Good morning and welcome to the SecureWorks First Quarter Fiscal 2020 Financial Results Conference Call. Following prepared remarks, we will conduct a question-and-answer session. [Operator Instructions] At this time, all participants are in a listen-only mode. We are webcasting this call live on the SecureWorks Investor Relations website.
After the completion of the call, a recording of the call will be made available on the same site. Now, I would like to turn the call over to Teri Miller, VP and Chief Accounting Officer. You may begin..
Good morning, everyone and thank you for joining us today to review SecureWorks financial results for the first quarter of fiscal 2020. This call is being recorded. This call is also being broadcast live over the Internet and can be accessed on the Investor Relations section of SecureWorks website at investors.secureworks.com.
The webcast will be archived at the same location for 1 year. This morning, SecureWorks issued a press release announcing results for its first quarter ended May 3, 2019. You can access this press release on the Investor Relations section of the SecureWorks website.
During this call, management will make forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995.
These forward-looking statements include, but are not limited to guidance with respect to GAAP and non-GAAP revenue and net loss per share as well as adjusted earnings before interest, taxes, depreciation and amortization.
Our forward-looking statements involve risks and uncertainties that could cause actual results to differ materially from those anticipated by these statements.
You can find a description of these risks and uncertainties in this morning’s earnings press release and in the company’s annual report on Form 10-K for the year ended February 1, 2019 which is available on our Investor Relations website and on the Securities and Exchange Commission’s website.
All forward-looking statements made on this call are based on assumptions that we believe to be reasonable as of this date, June 5, 2019. We undertake no obligation to update our forward-looking statements after this call as a result of new information or future events.
Some of the financial measures we use on this call are expressed on a non-GAAP basis. These non-GAAP measures exclude stock-based compensation, the impact of purchase accounting, amortization of intangibles and the related tax effect of these items.
We have provided reconciliations of the non-GAAP financial measures to GAAP financial measures in today’s earnings press release available on our website.
Non-GAAP measures are not intended to be considered in isolation from, a substitute for, or superior to our GAAP results and we encourage you to consider all measures when analyzing SecureWorks performance.
Also as a reminder, all financial information discussed is non-GAAP and growth rates are compared to the prior year periods unless otherwise stated. With us on today’s call are Michael Cote, President and Chief Executive Officer of SecureWorks and Wayne Jackson, Chief Financial Officer. Following their prepared remarks, we will take your questions.
We would appreciate you limiting your initial questions to two, so that we may allow as many of you to ask questions as possible in our allotted time. In the event, you have additional questions that are not covered by others, please feel free to re-queue and we will do our best to come back to you. Thank you for your cooperation on this.
Now, I would like to turn the call over to Mr. Cote..
Thank you, Teri and thank you everyone for joining us this morning for our first quarter fiscal 2020 earnings call. Our first quarter financial results were positive. Revenue was $133 million at the high-end of our expectations. The loss per share was $0.02 and EBITDA was positive $1 million both ahead of our expectations.
We had a use of cash to $3 million, a significant improvement from the use of cash of $18 million a year ago. As discussed on prior calls, cash flow from operations is usually negative in the first quarter due to the payment of annual incentive compensation.
Also in the first quarter, SecureWorks was once again positioned in the Leaders quadrant in Gartner’s May 2019 Magic Quadrant for Managed Security Services, Worldwide, making this the 11th consecutive time we have been recognized as a leader in this report.
We are pleased with our leadership position in this segment of the cybersecurity market we believe it is an important part of our business.
However, as the market evolves from detection centric products and services to comprehensive solutions that solve investigation and response challenges we continue to bring innovative solutions to market like our detect and prevent and managed detection and response offerings.
In addition, we have worked over the past 2 years to pivot our strategy to deliver our industry leading intelligence and security operations expertise in a different way through software-driven security solutions.
A couple of launches this quarter highlighting the application of our intelligence through software include the launch of Dell Safeguard and Response, a portfolio of next generation endpoint security solutions, including our software analytics and intelligence sold by the global Dell salesforce.
