Mandiant, Inc.
Q4 2014 Earnings Call Transcript

Published:

  • Operator:
    Good day everyone, and welcome to the FireEye Fourth Quarter 2014 Earnings Results Conference Call. This conference is being recorded. Also please note that the slides for today's events are available on the Investor Relations section under our website. With us today from the Company is the Chairman and Chief Executive Officer, Dave DeWalt; Chief Financial Officer Michael Sheridan, and the Vice President of Investor Relations Kate Patterson. At this time I would like to turn the call over to Kate Patterson, please go ahead.
  • Kate Patterson:
    Thank you. Good afternoon and thank you for joining us on today’s conference call to discuss FireEye’s financial results for the fourth quarter of 2014 and the full-year 2014. This call is being broadcast live over the Internet and can be accessed on the Investor Relations section of FireEye’s Web site at investors.fireeye.com. The live slides are also available there. With me on today’s call are Dave DeWalt, FireEye’s Chairman of the Board and Chief Executive Officer and Michael Sheridan, Senior Vice President and Chief Financial Officer. After the market closed, FireEye issued a press release announcing the results for the fourth quarter of 2014 and the full-year 2014. Before we begin, let me remind you that FireEye’s management will make forward-looking statements during the course of this call, including statements relating to FireEye’s guidance for the first quarter of 2015 and the full year 2014, industry growth drivers, and customer adoption of our solutions, continued revenue and billings growth and momentum in FireEye’s business, trends in FireEye’s business operating results, customer wins and partnerships, FireEye's competitive position in the market, the general availability and expected capabilities and benefits of new and future products and services and integration of Mandiant and nPulse Technologies These forward-looking statements involve a number of risks and uncertainties, some of which are beyond our control, which could cause actual results to differ materially from those anticipated by these statements. These forward-looking statements apply as of today and you should not rely on them as representing our views in the future and we undertake no obligation to update these statements after the call. For a detailed description of the risks and uncertainties, please refer to our SEC filings as well as our earnings release posted a few moments ago to our Web site. Copies of these documents may be obtained from the SEC or by visiting the Investor Relations section of our website. Additionally certain non-GAAP financial measures will be discussed on this call. We have provided reconciliations on these non-GAAP financial measures for the most directly comparable GAAP financial measures in the Investor Relations section of the website as well as in the earnings release. With that, I will turn the call over to Dave.
  • Dave DeWalt:
    Okay, thank you Kate, and good afternoon everybody and welcome to our earnings call. Thank you for joining us today. First of all, I would like to start off by saying that 2014 was just an amazing year. We had an incredible journey, successfully overcoming the challenges of pioneering a new security market. We integrated Mandiant, we extended our virtual machines, MVX-based technology to a lot of new attack vectors, we built out our global infrastructure, we expanded our sales channels; so with that I’d like to just thank really all our customers, all our partners, and really all our investors and more than 2400 employees around the world, our FireEye employees for their commitment, their hard work and really helping to build FireEye into one of the world's leading advanced security providers. I really think we crossed the chasm in 2014 and as we ended the year the powerful synergies of FireEye and Mandiant were delivering growth that exceeded the competition. As we review our results, it's clear that the combination of our differentiated platform, security expertise and threat intelligence creates a scalable and sustaining growth engine. And we believe we are well positioned to extend that leadership and market share gain in 2015. In 2014 we grew our billings from 99 million in Q1, to 113 million in Q2, to 165 million in Q3, to now a 213 million in Q4; achieving our first ever $100 million quarter and then two quarters later our first ever $200 million quarter. We also achieved 143 million of revenue in Q4 and added a record number of new customers bringing our total customer count to 3130, up from just over 2000 customers from a year ago. Finally we increased the number of channel partners 75%, from 673 to 1121 and we established significant new relationships with the likes of Sing Tel, Verizon, Deutsche Telekom, and Telefonica that would extend our virtual machine MVX technology in the new market segments around the world. The progress we made this past year was remarkable as we focused on building a powerful new set of products, product subscriptions and service offerings, and combining them with a transformational go-to-market model. Our offerings now cover all major network locations such as web email and data centers and all major endpoints such as Windows, Apple and Mobile, as well as major cloud solutions. Our experts span the world with a direct presence in every major region, and a intelligence platform now includes more than 9 million virtual machines and 4 million endpoints that analyzes more than 50 billion objects per day. As a result, we discovered more unique malware and more zero day attacks and responded to more high-profile breaches than all the other vendors combined. And we have put together what I believe is no other security company has done, combining products people and a global intelligence network into the industry's first security-as-a-service. FireEye-as-a-Service is available around the clock, around the world, to customers of all sizes, with any network configuration. This has opened significant new total adjustable markets to the company. 2014 was a landmark year for the market as well. From cybercrime to cyber espionage, the cyber sabotage and now even cyber terrorism the threats are real. And the adversaries are very motivated and very well-funded. The world is realizing that we need a new model and a new company for cyber security. I believe FireEye can and will be that company. The problems are big one. Threats to Corporation are everywhere. Due to IT consumerization and the proliferation of mobile and cloud solutions, significant portion of an average company's network traffic is now off band. As the traffic and the data moves off band to the cloud, so do the sphere phishing attacks which are used in more than 90% of the targeted attacks. Companies need a security approach, a new approach that can detect unknown threats and is not bound by the firewall's position at the network parameter. We are creating that model. Our platform of end point network and cloud-based virtual machines, all working together and correlating dynamic threat intelligence real-time is the future of security. Add to this, a much-needed human element to revive real-time monitoring, analytics, remediation, and infinite response; we will deliver a powerful security capability that adapts to the attacks. This capability is available to all companies of any size, really in any industry, and in any geography and can be operational in a matter of days through our FireEye-as-a-Service offering. The dramatic acceleration is the number of high-profile breaches, the growing attention from C-level executives and the number of RFPs specifically requesting our solutions are all data points, then I believe suggests, we're crossing the chasm. An increasing number of companies are turning to FireEye as a platform, overhauling their security architectures and purchasing the entire platform to detect, analyze, and respond to attacks. This trend resulted in 43 transactions, greater than a million dollars and 78 new Global 2000 customers in the quarter, in the fourth quarter.Approximately 25% of the Global 2000 now use FireEye to protect their organizations, up from less than 15% at the end of 2013. I believe we are in the very early innings of this opportunity. Not only is there a plenty of opportunity in the 75% of the Global 2000 not using FireEye, but platform expansion and new cloud-based analytics and threat intelligence solutions can drive incremental follow-on sales. It's not just the enterprise customer turning to FireEye. Demand is elastic across geographies and customer segments. Our customers include the governments of