Lisa Sheldon - Investor Relations, Vice President at ICR Udi Mokady - President, Chief Executive Officer, Director Josh Siegel - Chief Financial Officer.

Saket Kalia - Barclays Capital Karl Keirstead - Deutsche Bank Sterling Auty - JPMorgan Jonathan Ho - William Blair John Lussier - JMP Securities Gary Powell - Wells Fargo Securities Michael Kim - Imperial Capital Catharine Trebnick - Dougherty & Company.

Good day and welcome to the CyberArk Software second quarter 2015 earnings conference call. Today's conference is being recorded. I would like to turn the conference over to Lisa Sheldon, Investor Relations. Please go ahead..

Thank you, operator. Good afternoon. Thank you for joining us today to review CyberArk's second quarter 2015 financial results. With me today on the call are Udi Mokady, Chief Executive Officer and Josh Siegel, Chief Financial Officer. After preliminary remarks, we will open up the call to a question-and-answer session.

Before we begin, let me remind you that certain statements made on the call today may be considered forward-looking statements, which reflects management's best judgment based on currently available information.

I refer specifically to the discussion of our expectations and beliefs regarding our projected results of operations for the third quarter and 2015 fiscal year. Our actual results might differ materially from those projected in these forward-looking statements.

I direct your attention to the risk factors contained in the company's Annual Report on Form 20-F filed with the U.S. Securities and Exchange Commission and those referenced in today's press release. CyberArk expressly disclaims any obligation or undertaking to release publicly any updates or revisions to any forward-looking statements made herein.

Additionally, non-GAAP financial measures will be discussed on this conference call. A reconciliation to the most directly comparable GAAP financial measures is also available in our second quarter 2015 earnings press release, which can be found at www.cyberark.com in the Investor Relations section.

Also, please note that a webcast of today's call will be available on our website in the Investor Relations section. With that, I would like to turn the call over to our Chief Executive Officer, Udi Mokady.

Udi?.

Thank you, Lisa and good afternoon, everyone. Thank you for joining us to day for the call. Q2 2015 was another exceptionally strong quarter for CyberArk. Our results exceeded our guidance across all financial metrics.

CyberArk reported total revenue for the second quarter of $36.4 million, a 70% increase over Q2 2014 and our licensed revenue doubled year-over-year. We also reported strong non-GAAP net income of $6.6 million, resulting in non-GAAP net income per diluted share of $0.19.

We again generated healthy demand for our platform and are capitalizing on the increasing opportunities in our pipeline. Our business continues to be driven by the shift from tactical, compliance driven projects to strategic approaches to implementing enterprisewide privileged account security.

This shift is enabling us to capitalize on the expanding cyber security budgets, participate in larger opportunities and be seen as a strategic, trusted partner. CyberArk's comprehensive and unique platform approach continues to be a strong source of competitive differentiation.

Our ability to protect both password and as safety credentials isolate and protect privileged sessions, manage privileged credentials used by humans as well as by applications, all in a shared technology platform enables our customers to protect privileged credentials throughout their organization with a single solution.

Our unique continuous monitoring and real-time detection of malicious privileged activity compliment our proactive controls and provides additional competitive advantage. We now have more than 1,900 customers worldwide and our new customer acquisition and customer cross-sell engines both performed very well again this quarter.

Our top 10 deals for the quarter were evenly split between new customers and existing customers that expanded their existing licenses and purchased additional products. We are seeing a positive trend in multiproduct sales to new customers.

During the first half of 2015, we saw that more than 25% of our new customers purchasing three or more products, a significant increase from the prior competitive period. And there is still plenty of room for upsell and cross-sell across these customers and our installed base.

This demonstrates strong execution against the market demand for a comprehensive privileged account security solution. In Q2, we saw bookings more than double for multiple verticals, with the largest year-over-year growth coming from healthcare and the energy and utility markets. In fact in Q2, our two largest deals were in the healthcare vertical.

