Good morning and welcome to the SecureWorks Second Quarter Fiscal 2020 Financial Results Conference Call. Following prepared remarks, we will conduct a question-and-answer session. [Operator Instructions] At this time, all participants are in a listen-only mode. We are webcasting this call live on the SecureWorks Investor Relations website.

After the completion of the call, a recording of the call will be made available on the same site. Now, I will turn the call over to Teri Miller, VP and Chief Accounting Officer. You may now begin..

Good morning, everyone and thank you for joining us today to review SecureWorks financial results for the second quarter of fiscal 2020. This call is being recorded. This call is also being broadcast live over the Internet and can be accessed on the Investor Relations section of SecureWorks website at investors.secureworks.com.

The webcast will be archived at the same location for one year. This morning, SecureWorks issued a press release announcing results for its second quarter ended August 2, 2019. You can access this press release on the Investor Relations section of the SecureWorks website.

During this call, management will make forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995.

These forward-looking statements include, but are not limited to guidance with respect to GAAP and non-GAAP revenue and net loss per share as well as adjusted earnings before interest, taxes, depreciation and amortization.

Our forward-looking statements involve risks and uncertainties that could cause actual results to differ materially from those anticipated by these statements.

You can find a description of these risks and uncertainties in this morning’s earnings press release and in the company’s annual report on Form 10-K for the year ended February 1, 2019 which is available on the Investor Relations website and on the Securities and Exchange Commission’s website.

All forward-looking statements made on this call are based on assumptions that we believe to be reasonable as of this date, September 5, 2019. We undertake no obligation to update our forward-looking statements after this call as a result of new information or future events.

Some of the financial measures we use on this call are expressed on a non-GAAP basis. These non-GAAP measures exclude stock-based compensation, the impact of purchase accounting, amortization of intangibles and the related tax effect of these items.

We have provided reconciliations of the non-GAAP financial measures to GAAP financial measures in today’s earnings press release available on our website.

Non-GAAP measures are not intended to be considered in isolation from, or substitute for, or superior to our GAAP results and we encourage you to consider all measures when analyzing SecureWorks performance.

Also as a reminder, all financial information discussed is non-GAAP and growth rates are compared to the prior year periods unless otherwise stated. With us on today’s call are Michael Cote, President and Chief Executive Officer of SecureWorks and Wayne Jackson, Chief Financial Officer. Following their prepared remarks, we will take your questions.

We would appreciate you limiting your initial questions to two, so that we may allow as many of you to ask questions as possible in our allotted time. In the event, you have additional questions that are not covered by others, please feel free to re-queue and we will do our best to come back to you. Thank you for your cooperation on this.

Now, I would like to turn the call over to Mr. Cote..

Thank you, Teri, and thank you everyone for joining us this morning for our second quarter 2020 earnings call.

In the second quarter we achieved revenue of $137 million exceeding the high-end of our guidance, gross margin of 56.3% of revenue which expanded 200 basis points from last year, and EBITDA of $1 million, and a loss per share of $0.01 both of which also topped our expectations for the quarter.

We also saw improvements in the quarter in several aspects of our go-to-market activities. The annual value of sales contracts closed during the quarter or ACV improved across all markets as compared with Q1. Our revenue retention rate was 99%. We grew the sales pipeline and increased our pipeline conversion rate compared with Q1.

We have a growing pipeline for our new TDR software application and Dell SafeGuard and Response [deals] [ph] ramped nicely during the second quarter. I am pleased with the results for the quarter as they represent a good step in the right direction, although our go-to-market efforts remain an area of focus and an opportunity for improved execution.

As we've highlighted on prior calls, our business is undergoing an exciting strategic transition as we bring our vision of the future security operations to life through software driven solutions.

We view the SOC of the future as a more agile, scalable and effective model for security operations that addresses the challenges of today's dynamic IT landscape and rapidly evolving threats. This new approach in combating security threats demands a leap forward in capabilities made possible by leveraging the following.