more than 60 countries now; hundreds of financial firms and critical infrastructure companies as well as retailers, healthcare providers, and now entertainment companies. We are even seeing small companies from hospitals, the law firms, to biotech, high-tech start-ups turning to FireEye to protect their critical assets and reduce their risk. Customer adoption of our newer products is gaining momentum as well. Our full packet capture forensics platform, compliance IPS, mobile and our threat analytics platform, all posted record billing and growth rates. The attach rate for compliance IPS, for example, on our new NX sales more than doubled in Q4 and approached 10%, a positive sign for future adoption of this new product subscription. With a specially strong quarter in endpoint deployments, adding more than 140 new endpoint customers, the newest release of HX endpoint is now generally available and includes out MVX Technology for detection, as well as proactive features for searching and sweeping endpoints in real-time. Like all of four products HX leverages our threat intelligence, detect threats and correlates this attack information with other virtual machines throughout the organization to block attacks. With real-time detection, containment and blocking of attacks, combined with capture of forensic data necessary for analysis and response HX overcomes the shortcomings of today's endpoint competitive technologies. Our mobile threat prevention platform addresses the other types of endpoints and represents another significant opportunity. Or partnership with Verizon and now Telefonica validate our technology. And we have some of the largest customers in the early stages of deployment. I believe mobile is the next big attack vector with threat actors able to deliver malware customized for devices as we saw with the attack on the Syrian opposition's. Awareness of mobile threats is just beginning to grow that this solution is another reason I am excited about FireEye's endpoint opportunity. With these two integrated endpoint platforms, we are disrupting the endpoint market just as we disrupted the network security market with our NX and EX platforms. The market is just starting to emerge, but the interest is very high, and the potential opportunity is large. FireEye-as-a-Service also had a record quarter in both number of customers and contract value contributing to our strong product subscriptions growth. The ability to deliver our detection technology to customers as a serviced is as disruptive as the technology itself, automated much of the process, we are able to scale FireEye-as-a-Service cost-effectively to meet demand. In Q4, adoption was primarily enterprise customers who witnessed firsthand the capabilities and value to our infinite response engagements. In 2015, we had the opportunity to extend the value proposition to many more customers through our channel partners and our global MSSPs like SingTel and Deutsche Telekom. Just as we re-imagine security with MVX, we re-imagine our go-to-market model and expanded beyond the traditional direct [indiscernible] distribution model typical of our industry. Our large channel model was critically important to us and allows us to extend our reach beyond the Global 2000 in the midsize and smaller organization. To support the channel, we have increased our investments in our programs and made continuous improvements in our processes. We have also established rules and engagement to prevent potential conflicts between our partner-led and service-led models. As a result, both the number of partners and the volume of partner-led business continue to increase with new deal registrations up 170% year-over-year. This generates incremental pipeline for FireEye and we remain committed to our wards and distributors as a long-term strategy. At the same time, our unique combination of products and services is opening up new channels to reach new markets that we would not have been able to reach at this state of our growth. The SingTel partnership is an excellent example of how our FireEye-as-a-Service offering has transformed our model to reach customers who purchase bundled IP services through their telecom provider. The Sing Tel SOC or Security Operations Center will be operational later this month and more than 200 reps from Sing Tel will begin to market the Sing Tel Managed Defense powered by FireEye Solution, the thousands of Sing Tel customers in the Asia-Pacific region. We expect Deutsche Telekom as well to launch their offerings in sometime in Q2 2015 and Verizon plans to offer a mobile solution for their enterprise customers beginning in the first half of 2015. Our services let model is driven by the Mandiant infinite response capabilities were strategic to our business on many-many levels. We responded to more than 130 infinite in 2014 including nearly everyone you read about. These are significant enterprise breaches like Sony Anthem and Target as well as many-many others that have chosen not to mention our involvement. In each of these incidences we have had the privilege of responding and assisting these organizations in the time of great need. While for many technology companies services is a low margin necessity required to sell their product, for us it’s very different. We have essentially become the first call when major corporations have a critical security incident. We are able to drive the response effort, and restore their networks, putting us in a position to recommend solutions that help them prevent similar incidents in the future. More importantly, in each of these cases the customer is looking to us as a trusted advisor and we become a strategic partner rather than just another appliance vendor. In many instances we are completely re-architecting their networks and implementing the FireEye security platform and FireEye-as-a-Service across the whole organization. The decision to implement FireEye's platform as an internally managed deployment versus the subscription-based FireEye-as-a-Service or some hybrid of the two is also often times the very last decision the customer makes. We have discussed this toggle, if you will, between product and managed service since early 2014. While it makes to be a more difficult to predict the mix between product and product subscription in any given quarter, FireEye will win either way. That's why I encourage you to look at the growth and combined product and product subscription line as an indicator of our ability to expand our installed base and accelerated adoption of our products. Before I turn the call over to Mike, I want to just take a few moments to preview what we have planned to deliver in 2015, and how it all fits together under our adaptive defense approach to help customers improve their security profile and manage their cyber risk. In 2015, we expect to extend our powerful virtual machine MVX detection technology to virtual environments, meaning that we essentially can do it on a software mode or a software form factor, and further enhance our endpoint detection capability. We will also continue to innovate in analytics and investigation against the pace and complexity of today's attacks, customers need the ability to connect the dots to respond effectively and we plan to deliver this capability with our new investigative platform. We intend to offer all of these innovations as part of our managed service under the FireEye-as-a-Service umbrella, and additionally we will be introducing a single SKU easily sold by the channel to effectively deliver our solutions to the midmarket and the smaller customers. This is just a quick preview of the advances we plan to deliver in 2015, and will give you a deeper dive at our next Analyst Day. I hope this has given you a little insight and perspective on the market transformation and FireEye's strong competitive position. We are delivering a powerful value proposition when it goes beyond detection to answer the questions of who attacked you; what was taken and what you should do next. That is resonating with our customers, large and small. And we have combined our differentiated solutions with an equally powerful business model that's driven by strategic customer relationships and subscription-based products and services. The result is continued improvement in our operating performance as we execute on the growing opportunity. Our Q4 results clearly demonstrate the operating leverage, cash flow generation and potential of our model and gives me confidence in our long-term path to profitability. And with that I will turn the call over to Mike Sheridan for the financial details, and I will summarize before taking questions. Take it away Mike.