We have seen a cyber attack in a particular vertical increase awareness and activity within that same vertical. This happened in retail as a result of the Target and Home Depot attacks. In the case of Anthem attack however, we are seeing a broader ripple effect.

We believe this is driven by the fact that almost every organization stores their customers' and employees' personally identifiable information and therefore have a similar risk. But the strength of our business continues to be from the diverse set of markets and companies we serve.

In Q2, our top 10 deals came from eight different verticals including healthcare, financial services, manufacturing, professional services, media, energy, telephone and consumer packaged foods.

We sold to multiple Fortune 100 companies as well as mid-tier banks, mid-cap technology companies and smaller organizations like a community hospital and a metro U.S. airport. We continue to show good progress in the government market, closing multiple new business opportunities. The list includes wins in U.S.

federal agencies, state agencies and local municipalities. While we are still in the early stages of building out our government presence globally, we are having success and believe this is an excellent potential. In particular, we believe that the U.S. federal market is underserved and see opportunities for growth in the coming quarters.

The headline about the Office of Personnel Management breach on the front page of the New York Times explained that, "Chinese hackers had privileged access to government systems." This put the focus squarely on privileged accounts.

In addition, the federal governments' 30-day Cybersecurity Sprint listed privileged account controls is one of the top priorities along with timely patching of systems and two-factor authentication.

To help us better address this opportunity, we have invested in and recently announced that CyberArk is the first vendor to achieve Common Criteria Certification for a comprehensive privileged account security solution. This is an important independent evaluation of the security capabilities of IT products, highly valued by the U.S.

federal and other international governments. We also launched a new marketing and sales campaign to capitalize on the heightened awareness of our new certification. The importance of our platform, the strength of our brand and our partner network were also evident in some other key wins this quarter.

For example, advisory and consulting firms continue to help us drive business. As a result proactive penetration testing, one of these firms conducted for a client, privileged account security was put at the top of the security to-do list along with a strong recommendation to evaluate CyberArk.

Based on the advisory's work, we were able to close a sizeable deal within a few short weeks. Third-party risk continues to be a critical security concern for our customers and driver for our business.

In one example, our customer was changing their IT outsourcing vendor, but refused to make the switch until their new vendor implemented strong privileged account controls and monitoring from CyberArk. Last month, we held our annual customer and partner events in EMEA and in the Americas.

This year we hosted nearly 500 attendees in the combined events, which is a 70% increase over last year. And reflecting the global nature of our business, attendees came from 28 different countries.

We believe this growth in attendance is driven by the continued success of our business, but also the increasing importance of privileged account security. The primary themes at both of these events were nearly identical.

Privileged account security is a strategic priority deserving immediate attention and investment and that to do it right, organizations need to deploy a comprehensive solution.

In each event, presentations were delivered that explain how an organization that had suffered a cyber attack relied on CyberArk and our team of experts to help them rebuild trust in their IT systems. And they also articulated how a proactive deployment of CyberArk would have prevented or at least severely limited the scope and damage of the attack.

It was proven in these presentations and almost every conversation I had with attendees that the privileged account security is a high priority for organizations and the CyberArk's platform approach offers a very compelling value proposition. Finally our M&A strategy includes acquiring innovative cyber security companies that have strong technology.

In Cybertinel, we found exactly that. I am pleased to share that CyberArk has acquired Cybertinel, an approximately 20-person Israeli-based cyber security company. The specialize in cyber threat detection and their innovative technology and expert staff provide strong, complementary additions to the CyberArk team.

In the coming quarters, our combined teams will be working to bring exciting new analytics based capabilities to market that enhance our ability to detect credential threats at the beginning stages of the attack cycle. In summary, we continue to drive our business forward on multiple fronts.

Awareness of the need for privileged account security continues to flourish as the role of compromise privileged accounts and damaging attacks becomes better understood. I am pleased with our go-to-market execution and with our R&D efforts.

We are executing on our M&A strategy and we continue to extend our leadership in the privileged account security market, helping more and more organizations protect their most critical assets from cyber attacks. I will now turn the call over to Josh.

Josh?.