The speed and scale of machine learning, deep learning and cloud computing to analyze data from the extended IT ecosystem for greater visibility, real-time collaboration with experts and smarter, more effective automation.

Crowd-sourced threat intelligence and incidence response insights to enrich this spectrum of data for faster and more reliable advanced threat detection and remediation, and integrated analytics empowering security analysts to be more effective and productive unencumbered by disconnected point solutions, false positives, and dead-end investigations.

Red Cloak Threat Detection and Response or TDR was launched at the end of Q1, is our first cloud native patent pending software app built on our security analytics platform. This was an important milestone in the execution of our strategy and the first key building block that enables the ‘SOC of the future’ to become a reality.

Our TDR software app is differentiated by an integrated set of detectors that are enriched by our threat intelligence and network effect, automated response actions and collaborative investigations.

With TDR we are building on our heritage of working in a vendor inclusive manner to ingest all relevant data from a wide range of sources; network, endpoint, cloud and business systems to provide visibility across the entire environment.

We're leveraging the latest machine and deep learning methods informed by our 20 years of threat intelligence, the large and diverse data sets obtained from our customer community and our threat models to detect malicious activity not identified by other tools and to reduce the noise from false positives.

When customers need help triaging an alert or investigating suspicious activity, a SecureWorks senior intrusion analyst is only a click away with our collaborative investigation capability built into the product. We've integrated automated response actions natively in the software giving our customers the ability to take the right action quickly.

And finally, the TDR app is built on a platform to allow for rapid innovation. We've added data sources and written new detectors [in days] [ph] and with the network affect each of our 4100 customers across the globe benefits from the latest intelligence gathered via our threat research and incident response engagements.

The platform and software applications have been designed with a modular approach giving customers the flexibility to create a security program that aligns with wherever they in their security maturity journey.

As a follow-on to the launch of the TDR app last month, at the Black Hat Conference we announced our next generation Managed Detection and Response solution. MDR leverages the power of our TDR app allowing customers to work in partnership with us to drive the best possible security outcomes.

Although we are early in the go-to-market efforts with both TDR and our new version of MDR, response from the market has been very positive. We've closed a handful of deals all of which are multiyear and are encouraged by a few common themes.

Customers appreciate the increased visibility we provide across their entire ecosystem and our predictable and compelling pricing model which makes full asset visibility affordable and accessible.

And customers are also tangibly realizing the benefits of the software as our security analytics driven by telemetry and correlation of diverse data sources are substantially reducing alert noise while our automated response actions are allowing quick threat resolution.

In addition to our go-to-market activities, we are working to upgrade a select group of customers to the new software enabled solutions. This provides value to broader asset coverage, better efficacy and speed ultimately allowing us to extend and/or expand relationships with our clients.

We also consider this an important phase of building reference able accounts, a source of valuable customer feedback, and a vehicle to create implementation and operational efficiencies as we scale. We have upgraded over 65 customers in less than four weeks and the early feedback has been very positive.

As we head into the second half of the year, we remain laser focused on building on this progress, driving our business transition, and bringing our vision of more effective and efficient security operations to life. I will now turn it over to Wayne to talk about our second quarter performance in more detail.

Wayne?.

Thanks Mike, and good morning everyone. Our second quarter results were positive and we continued to maintain our strong financial position as we invest in our new software driven security solutions and our go-to-market efforts. In the second quarter of FY'20 revenue was $136.6 million a 6.1% increase over Q2 FY'19 and a 2.8% increase sequentially.

Second quarter revenue exceeded our guidance range. EBITDA was $1.3 million ahead of our expectations driven by higher gross margins. And we generated $16.3 million of cash from operations in the quarter, primarily on improved DSO. Our average annual subscription revenue per customer was $106,000 this quarter growing 5.5% over last year.