  • Michael Sheridan:
    Thanks, Dave. First, I would like to join Dave in thanking all of you for your ongoing support and interest in FireEye. Before I begin, I’d like to remind you that I will be discussing our non-GAAP financial results and metrics for the fourth quarter and full year 2014. Except for revenues, which is a GAAP metric our guidance ranges are also non-GAAP. Our fiscal 2014 was a critical year on our path to strategic and financial success. We began the year with the acquisition of Mandiant and at that time we articulated our vision of combining expertise and products, people and processes to detect and resolve modern cyber attacks in a way that legacy security companies cannot. Over the course of the year we made significant progress towards delivering this vision to our customers and our financial results are increasingly showing evidence of this progress. Turning to the details of our Q4 financial results, our billing is grew to $212.6 million from 97.9 million, a 117% increase year-over-year as reported and a 61% year-over-year growth rate on a pro forma combined basis. There are several key drivers to the billings growth we achieved in the fourth quarter. First, we continued the rapid expansion of our customer base. Our worldwide customer base grew to 3130 customers in Q4 from 2028 customers on a combined basis in Q4 of the last year, a 54% increase year-over-year. We had a record number of new customers in Q4 and in particular we had a record quarter and winning 78 new Global 2000 customers. We also had a record 43 non-service transactions, in excess of $1 million, a figure that equals the number of greater than $1 million transactions in 2013 and 2012 combined. The increase in size of a transaction is an indication that the customers are experiencing the value of our solutions and they are increasing the breadth of their deployments as a result. Our growth in 2014 was also diversified between you customers and follow-on customers and indication of our continuing land and expand success. Finally, in terms of growth drivers, I am happy to report that for the first time in our history, in Q4 more of our transactions were closed without a proof of value trial then with one. This is an indication that our technologies are transitioning out of an early adopter phase and because sales cycles are shorter when no PoVs are involved, we believe this is a trend that will help us increase sales productivity and leverage. Within total billings, our product and product subscription billings include the sales of our appliances, our DTI cloud subscriptions, our email URL engine subscription, our continuous monitoring subscriptions and subscriptions for FireEye-as-a-Service, mobile threat protection and the threat analytics platform. Since we offered cloud based solutions as well as appliance based solutions and because customers can chose they have FireFye manage their platform through FireEye as service, we view appliances plus product subscriptions to be good measure of our platform adoptions. Our product and product subscription billing has grew to $147.8 million in Q4 from $74.4 million in Q4 last year, a 99% increase on a reported basis and a 57% increase on a pro-forma combined basis. For the full year, product and product subscription billing has grew to $407 million a 110% increase on a reported basis and 58% increase on a pro-form combined basis. Our total billing’s growth was further driven by our business model that is centered on recurring subscriptions and support. The recurring portion of our business includes the product subscriptions I mentioned previously and customer support. Historically, our threat intelligence and customer support subscriptions have been driven by a 100% attach rate through appliances and this continued in Q4. In addition, our FireEye as a service, thread analytics platform and mobile threat prevention subscriptions continue to add growth to the subscription portion of our business. Our subscription and support billings which are recognized ratably through to $120.0 million and accounted for 66% of non-service billings in Q4, a 99% increase year-over-year as reported and a 58% increase on a pro-forma combined basis. In Q4 2014, the average contract length for the subscriptions and support was 30 months compared to 35 months in Q4 2013. The growing mix of our subscription in business model has improved to revenue visibility as we entered 2015. The growth in our appliance sales, new product subscriptions aided in parts by the success of our FireEye as a service offering and renewals resulted in differed revenue growth of 88% to approximately 350 million at the end of Q4. Our combined renewal rate remained about 90% for Q4 and also contributed to billing’s growth. Our continued high renewal rate is another indication of the high level of our customer satisfaction and the value provided by our solutions. Turning to revenues, our total revenue has grew to $143 million in the fourth quarter which was a 150% increase over the $57.3 million in the fourth quarter of 2013 on a reported basis and a 68% increase on a pro-forma combined basis. Our product and product subscription revenues which include appliances and product subscription revenue grew to $106.3 million in Q4 ’14, a 128% increase as reported and a 75% increase on a pro-forma combined basis. Our total subscriptions and support revenue which is recognized out of differed revenue on the balance sheet grew to $54.9 million in Q4 ’14 a 137% increase as reported and 63% increase on a pro-forma combined basis. Our professional services revenue increased to $20.1 million in the fourth quarter from $18.9 million in the third quarter of ’14. Our incident response organization operated at full capacity in Q4 as they were called upon to response to most of the high-profile breaches that occurred during the quarter. Excluding professional services, our geographic mix in Q4 included approximately 73% of our revenues coming from U.S. accounts and 27% coming from international accounts, compared to 71% and 29% respectively in Q4 of ’13. This slight increase in our domestic mix relates primarily to many of the high profile breaches that occurred in Q4 which resulted in greater domestic service revenue and product throughput into these accounts. Our billings and revenue growth in 2014 resulted in very positive move forward on our path to profitability. Gross margins remain strong throughout the year and our operating expenses as a percent of revenues declined every quarter. These gross margin and leverage improvements contributed to our near breakeven operating cash flow in the fourth quarter. Taken a closure look at the components of our Q4 operating performance, our product gross margins were 76% in Q4 of ’14 compared to product gross margins of 68% in Q4 ’13. Our strong product gross margins in fourth quarter related to higher sales of our [indiscernible] platform, improved product discounts and better leverage in our manufacturing operations. Our subscriptions and services gross margins were 71% in Q4 ’14 compared to 79% in Q4 ’13. This decrease relates to a higher percentage of professional services revenue in Q4 ’14 which had a gross margin of approximately 50%. Our total operating expenses increased to $161.5 million in Q4 ’14 from $81.5 million in Q4 last year and $153.7 million in Q3 ’14. While we continue to increase our investments in research and development, sales and marketing and global infrastructure, our operating expenses as a percentage of revenue decreased from 142% in Q4 of 2013 to 113% in Q4 of 2014. Each of our operating expense category is improved as a percentage of revenue in Q4 of ’14 compared to Q4 of ’13 and most notably our investment in sales and marketing as a percentage of revenues decreased from 91% in Q4 of 2013 to 67% in Q4 of 2014. This improved leverage is resulting from the continuing expansion of our revenues in our domestic and international markets, the increase in productivity of our sales force is the ramp up and the more highly leverage sales that we are generating in the middle market through our insides sales reps. Each of our operating expense category has improved as a percentage of revenue on a pro-forma basis as well. When we announced the Mandiant acquisition in January we said the combination would result in improved operating margin and cash flow as a percentage of revenue and that is evident in our Q4 in 2014 results. In terms of our financial condition, we exited the fourth quarter with approximately $402 million of cash and investments on hand. We achieved near breakeven operating cash flows in Q4 ’14 compared to a negative $25 million in Q4 2013. In addition, our free cash flow improved from a negative $47 million in Q4 2013 to negative $12 million in Q4 of ’14. Our accounts receivable increased to $193 million at the end of the Q4. Our aging and collections remain strong