Erica Smith - VP, IR Ehud Mokady - Founder, Chairman, CEO & President Joshua Siegel - CFO.

Gabriela Borges - Goldman Sachs Group Melissa Gorham - Morgan Stanley Fatima Boolani - UBS Investment Bank Gur Talpaz - Stifel, Nicolaus & Company Jonathan Ho - William Blair & Company Andrew Nowinski - Piper Jaffray Companies Howard Smith - First Analysis Securities Corporation Catharine Trebnick - Dougherty & Company Kenneth Talanian - Evercore ISI Gregg Moskowitz - Cowen and Company Alexander Henderson - Needham & Company Michael Kim - Imperial Capital Michael Feldman - Bank of America Merrill Lynch Erik Suppiger - JMP Securities.

Good day, ladies and gentlemen and welcome to the second quarter 2017 CyberArk Software Ltd. Earnings Conference Call. [Operator Instructions]. As a reminder, this conference call is being recorded today, August 8, 2017. I would now like to introduce your host for today's conference, Erica Smith, Vice President of Investor Relations.

Ma'am, you may begin..

Thank you. Good afternoon. Thank you for joining us today to review our Second Quarter 2017 Financial Results. With me on the call today are Udi Mokady, Chairman and Chief Executive Officer; and Josh Siegel, Chief Financial Officer. After the prepared remarks, we will open the call up for questions.

Before we begin, let me remind you that certain statements made on the call today may be considered forward-looking statements. Our actual results might differ materially from those projected in these forward-looking statements.

I direct to your attention to the Risk Factors contained in the company's annual report filed on Form 20-F filed with the U.S. Securities and Exchange Commission and those referenced in today's press release.

CyberArk expressly disclaims any application to release publicly any updates or revisions to any forward-looking statements made during the call today. Additionally, non-GAAP financial measures will be discussed on this conference call.

A reconciliation to the most directly comparable GAAP financial measures is also available in our earnings press release which can be found on www.cyberark.com in the Investor Relations section. Also, please note that a webcast of today's call will be available on our website. With that, I'd like to turn the call over to Udi..

Thanks, Erica and good afternoon, everyone. Thank you for joining us to discuss our second quarter results. Total revenue was $57.5 million, an increase of 14% over the second quarter of last year. Non-GAAP operating income was $8.8 million and we generated about $30 million in cash flow from operations in the first 6 months of the year.

As we discussed in July, revenue was lower than our original guidance as certain large deals in EMEA that we expected to close did not close by June 30. While it is still early, the third quarter is off to a solid start and we're encouraged by the level of activity and the larger deals that up closed across geographies, including EMEA.

Before I discuss the comprehensive analysis of our sales operations which we have been conducting over the last few weeks, I wanted to walk you through a number of highlights in the second quarter. We continue to have success signing new accounts with the new business contributed more than half of our license revenue in the second quarter.

We added over 130 new customers, including 2 Fortune 100 companies bringing us to more than 3,350 total customers.

A few of our 7-figure new business deals included, a large Fortune 100 manufacturing company purchased 5 of our products, while the vast majority of our deals are greenfield, in this engagement, we placed a large legacy vendor which was deeply entrenched in the account.

This customer chose CyberArk because we offer the most secure platform in the industry for the protection of privileged accounts as well as our ability to meet their future operational needs which over time will include cloud migration.

For our manufacturing company in France, it was important we could help protect the organizations entire hybrid infrastructure across on-premise, AWS and that we would integrate privileged account security in its DevOps processes.

This win is a testament to our recent strategic investment in the cloud and we're pleased to have the manufacturer as a strong reference for us in France. We also signed our largest ever Endpoint Privilege Manager deal with a technical professional service company that was looking for scalable global solution.

This organization signed a 3-year SaaS contract for Endpoint Privilege Manager in the cloud to product about 50,000 desktops and 7,000 servers. Q2 was a great quarter for Endpoint Privilege Manager and the mix of deals were well diversified across geographies, industries, size of customer as well as cloud and on-premise delivery.

Customers know that almost all attacks begin at the endpoint with the theft of credentials. They recognize that our unique combination of privilege management, application control and credential theft locking is essential to protecting the enterprise.

Ransomware like WannaCry and NonPetya are a high-profile reminder that every organization is vulnerable. And in the wake of these attacks, we have seen an increase in our pipeline of activity for Endpoint Privilege Manager.

When tested against more than 600,000 Ransomware samples, Endpoint Privilege Manager has proven a 100% effective in proactively blocking Ransomware from encrypting files without patches or software upgrades.

It is important to note that after the initial infection of NonPetya this highly sophisticated strand of malware was able to propagate itself into other workstations and servers by leveraging stolen credentials. In some cases, this led to the encryption of every Windows computer on the network and complete paralysis of business operations.

The threat landscape continues to evolve. Advanced opportunistic attackers alike increasingly leverage privileged accounts to move laterally across the network, demonstrating that it is critical for all organizations to lock down privilege credentials.

With the rapid rate of cloud and DevOps adoption, customers are securing application credentials, machine identity and DevOps processes which is driving demand for application of identity manager and interest in our DevOps strategy.

In the second quarter, a long-standing financial services firms which first became a customer in 2003, extended its deployment of Application Identity Manager beyond Windows servers to include UNIX and network devices.

So far, this customer has a lifetime spend of nearly $10 million with CyberArk, illustrating the significant opportunity within our install base. Our customer response to Conjur has been incredibly strong.

Software delivery is undergoing dramatic change and IT, security and development professionals are working closely together to secure the enterprise without sacrificing the speed, agility and efficiency of the DevOps pipeline. The Conjur integration is progressing and is on track.

The teams are tightly integrated and we're pleased with the early R&D accomplishments, the level of sales engagements and the growing pipeline of opportunities. We recently conducted our EMEA and Americas customer and partner conferences. In attendance were more than 1,500 representatives across the world's leading organizations.

Verticals included transportation, entertainment, media, retail and financial, as well as midsize organizations like law firms, hospitals, universities and local banks. We helped define how security professionals can better protect the organization in the cloud and on-premise.

You could feel the energy, the power of our community and most importantly, it was rewarding to see that protecting privileged accounts is a top priority in security strategies.

While there are number of operational successes in the second quarter, given our revenue shortfall, we have been conducting a rigorous analysis of our sales execution and identify the improvements around sales and channel management in EMEA.

We have promoted Ron Zoran, to Chief Revenue Officer and he will be responsible for executing our worldwide sales strategy across sales, sales engineering and channels to drive revenue growth in all geographies. Ron has been with CyberArk since the company's founding and has held various leadership positions across sales, services and R&D.

Most recently, Ron was running America sales and has continued to raise the standard for business and operational excellence. Ron has build an incredibly strong team who has delivered growth at a compound annual rate of nearly 60% over the last 3 years.

He successfully transitioned the Americas to selling to the C-level base and -- into the C-level based on risk and compliance which helped to establish privileged accounts as a critical layer of security.

He will be working with our VP of EMEA sales to drive strategic operational enhancements that we believe will strengthen our risk-based sales methodology, enhance our channel strategy and deliver more account control.

I'm confident that Ron has the passion, extensive experience and depth of security knowledge to drive our global sales strategy, help scale our business and enhance our execution in EMEA. Across APJ and the Americas, we continue to see strong results.

In APJ, Vincent Gold came on board last year and has done a fantastic job strengthening the team and operational performance across the region. APJ had a very strong quarter, growing revenue by 39% with a solid mix of new and add-on business.

Our team has worked hard to increase awareness of privilege account security and today customers are taking a more strategic approach to protective administrative accounts. While new customers continue to be the primary driver of business in APJ, we saw momentum in add-on business.

As an example, a large retailer in Australia bought more than $500,000 worth of software -- $500,000 worth of software and is rolling out the 2nd-phase of its CyberArk program with deeper penetration of 6 of our products.

While this region is a smaller contributor to revenue at this time, we're confident it will be meaningful for our long term growth. The Americas grew by 21% in the second quarter. While off a small base, Latin America had a record quarter. One new customer, a financial services firm in Brazil purchased all 7 of our products in a 7-figure deal.

The market fundamentals across the Americas region are incredibly healthy. Our pipeline of activity is stronger than it has ever been and the team continues to execute.

We're the undisputed leader in privileged account security and the only solution that can protect the enterprise, on-premise, in the cloud, in hybrid environments and across the DevOps pipeline. Our R&D team continues to define the market by delivering innovation and solving customer challenges faster than the competition.

Protecting privileged accounts is a top security priority. Demand for our solutions continues to build across all geographies and our pipeline is strong. I'm confident that the globalization of our sales organization will play an important role in the execution of our strategy to capitalize on our greenfield market opportunity and drive growth.

With that, I will turn the call over to Josh.

Josh?.

Thanks, Udi. I'll take a few minutes now to walk through some details of our financials. As Udi mentioned, total revenue increased 14% to $57.5 million in the second quarter compared to second quarter last year. License revenue was $30.3 million, representing 53% of total revenue. We saw just over 50% license revenue come from new customers.

Maintenance and professional services revenue was $27.2 million, representing 47% of revenue. Geographically, Americas revenue grew 21% year-on-year to $39.2 million or 68% of total revenue, while the Asia Pacific Japan region increased 39% to $4.5 million or 8% of total revenue in the second quarter.

As we discussed in July, EMEA revenue declined about 5% to $13.8 million or 24% of total revenue. Every organization needs to protect its privileged accounts to be secure which is driving demand for our solution across all industries.

The fastest-growing verticals in the second quarter were banking and financial services, healthcare, professional services, transportation and travel and global governance. As I move through the P&L, all financials, except revenues are presented on a non-GAAP adjusted basis.

Please see the press release for a reconciliation of our non-GAAP to GAAP results. Our second quarter gross profit was $49 million or an 85% gross margin that's compared to an 88% gross margin in the same period last year.

The year-over-year decrease in our margin was primarily due to the mix of business as a result of lower percentage of license revenue in second quarter and to a lesser extent, the increased investment in training, professional services headcount and cloud infrastructure. We continue to add headcount across all geographies and departments.

We ended the second quarter with 921 employees worldwide, up from 867 at the end of first quarter and 734 at the end of the second quarter last year. As a reminder, this includes approximately 20 employees from the recent acquisition of Conjur in May. In the second quarter, our R&D expense increased 20% year-on-year to $8 million.

Sales and marketing increased year-on-year 35% to $27.2 million. We added 107 employees in sales and marketing to expand our reach and enhance our marketing presence around the world. G&A expense increased 34% year-on-year to $5 million.

In total, operating expenses for the second quarter of 2017 increased 32% year-on-year to $40.2 million compared with $30.5 million in the second quarter of last year. For the quarter, the resulting operating account was $8.8 million or 15% operating margin.

Net income was $7.7 million or 21% -- $0.21 per diluted share for the second quarter of 2017 compared to $10.5 million or $0.29 per diluted share for the second quarter last year. Turning to our balance sheet. We had $283 million in cash, cash equivalents, short term deposits and marketable securities compared to $295 million at year-end.

The decline in our cash was because of the approximate $42 million in cash consideration for the acquisition of Conjur in May which was significantly offset by our strong operating cash flow generation in the first half of the year of $29.7 million. This compares to $21.4 million operating cash flow for the first 6 months of last year.

Moving on to guidance. For the third quarter of 2017, we expect total revenue of $62 million to $63 million and non-GAAP operating income to range between $8.2 million and $9 million. Non-GAAP net income per diluted share of $0.17 to $0.19. This assumes $36.4 million weighted average diluted shares.

We're using a 23% tax rate in our third quarter guidance. Our Q3 guidance for operating income reflects our Americas customer conference that was held in July and attracted a record number of more than 1,000 customers and partners and a full run rate of expenses from the 54 employees we added during the second quarter.

We expect our full year 2017 revenue to be in the range of $253 million to $256 million or a growth of approximately 17% at the midpoint. We expect non-GAAP operating income to be in the range of $46.4 million to $48.4 million and our non-GAAP net income per diluted share of $1.02 to $1.06. This assumes $36.3 million weighted average diluted shares.

We're also using a tax rate of 23% for the full year guidance. The market for privileged account security is strong and we believe the investments we're making will enable us to continue to capitalize on our opportunity. I'll now turn the call over to the operator for Q&A.

Operator?.

[Operator Instructions]. And our first question comes from the line of Gabriela Borges from Goldman Sachs..

First question to Josh. I want to hear a little bit of how you go about the guidance for 3Q and 4Q? Particularly if any of your forecast functions changed after last quarter [indiscernible]..

Yes, I think, we look at the overarching methodology really hasn't changed. We look at the opportunity, the visibility and our ability to execute against the opportunity. And as we talked about on the call, we're confident about the opportunity, the fundamentals of the market are incredibly strong in all of the geographies.

But I would say that given our result in the second quarter, we're looking more closely at our ability to execute in the EMEA -- in the EMEA territory.

We believe that when we look at the guidance that it strikes kind of the right balance between the areas of improvement that we've identified in EMEA and the organizational changes that Udi talked about to globalize the sales organization.

And that we have to balance that with bridging into really the strong market opportunity that we see in front of us.

Does that help you out?.

That makes a lot of sense. And I have a follow-up, if I could for Udi, on the globalization of the sales team.

Could you give us a little more detail on what you think the priorities of [indiscernible] will be [indiscernible] of the areas that you're triangulated that need the [indiscernible] in the near term?.

Excellent, Gabriela. I think we -- what we found is we want to replicate and extend the disciplined and programmatic approach that we had to -- to help the sales processes in the Americas to EMEA, meaning better account control and pipeline management on the execution side.

And from a sale methodology, really shifting our sales approach to include risk-based selling on top of the compliance drivers is really leading with risk-based selling and continued enhancement to -- to the channel strategy.

So we're talking about more rigor and more disciplined and really replicating processes that have worked for us very well here. On top of that or complementing that are strong emphasis on the pipeline creation and nurturing within this greenfield opportunity..

And our next question comes from the line of Sterling Auty from JPMorgan..

This is [indiscernible] on for Sterling Auty. Udi, mentioned that the third quarter is off to a good start and you saw some solid deals that were closed in the EMEA in the quarter.

Just to dwell deeper into that, is it the same deal that have been taking long to close in the second quarter that you have closed this quarter? Or are you seeing some new deals within the pipeline and heightened demand in that particular region?.

Both. It was very important for us to see that the deals we thought were closed in June and didn't. We're tracking them and their active and many of them have closed since. And that was very important for us. And of course, we're cultivating pure Q3 pipeline and to close them to see that close as well. So this year, a healthy start to the quarter..

And secondly, given that Europe is mostly channel-based selling.

How are you engaging the channel to ensure that things are brought on track? And are you planning to increase more direct touch to your customers in Europe?.

We'll continue with our channel model and we have really strong channels there. But we can do better in working with them, while retaining account control. So in these engagements to be side-by-side with the channel with higher touch to ensure that we have the right visibility and also are guiding the customers to make the right security decisions.

After all, that's the mission here. And from an infrastructure perspective, to really invest in training the channels to make them more and more self-sufficient. But definitely, continuing to embrace channel as a strategy..

And our next question comes from the line of Melissa Gorham with Morgan Stanley..

Udi, when we spoke a few weeks ago, you talked about some of the noise that was impacting sales cycle, particularly, in Europe, around the Ransomware attacks.

I know it hasn't been that long, but I'm just wondering if you have seen any change in that noise? And maybe any change in the sales cycle perhaps as the noise starts to ease a bit?.

No, absolutely. I think, in the first days, after this attack, customers are usually very overwhelmed by many vendors and CyberArk as a strategy takes a very long term approach to this. But on the other side of this, we're seeing this translate to pipeline. So more customers are educated that they're vulnerable.

And more and more customers understand they want to prevent that initial infection on the endpoint and potential threats on the endpoint. And also, as I mentioned with NonPetya, it reeducated that once in, they try to steal credentials. So we're seeing that as having an effect on pipeline along with the drivers that we've had -- we've had before..

Okay. Great.

And then on the globalization of the sales team, what are your expectation in terms of the timing around that process? Where do you start -- when do think you will start to see improved productivity from those -- those changes?.

So in terms of putting this in motion, we've hit the ground running. And the team is really excited to -- it's also the right space for us to make this change for long term growth. And so, it's in motion.

Obviously, the guidance takes into -- it takes into account the fact that certain changes take time and that there are earlier changes that you can do faster. But I would view this as a long term growth driver for CyberArk for scaling the organization.

It's also a move of well-respected executive within the company and therefore, has a lot of buy-in from the team. And we don't have the noise or distraction that an external move would have created. So it's a positive and the team really views it this way and the guidance reflect the timing of it..

And our next question comes from the line of Fatima Boolani with UBS..

Udi, you talked about one of your largest endpoint privileged management deals in the quarter being a cash deal deployed in the cloud.

And I'm wondering as we moved -- continue to move down the path of enterprises, cloud enabling everything, how does that impact the on-premise delivery of the rest of the business suite? And how we should think about that mix in the subsequent quarters?.

Sure, absolutely. I think the beauty of the Endpoint Privilege Manager is the customer can consume it on-premise or on cloud and it doesn't secure credentials, it's not storing the credentials of the customer and therefore they are very comfortable with choosing our SaaS option.

For enterprises, we're seeing that they would still prefer to consume our enterprise -- -- especially the vaulting, the vaulting of credentials in either an on-premise solution or to own it, but to put the -- to implement it in the cloud which is an option that we're giving them..

And a quick follow-up, if I may, on Ron's promotion to essentially what sounds like harmonization of your global sales efforts.

I'm wondering if that necessarily implies a sales leadership back in the Americas, if you're looking to fill that seat? Or how does that sort of elevation of Ron's role impact the sales organization go-to-market in Americas currently?.

Harmonization is a great word and really how we view it. And as a very strong leader, Ron created a very strong team underneath him. So for now he's going continue to work with his direct reports. And down the line, we will see what the right structure is, but it's flowing very well right now..

And our next question comes from the line of Rob Owens from KeyBanc Capital Markets..

This is Mike on for Rob Owens.

A lot of my questions have been answered, but if you guys could talk, I guess, qualitatively about whether GDP has been a source of -- whether there's been an uptick in the incidence of GDP conversations? Or whether it's driven any incremental pipeline build? And then also backing out a little more macro, what are your customers, I guess, widely speaking, new customers consider privileged these days? I know from CyberArk's perspective quite a bit is privileged, quite a bit can allow unauthorized access.

But when customers come to you, how are they generally viewing the word privileged? And the risk that comes up around that?.

Sure. I'll start with the last one. They're viewing as privilege anything that can allow an attacker or malicious insiders to get excessive controls to the infrastructure, data and more and more cloud infrastructure. And so the -- we talked a lot about the keys to the IT kingdom, more and more it's also the keys to the cloud kingdom.

We've demonstrated and others have demonstrated that you can through taking over AWS infrastructure and AWS controls, to get even stronger access and full takeover of cloud infrastructure. So it's -- these multiple points of that -- that companies run on because the company's run on IT and applications.

IT and applications need to be administered and communicating.

And for the human side, it's those credentials that allow a human stronger access and for the application side which is a whole world in itself -- it's the whole world of how applications consume credentials and other keys to talk to each other or in the DevOps world, it's the world of what's called secret.

Back to GDP, I think as I said in the past, in some cases, it did create confusion for customers because it's not very prescriptive. And the approach we took is really to be, I would say, very transparent with our customers into the fundamentals where privileged account security-- you can't have data security without privileged security.

You can't control a database containing private information if there is a way to get full access to the full database through privileged access. But it's not -- there is no one solution that is the GDPR solution.

So we go-to-market is really work with our partners to make it a pillar of really, think cyber security, think risk and it will help you with GDPR compliance. That is the way that we think is right for the customers. And therefore, that is our go-to-market.

That is definitely a lot of activity marketing, field marketing associated with it, but in a way, that's what the customers really expect and respect..

That make sense. I guess, if I could briefly clarify.

In terms of your core solution, how much are you seeing an option expand beyond the Head of IT sycophas? Or the Head of the IT architecture? How deep is this penetrating into the organization? Or are people mainly protecting the most valuable accounts?.

No. So actually, we're a layer that cuts across the entire IT infrastructure.

So it will be owned by the Chief Security Officer or the CIO, but underlying are all pillars of IT, whether it's UNIX infrastructure, Windows infrastructure, networking, cloud infrastructure, all of these need to be protected and so you can -- you can think about it as a layer that cuts across.

In some cases, touching the humans that may be in the administrative or development of roles in the organization. And in the other angle, expanding to the numerous and ever-growing application world in these enterprises. So we're touching security, we're touching operations, we're touching cloud infrastructure.

And of course, behind the scenes, the business because the business runs on IT..

And our next question comes from the line of Gur Talpaz from Stifel..

So, Udi, you mentioned public cloud, as a differentiated, multiple times, including in a Fortune 100 [indiscernible] which I thought was interesting.

Can you talk about how your solution benefits from the hybrid cloud or the public cloud? And I think more importantly, how you're differentiated versus your competitors in that environment?.

Yes, I think, what we -- what -- in the hybrid enterprise, we can take the customer to the full journey from their legacy infrastructure, all the way to their cloud infrastructure and DevOps. We're the only player in the market that extends to DevOps security and the ability to manage keys in this high velocity world with the acquisition of Conjur.

And -- but we do the full gamut under a single -- under a single platform as we go about it. Many of our customers choose it because they see the extension of you're securing our now and you're securing our today and you're securing our tomorrow with the ability to expand.

When it comes to cloud infrastructure, when we're talking beyond the applications and Conjur, we actually -- we view cloud-based infrastructure as another system that we protect, whether it is servers are running in the cloud, whether it's the cloud consoles themselves.

And of course, applications they're running on the cloud, they all rely on credentials and keys. And we give the customer automatic ways of finding them, securing them, putting them under control without -- and allowing the business to run fast..

That's helpful. And Udi, maybe one follow-up, if I might. Given that we're in Q3, how do you think about the Federal space? And how that's shaping up? It's been a bigger driver over the past few years.

How do you think about the sort of set up into this federal quarter?.

Yes. We've been investing in it. And definitely, it's an important vertical for us and has been performing well year-to-date. And, so obviously, a lot of federal deals happen in the quarter. And we've been investing to be able to capitalize on that..

And our next question comes from the line of Jonathan Ho with William Blair..

I just wanted to start with the sales force and just seeing whether you're seeing any sort of additional attrition or any sort of need to remap accounts particularly with these changes?.

Jonathan, I think, one of the strengths of the move we did is really promoting our highly valued and well-performing executive with Ron to take on the and expand to the globe.

So it's a move that, that is well-respected among the sales organization and just like -- just like we feel and they do, the sales team knows that we're sitting on a phenomenal greenfield opportunity and they want the best practices and they want the rigor to take it forward. And we have a very strong team.

There can be natural attrition every time you make changes. And of course, we expect excellence and strong execution from our team and one of the reasons we're doing that. But as an eternal move, we're expecting to have the results we're planning for..

Got it.

And then if you could talk a little bit about sort of the opportunity set around key management? I mean, just given the recent concerns around Google Symantec, are you seeing sort of more prioritization for services in key management and sort of more opportunities through that to sell into these organizations?.

Yes. I would say -- and that maybe goes back to the original question. When customers are asking about privileged and in that scope, more and more, it's not just administrative credentials, but exactly that -- the various keys and SSH keys that are creating these connections.

Our DNA and are scanning has been -- which is a free tool that we provide and helps the organization find out the various keys that they have in place -- has been continuously expanding to find the new forms of keys that make up the cloud infrastructure and to make it easy for the customers to secure them.

So it definitely expands on the underlying infrastructure that we're protecting..

And our next question comes from the line of Andrew Nowinski from Piper Jaffray..

Your guidance for Q3 suggest license growth remains in the low single digits, again, this quarter. So what do you think the overall growth rate of the market does that you're addressing? And because your guidance suggests you are losing share.

And then why you expect to license growth to reaccelerate into the double digits again starting in Q4?.

Andrew, right now, when we think about guidance, our philosophy us, obviously, we're taking a closer look at what happened in EMEA during the quarter. So we obviously have to take that into consideration when we're looking at Q3.

While we're confident about the opportunity and we've seen -- we see our strong pipeline, we do have to look closer at how we're executing in EMEA. And I think when we look at the growth number that we put in Q3, it pretty much strikes right now the right balance for where we see the areas of improvement that we have to do in EMEA.

And the trend is -- the market opportunity like you said, we do think that the market is growing faster than that growth rate that you're pointing to in Q3 and we need to get there, return to that.

We do think that based on where we see our deal flow on the pipeline for the second half and also for 2018, we're confident about the guidance that we gave out for the year to be able to return to that growth level in Q4..

Okay, got it. And then just a follow-up, on free cash flow. It went down sequentially this quarter. Which is certainly not abnormal for your Q2 though you are heading into some tougher times with cash flow in Q3 and Q4.

So what do you think is the normalized growth rate of free cash flow that we should think of going forward?.

Yes, I think, that we talked about at the beginning of the year, in February, when we talked about the expectations on cash flow, we see it kind of performing at our non-GAAP net income level up to about 10% range on the margin, that is above the margin for the year. It's really important to point out that our cash is lumpy.

We have ups and downs during the year. And I think we're still comfortable with that view that it is going to be our net income non-GAAP margin up to 10% between 0 and 10% above it. And that would be for operating cash flow margin, not free cash flow..

And our next question comes from the line of Howard Smith from First Analysis..

First question has to do with a little more detail particularly the discussion with customers, that is still at a high level? Or have you push that down into the sales force, so they can start selling what will be the integrated solution going forward? Any additional color there would be helpful..

Thanks. We definitely hit the ground running as part of the integration of Conjur, integrating R&D, but also taking it into our sales force. Every enterprise is now dealing with, I call it the DevOps a revolution where to run the business fast, they're developing in this high velocity.

So we definitely took it to the market and the conversations into the market to build pipeline. We also had great exposure with the 2 large customer events that we've had exactly since the acquisition of Conjur, both in EMEA and in the Americas an opportunity to really expose of our customer base that we can extend then to DevOps..

Great, thank you. And then a question regarding the guidance. For the full year, the reduction from when you last gave, about $15 million, $16 million at the midpoint.

Is all of that due to EMEA? Or as you went back and look the dynamics of things, are there -- dynamics in other parts of the world, whether it's switching more to recurring revenue or anything else, that caused you to reevaluate the expectations for those regions as well?.

Yes, I think, when you look at the full year or the remaining guidance for the full year, we did have to balance a lot of factors, obviously, EMEA as you pointed out.

And also, we did now institute, as Judy talked about, in order to strengthen our execution, we've done that some reorganization, naming Ron our Chief Revenue Officer and that was an important step in improving our performance and visibility. But we also know that these changes take time to work through.

So it's mostly attributed to, I think, the softness we saw in the EMEA territory, but at the same time, we need to step back and look globally as we're making this change..

And our next question comes from the line of Catharine Trebnick from Dougherty & Company..

Okay. Quick question on Application Identity Manager. How is that selling? The number of deals you had this quarter with 3 products kind of a housekeeping question inline with that..

Catherine, I would say, while we wouldn't do of products, I would highlight that in Q2, the 2 top performing were EPM from our growth product were anti-privilege manager and AIM -- to your question I highlighted one of the large deals in one of our major customers, but we're seeing what I would call our classic AIM continue to grow and securing the legacy applications and while we build pipeline for extending the DevOps -- securing the DevOps pipeline with Conjur..

This is Josh. With regard to your second question, we had just over 20% of the new business deals that had 3 or more products. And it was about 26% for the first 6 months of the year that had 3 or more products. We also had several deals that were EPM stand-alone as well..

And our next question comes from the line of Ken Talanian from Evercore ISI..

I was wondering if you could describe how we should think about the growth trends in a dollar value for your pipeline? And along those lines, how have your close-rates trended for the larger 7-figure plus deals versus some of the smaller -- less than 7-figure deals over the last few years?.

Yes. I think, in terms of the dollar growth of pipeline, we don't disclose really the -- that type of information. We're seeing increasing pipeline to cover the increasing and the growing guidance that we provided. So from that perspective, we feel -- we feel like the openings of deals are happening.

The funnel is growing and -- at every stage, at every stage of the pipeline, but I won't at this time, really get into numbers. With regard to close rate of larger deals versus smaller deals, I would think I would have to -- I think that -- I'll say a couple of things. One is that our 100k deals are increasing.

So the 100k deals for the second quarter were more than they were second quarter last year. And just as last quarter, also if you want, they were more than Q1 the year before.

We're also, I would say, that if you look at kind of even over 500k deals, we're seeing an increasing number of over 500k deals in the second quarter compared to second quarter last year, both in the number of deals and in the dollar amount of deals. So from that perspective, I think, we're in a good place.

And if we think about the larger deals that didn't close in June, some of them have been closed and the others are still in play..

Okay.

And along the same line, I was wondering if you could give us a sense for -- how you segment the PAM market? And then when you think about the segmentations, who are the main purchase influencers in those deals? And how has that changed, if at all, over the past few years?.

Look, we really look at the top 30,000, 40,000 enterprises out there in terms of the opportunity and we're working our way down.

As I mentioned, we've increased our position in the Fortune 100 and in the Global 2000, but we're heading down and the more enterprise, we see the influencers are very much some of our partners on the advisory side, that really helped drive security strategy and further we go down market, the value-added resellers that we partner with.

And of course, for many years we've built the credibility of being a trusted adviser and that our mission is to secure the customers and they feel it..

And our next question comes from the line of Gregg Moskowitz from Cowen & Company..

Most of my questions have been asked, but with EPM being a bright spot in the quarter, was that involved in a greater percentage of new deals in Q2? Or would you say it was similar to where it had been running..

I would say that it is similar percentage of new and as Josh indicated earlier, it also lends itself to landing on its own as a good place to start because the [indiscernible] understand that a lot of the credential stuff begins on the endpoint..

Okay.

Udi and just with respect to the mix of clouds on PAM you mentioned that one large deal for instance, but are you starting to see deployment skew more to cloud? Or is it still kind of tracking pretty closely to 50-50 or slightly more towards the on- PAM ?.

Yes. It's still tracking pretty much half and half although quarters can be lumpy, but if you look at the first -- I think it's in the first 6 months, it is still pretty much half and half..

And our next question comes from the line of Alex Henderson from Needham & Company..

Great. Just a couple of housekeeping things.

First, the 23% tax rate you talked about, is that still your estimate for next year or it hasn't changed either?.

No, it hasn't changed yet for next year. I mean, it's going to -- it's going to hover probably between 22% to 24%. So we're going with 23% for now and if we look like at the end of the year, there will be anything different for next year, we'll come back, but it won't be dramatic..

Headcount number if you have that data?.

921 at the end of June 30..

And just to be clear, you're saying you have closed some of the deals, but are still chasing some of the deals, is it the majority? Of the deals that slid out of 2Q, is it the majority? Or is it less than half, more than half, any characterization of the percentage?.

I think we closed, I would say, we closed more -- we closed several of them. And some of them were smaller and some of them were the larger 7-figures, but I don't want to go into the exact amount, but we feel good about where we tracked -- where we're tracking on them..

And last question for -- the one concern people always have when somebody's missed a quarter, you've certainly heard the cockroach theory of earning surprises where you see one, you see another one. You're guide into the fourth quarter seems quite a bit steeper than your traditional path to the fourth quarter.

Can you give us a little bit of clarity around how you feel or how you've gotten to that full year guide off of the third quarter low spot? Particularly, both on the revenue and on the margin side, they both look pretty steep..

I think again, our quarterly guidance, first of all, reflects the pipeline opportunity that we have -- that we have and where we're in that process. Also, in terms of sequential growth, it reflects the fact that it was a weaker -- it was a weak Q2 as was pointed out. And so those deals and the pipeline has not gone away.

It was a matter of not executing on enough of those deals. So we feel confident about the close rate we can have on that pipeline going into the -- going into the end of the year.

and I think in terms of -- in terms of the profitability, we're obviously also, while we're continuing to invest in the business and hiring, we're certainly taking a close look and being very purposeful in that investment, especially after what happened in Q2 and we're taking a careful look there.

So we feel at the end of the day, our businesses is 85-plus percent gross margin. We've always operated in a fashion that looks at the bottom line and we feel confident in the guidance we gave up..

If I can just follow that last question up, in Europe, normally see a sharp recovery in 4Q as they take fairly lengthy holidays over the summer.

Is the seasonality in Europe playing a factor in that ramp into the fourth quarter?.

Yes. And in fact, we see -- we expect that Q4 to be seasonally strong in EMEA. We saw that last year as well and we saw Q4 last year even be a bigger portion and a higher growth. I think we grew 53% in the fourth quarter in EMEA last year, year-on-year.

So we do anticipate and that is obviously part of our guidance for the fourth quarter is a strong seasonality in EMEA based on the pipeline that we have..

And our next question comes from the line of Michael Feldman from Bank of America Merrill Lynch..

Just have a couple of questions. So now you've been able to close some of the larger deals. Can you give any more color on what was the reason for some of the slowness there? And does your guidance assume that the remaining deals close this year? I just had one more follow-up..

I think as we indicated, when we preannounced the deals, we're taking more scrutiny and extended cycles and we have run out of runway in June. We stayed on them in July, we saw that the drivers are there. The customer relationship is healthy and it's down to bringing them to the finish line.

As organizationally, we were obviously now taking the steps to improve our operational performance and retain that account control and so forth..

And then, in general, can you give us any color on some of the larger verticals? I know historically financials has been a big vertical for you.

How was that been contributing today?.

Josh?.

As we said, kind of as I referred to in my prepared remarks, we saw kind of the fastest-growing vertical as being banking, manufacturing, healthcare and global government, not just federal, looking at a global government. And the other area that we saw a nice growth in, in the quarter was around professional services area.

For instance, provide professional services and not just in accounting and legal, but across services for manufacturing and engineering and other entities like that..

And our next question comes from the line of Erik Suppiger from JMP Securities..

I'm still try to understand on Europe, if we were going through rebuilding process, it sounds as though you're looking at the issues in Q2 as an execution issue.

Are we -- did you make meaningful personal changes and rebuilding the pipeline at this point? Or what kind of changes are taking place there?.

Yes. As I indicated, the fundamentals in Europe are strong in terms of market demand -- market leadership. We were obviously disappointed that we couldn't close the deals we wanted to close in June and we took the time to really put scrutiny in place.

And we decided that we want to make this global change and organizational change from which we would emerge even stronger. With this internal promotion, a well-respected executive that executed so well in the Americas, we expect minimum disruption because the well-respected officer also worked with the sales team in Europe.

We have a strong team in Europe. And this is all about changing and improving the sales processes, account control and the channel strategy. So I think, any change has -- the long term benefits are well into the future, but in terms of how we expect the short term guidance reflected..

So is it fair to say that there's not a lot of personnel changes, but there is some strategic changes in terms of your go-to-market?.

Yes, that is fair to say. And of course, some natural attrition when you make a change and require rigor and discipline..

Okay. And then two other questions.

One, I assume that the Chief Revenue Officer, that's a newly-created position, is that correct?.

That's correct. And it's the first time where we have a global role managing sales and challenges and Sales Engineering..

Okay.

And then secondly, on the EPM piece, have you changed your expectations in terms of longer term growth prospects there? Do you think that is going to continue outgrowing your core business? Or do you think that will continue at more of a teens to 20% type growth rate?.

[Indiscernible] obviously in the acquisitions that we've made, we've identified this as a growth engine that can enhance add-on business for [indiscernible], but also be a source for lending new logos and taking us further into the mid- market.

The advantage of EPM with the fact that credentials are not stored in the cloud, really lends itself also to SaaS and the ability to take it down market. And what we're seeing also as we highlighted that we have large deals with it because of the strategic value in protecting against potential threat and endpoint..

And our next question comes from the line of Michael Kim from Imperial Capital..

Can you talk a little about the contribution, shifting contribution [indiscernible] between new logos and add-on sales? And then with add-ons, what's your spend on the drivers between multiple products or penetration with number of more privileged user accounts?.

Michael, this is Josh. In the second quarter, actually, we saw just over 50% of our license revenue going to new customers. And which is -- which we thought was nice to achieve.

And with regard to the type of upsell that we have, its really mixed I would say it's majority will go to up sale of additional licenses and deeper deployment within the same license, but it's definitely -- we'll see both happening. But it's a majority over 50% will be going to upsell..

And can you clarify the large 7-figure deals are pretty evenly split between new logos and add-on sales and or is it maybe weighted more towards add-on?.

I think it really depends on the quarter, but overall, we'll see both. We actually -- we really see add-on deals with are 7-figure and we see new ones which are 7-figure. It's every quarter that pipeline will -- can look a bit different, not necessarily half and half..

And both cases reflect a customer taking a strategic approach. It could be a new customer walking in and taking a strategic approach to privileged account security or an existing customer that started small and now wants to take a blueprint [indiscernible] enterprise..

Got it.

And then lastly, on the sales cycle, the sales cycle extension is solely around large deals and not any of the midsize and smaller deals?.

Well, I think, certainly, the larger deals are where it can take longer to close because it goes through a lot more scrutiny within the organization. And if it's add-on smaller deals then yes, those would have the fastest sales cycle..

Thank you. And I'm not showing any further questions at this time. I would now like to turn the call back over to Udi Mokady, Chairman and Chief Executive Officer, for any closing remarks..

Thank you. I want to thank our customers, employees and partners for contributing to our business and market leadership. Thank you all for dialing into this call this evening. Thank you..

Ladies and gentlemen, thank you for participating in today's conference. This does conclude the program and you may all disconnect. Everyone, have a nice day..