We closed nine deals with a total contract value greater than $1 million in the second quarter. We exited the quarter with annual recurring revenue of $437.6 million. Consulting revenue grew 11.5% year-over-year and comprised 24.8% of total revenue for the quarter.

We anticipate our subscription to consulting revenue mix will continue around the 75% level next quarter as incident response and other consulting services continue to be an important component of a comprehensive security solution for our customers. Finally, revenue outside the U.S.

represented 26% of total revenue in the second quarter up from 22% of total revenue in Q2 last year on consistently strong growth in the UK, Middle East, and Japan. Gross margin totaled $77 million in the second quarter of FY'20 or 56.3% of revenue a 200 basis point increase from the prior year.

Second quarter operating expenses totaled $79.3 million compared with $72.2 million last year a 201 basis point increase as a percentage of revenue.

Research and development expenses totaled 17.5% of revenue in the quarter compared with 16.7% for Q2 FY'19 and 80 basis point year-over-year increase driven by incremental investments in our software app and platform development activities.

Sales and marketing expense were approximately 27.2% of revenue in the second quarter compared with 27% for prior year Q2. General and administrative expenses totaled 13.4% of revenue in the second quarter compared with 12.4% for the same quarter last year.

Current G&A costs included a charge for the consolidation of some real estate leases which is the primary driver for the increase in cost as a percentage of revenue. Adjusted EBITDA in Q2 was $1.3 million compared with $1 million last year.

Non-GAAP net loss was $700,000 compared with a net loss of $900,000 in Q2 last year and non-GAAP loss per share was $0.01 in both current and prior year.

Regarding cash flow and balance sheet items, as I mentioned cash flow provided by operating activities was $16.3 million in the second quarter and $13.2 million year-to-date compared with a $10.9 million of cash provided by operating activities in the first half of last year.

DSO was 80 days at the end of Q2 down from 93 days at the end of Q1 and an improvement from 94 days at the end of Q2 last year. We finished the quarter with cash of $117.7 million and have an uncapped $30 million credit facility. CapEx was $3.6 million in the second quarter. Now for guidance.

In the third quarter of FY'20 we expect both GAAP and non-GAAP revenue to be in the range of $135 million to $137 million. And we expect non-GAAP net loss per share to be between $0.03 and $0.04.

For FY'20 we now expect the following; GAAP and non-GAAP revenue to be the range of $540 million to $545 million, adjusted EBITDA to be positive for the full year in the range of $2 million to $5 million, non-GAAP net loss per share to be $0.08 to $0.11 per share, GAAP net loss per share to be in the range of $0.52 to $0.55.

For modeling purposes we estimate that the tax benefit rate will be approximately 24% for the remainder of the year. Cash provided by operations to be between $30 million and $35 million.

We expect second half cash flow to be weighted more towards Q4 given the expected collection of the tax receivable from Dell in that quarter and CapEx to be in the range of $14 million to $16 million. In closing, we have a strong financial foundation generating well over $500 million in revenue and producing strong cash flow for the year.

We will continue to invest in the development of additional apps and software offerings to better protect our customers as we transform the business for long-term success. I will now return the call to Mike..

Thank you, Wayne. I would like to thank my SecureWorks teammates for their continuous dedication on behalf of our customers. We have an exciting opportunity in front of us as we undergo this strategic transition.

We welcome the challenge that change brings and I'm proud and energized by the commitment and adaptability of our team as we focus on delivering innovative solutions secure our customers. On behalf of the entire SecureWorks team we appreciate your continued interest and support.

Operator, if you'll now open the line for questions please?.

[Operator Instructions] We will take our first question from Sterling Auty with JPMorgan..

Yes, thanks, hi guys.

So the improvement in terms of the topline, can you give us a sense because you did touch upon it, is it just improved close rates or did you actually increase the coverage ratio in the quarter as well, so you're seeing some flow-through effects of that?.

Good morning Sterling, it's Mike. Thanks for the question. It is actually a little bit of both, it's higher close rates and an expansion of the coverage..