and day of sales outstanding declined to three days sequentially to 84 days. Since billings drive our receivables we use billings to calculate our DSOs. Our inventory level remains stable and we do not anticipate any issues with excess or up fleet stock. In terms of full year guidance for 2015, we expect our billings to be in the range of $800 million to $820 million. In terms of revenue guidance, we expect total revenues to fall in the range of $605 million to $625 million. For the full year, we expect product revenues to make 35% to 40% of total revenues subscription and support revenues to comprise 45% to 50% of total revenues and professional services to comprise 10% to 15% of total revenues. For the full year 2015, we expect gross margins to be in the range of 71% to 75%. For operating expenses as a percentage of revenue, we expect R&D spending to fall in the range of 35% to 38%, sales and marketing spending to fall in the range of 64% to 68% and G&A spending to fall in the range of 14% to 17%. Excluding the impact of tax benefits related to the Mandiant and nPulse acquisitions, we expect to record a tax provision of approximately $4million to $5 million or approximately $750,000 to $1.25 million per quarter in 2015. Based upon our latest estimated weighted average shares outstanding of $151 million for 2015, we expect loss per share $1.80 to $1.90. Finally, we expect 2015 cash flow to be a negative $70 million to $85 million compared to negative $131 million in 2014. Cash flow is driven by our billings performance and as a result, we tend to have a strongest cash flow quarter in Q1 followed by our weakest in Q2 since there is typically a quarter lag in our collections. Turning to the first quarter of 2015, as you know our business is seasonal with on-average 16% to 17% of our billings occurring in the first quarter. Accordingly, we expect first quarter billing to be in the range of $130 million to $140 million and revenue to be in the range of $118 million to $122 million. For Q1, seasonality impacts the mix of our revenues with appliance products representing a smaller percentage of revenues in Q1 and Q2 than the annual range and representing a higher percentage in the seasonally larger Q3 and Q4. Accordingly, in Q1 we expect product revenues to make that 30% to 35% of total revenues subscription and support revenues to represent 50% to 55% of total revenues and professional services to represent 15% to 20% of total revenues. For Q1, we expect our gross margins to be in the range of 69% to 72%. For operating expenses as a percentage of revenue in Q1, we expect R&D spending to fall in the range of 41 to 45%, sales and marketing spending to fall in the range of 71% to 75% and G&A spending to fall in the range of 16% to 20%. Based upon our estimated weighted average share as outstanding of 149 million for Q1, we expect our loss per share to fall within the range of $0.49 to $0.53 per share. While we have generated operating losses in 2012, 13 and 14 as we have invested in our global capacity and infrastructure, we have been consistently improving the leverage in our business model on our path to profitability. Viewing out 2014 results and our 2015 guidance in the context of our long-term financial targets, I believe we are on track to achieve cash flow breakeven in the next 2 to 4 years and our long-term operating margin targeted 20% to 25% in the next 3 to 5 years. These timeframes are consistent with those we articulated at our IPO. That completes my prepared comment and I'll return the call to Dave for some closing comments and Q&A.
  • Dave DeWalt:
    Okay and thank you, Mike. Thank you everybody for joining us today. I guess we’ll just jump right to questions. And with that I’ll hand it over to Sam and Kate, and we can start the question process. Sam, take the first question?
  • Operator:
    [Operator Instructions] Our first question comes from Daniel Ives of FBR Capital Market. Your line is now open.
  • Daniel Ives:
    In terms of cyber security, do you see and you'll get fast track and maybe deals that you thought was smaller, now starting to get larger, maybe you'd talk to that first?
  • Dave DeWalt:
    Daniel, this is Dave DeWalt. Yes, we are, I mean what we have seen in the past here is pretty interesting. Obviously the number of breaches that we have been responding to has been accelerating. Obviously the customers' awareness at the C-level or the CEO and Board levels is accelerating. Obviously the sensationalism around breaches are accelerating. When you put all those altogether, the budgets expand and I think lot of the security industry is probably benefiting from that as well as the first respond we get that trusted advisor kind of relationships started and obviously we have been troubling for that most but. Yes, it's been a amazing year as we have gone through a journey here with integrating Mandiant and starting to click with the people and the products and synergies both from product side and cost side. So we're still summating the goal but it's a lot of progress this year and you will start to see [indiscernible]. Thanks for the question.
  • Operator:
    Our next question comes from Sterling Auty of JP Morgan. Your line is now open.
  • Sterling Auty:
    I have one question and one follow-up, and I'll try to mute as you answer because the last answer Dave was kind of breaking out as we were listening to it. On the FireEye-as-a-Service, can you give us a sense of what you are seeing in terms of where customers were preferring the contract durations and what the contract sizes on the FireEye-as-a-Service look like in the quarter?
  • Dave DeWalt:
    Yes, sterling that's a good question. Now remember that this is a relatively new service for us, hopefully you can hear me okay, I am sorry it’s breaking up little bit [technical difficulty]
  • Operator:
    [Operator Instructions] Our next question comes from Fred Ziegel of Topeka Capital Markets. Your line is now open.
  • Dave DeWalt:
    Hey Fred? Fred can you hear us okay.
  • Operator:
    Fred, please check your mute button.
  • Dave DeWalt:
    We are not muted.
  • Operator:
    All right, our next question comes from Andrew Nowinski of Piper Jaffray. Your line is now opened.
  • Andrew Nowinski:
    You hear a lot about Mandiant getting commented nearly every single high-profile security breaches that's reported including Anthem. I was just wondering if you could provide any color on the pull through of FireEye products you're seeing following some of these high-profile deals. And then also can you provide any color on the lead that occurs after Mandiant is brought into a larger deal like Anthem.
  • Dave DeWalt:
    Andrew, this is Dave. So couple of comments for you. Number one, as I mentioned a little earlier, we had a journey here this year which really integrating Mandiant and FireEye and really developing a cadence to work together between the service organization, the product organization. The best I can tell you is each quarter we got better and better at it and first quarter, second quarter, people learned to trust each other, worked together, third quarter got better, fourth quarter got better even than that. We ended up seeing some pretty significant product pull through in the fourth quarter directly related to FireEye-as-a-Service as well as the incident responding service. So the synergy started to become pretty apparent as the incident responders for Mandiant and it really became more comfortable with the FireEye technology as well as their own that was encouraging. We began to expand the Mandiant service model internationally. We are now in almost every region, every major country with that model. Although that's relatively new we are starting to build that with FireEye technologies as well. And then really I think the most powerful thing that comes out of this isn't just the fact that a lot of these customers are trusting Mandiant so much to actually announce the breach with them, but also it's the threat intelligence reports that we were able to glean from the incidences that ultimately creates webinars and sort of advanced way of driving leads and to give you a couple of examples really quick, Andrew. We had a couple of these sort of webinar events soon after one of the breaches like our FIN4 report or Syrian report that generates thousands of companies and customers logging into our webinars and going back to FireEye days, pre-Mandiant, we got hundreds kind of on those calls and now we are into thousands of on those calls and it really generates interest and it generates lead generation. So you know couple of ways product pull through is good and the lead generation is good. Like I said earlier we are midway through the innings right now but we got more work to do and I think the power of the Mandiant FireEye combination is showing some pretty good signs and we'll keep working on it. Good question.