Thanks, Udi. I will start with a more detailed overview of our second quarter and then I will discuss our third quarter and full year 2015 outlook. This was another strong quarter for CyberArk as we exceeded our guidance across all the key operating metrics. Starting with the top line. We generated revenue of $36.4 million, up 70% year-over-year.

The revenues consisted of $22.3 million in licenses, increasing 100% over the prior year period and representing 61% of total revenue. It was our license growth which drove our overachievement in total revenue again this quarter.

In addition to consistent return of our existing customers, we benefited from an increase in new customers making larger initial commitments to us in buying multiple products.

Maintenance and professional services revenue was $14.1 million, increasing 38% over the prior year, driven by the high rate of renewals from our growing installed base and coupled with new maintenance revenue from the licenses delivered over the last four quarters. Looking at the business geographically.

In the second quarter, we saw broad-based growth. Revenue in the Americas increased 93% year-over-year to $20.7 million or 57% of total revenue. EMEA grew 32% to $12.3 million or 34% of total revenue and Asia-Pacific more than doubled to $3.4 million or approximately 9% of total revenue. Turning to margins.

I will review our results on a GAAP basis and where applicable on a non-GAAP basis. Non-GAAP numbers exclude stock-based compensation, pro rata expenses related to the follow-on offering of secondary shares that we completed in June and warrant revaluation expenses, which we reported specifically in the second quarter of 2014.

Please note that a full GAAP to non-GAAP reconciliation can be found in the tables of our press release. Our second quarter gross profit was $30.3 million or 83% gross margin, in line with the gross margin in the same period last year. And for the first half, we maintained our 85% gross margin level.

In the second quarter of 2015, license cost of goods sold was impacted by relatively higher demand for our appliance product as well as the software module we currently deliver on a resale basis.

In regards to our operating expenses, we believe our success is a direct result of the increased investments we have made across all fronts and you should expect us to continue along with our path of investing to drive growth and long-term scale, but also keeping our focus for realizing solid returns on these investments.

For the second quarter, R&D expenses grew 28% year-on-year to $4.3 million, reflecting our ongoing investments in product innovation. Sales and marketing increased 60% year-over-year to $15.4 million and we are pleased to see the investments we have been making driving the significantly higher levels of license growth.

Lastly, G&A increased 148% to $4.1 million. This growth primarily reflects increased advisory services related to operating as a public company, ongoing incremental employee related expenses and combined with $487,000 related to expenses for the sales secondary shares in the follow-on offering we completed in June.

In total, operating expenses for the second quarter of 2015 were $23.8 million or a 62% increase over the second quarter of last year. Also for the second quarter, we delivered bottom line results ahead of our expectations as we continued to outperform at the top line, while we managed expenses in line with our budget.

GAAP operating income was $6.5 million, up from $3.1 million in the second quarter of last year. Our non-GAAP operating income was $8.2 million, resulting in a 22% margin compared to $3.3 million and a 15% non-GAAP operating margin in the prior year period.

Non-GAAP operating income for the second quarter this year excludes $1.1 million of stock-based compensation expense and the $487,000 in secondary offering related expenses compared with $184,000 of stock-based compensation in the prior year period.

Net income on a GAAP basis was $4.9 million for the second quarter, up from $1.2 million for the second quarter last year. GAAP net income per diluted share was $0.14, compared to a net loss of $0.01 in the second quarter of last year.

On a non-GAAP basis, our net income was $6.6 million or $0.19 per diluted share for the second quarter this year, compared to $2.4 million or $0.09 per diluted share for Q2 last year. These are based on 35 million and 27.4 million weighted average diluted share count.

During the quarter, we had a financial income of $327,000 primarily due to foreign exchange gains compared with the $1.1 million of financial expense in the same period last year, mainly from warrant revaluations.

As you know, foreign exchange gains and losses can fluctuate and our guidance does not consider any additional potential impact to financial and other income and expense associated with foreign exchange gains or losses as we do not try to estimate future movements in FX rates. Turning to our balance sheet.

We ended the quarter with $283.8 million in cash, cash equivalents and short-term deposits inclusive of the $52.7 million raised in our follow-on offering which closed in June.

In the first six months of the year, we generated $36.3 million in cash flow from operations, up from $12.7 million generated from operations in the first six months of last year. We ended the second quarter with 523 employees compared with 387 at June 30, 2014. That's an increase of 136 globally.

Now moving to the guidance for the third quarter and full year 2015. Our guidance includes the acquisition of Cybertinel which is not expected to have a material impact to our third quarter and full year 2015 financial results.

For the third quarter of this year, we expect total revenue of $36 million to $37 million or 31% growth year-over-year at the midpoint. We expect non-GAAP operating income to range between $5 million to $5.9 million and non-GAAP net income per diluted share of $0.11 t o $0.13. This assumes 35.5 million weighted average diluted shares.

Our Q3 non-GAAP operating margin guidance reflects the full run rate of the headcount increases we made in the second quarter and we expect to continue hiring in the second half of the year across all fronts, but with an emphasis on our sales, R&D and professional services teams to drive our revenue growth into 2016.

For the full year this year, we are raising our guidance and now expect total revenue in the range of $145 million to $147 million or growth of approximately 42% year-on-year at the midpoint. We are also raising our non-GAAP operating income guidance to be in the range of $28.8 million to $30.5 million or approximately 20% operating margin.

And we are raising our guidance for the non-GAAP net income per diluted share of $0.62 to $0.65. This assumes a 35.4 million weighted average diluted shares. Our guidance reflects the strength we are seeing in our business as well as our ability to realize leverage in the investments we are making to drive growth and scale in the business.

So in closing, we had another strong quarter, we continue to experience strong momentum in the business and believe we are extremely well positioned to continue to win in our market. With that, I will now turn the call over to the operator for Q&A.

Operator?.

[Operator Instructions]. Our first question comes from Saket Kalia from Barclays Capital. Please go ahead..

Hi guys. Thanks for taking my questions here..

Go ahead, Saket..

Hi Udi. So first maybe for you, you mentioned that more customers are going with multiproduct deals.

Besides the Enterprise Password Vault, which I would imagine most customer start out with, what are those products that are resonating the best in some of these larger multiproduct deals?.

Yes, definitely. I think we often talk about the one-two punch, where it allows our customers to take EPV to vault credentials and then PSM to create the isolation layer and recording and monitoring.

The kind of the third punch that we are seeing more and more is our PTA, our Privileged Threat Analytics, as they are putting a proactive control in place and they are adding the advanced detection around it. So I would say those are probably the top three in combination..

Got it. That's helpful. And then Josh, you had a pretty big quarter-over-quarter increase in deferred revenue. Was it just a very strong maintenance renewal quarter? Or was there maybe a higher component of deferred license this quarter than usual? Any color there would be helpful..

Yes, Saket. We had actually a very strong increase on the support and maintenance and that comes with the territory when we are growing our licenses expenses as fast as we are growing them, for example with the 100% year-on-year this quarter and also in the first quarter, we also had significant growth on those license revenues.

So that is one component. We did also have a stronger component than usual on the license piece going into deferred revenue, but still being within our range of what we have seen historically..

Got it. That's helpful. And lastly, if I could squeeze it in and a little bit more strategically. We also saw CA acquire one of your competitors, Xceedium.

Maybe if you just talk to us a little bit about how tough the competitor Xceedium was standalone? And maybe what sort of impact do you think this might have on the business going forward?.

Sure. I think the best way to describe it in pictures is to look at the IDC report we talked about that was released late last year that really show that Xceedium was not ranked very high on strategy or capability.

We didn't see them much in the market and since we competed very effectively against CA so far, we think that we will e continue to have our competitive edge. We continue to dedifferentiate with really more products and may actually see some disruption in this acquisition..

Got it. That's very helpful. That's it for me. Thanks..

Thank you..

And we will take our next question from Karl Keirstead from Deutsche Bank..