And within the close rates and specifically there has been lots of questions on a lot of these calls around concerns around the macro environment that's out there, how would you see the business reacting if we saw further kind of economic slowdown? Do you think because of cost savings on headcount et cetera, that the business would actually benefit or does it actually take a hit as companies look to restrain spending?.

So that's a great question Sterling, and thank you again. It is Mike.

A couple of things I'd add in response to that question, one is in the quarter we saw better close rates in coverage in all markets across the world which was the first time we sort of – not the first time, it's been a while since we've seen that kind of productivity and increase from a coverage perspective, so definitely moving in the right direction.

My sense having been around for a long time is that security is not a luxury and as we go through this process our focus on creating better efficiency and effectiveness in delivering value so that the security operations centers are actually going after and spending their time on things that matter, should help us in this process and the software that we're creating, that we've created and taken to the market we believe we're optimistic that we will fit in a very good, to show that increased value if any downturn were to occur from an economic perspective..

Got it, thank you..

Thank you..

Next question is from Fatima Boolani with UBS..

Good morning. Thank you for taking the questions and apologies for any background noise. I have a question for Mike and a question for Wayne, but Mike to start with you, it is good to see that you are undertaking this transformation strategy is a really huge product platform and essentially creating a platform to plug your customers on to you.

So my question is for you, we've heard a lot of the cybersecurity product vendors venture into this sort of automation arena. So I wanted to get your perspective on how that's impacting your customer discussions and buying cycles and buying behavior? And I have a followup for Wayne..

So I think Fatima I got your question, but let me try and respond and if I didn’t we'll give you a pass at being able to ask a clarifying question from me in case I didn’t hear it correctly. As we all know, there are thousands of point products in the market today that are not effectively working together.

I think actually I've taken the major statement that as an industry the security industry is – it is my opinion getting further behind as we can see by the number of breaches, talk about Capital One or the company here in Atlanta that had an issue recently.

I mean we're just – it's just not – the industry is not working well and we believe that software is the key to make it more agile, scalable and effective model of security and we also believe that the community is going to be needed for us to work better together and as security community overall.

So we've taken the approach with the security analytics app that we've created that will work in a vendor neutral manner to be able to bring the best efficiency and effectiveness, so that from a buyer perspective, a customer perspective we can help them cut through the noise and work with the best of breed products across the market.

I also think that that means that as everybody talks about platform, and the platform definitions vary, these platforms will begin to work together as well and that may be one of the facilitating ways for people to work together in the security community..

Fair enough. Maybe just to clarify and then reframe the question, you know in the sense of products [indiscernible] talking about automating breach and incident response, and alert management, is essentially a validation of sort of the journey that you’re embarking on.

So I guess what I’m really trying to ask is with product vendors or with whom traditionally you’ve had an economic relationship with, with them sort of entering the sort of automation fray, how does that change the competitive behavior and buying discussions with customers just to reframe and clarify?.

Okay, I think I understand. I guess the way I’d respond to that is, there’s two different aspects to this in my mind, one is the plumbing, the technology that will allow orchestration to happen which is the automation of an action if you will versus the intellectual property and it drives that action being the right action to take.

And I think from a focus on the Security Operations Center I’m not sure we have well - we have 20 years of historical experience and data in doing this for customers around the globe.

So if ultimately this gets down to a buyer’s decision of trying to ensure that they’re getting the appropriate intellectual property of what to automate and how to automate versus the act - taking the automation action, I think we sit in a very good position and I’m excited about this.

And I - again, from my perspective I’d like to do this in a cooperative manner in the community. I don’t think the customer will be, will benefit to the extent that the security organizations cannot figure out a way to work together in the customer’s best manner.

And in doing so, well in the customers’ best, not manner, in the customer's best interest, and in doing so, I think, look I’m an abundance mentality type person, so I actually think the pie gets bigger and we provide better and more effective security in fighting the bad guys..