  • Operator:
    Thank you. Our next question comes from Gray Powell of Wells Fargo Securities. Your line is now opened.
  • Gray Powell:
    A couple of questions if I may. What kind of response have you seen from the preliminary release of your updated endpoint solution? And does the ability to their components of MVX engine on a device change the customers' thought process? And how much if you, does it the take on advisor, what's the footprint look like. Thank.
  • Dave DeWalt:
    Sure Gray, I'll try my best to answer all those. The first one, yes, no worries. It's a good question and a highly relevant because as you know the endpoint addressable market is a huge one, right? Nearly every company's endpoints are protected by multiple products today. Most of those products aren't working very effectively against the breaches today. So you literally have $8 billion to $10 billion to $15 billion total addressable market. I think upper graph here. So whatever we see this quarter, a couple of stats I gave you, we got 140 new customers, brand-new customers on our endpoint platform. We think we have got a next generation set of features for the endpoint platform. These aren’t your traditional antivirus, anti-spyware, host intrusions, data loss prevention type of features. These are features like validation, containment, remediation, quick searching and now detection. So we just came out with our first production release just two weeks ago, that now ported the algorithms from MVX down onto the endpoint. So the way we monitor the hypervisor in the operating system on the network, we essentially ported those features into exploit detection on the endpoint. We have a subsequent two or three releases in 2015 that would actually port the whole hypervisor of the ultravisor down onto the endpoint as well. So we are making good progress creating a suite of offerings on the endpoint. Customers are buying it. We had a lot of good growth not just with incident response driving endpoint, but at 140 customers, obviously that was a tremendous number more than the incidences we responded to. So we did a lot of NX and web product conversions to HX or endpoint. And now we are porting .We're going to have a Japanese version, a German version this quarter. We are going to have multiple languages supported by Q2. And we are hoping to get global with all those offerings here midway through the year. And hopefully put that all together and really begin to attract this endpoint market as 2015 unfolds, I think pretty powerfully. And then your last question to CPU utilization. It all depends on the scenario. The detection product is very lightweight in terms of performance CPU, whereas the forensics piece is actually pretty heavyweight CPU utilization depending on what you're doing. So if you are doing a high-end incident response that can use more cycles. If you're using just lightweight sort of wait mode and response mode, it's very limited in terms of its CPU utilization. But it's an area we worked pretty hard on as well. And I think create a pretty competitive and especially when combined with the mobile offerings that we now have, which I'm excited that I mentioned in this script. Good questions Gray, thank you.
  • Gray Powell:
    Thanks. I have a few other eight part question, but I will just leave it there.
  • Operator:
    Our next question comes from Brent Thill of UBS. Your line is now open.
  • Brent Thill:
    Thanks. Dave, just following up on HX, I know it's early, but in terms of the monetary uplift that you can see by layering in on endpoint, I don't know if there is any early, any signpost of the 140, that brought the core 80P then HX and what you saw on -- maybe if he could just give us a sense of what your selling is around the monetization on this?
  • Dave DeWalt:
    Yes Brent, great question. I think it's a, if you took a step back and said, what's going to drive and propel this company in '15 and '16? I just start up by saying, I'll keep doing the more to same, we sell NX, sell EX, sell the product line but the big movers of the endpoint, the big movers of the service models into international markets for us and then I would probably tell you are not of these cloud offerings with mobile and email and threat cloud going bigger in the telcos, but coming back to the endpoint real quick, what I was really encouraged with is the ability to deploy at very high end numbers of endpoints. So I mentioned most of our endpoint sales were pretty large companies and that's where we really saw the power of 50,000 endpoints, 80,000 endpoints, 100,000 endpoints in single deployments. We even had one that was exceeding 200,000 endpoints in single deployment. The product is working and scaling pretty well. Once we get the language packs ported we can really hit the international markets where that as I mentioned. So good signs there and we got a bunch of customers testing the detection features, and I really think we can build a better mouse trap than antivirus has been for all the reasons we probably all know. We probably coexist with antivirus for a while, but I think over the time that model of detection especially when combined with an isolation chamber, some sort of containment chamber; especially one that cannot be breached, I think is a very powerful next step on the evolution of the endpoint. So we saw some really good deals. We see people testing it. They like the technology. They like the direction. They like the integration with networking and the cloud and the feed from intelligence. I think we on the right path. But we're still in any one or two, so 140 customers is a good sign. But we are hoping to get a lot more as we move forward. Good question. Thank you.
  • Brent Thill:
    Mike, just a quick follow-up on the product mix. It sounds like you feel pretty comfortable with -- even as the customer shows as a service in the guidance you gave for '15 that implies lower product as a percent of revenue, but that gives you some wiggle room if those clients decide to come later in the quarter and go as a service?
  • Michael Sheridan:
    Yes, I think that's fairly stated, Brent. You can see that in our 2015 guidance, we are looking to arrange the appliance products as a smaller percentage of the total. I will say however that one of the positive developments we did see in Q4 with some of our new FireEye-as-a-Service customers is some of them actually chose to purchase product as well as FireEye-as-a-Service. And we saw that as a very positive trend as well.
  • Dave DeWalt:
    Sometimes Brent, just in those cases, they would deploy FireEye-as-a-Service throughout the entire organization and actually purchase some additional products that they could manage on prime themselves too, so I think we're starting to see hybrids now off our product and product subscription models coming in. So a kind of a nice win there, where we once were just getting products then we were just getting product subscriptions, and FireEye-as-a-Service, now we are starting to get combos and hopefully again that creates opportunity for customers to have any model they want to buy from us and that can create a nice opportunity for the company. Operator, next question?
  • Operator:
    Thank you. Our next question comes from Fred Ziegel of Topeka Capital Markets. Your line is now opened.
  • Fred Ziegel:
    I got my questions answered, thank you.
  • Operator:
    Our next question comes from Walter Pritchard of Citi. Your line is now open.
  • Walter Pritchard:
    Can you hear me okay?
  • Dave DeWalt:
    Yes we can.
  • Walter Pritchard:
    Alright, perfect, okay. Mike, on the guidance for OpEx, it looks like you are pretty sharply slowing down your spend here. You even in the fourth quarter spend I think on an organic basis was pretty healthy and we calculate that something may be in a 30% range in terms of your OpEx growth, and I'm wondering as we think through you've given us some of the line items there but how do you and what areas do feel like you start to get leverage within some of those lines, especially in the sales and marketing side? How are you thinking about sales capacity as you look at '15, given the slowing ramp of expenses?