This offering is a prime example of the powerful solutions and go-to-market advances that we create through partnership, collaboration and coordination within the broader security community. In a very short period of time, we have seen encouraging momentum with a strong pipeline building.
We are pleased to be working with our Dell Technologies family and leveraging their expertise and tremendous distribution capabilities. Additionally, at the end of the first quarter, we launched Red Cloak Threat Detection and Response, or TDR, the first patent pending security analytics app on our application framework.
The app allows security analysts to detect unknown and advanced threats, streamline and collaborate on investigations and automate the right actions. The software ingests and enriches data from a variety of endpoint, network, cloud and business systems.
Our proprietary threat intelligence is embedded in this new SaaS offering, which also leverages advanced analytics like machine and deep learning. We have taken our 20 years of security operations experience, combined with significant technological advancements, and re-imagined how security should be done, making the complex simple.
TDR is the first test suite of software products being developed to help organizations be more effective and efficient in their security operations with confidence and the benefit from the collective knowledge across the community or the network effect.
We have a technology incubation team of world class engineers, data scientists and threat researchers working on the development of next generation technology solutions to enable our customers to outpace the adversary and meet changing market needs.
In developing TDR, this team iterated quickly, adjusted as needed and always kept the voice of the customer front and center. While we had positive financial results in the quarter, the annual contract value of sales contracts closed during the quarter or ACV was below our expectations.
Based on the Q1 shortfall in ACV and a review of our pipeline, we are lowering our revenue outlook for the rest of the year. Wayne will provide more details on the impact to guidance.
The sales execution challenges impacting our performance in Q1 included our pipeline conversion rate, which is the annual value of sales contracts closed in the quarter compared with the value of the beginning pipeline fell below our expectation in the low end of our historical ranges.
Considering this lower conversion rate, we now believe the overall size and velocity in the current pipeline is insufficient to support growth at our original expectations and the majority of ACV closed in Q1 was with existing customers. We currently do not have the appropriate focus on the consistent development and acquisition of new customers.
I am disappointed with this level of performance and to address these challenges, we have made the following changes. We have established a new cadence for pipeline inspection and sales activity, metric review, designed the surface challenges early and allowed for more rapid course correction.
We have introduced an account manager role focused on the development and continued expansion of existing customer relationships allowing sellers to focus more on new customer acquisition.
We have created a team of sales engineers dedicated to our recently launched Red Cloak TDR software app to drive sales velocity and we have developed and have trained the sales team on solution bundles specific to each customer segment, which are aligned with our security maturity assessment framework.
These sales plays which include our MDR and detect and prevent offerings as well as recently announced TDR software app are aimed at simplifying the sales process and increasing customer retention rates by packaging the best set of outcomes for our customers.
The overall market remains strong and I am confident with these adjustments in our go-to-market model and new offerings we will successfully reaccelerate our growth. I will now turn it over to Wayne to talk about our first quarter performance in more detail.
Wayne?.
GAAP and non-GAAP revenue to be in the range of $535 million to $545 million; adjusted EBITDA to be positive for the full year in the range of $2 million to $5 million; and non-GAAP net loss per share to be $0.10 to $0.13 per share, GAAP net loss per share to be in the range of $0.55 to $0.58.
For modeling purposes, we estimate that the tax benefit rate will be approximately 24% for the remainder of the year. Cash provided by operations to be between $25 million and $35 million, CapEx to be in the range of $12 million to $14 million.
A few points about the revised guidance, the impact of lower Q1 ACV performance accounts for a significant portion of the revenue revision. The remainder of the revenue revision relates to the amount of time needed to increase the size and quality of the pipeline and fully ramp our new solutions.
Lastly, we will continue to invest in the development of additional apps and software offerings throughout FY ‘20, but we will take a balanced approach as we continue our transition toward software-driven solutions that Mike alluded to earlier.
We have a strong financial foundation with a company that will generate well over $500 million revenue and be cash flow positive for the year. And we have launched our new software offerings into a market as we transformed the business for long-term success.