Thank you. I will start off with a question for Udi.

The Cybertinel deal, I understand its a little bit more of a group hire than it is a classic acquisition, but could you elaborate on the strategic value of this in particular, are these technology skills you are picking up intended to complement your current privileged access focus? Or does this acquisition take you into a new threat detection area where you might be competing with a host of new vendors, FireEye and otherwise? Perhaps you could collaborate.

Thanks..

Sure. So I will start with, no, we are not getting into an area into competition with FireEye and others. Actually we see them as a strong partner and we expect this to even strengthen our partnership.

I will also say that this is not just an hire, because this group brings very advanced capabilities in detecting advanced threat and also of course, the staff is very knowledgeable in how adversaries are working in the most sophisticated cyber attacks.

So we see this as a strong complement on our current focus, But as I mentioned, in the next coming quarters, we are going to combine it into the privileged account security platform to bring our customers even earlier detection of cyber attacks in the in the attack cycle.

So it's strengthening our advance detection capabilities and definitely bringing in IP and technology that we value along with a great team..

Okay. Good. That's helpful. And then maybe a follow-up for Josh. Josh, on the P&L, one thing that's interesting to me is that you have posted three quarters in a row of license growth in the order of 100%, yet the maintenance and professional services line has actually decelerated and grew 38% in 2Q. The gap between those two lines is actually widening.

Why would we see that? Should we not see maintenance and PS begin to accelerate? Thank you..

The maintenance is the direct component of the license revenue.

I think what we will see is and the maintenance is basically in line with what we, you know from 2014 business more than from 2015 business and what we are going to see the maintenance enjoying the license growth going from the first half of this year, which was growing at a much higher rate.

And as I mentioned to Saket, we actually did get a big increase in our deferred revenues, which is aligned with the license revenue. We are still pretty much at our average rate of close to 20% annually on our license piece and our renewal rate is still very high at above the 90% rate.

So mathematically, it has to fall in line with the license growth..

Got it.

It's not like the PS portion of that revenue segment is going through any unusual change?.

No. In fact, over the last six months, really the last three quarters, we have seen a big increase on a year-on-year basis on our PS in line with the big increases that we are seeing on the license revenue and now it's at a new steady-state as we have been growing the license revenue at this new rate..

Got it. Understand. Okay. Thank you, both. Great quarter..

Thanks..

And we will take our next question from Sterling Auty from JPMorgan. Please go ahead..

Yes. Thanks. Hi guys. Wonder if maybe I could start with, Udi, in the press release, there is the talk about the move to strategic purchases and deploying it from tactical compliance.

Can you give us maybe a couple of examples of customer purchases in the quarter where the technology was being deployed beyond just the IT workers and IT department for privileged account security?.

I would say that, in taking a strategic approach and we saw that a lot in the two customer events. You have customers that traditionally brought our solution for compliance reasons and then deploy it mostly to please the auditors.

The big shift that is happening is because that in every one of the major breaches, it turns out that the way to really escalate and get the goods was hijack privileged credentials.

And so when we talk about strategic approach, then we look at the entirety of their IP infrastructure and look to deploy CyberArk and again with more than one product across that entire infrastructure.

We continuously have examples where it's beyond the privileged accounts that are used by IT users, although there are thousands of those, but also we have solutions like OPM where business users are reduced to least privilege to limit the exposure on the endpoint and on UNIX servers..

Got you.

And on the acquisition, I want to make sure I am clear, is Cybertinel going to end up being, when you bring them in, is there going to be a new product that you are actually going to be selling to your customers based on this acquisition? Or does this just bolster the existing vault, PSM, et cetera?.

So for competitive advantage reasons, we are not getting into that at this point. It's going to be integrated into our technology, but it could definitely end up expanding our solution set..

Because just following up on Karl's comment, I think while we are jumping to that, when we all do the preliminary Google searches like that and read some it, it all comes up as advanced persistent threat detection. It has a lot of the buzzwords that we see with FireEye and Palo Alto ad others.

So just trying to be clear in terms of how this ends up complementing your solution without stepping on the toes on the partners?.

Not exactly. And that is very important for us, because we are not getting into the endpoint security market and we will continue to be complementary to those partners. What we are doing is taking their capabilities to enhance our ability to detect credential misuse.

It's all in the world of how do you expand lateral movement, how do you get the ability to hijack credential. So it's really all about providing additional value to our customers earlier in the attack chain in our world of preventing credential theft and privilege escalation. In our hands, this is going to be a logical extension of what we do.

So I am really happy to clarify that. It's going to be a different value proposition than what may turn up in Google and we will continue to partner with the likes of FireEye and others..

Got it. Thank you, guys..

Thank you..

And next we have Jonathan Ho from William Blair. Please go ahead, sir..

Good afternoon and congrats on the strong quarter. I wanted to start out with maybe the demand pipeline and what you guys are seeing there in terms of the sustainability of demand.

I think in the past, you have talked about sort of an inflection point and yet as we look at guidance, it seems like for the full year, there is some expectation that you will be hitting some tougher comps.

So I just wanted to understand, number one, how you guys think about the demand environment itself and number two, sort of the sustainability of that throughout the course of the year?.

Sure, Jon. I will start and Josh can elaborate. I think we are continuing to find that privileged account security is a greenfield opportunity where most organizations in the world have not put any layer in place on the inside against this major attack point that is that is all around their infrastructure.

And so account after account, we found either nothing or were replacing something very, very tactical.

What we saw and as I mentioned in Sterling's question, is that more and more customers are understanding that the new reality is that they shall be breached and what do they do in order to really prevent attackers from getting that stronghold and moving around.

And so we are very bullish on the on the opportunity to continue to execute globally, leverage channels and our hybrid go-to-market to bring this new layer to the front. And of course, like I mentioned, naturally we have some strong compares but it's not a reflection of the opportunity ahead..

Yes. And Jonathan, if I would add and translate the demand environment to the pipeline, we actually are seeing really our pipeline growing for the business into the second half. We are getting a lot more visibility, certainly into Q3 and as well as into Q4.

And we, I think, are raising the guidance to the revenue levels, the annual revenue levels that we talked about earlier in the call to $146 million at the midpoint reflecting over 40% growth year-on-year while also still retaining our robust 20% operating margin level, I think really indicates the confidence that we have for this demand environment and for our continued investment to be able to hit on this demand environment..

Got it.

And if you can just touch on maybe the go-to-market investments that you are making? Are you able to sort of find enough people? How long does it typically take for them to become productive? And just maybe give us a sense of where those investments are going?.

So as you heard, we continue to increase our headcount dramatically, finishing the quarter at 437 people. We are seeing the headcount grow across each of the areas. 523 people. I am sorry. It's growing so fast, it's changing as we speak.

And it's growing across all the areas and specifically sales and marketing is the fastest-growing department there as well.

Although I will say that we are growing the revenue business faster than we are growing that headcount and we are really able to get great execution out of our sales teams and increasing the sales and their quotas per person as we go into 2015.

So there are a lot of companies out there hiring, but we feel that there is a lot of demand that are coming into CyberArk, seeing our growth rate. And in terms of the sales cycle of them coming on board, we actually feel that they are coming on board and being able to contribute faster than I would say 12 months ago.

And part of it is, they are coming into regions with already more developed pipe and also we are able to attract people who are coming from the industry and with a full Rolodex already..

Great. Thank you..

Thank you..

And next from JMP Securities, we have John Lussier. Please go ahead..

Hi guys. Thanks for taking my questions. First question, it sounds like your cross-selling has gone pretty well over the last several quarters. And I think last time you updated us, there are about 1.5 products deployed per customer.

Has that number gone up? And then where do you expect that to go over the next year or two?.

So I think if we -- we such a big installed base, so in order to move the needle on average, we are going to have to take some more quarters and will look at that again at the end of the year and report on that.

But I would say one thing that we did allude to today is that we are seeing of our new customers coming on board a meaningful increase of our new customers buying multiple products, including even three and more products as they come on board..

Okay. And then I had another -- go ahead..

I will just add, that from our existing customers, we are still seeing the consistency of over a third of our customers coming back and buying more products or new products as well..

Okay. And then I had another question on the Xceedium acquisition.

Do you think this could be an early indicator of consolidation in the PAM space, especially as large infrastructure providers and security companies start to really realize the importance of privileged account security?.

Yes. I think it definitely shows that, again for a company like CA, they saw the strategic importance and they see that their customers are asking for this and of course, the CyberArk success is showing the growing market demand here.

So again, I can't forecast the amount of smaller guys or addition of smaller guys to be picked up, but they definitely chose to go now, based on the success we have had in the market..

Okay. Thank you..

And next we have Gary Powell from Wells Fargo Securities..

Great. Thanks for taking the questions. Just a couple, if I may. So over the last year or so, you have seen your license revenue and billings grow well in excess of the pace of your sales and marketing spend.

How sustainable do you think that is? And then do you see any opportunities to further invest in sales and marketing initiatives?.

First of all, Gary, welcome on board in covering CyberArk..

Thanks..

Could you repeat the question, we want to make sure we got it..

Yes, sure. So over the last year or so, you have seen your license revenue and billings grow well in excess of the pace of your sales and marketing spend.

How sustainable do you think that is? And do you see any opportunity to further invest in sales and marketing initiatives to continuing that pace?.

Okay. And that's kind of a continuation to the last question. We are continuing to grow our sales and marketing teams very aggressively into 2015 and it's the largest grower in terms of our headcount portion. However, as I said before, we are outstripping that growth and that's really I think reflecting a couple of things.

It's reflecting first of all that we are able to attract people to get on the ground and up and running faster and being able to hit their quota numbers faster after their recruit. And I think the other piece is that we have been able to keep our channel sales at pace with our growth.

And that obviously gives us the exponential kick for being able to grow faster than our headcount growth..

Got it. Okay. And then just one more, if I may.

When a customer has purchased the Enterprise Password Vault and then comes back to purchase another product, whether it be Privileged Session Manager or App ID, what's the typical uplift relative to that initial license purchase?.

So I will take that. It's Josh again. When we look at the second product, specifically if it's like a PSM coming in after EPV, it could easily be the same size as the initial sale. And we see that also with some of the other products. I would say, with the Privileged Threat Analytics and the OPM, it would be at some percentage of the original purchase..

Got it. That's really helpful. Thank you very much..

Thank you, Gary..

From Imperial Capital, we have Michael Kim. Please go ahead..

Hi guys.

So in looking at and comparing the market's growth and your growth, maybe if you comment a little bit on the awareness for account security in the EMEA markets? Do you them sort of inflicting similar to what we saw in the U.S.? And clearly a lot of greenfield opportunities and just your sense of the pipeline and your visibility around that? Thanks..

Yes, sure. It's a great question, because we are definitely seeing that the awareness in the Americas, in the U.S., in North America is really heightened.

All the major breaches and the awareness, cross vertical, I think it's for the first time we saw that a breach in one vertical gets talked about in another vertical and we can meet a prospect in utility space and they will talk about a breach in the healthcare space.

So in the U.S., it's really getting there and they have also a lot of our prospects and customers are being more and more proactive to try to learn about what breached entities did to rebuild trust in their IT and many of them did that with CyberArk and go strategic in what they do.

As we go further East down, I would say there is less awareness and there is much more education involved in EMEA and also in APAC, but it's definitely building.

And again, similar things are coming up in our EMEA customer events it really stood out that they were talking about the breach in the German Parliament as a wakeup call for that market, the issues with Polish Airlines that were breached.

So the approach to take privileged account security as a security issue and not beyond a compliance is getting there, but it's a little behind with North America..

And with the previous comments about investing, your growth investments in sales and marketing, should we expect the majority or a great proportion of that investment in the EMEA channel or pretty equivalent between Americans and EMEA?.

I will take this one, Josh, you can add. I think one of the things that CyberArk is really proud about is really diversity in everything we do, geographical diversity, vertical diversity. So as we look at the opportunity, we are happy to invest and also in some of the earlier markets because we know we will see those fruits come in.

I think in previous calls, we gave examples of how South Africa was a region where we has no personnel on our own and as we put people in place, it started to flourish and we have seen that of course in every region that we have invested in. So it's pretty broad-based..

And just one more on PTA.

I guess any comment if you are seeing shorter sales cycle and upsell with PTA and as that product is maturing, any color around the adoption cycle?.

Look, so it's very much attached to the sales cycle of our Enterprise Password Vault and PSM and other products that come altogether. I think the biggest change that we are seeing is that it's more and more perceived as something our customers want to include.

And I mentioned the one-two and now the third punch that they want to include in the beginning.

As there are more awareness that privileged accounts are a critical issue, let's put proactive controls on it, but it's also for the advanced detection to see if there are accounts that are used that are not managed by CyberArk or to see if there are accounts that are misused.

So it doesn't have a different sales cycle from the others, but just the awareness is growing. It's in the pipeline. It's in deals. And it's increasingly a differentiation used by our sales people and by our channel..

Very good. Thank you very much..

And next we have Catharine Trebnick from Dougherty & Company..

Hi. Thank you for taking my questions and the last name is Trebnick. Udi, a couple of questions. One is, the vault platform is typically the first one that gets sold into the customer base.

What are the two other modules that follow that upsell routine?.

Yes. So every customer starts with the privileged account security platform, but it's always with a product. So we typically, at a minimum, have the privileged account security vault platform along with our Enterprise Password Vault.

And I think as we alluded, the most common next one is our Privileged Session Manager and now more and more and of course it could be followed by Privileged Threat Analytics or AIM or OPM, our new SSH and other. As we talked about in the past, the Application Identity Management is a very important product as well.

Very often an upsell product, where a customer first starts with the human users and then expand to application credentials..

All right. And the other question is really a lot of discussion on the sales and marketing and congratulations on the print, one of the questions we have is really around the channel development.

Can you give us some data points on how many new channel partners you have used? Or are you more reliant on some of your strategic partners?.

So we didn't disclose specifically the growth in channels. We also very often believe in quality over quantity. So we are investing in the channel. We are investing in adding and having our own channel manager staff continuously trained and expand our channel presence.

Overall from a revenue contribution, we are continuing to see that it's around 50-50 between our channels and direct. But as the demand is increasing and as the awareness is increasing in the market, the channels are also becoming one, more effective for us, also very bullish about carrying CyberArk as a leading product in their sales processes.

So while I think we are still very underleveraged in the channel, there is a lot that we are doing and we will continue to do in further enabling them, training them, adding new channels in new regions. But it's a very important element in our hybrid go-to-market..

Okay. Last question. One of the companies we come across in the channel quite often is Centrify. And who do you see as other pure play privileged access manager competitors and do you run into them a lot competitively? And then I won't ask any more questions..

No problem. No, we hardly see Centrify in competition. They primarily provide AD bridging, which allows the connectivity between windows environment to the UNIX environment and very often we compliment that. I know they are increasingly trying to position against CyberArk, but we don't see that much in the field.

To your question, in terms of pure play, I would mention BeyondTrust and Lieberman also on the list of private that we see. But the ones that we see the most are Dell, through their acquisition of Quest and CA..

All right. Thank you very much..

At this time, we have no further questions in our queue. And I would like to turn the conference back over to Udi for any closing or additional remarks..

Great. Thank you very much. Q2 2015 was another very successful quarter for CyberArk. The demand for privileged account security continues to increase and we are executing well on the opportunity. We believe our future is very bright.

As always, I thank our customers for placing their trust in CyberArk and our employees and partners that continue to work hard to create value for our shareholders. Again, thank you everyone for joining us this evening..

Ladies and gentlemen, that does conclude today's presentation. We appreciate everyone's participation..