  • Mike Sheridan:
    Walter, a couple of thoughts. First of all, I think that if you look at the last couple of years where we have had very rapid investment, one of the things that we have been messaging all along is that we needed to do a quick only build-out in order to establish that global infrastructure. We are still 100% focused on building capacity in growth but we are able now with the maturity of our sales-force to leverage better productivity out of them, as an example. Another example is that the market is now maturing above where it was over the last couple of years. I mentioned on my comments that we are starting to see more deals close without a proof of concept, or proof of value being deployed. So that's shortening our sales cycle to the extent if that occurs. We are seeing broader deployments in our existing accounts, and that's increasing leverage and productivity. So I think I have made at the end of my comments, that the chart that basically showed, we are tracking through that timeframe of cash flow positiveness and operating margin, we feel that we are tracking to that because we are able now to really start to see some of the leverage of the investments in the past come to fruition which doesn't mean we are not going to invest anymore going forward. We are certainly continuing to invest in that growth. But we don't have to do it at the same cliff we did when we were first building out that infrastructure.
  • Dave DeWalt:
    Walter, just maybe I could add on to what Mike said, and he said it well. When you just look at these three or four ingredients, you've been there a long time looking at these models through, how many buts and sleeves you are selling, how much ramp reps do have, what kind of productivity analysis do you have, what kind of signs are you getting from the channel, the channel levers is there? And it basically creates a formula that really can help you drive your business in the '15. I think we have created a very powerful model now especially because when we look at the service people that we have hired, actually their capacity utilization to drive product is even higher than the sales reps are. So we ended up seeing both service consultants and sales reps productivity improving and then combine that with some of the numbers that I gave you, like 170% deal registration increases year-over-year, channel starting to kick in, some bigger partners starting to create leverage. And it's all formula that drives an opportunity to show you the topline billings and what we think is a pretty bright future for our growth.So all those are going to drive, I think for what Mike said is more leverage and more of a path to profitability hopefully as we really go forward.
  • Walter Pritchard:
    And just unclear the slide I think 26 you have in your deck here, that's effectively what you been saying all along. We weren't sure, it almost looks like it pulled it forward by here in terms of cash flow breakeven. But is that you're basically saying that path to profitability is similar as to where you've been?
  • Mike Sheridan:
    Yes, because it's where a year after the IPO. So the range we've cited there really incorporate the fact that we are a year into that timeframe, that we outlined at the IPO.
  • Walter Pritchard:
    Okay, great. Thank you very much.
  • Operator:
    Our next question comes from Keith Weiss of Morgan Stanley. Your line is now opened.
  • Keith Weiss:
    Obviously you guys are well participating in the threat environment out there. We are also seeing some responses from the Federal Government in terms of Obama coming out with some proposals around Cyber Security Legislation. Can you help us understand how that could potentially sort of benefit FireEye on a going forward basis? And is there any risk on the other side of the equation if the government is getting into the business of security, intelligence and sharing sort of threat intelligence. Does that in any way compete with what you guys do in terms of threat intelligence?
  • Dave DeWalt:
    Sort of couple of things, Keith, these are my perspective. This is Dave. Number one, I do see this as a very positive step towards hopefully improving public-private relationships. We really had a step backwards in the last two or three years post-Norton, where the privacy pendulum swung the other way and the security pendulum kind of coming out lack to that, and we are returning back to I think what the state of sharing might've been for years. So I don't really see any impact to that at all. Most of these attacks as you know, over 80% of them are seeing exactly one time. So what you know about that is that they are very targeted, they are very specific. So yes, they are sharing, and sharing can be important as we move forward but generally speaking the attack model has changed a lot. And one of the things that I tried to show on a slide there is the problem of the threats today is very different than it used to be. And the threats coming in now off band from the networks, they are coming in, they are sphere phishing at the home. System administrators and IT administrators working from their home are getting sphere phished there. It's just very difficult to solve that. I think if you're just deploying products like a firewall in the network through an IPS vendor on the network. So if more than 50% of the traffic is now flowing off the network, well more of the threats are going to be away from those visibility points. You got to have endpoints. You got remote endpoints. You got to have the cloud solutions. You got to have Internet responders. And I think the totality of what we're delivering is really I think what's going to make us a better position vendor to solve this threat problem downstream. It's just inevitable that that has to occur. And mostly the other security vendors are at very deep positioned to solve that threat problem. And quite frankly the Government is not going to change in that mostly because these threats are very unique. So I think it's a great step and perhaps a nice one from the visibility and perception point of view, I don’t think there is a whole lot of impact going to happen to something like us or for that matter anybody else.
  • Keith Weiss:
    Got and then just a quick one for Mr. Sheridan. It's very helpful sort of gaining, those long-term targets revisited with your call. One thing that has changed since the IPO is the ideas of the managed services portfolio and the idea of FireEye-as-a-Service. How should we be thinking about that in terms of a model impacts and sort of getting to that three to five year breakeven and into the operating cash flow targets? What would be the potential impacts of that increasing as a percentage of overall business?
  • Mike Sheridan:
    Sure Keith, I think a couple of things. As I just mentioned earlier, as we’re really moving forward into experience with FireEye-as-a-Service we are seeing a few things evolve, one of which is as I mentioned in Q4 seeing several deals that actually included both product and FireEye-as-a-Service being consumed by the same customers. So I think it's a -- as I explained in Q3, I see this as an incremental add to our business as oppose to a shift in our business. I think we continue to offer all of these various consumption models to our customers and over time I think we look for billing in margin parity ultimately. So I don't see this as something that detracts from the timeframe. I think frankly having these various alternatives will increase our market penetration and hopefully really help our growth. And because of that I think it keeps us right on track with the timeframes we have outlined historically.
  • Keith Weiss:
    Excellent. Thank you guys.
  • Operator:
    Our next question comes from Karl Keirstead of Deutsche Bank. Your line is now opened
  • Karl Keirstead:
    A question for Mike, just on the 2015 revenue guide, I think the full-year guide certainly meets our hurdle in terms of expectations. The Q1 guide quite a bit higher than the full-year guide; so obviously you're assuming some deceleration throughout the year, and I just wanted to just check with you, is that you being somewhat conservative? Or is there something in the back half that you would advise us to keep our eyes on that might cause the growth to decelerate a little bit?
  • Mike Sheridan:
    Well Karl, I think the best way to articulate it, there's a couple of things. First of all if you look at 2014 that you're comparing to -- Q1 of 2014 was our first quarter together with Mandiant. We spent a lot of time integrating sales teams. It's been a lot of time training sales team, so probably not the most productive quarter of all. So I think it set us up for an opportunity of a bit more growth in Q1 of this year. And then if you look at the overall year of course we had a strong uptick in our growth rates in the second half of 2014. So as you model the business, of course, you know the second half of our seasonal year isn't as visible as the first half. And that's probably some of what you're seeing as well. Dave and I spend a lot of time looking at all of the various inputs to help us inform those guidance ranges and we feel like they are prudent and in the right ranges.
  • Operator:
    Our next question comes from a Raimo Lenschow of Barclays. Your line is now open.