I believe the teams are very focused on the actions needed to drive the revenue growth and financial results we expect. I will now return the call to Mike..
Thanks, Wayne. Before I turn it over to the operator for questions, I would first like to thank the SecureWorks team for their hard work and dedication on behalf of our customers.
I am proud of our accomplishments working with our partners at Dell and for the successful launch of the SafeGuard and Response Solution and celebrating the launch of the Red Cloak TDR, our first software app. Our business is undergoing an important transition and there is no doubt we have work to do.
I am excited about the opportunity in front of us and believe we have the right people, the right strategy and the right focus to succeed in this evolving and dynamic cybersecurity market. On behalf of the entire SecureWorks team, we appreciate your continued interest and support.
Operator, if you would open the line?.
Operator, we are ready for the question and answer session..
I will now open the call for questions. [Operator Instructions] And our first question is from Rob Owens with KeyBanc Capital..
Great. Thanks for taking my question this morning. Mike wanted to drill down into these 10 deals that you talked about that expanded to over $1 million in ACV.
I take it that the majority of that came from the installed base and if so kind of given the dynamics and the meaningful cuts around the annual expectation, are you running into some churn issues.
I know you gave your net retention rate, but curious what churn looks like within that?.
Hi, Rob. This is Wayne. I will take the churn. So similar to prior quarters, we have two dynamics along churn, one, the logo churn is primarily from our SMB. The larger dollars comes from service churn, primarily in the enterprise space. So, that is background.
What was your question around the 10 new deals?.
You mentioned 10 new deals, over $1 million in ACV, excuse me, is the majority of that must be coming from the installed base and given the difficulties you are seeing on customer acquisition, is that true?.
Rob, this is Mike. Wayne took the question, because he was the one that had it in the third part, I would tell you that on the new customers we signed about half of those deals were new – I am sorry the 10 deals over $1 million, about half of those were new customers, about half of that was in the installed base..
And then if you could just address I guess from a broader perspective, what you’re seeing in the market. I think it was a – maybe a little more tepid first quarter kind of first half for a lot of the security companies.
Are you seeing – as you talked about closed rates, is it competition? Is it distraction? Are people pausing a little bit in this environment, maybe just a little more color around some of that new customer acquisition and some of the reasons you don’t think you’re getting it done there?.
Yes. So from a first quarter perspective, I would say we’re not – we are not seeing demand constrain. It was mostly execution challenges that we had in Q1. If I put the range over the last three years or so that we’ve been public of the demand scale, I would say, yes, there was a kind of maybe fewer RFPs in certain parts of the market.
But overall the demand was still strong and the miss and the disappointment we have relates to our execution with not enough new pipe coming through and then on the focus on the new pipe.
Our focus has been and will continue to be our customers first and working to keep the business that we have, the new offerings, our MDR, the Red Cloak partner program, the SafeGuard and TDR and then on the execution front. And tying into that, you mentioned the churn aspect of things, our net retention rate was 99%, as we mentioned.
We are still experiencing, as Wayne mentioned, more service churn, but it’s particularly, as I said in my prepared remarks, some of the older legacy business that was around the detect only part..
Alright. Thank you..
That helped?.
Thanks, Rob..
Your next question is from Sterling Auty with JPMorgan..
Yes, thanks. Hi, guys.
So want to dive into the pipeline a bit, would you say that the biggest sticking points are top of funnel in terms of the quantity of qualified leads coming in the top of the funnel or is the bigger issue, once you’ve got the qualified leads, how you’re progressing or nurturing those leads through, I’m guessing you probably use a four or five stage sales process?.
It’s in the top of the funnel, Sterling. We – I think what we basically did was spend more time focused as I mentioned on our customers. And from a marketing perspective, I think some of the effort we had from a demand gen perspective and we were not building the top end of the funnel as much as we should have been.
Our belief was that there was higher quality in the funnel and that the conversion rate in Q1 would have been closer to the higher end of where our historic range has been.
And the long and short of it is, it came in at the lower end of the range and having that happened in the beginning in the first quarter of the year has an impact on revenue throughout the year..
And can you kind of give a little detail as to where more the concentration was, was it U.S. or International? And the reason why I ask is, there have definitely been particular questions over the demand environment in cybersecurity in the U.S. If we look at names like Fortinet and others U.S. was not particularly strong in the March quarter.
I know you talk about your own sales execution issues, but perhaps could it actually still be in part of something broader that’s happening in cybersecurity..
This is Mike. Sterling, thanks for the question. There clearly could be an impact of something that’s happening broader in cybersecurity for [Technical Difficulty] all regions did miss – this was a bigger miss than other areas. And as I said, we had expected the range of conversions of what was in the pipe to be at the higher end.
And the impact of it coming at the lower end is we really begun to inspect it. There is a renewed focus and effort we’ll have on building the top end of the funnel back to your first question.
But I think your question is an interesting one, which is, had we even built up the top end of the funnel, we may have made progress, but maybe not all that we wanted, I don’t know..
Alright, thank you..
Thank you..
Your next question is from Fatima Boolani with UBS..
Good morning. Thank you for taking the question. Mike, you’ve prefaced through a lot of the dynamics that contributed to the new ACV shortfall.
But I did want to take a step back and sort of ask you over the course of the last three years since you’ve been public, there have been some sales changes that you’ve undertaken in the organization, and there has been new leadership.
So what I wanted to ask you was, are you seeing above average sales turnover or you know turning that question around, is – what is the tenure in the ramp level like that you’ve seen in the sales force. And are you seeing levels of attrition in that or maybe above historical levels that may be a contributing factor to some of the new ACV shortfall.
And then I have a follow-up for Wayne if I could..
So Fatima, thank you for your question. The turnover – since our new sales executive came in a little over a year ago, on a trailing 12 month quarterly basis, our turnover level in the quota carrying sellers has actually decreased each of the last four quarters. So we’ve not seen an increase in quota carrying people over that time period.
Your second question for Wayne..
Yes. And Wayne, just around the gross margin profile, that sales seen steady improvement even as the mix has shifted away from monthly recurring revenue on MSS contract.
So I’m wondering if you can speak to sort of delivery efficiencies or any other investments that you’ve made in the past that are bearing fruit and showing yield and sort of how we should expect you to accrete gross margins to your longer term target level closer to 60% plus level. And thank you for taking the question..
Hi Fatima, absolutely so I think we touched on this a little bit in the last call. We continue to make investments on the upside, in basically in the software, we needed to deliver our services, and in the automation and orchestration we are definitely seeing improvements there, again on the subscription side.
Our consulting services were focused on those margins as well. But it’s all about the ops team delivering more effective, more efficient solutions..
Appreciate the color. Thank you..
Your next question is from Walter Pritchard with Citi..
Hi, more of a longer term business strategy question for you Mike. I mean, how you are thinking about investments in technology and R&D, and sort of almost product like investments, things like Red Cloak and so forth.
As it – just seems like given the challenges in the underlying sell of the services, maybe some focus could help and I’m curious if you think that could – that could be part of this year where just focusing on services versus kind of R&D and product like investments might make the message to customers more clear as to what you’re doing and hone the value proposition..
So, Walter thanks for the question. You had a couple of them in there. Let me try and answer it this way.
I don’t – there was no impact from a focus perspective in that the new software solutions were coming out with the Red Cloak Threat Detection and Response, on the new analytics platform which is really more of the SaaS based software only solution just came out at the end of the quarter. So there was no effort from a seller perspective.
They had been trained earlier, but it wasn’t as if we were out pre-selling it. From an R&D investment perspective, we are clearly continuing to ramp the R&D in that area.
Now that it has been announced, we actually have the engineering organizations working together as we are looking to bring the old Counter Threat Platform or the legacy Counter Threat Platform in the new platform and operations into a single focus of what we’re doing.
So the transition plan and the migration plan of how we’re going to – and the incremental apps that we are going to invest in as Wayne said in his prepared remarks will continue.
And from a sales perspective in Q2 and going forward, there is clearly an increased focus on a smaller if you will, the offerings that we’ve talked about to bring the market that have higher value, the Managed Detection and Response, the Detect and Prevent, the Red Cloak Partner Program, SafeGuard, which most of which is being done by the Dell sales organization and the Red Cloak Threat Detection and Response are the core offerings where the market is seeing value and actually in my travels both with prospects and customers is resonating very, very well and particularly the overall strategy in our point of view on what the of the SOC of the future will look like.
Did I answer your questions, Walt?.
Okay, yes that does. Now that helps. I appreciate it. Thank you, thank you Mike..
Your next question is from Melissa Franchi with Morgan Stanley..
Thank you for taking my questions. Mike, I am just curious about your expectations for the new products.
The execution issues that you are discussing is that lowering your expectations for how those new products particularly TDR will ramp this year or is it really just the execution issues are impacting kind of the core managed security service offerings?.
The execute – the latter, the execution impact – the execution issues have been impacting the core managed security service in what we’re doing, the pipeline has built – so TDR in particular which came out at the very end of the quarter, I think it was three days or four days before our quarter ended. The pipeline has built nicely.
We have signed customers that are in production and we have dedicated as I mentioned some trained sales engineers to be in a position to help. And we’re in the process of looking to bring on some dedicated TDR sellers that will be able to work since software’s a little bit differently.
So they will work to sort of seed the market and with the existing sales organization. If I use MDR, our more recent offering just before TDR, our growth is double digit.
So we’ve got nice growth on the MDR front and we are – tying this in to Walter’s comment, we are continuing to invest and balancing that investment across the organization by continuing to invest in the new area of where we’re going and the value that we see in the market on the TDR side and new application framework..
Okay. And then I guess following up on that, to Wayne, thinking about what’s embedded in your guidance for FY ‘20, in terms of the new products.
Is it fairly kind of immaterial at this point or should we expect that we’ll start to see the impact maybe in the second half of the year of some of those new products?.
Hi Melissa, we definitely believe we’ll see impact in Q3 and Q4 and then as maybe a follow up to the margin question asked earlier from Fatima, as those ramp much better, much higher margins, so that’s going to help us on our margin walk to higher overall margins as well..
Got it. Alright, thank you very much..
Your next question is from Gur Talpaz with Stifel..
Great, thanks for taking my questions.
Mike, I was hoping you could talk about TDR in relation to stand-alone EDR solutions, where does one end and the other begin? Then maybe taking this a step further, can you speak to how the competitive set here changes as you make a bigger push into security software?.
So, Gur, that’s a great question or great questions. The TDR matters as I sort of mentioned in my prepared remarks and actually with the installed customers we’re working with today, it’s kind of a re-visioning of the whole security operations center and the way it operates from a community perspective.
It considers or brings in data from the cloud, from business systems from the network and from the endpoint. So it’s not an EDR only solution.
It also has all of our analytics embedded in it over what we’ve learned in the last 20 years in operating security centers or security operations centers for 4,000 clients in 60 countries around the globe, including our embedded machine learning and the deep learning expertise that we’ve created. So – and it works on a collaborative fashion.
So if you and I were both operating on it, we could collaborate via a chat feature and work together in a manner across our operations centers or across the customer base in order to create the appropriate detection prevention and then ticketing and workflows to take the embedded orchestration actions that need to be done.
So, it’s a complete revision of what we’re looking to do, actually one of the things in your question is a good one in that we’ve – we’re talking about trying to see if there’s a way we should bring a little more clarity to this for those of you on the call to understand how we’re reimagining the security operations center of the future and how TDR is actually sort of the first step in that journey.
And disclose kind of our point of view of what the security operations center of the future will look like 3 years to 5 years from now.
So hold for now and we will look to get back to you with hopefully a little more in-depth conversation we can have and maybe bring some of the team that’s been leading this effort over the last couple of years now that we are driving it forward.
On the second part of your question, with regard to competitors, it will change who we are competing with substantially.
And I think I don’t know of anyone that’s doing something exactly the way we are doing it in the market and I think there will be other tangential competitors from a product perspective and from the MSSP or MDR markets that will look to play in this space slightly differently.
Nobody really has the diversity of – and I will say the diversity in depth of the data and the experience doing exactly what we have been doing in a vendor neutral manner for a 20-year period of time which is really what we are trying to do is to bring that expertise to market in an open community to share it, if you will almost from a crowdsourcing type of perspective.
So we are excited to get to market. As I have explained this to prospects and customers, the receptivity has been very, very good.
And now what I think we need to do is really help tell everyone what it is, where it is we are going or what we are trying to do and get TDR into the market and then get some of the other applications or apps we are going to look to rollout into the marketplace as well..
That’s helpful. Thanks Mike..
[Operator Instructions] And you have a follow-up question from Sterling Auty with JPMorgan..
Thanks. Hi, guys. So, just two follow-ups.
The MRR, the $36.1 million based on the guidance should we expect that number to be flat or even potentially down next quarter?.
So, Sterling, we see – just maybe to review what’s in MRR it includes both the installed base plus backlog. We have not guided, but I will share my thoughts on it, maybe not a number. We don’t expect it to go down. The answer to your question is, no.
I think it’s sort of modest growth and then the acceleration in the back half that I mentioned very briefly earlier, but does that help?.
Okay. Yes, it does. And then one other question, I think it’s a little follow-on from earlier question.
So obviously you have given us the EBITDA guidance for the full year, but how are you thinking about the cost structure in light of the impacts that you saw here in the quarter, is there any cost actions do you think that will be necessary through this process?.
So Sterling, thanks for the question. It’s Mike. We continue to invest – we will continue to invest as I mentioned a few moments ago in the analytics framework and incremental apps for that will follow on from TDR. We are also and have also since we learned and saw what happened in Q1 managing our cost appropriately.
So, doing the things that make sense for the investment in the business and the future of where we are looking to transition while at the same time, we are looking at the growth or lack thereof that we had in some of the core legacy parts of the business.
So a couple of the key areas we did integrate the engineering teams and are looking to increase the velocity of the production from the engineering teams and some of the increased scale that we saw in areas such as G&A I would expect to continue to see into the future..
Alright, got it. Thank you..
Basically trying to balance our costs with our growth by continuing to invest in the future areas we are going..
Make sense..
Thank you..
And your next question is from Howard Smith with First Analysis..
Hi, guys. Thank you for taking the question. My question was about the expenses and costs that Sterling asked. So since you just answered that, let me ask – in the past, you have talked about automating particularly remediation I believe that was a pretty manual process and you were taking some steps.
I just – I know it’s a never-ending journey, but I think you had some fairly specific aims in the near-term.
Where are you on that journey and how much is left to do?.
So in the orchestration and automation area, we have both written playbooks to use this internally across the customer base that we are doing the managed security services for and we have incorporated that work into our threat detection and response application so that we have playbooks embedded to be able to take the appropriate steps in an automated manner again from both an orchestration and automation perspective.
And Wayne touched on it in the prepared remarks from an operating efficiency perspective we are using it to increase the leverage and the operating margin of which or gross margin of which we are serving our customers in a manner that provides more clarity and ease for them as well rather than having manual intervention get – as much manual intervention gets.
The investigation steps of where we are doing a lot more of the automation as we are looking across what happens.
Does that help?.
It does. Thank you much..
Thank you..
Okay, thank you. Thank you everyone for joining us on today’s call..
Is there another question, operator?.
No, there are no questions, sir..
Thank you again for joining us on today’s call and for all of the questions. We appreciate your support and look forward to our second quarter call in early September. If we did not get your questions this morning, please do not hesitate to reach out to us for follow-up..
Thank you very much..
Thanks everyone. Cheers..
Ladies and gentlemen, this concludes today’s call. You may all disconnect at this time..