VM, where historically, we've built a sizable base of business there, but also cut across other things like cloud, OT, but more broadly the platform itself.

I totally agree. Steve kind of nailed it right there. It is better visibility in regard to that renewal base and new business is still going to be something where we've got to really micromanage because there's still some issues and challenges that flow through the federal government, but we are definitely a little more optimistic. I think when you look at Tenable One, the great news, right, is we now have FedRAMP authorization for Tenable One and for our cloud security. So as a traditionally very, very strong VM core base there, obviously, we're engaged with that installed base talking to them about Tenable One, talking to them about cloud security and other asset types. So we're feeling good, and we're happy that we have a little more visibility on the renewal base, and we'll go from there.