  • Saket Kalia:
    Hi guys. It’s Saket here for Raimo. Thanks for squeezing me in and I'll keep it to one question. It sounds like the shorter duration in the quarter was really nothing out of the ordinary. Mike, can you, may be talk about what's sort of duration you're assuming for the billings guide next year and then maybe how you are thinking about FireEye as a service, may be effecting that billing growth as well. Thanks.
  • Michael Sheridan:
    So on the duration Raimo, I didn't guide specifically but I think if you look at the last several quarters they will fall in the range of the high 20s to the low 30s. We had a little bit of an anomaly in Q3 with the couple of Federal contracts that were longer term but generally speaking we don't see anything in 2015 that would cause us to model something outside of the range as we've been experiencing over the last several quarters. And again in terms of FireEye as a service, I don't think that you should anticipate any major shifts in impacting our billing, I think again it’s something that is going to add to our overall portfolio of what we offer and again as we discussed in Q3 as this product really started to gain traction, we see this is a migration of additional alternative as oppose to replacement of what has occurred in the past. So, I don't think you should look to FireEye service is an element of your model where you build in some kind major shift from what you seen historically. Other than if I articulated in my ranges of revenue mix, you can see that we have accounted for some amount of that mix shifting into the subscription base set of our products because we have always been at ratable business and recurring business in these actually add to that part of the model.
  • Saket Kalia:
    Thanks very much.
  • Operator:
    Our next question comes from Gur Talpaz with Stifel. Your line is now open.
  • Gur Talpaz:
    Great. Thanks for including me to hear again. So how do you think about end point sort of fit again with the long-term strategy with FireEye service as a service, are the Inherent Synergy is there, or they are going to be ultimately sort of separate products and then just kind of going up one step further, what’s the valid [indiscernible] customers and selling endpoint as part of the NX supply versus let's say them buying [indiscernible] fire wall better from independent player. Thank you.
  • Dave DeWalt:
    That's a great question. So just a couple of quick answers there. So number one. One of powerful levels that we have in Synergies we have Mandiant and fire together is that when a typical incident response occurs or a comprise assessment where we are proactively going in, the first thing the incident responder or consultant does is lays down the endpoint technology as part of their assessment of the compromise and understanding of the breach. So that gives us sort of, kind of, free PoV or proof of concept that occurs during that engagement and most times the customer likes the technology and then conversant it and purchase it but we also what you just referred to a lot more of network to endpoint kind of synergies that were occurring and because FireEye was discovering you know really the industry’s leading amount of detection, very few false positives, very high detection rates, the integration that we have between our appliances on the network and our endpoint is very strong now. We have immediate validation of indicators compromise, immediate containment capabilities, so this is the ability they not just validate the networks on a host but we can also look to contain it across all the hosts that are using our technology and then we can even go further, which is some capabilities to remediate the things. So what we refer to as a work of fix the minutes is a pretty powerful value proposition for our clients because if we got detection, we can do a remediation, we can do in minutes, and that speed as you know, reduces risk and that's really what our clients are looking for is “can you find and can you fix it and how fast can you do that”. I think other vendors you have rather poor detection capabilities don't have the ability to round-trip detection to the remediation because they don't get the detection in the first place and then on the other side they don’t have validation and containment features that allow them to relieve search end points for this. So, it’s what puts us in a pretty unique position feature-wise, and hopefully over the time more synergies between the network products and the end-points and then throw on top of that, I think what we are seeing most is the endpoint has changed dramatically. I mean, now almost as many if not more endpoints are mobile. So with Apple and Google support on our platform, our ability to analyze behavioral analysis on mobile clients, we can approach an endpoint deal with just about complete support of network access endpoints, remote endpoints, mobile endpoints, all integrated to our Cloud, all integrated to our [indiscernible] plan. So there was some of the advantages that we have and of course it’s competitive but we do have a unique value [indiscernible] good question.
  • Operator:
    Our next question comes from Greg Moskowitz from Cowen & Company. Your line is now open.
  • Greg Moskowitz:
    Thank you very much. I had a follow-up to Walters and Keith question for the Mike. Mike you mentioned in your interact to achieve again cash hold breakeven over the next two to four years and 20% to 25% up margins over the next 3 to 5. Typically software companies have cash flow above net income, and that's especially true when there's a significant in-growing subscription component. So just wondering if you could may be kind of walk through cash flow is expected to be so much below operating profitability for the foreseeable future as well as just kind why to take that loan before reaching cash flow breakeven. Thanks.
  • Michael Sheridan:
    I think Greg the biggest difference I think in some of the comparables you’d look at is when you're creating a market segment, some of the investment that you have to make early on to establish or so globally to compete against the incumbent is a little bit of different profile. So when you look at those investments and you look at the time to leverage those investments and the profitability, you’ll have some variation to what you might look at and some mature markets. I think that's probably the biggest factor. I think ultimately when you take a look out to a longer-term view, you're right. I think that those things starts to align as you describe but in this window of time that they were describing right now, I think what we are trying to get visibility into is that what point do we take some of the very significant investments in 13 and 14 and turn those into cash flow positive and profitability.
  • Greg Moskowitz:
    Thank you.
  • Operator:
    Our next question comes from Matthew Niknam of Goldman Sachs. Your line is now open.
  • Matthew Niknam:
    Thank you for taking the question. Just wanted to ask about different verticals, which vertical are you seeing as the most strengthen and are there any verticals where demand is seen, I guess accelerate a little more than others in light of some of the recent high-profile breaches, you referenced in recent marks. Thanks.
  • Dave DeWalt:
    That's a great question and I think an important one to answer to because having been in the security ancillary for pretty long time, what we seen is some of these technology especially advanced security products tend to fit a handful of verticals pretty well. Government financial services, high-end energy companies there's a bunch of verticals that seems to be strong but really what's changed here I think what threat landscape is we have seen bunch of new industries coming online and maybe even more aggressively spend then we have ever seen. Obviously, the retailers, with all the breaches that we had in 2013, and 2014 almost every retailer once was laagered in security spending is actually really aggressively spending because of all the threats to him operationally and reputationally. So we have seen that. Recently with the entertainment industry that was a pretty incredible change that we starting to see there, again for the same reasons. We also, I think really saw that happen in healthcare throughout with the CHS stuff and some of the other client in [indiscernible], so you are going to see a ripple effect that went into the retail, to the supply chain, the health care to their supply chain entertainment industry, and now almost every industry. I think awareness-wise to this problem and the spending is actually increasing and I think that probably goes well for a lot of security vendors, goes well for us and I think ultimately now cyber security is really kind of like as I said kind of crossing chasm of bed especially with advanced category because geography, size of company, number of industries, all kind of hitting Main Street there a little bit with their appetite, and so whoever can really get after that, the best is probably going to be the new winner in this space and now hope to be us.
  • Matthew Niknam:
    Thank you.
  • Operator:
    Our next question comes from Rick Sherlund of Nomura. Your line now open.