Fair enough, I appreciate that.

And Wayne, for you, if you could sort of talk about, and Mike as well around the improved pipeline build and pipeline growth as well as conversion rates that you saw sequentially, I’m wondering how you thought about factoring that into your full-year outlook, because it doesn’t necessarily seem like you’re extrapolating some of the goodness and in terms of the trends you saw in 2Q through the rest of the year, so I just wanted to get your thought process behind your [indiscernible] view on the full year guide? And that’s it from me, thank you so much..

Hi Fatima, sure, thanks for the question. So as you noted, we did bring up the bottom end of the range to reflect the beat in Q2.

It’s as simple as we had a really, a much improved Q2 from a sales perspective go-to-market and I’m kind of a Show Me Guy, so I want to wait and see how Q3 looks before we get too far out from our revised guidance for the full year in Q1. So it’s no more simple than that. We had a really - we had a good Q2.

We’re comfortable right now with the guidance and news to follow..

Makes sense, I appreciate it, thanks Wayne..

Thank you..

Your next question from Alex Henderson with Needham & Co..

Hi, this is Roger Boyd on for Alex. Thanks for taking our questions.

So I think previously you mentioned you were expecting the acceleration MRR in the back half of the year, is that still the case, and maybe what are the puts and takes on that growth, do you start to benefit from TDR and MDR?.

Hi this is Wayne. So acceleration in the back half as you can infer from the guidance, you know we’re still focused and we did have some acceleration in the back half that’s baked into the $540 million to $545 million for the year. We saw some - as I mentioned earlier, we saw some improvement in Q2 go-to-market.

We expect to see some improvement for the second half of the year, but it’s a great question related to TDR because there’s going to be some trade off right? As we rollout TDR it’s new in the market, we’re doing everything we can to accelerate that and Mike talked about some conversions that’s going to help that.

Net-net we do expect the go-to-market to continue to improve certainly compared to Q1, but time will tell..

Okay makes sense.

And then maybe strategically, does the VMware acquisition of Carbon Black, knowing that you guys are vendor agnostic, does that affect your relationships with VMware itself and then also with Dell?.

So this is Mike and I’ll respond to that. So, for the last twenty years we’ve had a history of working with the best of partners in the marketplace which allows us – as I sort of alluded to and mentioned in my earlier comment, to provide the most effective security for our customers and we intend to continue to do that.

We’ve worked with Carbon Black, with CrowdStrike and with VMware over years and have very strong relationships and partnerships with all three and then I would expect us to continue to build upon that success and continue to focus there..

Makes sense, thanks for the questions..

Your next question from Matt Herbert with RBC Capital Markets..

Thanks, this is actually Matt Swanson on for Matt.

If I could just ask kind of a broader question, so as we're kind of looking out at this product roadmap of SOC for the future, could you touch a little bit about how you’re consulting business and kind of visibility that gives you and your customers has helped shape your product roadmap?.

Matt, Mike Cote, thanks for the question.

The consulting business, in particularly the incident response engagements we do, but the consulting business overall gives us visibility to understanding which customers have more effective processes, procedures and technologies quite frankly for where they are in their security maturity journey and whether they are looking to prevent or detect and how they are looking to use their various technologies.

So it plays an important role in helping us understand and form a view both from a threat intelligence perspective as well as from a product roadmap perspective of how we evolve.

And the thing I’d add that’s been great about the new TDR platform and the customers that we have there, and I alluded to this in my prepared remarks, is that we’ve been able to turn around customer feedback within hours to at most two days to ensure that we’re being responsive and continuing to evolve in a manner that helps our customers improve the efficiency and effectiveness of what they do from a security operations perspective..

That’s helpful and then just a quick one on the TDR and you know the beginning of MDR.

Are you seeing any change in the terms of a new and existing customer mix with these products or is it mostly this thing that you’re targeting so far?.

No, no, no we’re targeting for both new - for both TDR and for MDR.

We are targeting both existing customers who we will either migrate over and/or upgrade or you know if it makes sense to expand our relationship by cross-selling into them, but we also have dedicated sellers who are focused on helping to continue to expand the customer base on top of the expansion we’re doing with our existing sellers, but the dedicated sellers who are looking to focus on TDR from a software only application perspective initially.

So a different part of the target market if you will.

Let me just explain a little bit clearly if it may help, we segregate the market or segment the market based upon security maturity and clearly it’s a different maturity level of customer who may be looking for the software only app with us providing support through the chat feature versus those that would be looking for more of a managed and expanded where we may be doing response for them and an increased level of service.

Does that help Matt?.

Yes, thanks that’s really helpful..

[Operator Instructions] Your next question from Gur Talpaz with Stifel..

Hi, this is actually Chris [indiscernible] on for Gur. You mentioned that the Dell SafeGuard pipeline ran somewhat nicely during the quarter.

Can you speak to when we can expect the pipeline to begin to materially convert and the degree to which this can drive net new customer growth going forward?.

So, Chris, this is Mike. During the quarter [ph] first of all I didn’t mean to infer that we didn’t have conversions and sales in the quarter, so we did have a ramp with conversion, sales and net new customers from the Dell SafeGuard relationship in the quarter.

And the pipeline continues to build for us to where we would expect, I would say later this year to early next year as we would be ramping at a level that would give us a – well at a normalized level I would say.

So we now have sort of greater visibility in the Q3, Q4, Q1 of next year, where we'll have a pretty consistent level we would hope of sales in the Dell SafeGuard and Response, and the ability to open up some of those new customer relationships to cross-sell into..

Great. Thanks, Mike..

Yes. Just to be clear though, from a revenue perspective, that is a good - we aren't expected to become a material part of our business, but it is clearly a nice level of new customer acquisitions and revenue and profitability..

Got it, got it. Thank you again..

We'll now take our final questions from Howard Smith with First Analysis..

Yes, good morning. Thank you for taking my question.

So, first, I just wanted to clarify, get a little more detail on the upgrade, the 65 customers you mentioned; is that from Managed Detection and Response? You're not providing TDR to these customers as well and how did you go about kind of selecting which customers are most appropriate for that program?.

Good morning, Howard. Thanks for the question. So what we basically did was looked at a group of our customers that we were providing services or solutions for around monitoring and management and effectively, saw that there was an easy upgrade path for us to move them to operating on the TDR software, where we are working cooperatively with them.

So if, for example, ABC company is a customer of ours, and we were able to effectively wake up with very little effort and energy on their or our behalf, and show them the capability where they're seeing what we're doing on the old platform and the new platform, and the opportunity to transparently see how we're operating.

So they have the same login with a new portal and capabilities working cooperatively in a cloud native app to see how we're working. And it was a very quick upgrade path and ability to train them and show them. In the process of doing this, we came up with some incremental detections along the way on the first 65 to show the power of the TDR software.

We had one customer actually respond telling us that they thought it was like Christmas morning for them. So it was a very encouraging and it's been a very uplifting sort of four weeks for us, as we've gone down that path..

Great. Thank you for the color there. And then in terms of the financials, Q2 financials, if I've heard right, I just want to clarify, there was approximately $1.3 million $1.4 million one-time expense in G&A for some office consolidation.

I just want to confirm that's kind of a one-time item?.

Howard, this is Wayne. That's correct..

Okay. Thank you much..

Thanks very much..

Thank you, again, for joining us on today's call and for all of your questions. We appreciate your support and look forward to our third quarter call in early December. If we did not get to your questions during the Q&A session, please don't hesitate to reach out to us for a follow-up..

Thank you very much. Have a great day..

Thanks everyone..

Ladies and gentlemen, that concludes today's call. You may all disconnect at this time..