Good morning, and welcome to the SecureWorks Second Quarter Fiscal 2017 Financial Results Conference Call. [Operator Instructions] As a reminder, this conference call is being recorded..

I'd now like to hand the call over to Rebecca Gardy, Head of Investor Relations. Ms. Gardy, you may begin. .

Thank you, Andrea. Good morning, everyone, and thank you for joining us today to discuss SecureWorks' financial results for the second quarter fiscal 2017..

This call is being recorded. This call is also being broadcast live over the Internet and can be accessed on the investor relations section of SecureWorks' website at investors.secureworks.com. This webcast will remain available for replay until 5 p.m. Eastern Time on October 7, 2016..

Yesterday, after market close, SecureWorks issued a press release announcing results for its fiscal quarter ended July 29, 2016. You can access this press release on the investor relations section of the SecureWorks website..

During this call, management will make forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. These forward-looking statements include guidance with respect to GAAP and non-GAAP revenue and net loss per share as well as adjusted EBITDA.

Our forward-looking statements involve risks and uncertainties that could cause actual results to differ materially from those anticipated by these statements.

You can find a description of these risks and uncertainties in today's earnings press release; and in the company's quarterly report in Form 10-Q for the quarter ended July 29, 2016, which is available on our investor relations website and on the SEC's website.

All forward-looking statements made on this call are based on assumptions that we believe to be reasonable as of this date, September 7, 2016. We undertake no obligation to update our forward-looking statements after this call as a result of new information or future events..

Some of the financial measures we use on this call are expressed on a non-GAAP basis. These non-GAAP measures exclude stock-based compensation, the impact of purchase accounting, amortization of intangibles and the related tax effect of these items.

We have provided reconciliations of the non-GAAP financial measures to GAAP financial measures in today's earnings press release available on our website.

Non-GAAP measures are not intended to be considered in isolation from or a substitute for or superior to our GAAP results, and we encourage you to consider all measures when analyzing SecureWorks' performance..

With us on today's call are Michael Cote, President and Chief Executive Officer of SecureWorks; and Wayne Jackson, our Chief Financial Officer. Following their prepared remarks, we will take your questions. [Operator Instructions] Thank you for your cooperation on this..

And I'll now turn the call over to Mr. Cote. .

Thank you, Rebecca. Good morning, everyone..

We are pleased to announce another strong quarter for SecureWorks. Our second quarter was in line with our expectations, and we are on track to deliver our full year fiscal 2017 guidance..

first, our deep understanding of the cyber threat landscape and what we believe to be a change in the way clients are addressing this challenge; second, a few recent examples that demonstrate the power and uniqueness of our security solutions; and third, a recap of announcements that we made in the quarter which support some of our strategic priorities and demonstrate our alignment with the needs of our clients..

In the second quarter, we continued to see broad-based demand for our solutions against a continued backdrop of relentless cyber threat activity. Our clients increasingly view our solutions as mission critical, especially as hackers either identify or create new ways of infiltrating endpoints, networks and systems.

As the Internet of Things grows and the world becomes increasingly connected, vulnerability to cyber attacks increase everywhere. Despite deploying multiple layers of defenses, companies and, for that matter, governments continue to get hacked..

Everyone wants a measurable way to manage their security spend; and ensure they have orchestrated, coordinated their security ecosystem between their multiple point products.

They want a system that allows them to prevent attacks that can be prevented, detect those that can't be prevented, respond rapidly and appropriately when a breach occurs and predict how and where the threat actor will strike next, and that is what we do.

We know threat actors adapt quickly to each new defense, so companies need the skills, intelligence and tools to have an early warning system to respond. Security teams are limited in this regard, as human capital is increasingly difficult to source and train and visibility to threats is limited to only their systems and experience.

We have visibility across all of the various security devices at our 4,300 clients in 59 countries, which is why I am so excited about our intelligence-driven information security solutions.

Our highly automated software-driven technology, the Counter Threat Platform or CTP, leverages over 16 years of visibility into the global threat landscape in a vendor-agnostic manner to discover malicious activity.

We deliver countermeasures, dynamic intelligence and valuable context, limiting human intervention to only a fraction of the 190 billion events our platform ingests and analyzes every day..

Our results this quarter are evidence that the actionable intelligence we deliver to our clients is helping solve their security challenges. I'd like to highlight a few examples that illustrate the type of value we delivered to our clients since our last call.

The first one deals with ransomware, which cyber criminals increasingly use because of its success rate and the related financial rewards. Based on these ransomware campaigns, cyber criminals are manufacturing more complex variance in an attempt to outpace traditional security controls.

No industry or vertical is immune, and we have seen frequent attempts across our entire client base. Specifically, we've seen an 81% increase in ransomware since January of this year.

One such example is the ransomware referred to as mini cryptics [ph], where a conventional e-mail sandbox protection is not feasible based upon its use of anti-analysis techniques. The malware was engineered to require launch codes to be entered at the command line and therefore did not trigger detection in the sandbox.

SecureWorks has developed a way to detect this malware when it attempts to delete all local computer backups during deployment..

Another example of how we leverage threat intelligence with the Counter Threat Platform to protect multiple clients from the same threat was recently highlighted when an executive of a major global financial organization received a personalized phishing attempt with an attachment.

The content prompted the executive to click a link to a PDF document, which redirected him to a realistic log-in page for a well-known search engine website.

This phishing site was more sophisticated than typical as it dynamically generated the phishing landing page and routed the user through to the real website after they had entered their username and password.

As a result of the selection of a senior executive and the higher-than-normal sophistication of this attack, we developed a global countermeasure applied to our CTP. Since then, we've steadily been blocking pages that use this script.

One attack on one client resulted in SecureWorks protecting all of our clients, with approximately 270 additional detections in the last quarter.

Capturing a single set of executive credentials which a user may reuse for corporate systems or which may allow access to a trusted mailbox that can be used for social engineering can be the small chink in the armor that an adversary needs to crack a corporation wide open.

In all cases, we are able to detect and alert our clients of this activity before the threat actor can take advantage of this technique. While others may not have the resources to protect against such attacks, the network effect of our CTP protects our clients against this and other focused threats..

Another recent example I'd like to share occurred in July, when we detected an advanced threat actor attempting to compromise a global engineering and construction company with previously unknown technique.

We were able to leverage our detection of this new adversary technique, finding the needle in the haystack by creating a global countermeasure applied across our client base, again due to the power and scale of our Counter Threat Platform.

This action resulted in the just-in-time protection of a Global 1000 manufacturing company that was being targeted by the same threat actor using a variant of this technique.

The adversary was targeting the software distribution servers of our client, and this could have led to catastrophic consequences by potentially compromising legitimate software.

Even if this threat actor's specific tactic evolves, which they typically do, we have already created multiple ways to detect variants of this technique, effectively sending this adversary back to the drawing board once again..

These examples illustrate that, as the threat actor evolves their tactics, we evolve as well. As the cross-platform security needs of clients change, we respond in a way that static point products simply cannot and certainly not at the pace the adversary does.

Investing in our CTP technology to deliver its scale, this level of actionable intelligence to our clients around the world is one of our key strategic priorities and differentiators..

For 16 years, SecureWorks has helped protect on-premise environments across the globe. Another of our strategic priorities is the extension of our solutions to the cloud.

In June, we announced that we are now extending our threat intelligence expertise and the capabilities of our CTP to the cloud with our purpose-built solutions for Amazon Web Services. We now offer a comprehensive security solution for both on-premise environments and where organizations have ported legacy applications to the cloud..

Our clients benefit from the comprehensive view into the security of their data and applications regardless of where they reside. Our vendor-agnostic approach ensures SecureWorks is closely aligned with our clients, providing them with an orchestrated way to leverage the various technology solutions they already have in place.

Our partnership with best-in-breed product companies also plays a critical role in ensuring our clients have the best overall security program to match their objectives while creating and expanding the marketplace for our solutions.

In mid-July, we announced that we integrated key portions of our proprietary attacker database with the Palo Alto Networks Next-Generation Security Platform.

Combining these capabilities, our managed Palo Alto Networks next-generation firewall solution delivered to our advanced threat intelligence and immediately protections from threats before they enter our clients' environments..

I am excited about the future for SecureWorks. We are well positioned against the ever-changing cyber threat landscape. Our solutions offer our clients the global visibility, scale and actionable intelligence that point products alone simply cannot.

The automated and data-rich nature of our CTP allows clients to meet the growing needs and the growing risks stemming from greater connectedness without increasing headcount or adding complexity to their environments..

And now we'll turn it over to Wayne to discuss the financial highlights for the quarter. .

Thanks, Mike. Good morning, everyone..

I will start with a review of our second quarter results and then provide third quarter and full year guidance for fiscal '17. The following financial results are non-GAAP measures unless otherwise noted.

As a reminder, the major differences between our GAAP financial results and our non-GAAP results relate to the add-back of the amortization of intangible assets and stock-based compensation charges. For the remainder of fiscal '17, there's also a minor adjustment to revenue for purchase accounting adjustments made in prior years..

As we review the results, there are 2 things in the quarter that I'd like to highlight. First, we delivered solid revenue growth driven by continued demand in the core subscription business from both existing and new clients.

And second, we effectively balanced cost management with investments for growth through operational leverage and management rigor. I'm pleased to report this quarter's solid performance and progress -- and the progress SecureWorks continues to make on its path to profitability.

Second quarter revenue was $103.9 million and a 29% growth over the prior year. The percent of total revenue from our subscription solutions remains at approximately 80%, consistent with the prior 2 years.

Monthly recurring revenue or MRR at the end of the second quarter was $29.8 million, a 12% increase over the prior year and a sequential 3% increase. Sales to new clients and cross-selling of additional services to existing clients contributed about equally to the MRR growth..

We maintained a 99% revenue retention rate through the second quarter. Note that our measure of revenue retention is comparable to a same-store sales metric and that it measures our capacity to grow with existing subscription clients.

Historically, we have generally seen this rate move between 97% and 102% based on the timing of cross-sales and renewals each quarter. While our revenue retention rate may fluctuate quarter-to-quarter, our goal every year is an annual rate of 100% or greater by year's end..

As I review our record sales pipeline, I continue to see overall strong and growing demand for our security solutions. As Mike discussed, companies continue to engage SecureWorks to strengthen their security posture..

Gross margin improved to 52.6% of revenue during the quarter, a 150 basis point increase compared to the second quarter fiscal '16. Year-over-year, we have seen the benefits of technology and scale in our delivery model, partially offset by higher hardware and third-party license cost.

As a reminder, we leverage hardware as a component in our delivery of holistic solutions. We do not, however, sell hardware as a stand-alone component. Sequentially, gross margin declined 100 basis points to 52.6% from 53.6% in the first quarter primarily due to a modest increase in hardware cost..

Research and development expenses were approximately 11.7% of revenue versus 15.6% in the prior year and 13.5% in the first quarter. Sequentially, the decline in R&D expense reflects the company's ability to leverage a flexible staffing model to align with solutions development. R&D is an area in which we will continue to invest.

And while our spend will fluctuate somewhat, we do not expect R&D to decrease significantly as a percent of revenue going forward. Our sales and marketing expenses declined to 27.2% of revenue from 33.1% of revenue in the second quarter last year on solid revenue growth.

While we continue to invest in our sales teams to pursue a growing market opportunity, the benefit of our recurring subscription business model lends itself to scale in sales and marketing.

General and administrative expenses in the second quarter were 22.9% versus 25.8% in the second quarter last year, as we realized scales in our investments in our public company infrastructure. Our current results reflect investments in areas such as IT and product management that are included in G&A to support our revenue growth..

Our GAAP net loss was $12.1 million or $0.15 per share compared to $21.1 million or $0.30 per share in the second quarter last year. Non-GAAP loss per share was $0.07 compared to $0.18 in the prior year and $0.09 in the first quarter.

The improvement demonstrates our disciplined approach to achieving profitability through controlled spend on increased revenue..

Weighted average shares outstanding, both basic and fully diluted, were 80.0 million at the end of the second quarter..

The company's adjusted EBITDA loss in the second quarter narrowed to $7 million versus an adjusted EBITDA loss of $16 million last year on increased revenue and scaling cost. We have a solid cash position of $113.3 million as of the end of the quarter. In addition, we have an untapped $30 million credit facility and no indebtedness..

Cash flow used in operations this quarter was $5.4 million. As disclosed in our cash flow statement for the period ending July 29, 2016, our transactions with Dell indicates a use of cash of $21 million year-to-date. As of the end of our second quarter, the amount due has decreased to approximately $700,000.

Prospectively, we anticipate that our transactions with Dell will no longer be a significant use of cash, as our charges to Dell will continue to exceed Dell's charges to us under our commercial agreements. I will provide more detail around these activities..

We began the year with a net payable of $22 million, which arose primarily as a result of Dell continuing to pay our vendors for payables and purchase orders that were outstanding as of August 1, 2015, the effective date of our legal carve-out.

As we have discussed in the past, these commercial agreements include our transition service agreement, the fixed portion of which is approximately $1.4 million per quarter; as well as amounts due for employee payroll and benefits paid on behalf of SecureWorks.

These employee-related costs are approximately $7 million and $8 million per quarter and fluctuate depending on the number of SecureWorks employees.

Offsetting these liabilities are amounts we charge to or through Dell for sales to our clients that we make through Dell legal entities where SecureWorks has not yet established such legal entities or for services we provide directly to Dell as a customer..

Lastly, I would like to discuss the other noncurrent assets line item in our balance sheet. This item includes SecureWorks' $20.7 million income tax receivable from Dell. As we have discussed in the past, the tax matters agreement between Dell and SecureWorks states that Dell will reimburse SecureWorks for any utilization of our tax assets.

We currently have the receivable recorded in long-term assets due to the fact that, should Dell utilize our fiscal '17 tax asset, it would be mid- to late fiscal '18 before we would be entitled to collect the cash. Going forward, we will highlight any changes to the status of this asset and if and when it is classified as a current receivable..

Now let's turn to our outlook for the third fiscal quarter ending on October 28, 2016, and full year fiscal '17. As a reminder, the fourth quarter of fiscal '17 will have 14 weeks versus the standard 13 weeks, as SecureWorks operates on a 52-, 53-week fiscal year.

Next year, we'll revert back to a 52-week year, so please keep this in mind when you are comparing full fiscal '16 to fiscal '17 or when you start to model fiscal '18..

In the first quarter, we discussed a certain level of sales volume in the large enterprise space slipping into the second quarter. As we have expanded further into the large enterprise market around the world, we are seeing lengthening sales cycles.

We believe this is indicative of the complexity of selling into large global organizations rather than a signal of a macro slowdown in managed security spending, so while our second quarter new sales were significantly higher than in the first quarter, as our conversion of pipeline return to anticipated rates, we expect extended sales cycles to continue in the large enterprise space as an increasing percentage of our dollar sales are derived from large global opportunities.

Based on the second quarter performance, the aforementioned items and current market conditions, we expect the following results..

For the third fiscal quarter, we expect revenue on both a GAAP and a non-GAAP basis to be between $104 million and $105 million, net loss per share to be in the range of $0.15 to $0.17 and non-GAAP net loss per share to be in the range of $0.07 to $0.09.

We expect 80.009 million weighted average shares outstanding during the third quarter of fiscal year '17..

For the full fiscal year, the company expects revenue to be between $423 million and $425 million and non-GAAP revenue to be between $424 million and $426 million, net loss per share to be in the range of $0.62 to $0.66 and non-GAAP net loss per share to be in the range of $0.30 at $0.33 and adjusted EBITDA loss to be between $28 million and $32 million.

We also expect 77.635 million weighted average shares outstanding during the fiscal year '17. Finally, we invested $4.5 million in the second quarter in capital expenditures to support growth in our data centers and facilities, bringing year-to-date CapEx to $7.9 million.

As we continue investing for growth, we expect capital expenditures to be approximately $20 million to $22 million for the full fiscal year..

In conclusion, I am pleased with our second quarter performance, as we continue to grow revenue, scale our business and execute our strategy. We are confident in SecureWorks' position as the market leader in providing early warning capabilities and actionable intelligence to our clients in a vendor-agnostic manner..

I will now pass the call back to Mike, who will give some closing thoughts before we open the call for questions. .

Thank you, Wayne..

As you've just heard, we had a great start to fiscal '17 with 2 solid quarters both in terms of top line revenue growth and our momentum towards profitability. We have been intelligence driven since 1999, building solutions to take advantage of our global visibility and the power of the Counter Threat Platform. Our technology is superior.

Our teams are focused on delivering exceptional services to our clients. And we are as passionate as ever about delivering the security solutions our clients need, whether on premise or in the cloud..

Thank you.

And operator, can you please open the call for questions?.

We'll take our first question from Rob Quest [ph] of Pacific Crest. .

Rob Owens here.

First question, could you lend a little more color to the lengthening sales cycles you're seeing, maybe give us some historical perspective? And then secondarily, can you talk about what you're seeing in terms of pricing for services, where competition is and what kind of price you're achieving overall?.

Rob, this is Wayne. Thanks for the question. Relative to sales cycles lengthening, it's primarily in the large enterprise space. Well, it's all in the large enterprise space. And as we talked about in Q1, we had some slippage of some deals we thought we were going to close in the first quarter, almost -- again almost all large, very large, companies.

We ultimately closed most of those in Q2 or some of those in Q2. Some are still going on, so it's really just the complexity and the challenge of closing global deals certainly as quickly as the SMB space. So from our perspective, it's just a lengthening. It's the pipeline is very, very strong.

It's -- at the end of Q2, it was as large as it's ever been, and it continues to grow. .

I think -- Rob, I think... .

Is there any color relative to industry or geo on those extending sales cycles?.

It's pretty much across all of our verticals, all of our verticals from a large enterprise perspective. .

And from a geo perspective, as we mentioned, it's global, so all of those are organizations that have operations in multiple geographies, meaning the U.S.; and EMEA; or -- and/or APJ in some fashion, either Japan and/or Australia. So it's all global organizations that have operations in multiple places.

I think -- just to add a little more color for you, Rob, I think part of this relates to the industry and some of the maturity that's happening, as I mentioned in the prepared remarks, where people or boards and C-suites are beginning to look for measurable ways to look at the orchestration and coordination of their security spend, how to -- where are they getting the most bang for their buck.

.

And then Rob, your second question, relative to pricing... .

And -- yes, relative to pricing. .

Yes. So let's keep in mind we just had a really strong quarter revenue-wise. And obviously, at some point, pricing plays into that. We see in the large enterprise space it's a competitive market. Mike's shared with you before who our competitors are both in the U.S. and around the world.

There is, in a competitive proposal, always pricing, but for the most part, we haven't seen any significant changes in pricing this quarter compared to prior quarters. .

Your next question comes from the line of Sterling Auty with JPMorgan. .

On the lengthening sales cycle question line, specifically, can you give us a sense why you think the sales cycles are lengthening? Is it because customers are trying to decide about whether they're going to go the managed security direction versus some other option? Or is it a longer time frame to decide versus -- you versus the competition or something else?.

So my sense is that it -- and from the meetings I've had with prospects is that it's really them trying to understand the best place for them to spend their dollars from a security perspective and ensure that they're getting an orchestrated -- the orchestrated value across their various point products or their whole spend.

It really feels to me like there is a bit of -- a lot of -- well, let me back up. As you guys well know, there's a lot of companies in the industry saying the same thing. And I think the C-suites across the organizations that we've talked to, when I've made trips to APJ, to EMEA and to the U.S.

to talk to some of these larger prospects, they're sitting back to try and make sure they can actually decipher the differences between the solutions that are being offered and ensuring that they can get the appropriate bang for their buck when they spend the money.

So it doesn't feel like it's -- I mean there's competitors involved in the process, which was part of your question. It is not one where they're not looking for help, so I see them spending money in a security solution. .

Yes. Sterling, this is Wayne. If I could add to that a couple of tactical things, because I know this question is important to most people on the phone. So there's 2 things. One, keep in mind, when we say it's an extended sales cycle, our roots are in SMB, small business, medium-size businesses; U.S.

domestic businesses that understand kind of what we do for -- and can help them in their smaller enterprises. Those sales cycles haven't changed. I can tell you, from my involvement every week on the large-deal-pursuit opportunity team, we have -- I mean pick a number. It's very, very long list of global clients.

And we -- those are in our pipeline and our sales cycle process. And it takes just longer for -- on a global organization, again, for us to explain and talk about our value proposition.

And then they -- and they stress test that, right? They -- ultimately, the client wants us to be able to help them orchestrate, help them find what's relevant to them in a cyber threat. So that's a very tactical way, what we're seeing every month and every quarter for the last couple of quarters. .

Well, I think it's worth putting in perspective the fact that the pipe has grown dramatically in the last quarter. .

Strong pipe, largest ever. .

Okay.

And then my one follow-up question will be, does -- did that have a dampening effect then on the MRR that you reported? And how should we put that into the context with kind of the reiteration of the full year guidance?.

So thank you for that. MRR, as we talked about earlier, is 12% growth year-over-year, 3% sequentially. We feel very confident about our annual guidance that I just talked about earlier. And MRR, I believe, if we think about, we disclosed our split is still 80-20, the MRR of $29.8 million. We'll go ahead and help you do the math.

If you take the MRR times 6, divided by 0.8, you can see it pretty much supports our annual guidance. .

And I think, as Wayne mentioned, we had a good sales quarter from a conversion perspective. .

Your next question comes from the line of Saket Kalia with Barclays. .

My first one, maybe for you, Mike, the commentary about customers looking for more measurable ways to orchestrate their security spending.

Maybe just to broaden that question a little bit, can you talk about what you're seeing out there in the market as large enterprises that have in-house security teams maybe debate about keeping security in-house versus outsourcing it to someone like you? Any thoughts on sort of where the market is in that sort of evolution?.

I think the security market is in its infancy or maybe its early teenage years.

And we are evolving from the perspective of trying to ensure that whatever the spend is, whether it's our in-house security staff with a bunch of point products, trying to manage it with the visibility that they have; to clients of SecureWorks, where they've got the global visibility across our 4,300 clients in 59 countries, coupled with their internal organizations.

I have been involved recently with some presentations. For example, the National Association of Corporate Directors put together an event.

And I was there for 3 hours talking to public company board of directors, as they're getting more engaged to figure out how do they know where they are from a threat landscape perspective both individually and in comparison to other organizations.

Is their spend and their defense posture getting better or worse for each dollar they're spending? How do they know about the visibility they have across their threat landscape, theirs and other organizations'? So we're actually helping to try and put boards in positions to ask the right questions.

And I think that part of that will call those that are doing this purely in-house, trying to figure out where they can get the incremental visibility and a way to orchestrate across the various point products that they may have. So to answer your question, I'd say, in the early teenage years. .

Got it. That's very helpful. And then for my follow-up, just to go back to the MRR question, Wayne. One of the things that also might be worth noting is it looks like you had a strong MRR result this time last year.

So can you just remind us a little bit about what drove that strength last year? And then more importantly, as those comps maybe start to normalize, is this sort of low double-digit growth something that changes, perhaps accelerates? Or do those lengthening sales cycles maybe keep us at that level even when those comps normalize?.

We have 2 more quarters relative to continuing to focus on the market and grow and increase our sales and MRR between now and the end of the year. .

Your next question comes from the line with Gur Talpaz with Stifel. .

This is actually Chris Speros on for Gur. You guys noted that the gross margins were down a bit from Q1 due to higher hardware costs.

Do you expect these higher costs to persist and depress gross margins through the back half of the year?.

So this is Wayne. Thanks for the question. The hardware costs this quarter, it was very modest increase. It was 100 basis points. And for us, hardware, there's 2 types of things. One, the price increased modestly but also we -- the mix of that hardware, is it a 1 gig, a 10 gig, a 60 gig. So it moved the margins a little bit. .

Just add to what Wayne said on the price increases, that our price increased from Dell due to the fact that we've got an arm's length commercial agreement today versus a year ago when we were... .

Right, there's -- that's exactly right. There's some of that that's gone through. .

Okay.

And also, can you talk about the demand that you are seeing for your Red Cloak agent and what the pipeline is looking like there?.

So this is Mike Cote. Thank you for the question. We are very pleased with the growth that we've had on sales from a Red Cloak perspective. And the pipeline in front of us, quite frankly, is the largest growth we've seen in any new solution that we've come out with in the history of the company.

So it's grown pretty rapidly in a short period of time, so we're cautiously optimistic. .

You have a question from Gabriela Borges of Goldman Sachs. .

Maybe just to follow up on the mix shift dynamic you're seeing as you engage more with large enterprises. Curious how much of this is a greater willingness to outsource at large enterprises versus perhaps some of the go-to-market changes you may have made in terms of investments to go after that business opportunity.

And then to the extent that larger-scale business does materialize, does that have any impact on your ability to achieve your scale and margin targets over the medium term?.

So this is Mike Cote. I think the first part of your question was go-to-market changes in the large enterprise. And we've not -- we've continued to execute or -- on our strategy of a direct go-to-market model. We do get lead generation from Dell and soon to be the Dell Technologies EMC organization, but we've not made any go-to-market changes.

We still continue to invest globally from a direct sales perspective. And I think the second part of your question related to gross margin. .

Your ability to perhaps achieve your scale and margin targets on a faster pace if larger business does materialize over the next couple of years. .

So this is Wayne. From a margin perspective, there's a little bit of difference in margin for the large enterprise versus small and medium business but not appreciably.

It really deals more with the type of solution that a large enterprise or a small business is looking for; and what type of solutions we are able to provide the large organizations in meeting their objective, which is orchestration, which is relevance, which is ability to view all of their cyber threats through one pane of glass.

So that's -- short term, that's kind of what we're seeing. .

Let me just -- this is Mike. Let me just add onto what Wayne said, which is from a gross margin perspective, I mentioned in the prepared remarks that today we're seeing 190 billion events a day.

And the key from a gross margin perspective is, as those number of events continue to increase, and we mentioned this on the roadshow, we've made investments over the last 18 months or so into the technology and scaling of that to ensure that we find the needle and the items of interest, which is really the key from a "continued expansion of our gross margin over time" perspective.

And we're -- we feel good about the progress that we're seeing in that area and the results. .

That's very helpful. And then just a follow-up, if I could. Mike, you mentioned in the prepared remarks some of the behavior you're seeing around enterprises moving to the cloud.

Maybe just as a follow-up, are you seeing any difference in customers' willingness to engage on managed security as they think about hybrid models?.

So I think, clearly, the cloud is continuing to grow, and security is a concern for people moving into the cloud. Our first step into the cloud is those that are lifting and shifting their applications to AWS, which is the largest portion of the workloads moving to the cloud today.

And our capabilities are basically monitor the -- monitoring the industry-leading firewalls, Web application firewalls; and managing and monitoring IDS and IPS; as well as monitoring server groups.

We virtualized our counter threat appliance and actually virtualized our iSensor that we can use in AWS from a maintenance [ph] and monitoring perspective. So I think that we will continue to see movement into the cloud.

And I think security concerns will continue to become an increased issue for people in the cloud, and we want to be in a leading position there. .

Our next question comes from the line of Matt Hedberg of RBC Capital Markets. .

Wayne, I just had a follow-up question on gross margins maybe to put a little finer point on it given some of your comments on the hardware costs and third-party licensing fees.

Should we expect gross margins to be up sequentially for Q3 and Q4?.

So Matt, let me answer it this way. We are still very focused on scaling our investments that we've made that Mike talked about or mentioned briefly and we've discussed in the past to scale our investments around -- and the technology and the automation of the CTP.

We also continued -- expect to continue to scale our investments around our international business. And so I think, to -- relative to gross margin, as we scale both of those investments, we expect it can -- for it to continue to improve. .

Okay, that's helpful. And then I know deferred revenue and accounts receivable can be lumpy for you guys. I'm curious or I just -- for a reminder, how should we think about deferred revenue, I guess, billings? I think, in the past, you've said we should be thinking about it on a trailing 12-month basis.

As you start to sign larger deals, I assume that probably even becomes more of a point in the future.

Is that still a fair point, Wayne?.

Yes, so thanks for that question. Relative to -- look, we do the implied billings calculation just like you guys do, but a couple of things. One, it's not really how we manage our business. And we've worked -- it's not how we manage our business.

MRR, relative to an indicator, we believe, is a much cleaner, much crisper way to -- as an early indicator and predictor of our revenue growth, especially as long as we disclose the 80-20 split. And the reason it's not is we're not just a pure prepaid model, right? We have prepaids.

We have renewals; the timing of the renewals, which are generally in the back half of the year, Prepaids happen throughout the year; but also just normal trade AR transactions happen as well. So it really is lumpy. I'm looking at our calculations, and they're literally all over the board. Good -- so it's lumpy good and bad, as far as indicators.

So that's why we believe MRR it's just a better metric. .

[Operator Instructions] Your next question comes from the line of Melissa Gorham of Morgan Stanley. .

Mike, I'm wondering if you can just remind us what percentage of your business is enterprise today versus mid-market and SMB.

And then just assuming that it's growing faster, which it seems like, can you maybe just give us an indication on what your plan is in terms of hiring for enterprise sales capacity?.

So the -- on your first question, I think what we've historically disclosed, which has not changed dramatically, is roughly 35% to 40% of our clients would be in the enterprise space and 65% or so are in the SMB to mid-market space. And our revenue would be flip-flop that.

We are continuing to hire sales folks across the organization, from -- and we're structured where it's SMB, mid-market, public, which is mostly state and local for us; and large enterprise, LE, through the G 500. And we're continuing to invest and hire across the board.

From a percentage perspective, our investments are probably bigger in hiring sales folks in the state and local, SLED, state, local; in the large enterprises, where our current plans are. .

Okay. And then just as a follow-up, I'm wondering if you could just maybe give some, a little bit more [indiscernible] on what you're seeing from a demand perspective of security consulting versus the managed security services that [indiscernible] was driven by managed security services.

So I'm wondering what you're seeing on the security consulting side. .

Melissa, this is Wayne. So our revenue growth was equal this quarter, almost identical, between our consulting practice and our subscription business. So we're still seeing strong demand.

Part of that is our focus really on the subscription business and leveraging our Counter Threat Platform but again strong demand and we can't let the in the large enterprise space some demand that -- and some changing demand that we're staying ahead of relative to assisting the large enterprise companies in managing some of their workloads. .

And Melissa, you -- this is Mike. You were a little hard to hear. So I think part of the question may have related to the conversion of consulting engagements to subscription business.

And I would tell you that we are on -- we're in consistent levels than what we've had historically, maybe on the higher end of the levels that we've had historically, from a conversion of consulting clients than where we start with consulting engagements and then convert them to subscription. .

Your next question comes from the line of Fatima Boolani with UBS. .

Just kind of a big picture question for Mike, to start. I'm wondering, so maybe taking a step back. So a lot of the firewall vendors in the cybersecurity market have talked about customer trends towards platform consolidation or consolidation towards singular vendors.

So as a managed security services provider, how does that change your value proposition, if at all, as presumably these environments are getting less complex? But was curious to hear your perspective on that; and a follow-up for Wayne, if I could. .

Sure. So Fatima, I don't know if I'd say that it's getting less complex.

It may be because, if you'll remember the Afghan [ph] analogy I used on the road show with regard to company's having 50 to 70 different Afghans [ph] and continuing to get hacked because their point products are not orchestrated and coordinated, that they're trying to go down to fewer than 50 to 70.

But the hackers are clearly evolving their tactics, techniques and procedures, as they will continue to do into the future, so I think the issue is having fewer point products that may work among themselves makes sense from a fewer vendors to work with, assuming that either those vendors have the best solution in each of their respective areas or there's a coordination between the vendor that maybe the best firewall versus those -- the one that may be the best Web application firewall or endpoint solution.

We have actually seen that the industry seems to be continuing to come towards us with somebody looking in a vendor-agnostic manner to coordinate among the various products that exist on the marketplace. .

That's fair and helpful. And a question for Wayne, just to drill in on the cash flow. I know there were previous expectations to be cash flow positive by fiscal '18, and I'm wondering if the usage of your tax loss credits by Dell is going to be an incremental component to obtaining that positive free cash flow.

Or if you can just kind of help us walk through the dynamics of how you plan to obtain cash flow positivity by fiscal '18. .

Sure. Thank you for the question. So relative to cash flow positive, I believe our focus is to continue on our path to profitability, which if -- I talked about it's continuing to scale our investments around the CTP and in our international operations.

That helps improve the gross margins, of course, but then also to continue to scale the investment we made in our infrastructure to -- as we rolled out to become a public company. That path to profitability, we still see scaling continue and EBITDA positive.

We're focused on becoming EBITDA positive as soon as we can, which if you follow the trajectory, we believe we're on that path.

Relative to cash flow and the tax asset, we've never -- a long, long time ago -- and I'm talking about during the IPO process, which some of the listeners or the people on the call weren't involved with, but pre becoming a public entity, there were various scenarios where, had we gone public in fiscal '16, then the tax matters agreement would have started earlier and we would have been reimbursed for some of our fiscal '16 losses.

And this is a detailed explanation because I think it's important. Our fiscal '16 losses, we would have collected in fiscal '17. Since we did not become public until fiscal '17, that's deferred any type of collection on the tax assets that Dell may utilize into fiscal '18.

So that source of cash really isn't included in our forecast in the path to profitability. Ours is -- the profitability for us is really around obtaining positive EBITDA. And we'll highlight and break out separately the cash proceeds from the tax asset as we progress toward that, depending on Dell's individual tax liability situation. .

Having said all that, our goals to cash flow positive have not changed. .

That's correct. Our path to EBITDA positive has not changed. .

Okay. And a quick follow-up, if I can sneak one in here, just regarding the hardware costs.

I'm wondering if there are any incremental or if there was any incremental room for procurement efficiencies with respect to your relations with Dell and perhaps any other provider to optimize the hardware costs in the model both from the CTP appliance perspective as well as your CapEx profile. .

So again, thanks for the question, a good question. We focus on procurement efficiencies often -- well, all the time.

One of our focuses, though relative to hardware, is actually going the other way, which is using technology and to virtualize as much hardware as we can so that our clients are on a virtual basis, which is well underway and progressing nicely. .

We'll now take our final question from John Rizzuto with SunTrust. .

And I -- one just follow-up on that last call, and I wanted -- a lot of speculation, prior to Dell closing on EMC, of potential relationship, partnerships among some of those software assets that Dell acquired or gets access to via the EMC acquisition, most notably VMware.

And so there was a lot of talking about that during the road show during the lead-up to the IPO.

Now that the deal has closed -- and I know it's very recent, but can you elaborate a little bit more now what some of the real opportunities might start to materialize and how you've been thinking about it over the last several months?.

So John, thanks for your question. This is Mike.

We have had conversations regularly, and actually I think we had some yesterday and more that's scheduled this afternoon, with the security parts of EMC, which as you mentioned include the VMware organization and in particular, for example, the NSX and AirWatch opportunities that they have there, as well as with AMD and the RSA team, to see where there were synergist opportunities for us to work together.

And we've been exploring those at arm's length, since the 2 organizations are not together, from a commercial relationship to see if there's things we could do.

And now that the deal has closed, we will get into full-fledged discussions to see where we can help create more value for our clients and figure out a way to work within the Dell technologies. .

Okay, got it. As you look out and one of things that -- obviously, you have a large enterprise base already and got -- and we look at the different numbers and addressable market out there. There's a lot of potential as you penetrate into your existing client base, and you do give us those numbers and how well you're doing there.

Is the dynamic changing, as far as -- I mean I know it consistently changes with each passing month and more confidence in the services, but is there anything out there that we can look for or you're looking for to say, look, this is really starting to accelerate or we're hitting an inflection point? Or we're getting more critical workloads.

We're getting more penetration into these enterprises, and they're relying on us in a much broader way than what they had historically. .

I think that's a great -- this is Mike again, and thank you for the question. I would tell you that we mentioned that the sales pipe is growing nicely.

And we're probably in the early innings of what you described with regard to more attention, at least I think we've seen more attention in the last 90 days or so, from boards and C-suites paying focusing on this, this being security.

And we sit in a good place to help them in a vendor-agnostic manner, being aligned with them from a solution perspective. And I think it's one of the reasons we've seen the pipe grow.

That, and our cloud solution that we've come out with; and the Red Cloak solution at the endpoint, which partners with the best-of-breed other endpoint technology solutions. So I think your observation is a good one. And I would say that we're in the early innings of what I hope comes to fruition the way you've laid it out..

Thank you, everyone. We appreciate you joining us on the call, and we will talk to you again next quarter. Have a great day. .

This concludes today's conference call. We appreciate your participation. You may disconnect at this time..