  • Rick Sherlund:
    Thank you. Good quarter. Hi, Dave I am just curious on this crossing the chasm you kind of all waited for evidence of that's happening and with all this high-profile breaches, I am curious at the high-end of the market, it would just seem to me that why wouldn't someone have this high-end market given all the publicity on these high-profile breaches, if you give sense of what you think your penetration is now at the high end, maybe some sense of the dynamics of what the competition, like you are winning all the deals and whether that plays well down midmarket or whether the market maybe just less efficient down there and they're just going to check the box and take something from a broader vendor?
  • Dave DeWalt:
    Rick, great question, and something we were studying very closely, Mike and I and looking at. One of the things I tried to call out in the script a bit was we'd jumped from less than 15% of the Global 2000 to about 25% of the Global 2000 year-over-year. We added 1541 clients this past year to our customer base, pretty substantial for a company focused pretty into the enterprise. We still have 75% of the Global 2000 who haven’t bought any FireEye product. And as I mentioned a lot of those industries I think are starting to get an appetite for this, and we're starting to see more non-PoV or non-proof-of-concept type deals as well. And then I think the most important indicator that I saw was when a large company, Home Depot, Target, Sony, JP Morgan, some other ones who have a big profile; when they have an issue they put an edict through their supply-chain to also increase their security. So the smaller companies down through the chain also end up as potential clients for us. Law firms, you know these are small hospitals in the healthcare industry, these are some of the theaters that were part of the pictures and entertainment industries. So you started to see a bit of ripple effect that goes down even retailers in our Jimmy John's Gourmet, Sandwiches, Dairy Queen Breeze, things like that were occurring, ultimately to ripples down in the small retailers and small industries. So I think the elasticity opportunity is there. I think that FireEye-as-a-Service would be a nice model to really go after OpEx, clients with spending opportunities where these smaller clients can't really afford to deploying new firewalls or new NX web things from us, they could probably go and put together a service that could protect them a little bit better. So we are going to be aggressive, going down market, going global and hopefully driving deeper into the Global 2000 as well. And at least that's our strategies.
  • Rick Sherlund:
    And Mike, I saw that the product billings accelerated quite a bit in the December quarter from September, yet the subscription billing slowed down. Is that the Q4 phenomena and you think where the mix is going to be a little stronger for product in Q4?
  • Mike Sheridan:
    Yes, so Rick, in a seasonal business like ours when you look at the full-year off product contribution to billings you're going to have a heavier weighting in the larger quarters seasonally. But I think the other thing that we experienced in Q4 frankly was we had some elements of our business, some of the bridges that they've talked about, some of the service led pull through of products actually enhanced the amount of our product sales. So I think from quarter to quarter there will be unique elements within the quarter that can drive some of those figures. But I think if you look at all rolled 2014 where we started the year, we said that the product will make that 40% to 45% of our business, I think it came in at 41%. Subscriptions and support will make that 40% to 45% of our business, that came in at 42%. Professional services would be 15% to 17%, that came in at 17%. So when you take the totality of the year and you have a full cycle completed the business is pretty much aligned in terms of mix with where our expectation where coming into the year.
  • Operator:
    Our next question comes from Rob Owens of Pacific Crest Securities. Your line is now opened.
  • Rob Owens:
    Question around revenue yield. Mike, I appreciate the ranges of revenue mix that you gave as we look at all of 2015. If I look specifically at the fourth quarter, you have exceeded the high end on your billings. I think we just talk on the last question about the product billings being strong and the product revenue being strong, yet if I look at your revenue results, towards the midpoint of the range is above the midpoint. So you exceed on billings, you have compressing duration and strong product revenue. I'm just curious in and around revenue yield. White the total revenue came in more so to the midpoint? Should we have assumed that you were looking for more revenue, and that's what drives it behind of the range? Or was there something else going on?
  • Mike Sheridan:
    Now you know Rob I think when the modeled out the quarter, the modeled of the guidance, some of the outperformance in billings if you're looking at related to some of the additional subscription products we are talking about, whether it's FireEye-as-a-Service, whether it's mobile threat platform, so we have a lot of subscription-based products that are contributing to that. And I think that's really what you're seeing. I would say that when you look at our revenue mix, again I would just summarize what our view was for the year and I think when we look at Q4 we wear at that point in the range. My range I had given was 135 to 147 if I'm not mistaken. And so we came in at about 143. And I felt that the model was pretty much right on.
  • Operator:
    Our final question comes from Jonathan Ho of William Blair. Your line is now opened.
  • Jonathan Ho:
    Thanks for squeezing me at the end. Just wanted to start out with sort of the non-PoV phenomena and that you guys are now starting to see. What do you think is really driving that at this point? Should we read this as maybe more familiarity with FireEye product line, or do you think this is a result of potentially increasing differentiation relative to the competition?
  • Mike Sheridan:
    I will start with this one. I think it's a couple of things Jonathan. I think, one, when you look at the mix of our business; is we have been talking about, we are now seeing expanded deployments into existing accounts and that these accounts are familiar with our technology, having to repeat the PoV is not always necessary. That's the part of it. I think and other part of it is we have tools in place now that are replacing the need to implement full PoVs where we can give customers visibility into the efficacy of our products without going through the same types of PoVs we have done in the past. Then the third I think is what you did mention. I think that as you move through the spaces of early adoption when you kind of have a new cool thing on the market that people need to see the proof in front of them to really understand it, we're moved out of that space in our view and customers now are much more familiar who FireEye is, what we do, and the reputation amongst our installed base, of how when we work. I think you're right, it also has an impact. Dave, I don't know if you have other thoughts.
  • Dave DeWalt:
    No, I think you hit on it. When you look at sort of what's been transpiring there -- a lot of things are -- the reputation of the firm has gone better. The sales-force training, the productivity, as you said the repeat sales on the expand part of the land is really helping. Just maturity, frankly of our sales model, our product model, our reference model is all in the right direction. And just one of the color point is we are on the show because I thought it was important and Mike did too, an important sort of crossing accounts a moment because for many years with FireEye we had to prove it. And not just prove it, prove it for a while that there was threats and nobody else was seeing it, nor we were seeing it and now we're starting to see that they trust in that and that they are purchasing the products without the proof-of-value or proof-of-concept. So we will see hopefully that's an important trend that keeps going in the right direction. I think it will for all the reasons we stated. Good question, Jonathan.
  • Dave DeWalt:
    Okay, so thank you everybody. I just want to say thanks. Sorry for the interruption there briefly on the call. And I'm looking forward to meet everybody again at one of the conferences that we have. We have several, and you'll be attending. With that I will end the call. Thank you very much. Have a good day. Bye.
  • Operator:
    Ladies and gentlemen, thank you for participating in today's conference. This does concludes today's program and you may all disconnect. Everyone have a wonderful day.

Other Mandiant, Inc. earnings call transcripts: