Proofpoint, Inc.
Q2 2017 Earnings Call Transcript

Published: 28 Jul 2017

Operator:

Ladies and gentlemen, thank you for standing by and good day. And welcome to the Proofpoint Second Quarter 2017 Earnings Results Conference. Just a reminder, that today's call is being recorded. And at this time, it's my pleasure to turn the conference over to Jason Starr, Vice President, Investor Relations. Please, go ahead sir.
Jason Starr:

Thanks. Good afternoon, and welcome to Proofpoint's second quarter 2017 earnings call. With us today are Gary Steele, Proofpoint's Chief Executive Officer; and Paul Auvil, Proofpoint's Chief Financial Officer. We'll be discussing the results announced in our press release that was issued after the market closed today, a copy of which is available on the Investor Relations section of our website. During the course of this call, we will make forward-looking statements regarding future events and future financial performance of the company, which are subject to material risks and uncertainties that could cause actual results to differ materially. We caution you to consider the important risk factors contained in the press release and on this conference call. These risk factors are also more fully detailed under the caption Risk Factors in Proofpoint's filings with the SEC, including our most recent Form 10-Q. These forward-looking statements are also based on assumptions that we believe to be reasonable as of today's date, July 27, 2017. We undertake no obligation to update these statements as a result of new information or future events. Of note, it is Proofpoint's policy to not reiterate or adjust the financial guidance provided on today's call unless it is also done through a public disclosure such as a press release or with the SEC on Form 8-K. Additionally, we will present both GAAP and non-GAAP financial measures on today's call. These non-GAAP measures exclude a number of items as set forth in our release. These non-GAAP measures are not intended to be considered in isolation from, a substitute for, or superior to our GAAP results, and we encourage you to consider all measures when analyzing Proofpoint's performance. A reconciliation of GAAP to non-GAAP measures and a list of the reasons why the company uses these non-GAAP measures are included in today's press release. So with that said, I'll turn the call over to Gary.
Gary L. Steele:

Thanks, Jason. I'd like to thank everyone for joining us on the call today. We had a strong second quarter, driven by the ongoing broad-based demand for Proofpoint's cloud-based security suite. This once again resulted in our ability to exceed expectations as the company continued to benefit from the rapidly evolving threat landscape. Attackers increasingly target people, not infrastructure, driving strong demand for our advanced threat solutions. Although, there have been some highly visible global threats recently such as WannaCry and Petya, we find new strains of ransomware every two to three days, that's reinforcing the importance of deploying best-in-class solutions to properly protect the enterprise and its employees in this rapidly evolving and highly dynamic threat environment. Beyond Proofpoint's suite of products, an important contributor to our superior efficacy has been the significant investments we've made in our threat research and operation teams, which play critical part in our multi-faceted approach to identify advanced threat and their rapid evolution. The recent WannaCry campaign was an excellent demonstration of our increasing capabilities in this area as our team played a leading role in not only identifying the attack, but also unpacking the code and collaborating to help client to kill switch and stop the attack. It is important to note that given the nature of our cloud-based subscription driven business model, events such as WannaCry and Petya do not contribute directly to our near-term results, including those reported here in the second quarter. However, these highly visible incidents do create increased awareness at every level across every enterprise, which helps drive long-term demand for our world-class solutions. Also, beyond the broader threat landscape, Proofpoint continues to benefit from the ongoing transition to the cloud, which forces companies to completely re-architect their legacy on-premise security infrastructure by replacing their appliances and software with cloud-based solutions. In addition to email moving to the cloud, enterprises continue to embrace other cloud-based applications such as Box, Salesforce.com, and Workday among others, shifting the back-office into the cloud and driving a mandate to extend the security perimeter beyond the reach of the firewall. To address this challenge, our new TAP-SaaS Defense solution, which became available in Q2, combines the technology derived from our acquisition of FireLayers with our extensive investments in identifying and blocking advanced threats, enabling us to deliver an easy to deploy and highly effective solution to protect these new cloud venues. Now turning to some of our key accomplishments during the second quarter. The strong demand for our suite of advanced threat solutions, which driven by the next-generation capabilities that Targeted Attack Protection or TAP and our other advanced security solutions as it again represented roughly half of the company's new and add-on business for the quarter. As a reminder, TAP is a cloud-based system that uniquely combines the application of Big Data Analytics and dynamic malware analysis to identify and block zero-day and polymorphic malware. We had several noteworthy TAP wins this quarter, including a Fortune 50 technology company that added TAP for approximately 380,000 users, a Fortune 50 financial institution that added TAP for 300,000 users, and a Fortune 100 apparel manufacturer that purchased protection, TAP and Threat Response for over 50,000 users. As I mentioned earlier the overall transition to the cloud continues to be a long-term catalyst in terms of driving demand for Proofpoint's broader security and compliance solutions. The shift to Microsoft Office 365, in particular, has been a great example of this effect as customers look for additional security capabilities to complement and enhance the baseline solutions provided by Microsoft. Examples of deals won this quarter where we displaced on-premise security appliances as part of their migration to Office 365 included a Fortune 500 global entertainment company that purchased protection, privacy, TAP and Threat Response for over 30,000 users, and the Global 1000 financial services firm that purchased protection, TAP, Threat Response, Email Fraud Defense or EFD and privacy for 8,000 users. We also continue to effectively demonstrate the strength of Proofpoint's products when compared to the baseline solutions provided by Microsoft within the Office 365 bundles, which is also contributing to our momentum. Examples of customers who had moved to Office 365 and subsequently decided to upgrade their security and compliance capabilities during the second quarter included
Paul R. Auvil:

Thanks, Gary. We were very pleased with our ability to once again exceed expectations across all of our key financial metrics during the quarter. Second quarter revenue totaled $122.3 million, up 36% year-over-year and above our previously announced guidance range of $118 million to $120 million. Billings for the second quarter were $146.3 million, exceeding the high end of our previously announced guidance range of $141 million to $143 million. This represented a growth rate of 45%, but when adjusting for the $5 million in early renewals that took place in the first quarter of 2016, the normalized billings growth rate this quarter was approximately 38%. As expected, contract duration moderated to the low end of our historical range of 14 to 20 months this quarter. This trend is reflected in our deferred revenue balances, which ended the quarter at $360.3 million in total, up $24 million sequentially with short term growing by $20.4 million and long-term growing by only $3.6 million. Turning to expenses and profitability for the second quarter. On a non-GAAP basis, our total gross margin was 77%, which was above our expectations driven by the revenue upside delivered during the quarter, coupled with our ongoing improvements in the efficiency of our cloud operations. During the second quarter, total non-GAAP operating expenses increased 34% over the prior year period to $85.3 million, representing 70% of total revenue and improved from 71% during the same period last year. Growth in spending was primarily driven by hiring in R&D and sales as we continue to add talent to expand the opportunities and capabilities of our product offerings and to drive both new customer acquisition as well as add-on sales to our existing customers. In terms of profitability for the quarter, we reported non-GAAP net income of $8 million, above our guidance range of $5 million to $6 million driven by the revenue upside delivered during the quarter without commensurate increase in spending. Non-GAAP earnings per share for the quarter was $0.17 per fully diluted share, above our guidance range of $0.11 to $0.13. Note that the EPS calculation applies the If Converted method to both series of convertible notes and as such, adds back the $1.06 million in cash interest associated with the convertible debt and uses 55 million fully diluted shares outstanding. We've included a section in our press release entitled Computational Guidance on Earnings Per Share Estimates, which is intended to provide additional details on this topic and to explain the resulting differences in share count used in these calculations based on our results. On a GAAP basis, we recorded a net loss for the second quarter totaling $25.9 million, or $0.59 per share based on 43.9 million shares outstanding. In terms of cash flow, we generated $26.5 million operating cash flow and invested $10.6 million capital expenditures resulting in free cash flow for the quarter of $15.9 million, or 13% in total revenue. This result was above our guidance range of $11 million to $12 million. And as a reminder, Q1 of this year benefited from certain customers that paid sooner than expected during the quarter hence, shifting some of our cash flow from Q2 into Q1. We ended the second quarter with $429 million in cash and short-term investments and $378 million in debt. This compared to $413 million in cash and short-term investments and $372 million in debt as of March 31, 2017. This sequential increase in cash during the quarter was driven primarily by cash generated from operations as well as contributions to capital from stock option exercises and our employee stock purchase plan. Now turning to our financial outlook starting with the third quarter of 2017. As we've discussed on our last few calls, we've entered a period of challenging year-over-year comparisons given the extraordinary noteworthy performances that we delivered over the third and fourth quarters of 2016. We currently expect billings to be $162 million to $164 million resulting in year-over-year growth of approximately 31% at the midpoint. Importantly, note that this growth rate is closer to 35% when considering the early renewals that influenced the billings reported in the third quarter of 2016 as discussed during the earnings call in October of last year. Regarding our revenue outlook, we are targeting a revenue range of $130 million to $132 million, or 31% year-over-year at the midpoint, a nice increase when considered against the tough comparison of the 44% growth recorded in the third quarter of 2016. We expect third quarter non-GAAP gross margin to be approximately 77% consistent with the second quarter. We expect third quarter non-GAAP net income to be $8 million to $9 million or $0.16 to $0.18 per share and this assumes an income tax provision, exclusive of discrete items of $0.9 million to $1 million during the quarter. Depreciation of approximately $6 million and a share count of 55.4 million fully diluted shares outstanding, and of course, adding back the quarterly cash interest expense of $1.06 million as prescribed by the If Converted method for our two series of convertible notes. We expect third quarter free cash flow to be in a range of $26 million to $28 million, or 21% at the midpoint of the range. This quarter, the third quarter guidance includes capital expenditures of roughly $12 million. From a full year perspective, we are increasing our guidance driven by the Q2 overperformance and the expected ongoing strength of the business. Specifically, we now expect billings to be in the range of $625 million to $628 million, which represents an annual growth rate of 35% at the midpoint of the range, and this compares to our previous guidance of $619 million to $623 million. With this billings performance, we are also increasing our total revenue guidance with the new range of $503 million to $506 million, representing an annual growth rate of 34% at the midpoint. And this compares to our previous total revenue guidance of $496 million to $500 million. We expect full year 2017 non-GAAP gross margins to be approximately 77% demonstrating very good progress toward our 2020 target range of 77% to 79%. As a result, we expect full year 2017 non-GAAP net income to be $30 million to $31.5 million, or $0.62 to $0.64 per share, an improvement from our previous guidance of $26.5 million to$28.5 million, or $0.56 to $0.59 a share. Our new non-GAAP EPS guidance for 2017 is based on approximately 55.4 million fully diluted shares outstanding and adding back the $4.2 million in cash interest expense as prescribed under the If Converted method. Our guidance also assumes depreciation of approximately $24 million for the full-year and an income tax provision, exclusive of potential discrete items of approximately $3.8 million to $4 million. Finally, we are raising our free cash flow guidance for the full year to a range of $100 million to $107 million, or approximately 21% at the midpoint as compared to our previous guidance of $98 million to $106 million. The midpoint of this new range reflects a $6 million improvement in operating cash flow and absorbs a $4 million increase to our planned capital expenditures for the year, now expected to be $44 million to $46 million. This incremental investment will expand our cloud infrastructure to keep pace with the increased demand associated with our higher guidance as compared to the start of the year, and also includes a build-out of our next-generation SaaS cloud system that will not only further enhance our world-class effectiveness but also likely drive some key efficiencies in terms of gross margins as we work our way across the arc of 2018. It is important to note that we are producing this cash flow with an average billed contract duration in the mid-teens based on the model with over 95% recurring revenues and renewal rates over 90%, which highlights the high quality of the recurring cash flow that our business generates. As a final point, recall that during our second quarter earnings call last year, we provided initial view on revenue guidance for 2017, a full quarter sooner than our historical practice. As a reminder given the exceptional linearity of the timing of new and add-on business booked during the second quarter of last year, we indicated at that time that those results would set up a somewhat challenging comparison for 2017 and as such, we wanted to punctuate that point by providing an initial assessment of how we expected 2017 would come together as a result. With that said, given the return to normalcy in terms of our current business dynamics here in 2017, we plan to provide our initial guidance for 2018 during our earnings call in October of this year consistent with our past practices. A reconciliation of our GAAP to non-GAAP guidance for both the second quarter and the full year 2017 can be found in our press release that we issued this afternoon. So in summary, we are very pleased with our second quarter results, again, there's strong top line growth with meaningful expansion in profitability and free cash flow. We believe that Proofpoint remains well-positioned to maintain this momentum for the remainder of the year and beyond given the favorable trends fueling our growth. Before turning it over to the operator for questions, I would like to remind everyone that we are hosting our Analyst Day in New York City on September 7 and we will be sending a more detailed agenda prior to the event. Also I would like to request that everyone limit themselves to just one question to help reduce the duration of our call and to ensure that everyone has a chance to be included in today's discussion. Thanks, again, for taking the time to join us on our call today. And with that, we will be happy to take your questions now. Operator?
Operator:

We'll take our first question from Melissa Gorham at Morgan Stanley (22
Melissa A. Gorham:

Great. Thanks for taking my question and nice quarter. Gary, I just wanted to you to talk about the macro environment from the security spending perspective. So we've seen some mixed results thus far in Q2 across the security landscape and some vendors noting some weakness in Europe and some vertical-specific weakness. Your commentary doesn't suggest that you have felt the same, but I'm just wondering if maybe you can comment on the spending behavior that you saw this quarter relative to your expectations and relative to what you saw last quarter?
Gary L. Steele:

Yes, sure. Melissa. So we didn't see any change in overall – the overall macro environment. We didn't see – we haven't seen any change at all frankly in the last several quarters. So we feel very good about the overall demand environment. I would also say, and we said this in our prepared remarks, I think one of the things that we're benefiting from is that there's a wider understanding and appreciation for the risk and vulnerability given that individuals are being targeted every day. And so while security dollars overall may be prioritized more, I feel like we're landing high in the heap of vendors as people decide what projects they're going to spend money on. And so I think that's the reason that we haven't seen any change in macro.
Melissa A. Gorham:

That's helpful. Thank you.
Jason Starr:

Thanks.
Operator:

And moving next to Matt Hedberg at RBC Capital Markets. Sir?
Matthew George Hedberg:

Hey, guys. Congrats on the quarter. I believe you said last quarter, 15% to 20% of your customers have moved to Office 365. I'm curious if you could update us on maybe the progression there? And maybe talk a little bit about win rates? And then also deal sizes inside that Office 365 base versus out? I'm just kind of curious how they compare.
Paul R. Auvil:

Yeah. On the 15% to 20%, Matt, I think we were, at the time, kind of speculating on overall, when you look at people who run exchange as a platform, what percentage of that installed base, just based on the handful of data points that we had visibility into, had moved to Office 365, and so our speculation was it appeared to be 15% to 20%. That said, it continues to be a fundamental factor in helping drive business. Gary commented on the call specifically, combination of people who, as they cloud move to the cloud, need to reimagine how they're handling security and compliance, and they bring us in and we provide that solution, as well as people who initially move over, may be thinking that the Microsoft capabilities will be sufficient, realizing that they're still very short of what the requirements are for the kind of customers that we sell to, and then creating a sales cycle for us to get involved. So, I think, our win rates continue to be great there. Deal sizes, quite frankly, in cloud, we're always a little bit higher than people who do on-premise deployments. And so we see this opportunity because, when you're moving to the cloud you need to solve all your problems, and you need to deal with your protection problems, you need to – you have an advanced threat problem, you typically have a privacy problem to solve. And so, we'll sell all those as part of that sales cycle. Whereas, if you're still on-premise and just looking to upgrade your solution, often you're looking just to upgrade one piece of it, maybe you just want to upgrade your protection or you want to buy an advanced threat capability. And so, we do see a nice progression in deal sizes as people deploy for Office 365, and Gary?
Gary L. Steele:

And that one comment, so when we give that range, that's what we see as people in production. But if you actually go out and talk to customers, which I spend a lot of my time doing, almost everybody has a plan. May be the plan is a couple years out, or it may be a 2018 initiative, but almost every customer has made a set of decisions as it relates to cloud. And I think the percentage of customers whose intention overtime is to go to cloud, I think, that number is quite high. And it's probably likely to be over 50%. But it's going to take some number of years for those seats to actual be installed and that transition to happen.
Operator:

And we'll move next to Walter Pritchard at Citi.
Walter H. Pritchard:

Hi. Thanks. I'm wondering, Gary, in terms of the ransomware and GDPR drivers that are going on, I guess, I understand the longer-term perspective. Is there any sense as to whether or not those are actually helping or hurting the business at this point, or if there's any sort of prioritization changes that are going on within your customers' budgets to sort of change the way they might be spending, especially in Q2 and what do you see in Q3 and maybe the rest of the year?
Gary L. Steele:

Yeah. I think the – I think WannaCry was a big wake-up call in Europe, in particular, where organizations had been somewhat lax in the security posture. And so I think it was somewhat of a wake-up call. As we indicated in the prepared remarks, I don't think that it has. I don't think it's a near-term catalyst for us, but I do think that it put things on the radar that hadn't been on the radar previously. And I do believe over the course of the next four to eight quarters we're going to benefit from that broad effect. GDPR, commenting specifically there, there's a lot of planning going on. I don't know that we've had any positive impact from GDPR yet. But there's lots of discussion and I personally believe that GDPR will have big effect the first time someone has to announce a major breach because there will be just a different level of accountability and how folks manage their security posture. While I think there'll be lots of interest rolling up to the first half of 2018, I think what will be more important what happens after that and organizations and the responsibility related to what they have to tell the world about a particular breach. So I think it's an interesting long-term catalyst, I don't know that it's a short term catalyst.
Operator:

And we'll go next to Philip Winslow at Wells Fargo. Please go ahead.
Philip Winslow:

Hey, thanks, guys. Congrats on another straight quarter. There've been some concerns earlier this year about just the pricing environment, maybe competitive landscape as people were talking about potentially bundled offerings from host email vendors or potentially some of the legacy guys trying to reimagine their offerings. Just curious now that we're six months into the year here, any change that you're seeing in the pricing dynamics, sales cycles, et cetera, it doesn't seem like you're seeing anything but any kind of color there that will be great.
Gary L. Steele:

Yes, we actually aren't seeing anything. I think prices have held very steady, sales cycles have been very steady And I think it just speaks to again where we sit in the overall priority of security spend. And I think that's what has allowed us to continue to maintain good pricing. While there are competitors in our environment that try to use bundling as a tactic to drive deals, I think there's a broad understanding from the buyers point of view that you have that something that's truly effective. And our strategy has always been the same, we just show people the value we can deliver and with that that's how we maintain pricing.
Philip Winslow:

Great. Thanks.
Operator:

And moving next to Rob Owens at KeyBanc Capital Markets.
Rob Owens:

Great. Thanks for taking my questions, guys. Any update on where you are relative to the McAfee opportunity? And also was curious just on competitive landscape, what you are currently seeing out there, you and Mimecast both appear to be doing well. Do you guys run into them much at this point? Thanks.
Gary L. Steele:

Yes, with respect to the McAfee opportunity, we continue to win some very nice McAfee deals. These are larger deals because these are the on-prem folks. In fact, one of our largest deals in the quarter was an organization that had been running McAfee for a very long time. What inning are we in? We're probably in the fourth or the fifth inning, that's kind of where I would put it at this point. We continue to see some very nice large opportunities in our pipeline for future quarters. And I think this will continue to fuel growth for us for the foreseeable future. And then as it relates to the competitive environment, I would say we saw no change in the competitive environment again, from Q1 to Q2. As we've indicated in the past, we don't see Mimecast in the bulk of our deals. There are times as they attempt to move up market, we may see them in particular accounts, but we don't see them pervasively at all. Relative to the other folks that are in our competitive environment, I would say, there is really no change. We do see Cisco, we do see Symantec as you'd expect, so really no change in that regard.
Operator:

And our next question is from Ken Talanian at Evercore ISI.
Ken Talanian:

Hi, guys. Thanks for taking the question. I was curious, how does your hiring plan for the year compared to last year?
Paul R. Auvil:

Yes. So I would say, as I mentioned just briefly in the script, most of our hiring is primarily in and around both engineering as well as sales, engineering to continue to improve the quality and caliber of the products we have and keep up with the threat environment as well as driving expansion of our product line, including the new TAP-SaaS Defense product, as well as enhancing and bolstering the EFD product line. So you've got that on the engineering side. And you can see it in our spending as a percentage of revenue because spending in R&D is almost 100% head count driven. When it comes to the sales side, we are now enhancing a little bit our investments abroad. Historically, like many SaaS companies, we've seen great efficiency in adding team members in the U.S. and so far, we've added quite a few high-quality folks in the U.S. year-to-date. But you'll also see in the last couple of quarters international growing in the mid-to high-30s on a year-over-year basis and that reflects additional investment internationally. Both some footprint that we've established in Asia Pacific, along with the team we have in Japan and they've done nicely, and Gary called out one of their deals specifically in the call. But also in Europe, we are now starting to not only increase the number of people that we have in our core territories, which are France, Germany, and the U.K., but now starting to add a couple of other tertiary geographies where we think that by having a local presence, it'll help further improve our footprint and drive demand across Europe overall. And Europe is a very large market opportunity that we think we can create significant growth from over time. And as you think as Gary alluded to in an earlier part of the Q&A session, GDPR, I think over time, will represent another interesting catalyst for us. I wouldn't be adding quota capacity to Europe thinking that GDPR were the reason for it. But I think that it could be another turn of the crank that could drive productivity in Europe somewhere down the road, but probably not until well into 2018.
Ken Talanian:

Understood. Thank you very much.
Operator:

And we'll go next to Jonathan Ho at William Blair.
Jonathan F. Ho:

Good afternoon and congratulations. I just wanted to start with on the EFD Threat Response. Are you seeing this being bought now primarily as add-ons by existing customers, or are you seeing this potentially as maybe a lead for new deals on their own?
Gary L. Steele:

Yes. So I'll start and Paul, may have a comment on this. So one of the things that we're seeing, and you could hear it actually in the examples that we gave in our prepared remarks, in the deals that we're doing with new customers, it is not uncommon to include EFD and/or Threat Response in those initial deals. So it's exciting and encouraging to us there is it drives higher deal values, greater value delivered to the customer in that initial transaction. We're having good success as well going back to the installed base, in selling these capabilities, whether it'd be EFD or Threat Response. And then it's less common, but we do see opportunities that where we're just selling EFD or Threat Response independently as our first solution, but that's the least common scenario.
Jonathan F. Ho:

Thank you.
Operator:

And we'll go next to Gur Talpaz at Stifel.
Gur Talpaz:

Great. And thanks and congrats on the quarter. I just wanted to ask what you're seeing in the early days here of TAP-SaaS Defense, and then may be just building on that, how you might be thinking about future M&A? Would you look to do more email or would you look to kind of build into ancillary categories? Thank you.
Gary L. Steele:

Yes, so TAP-SaaS Defense has been out in GA (35
Gur Talpaz:

Yes. How you might be thinking about future M&A, would you look to do more on email or kind of continue to build down into ancillary categories around email?
Gary L. Steele:

Yes, so, first and foremost, we continue to look for deals similar to what we've done in the past where we can get great technology and continue to deliver more value to the customers we serve and we've done a really good job of that. And I would say, EFD is a prime example where we're selling it as part of everything we do. So we look for those opportunities. And they may be part of email, and they may basically just to extend reach into other areas, don't look for us to make some big, crazy pivot into some other segment. Everything that we do fits with our existing sales motion.
Paul R. Auvil:

Yes, I think the only thing I'd add to that as you know historically, most of our deals have been somewhere between $5 million and $25 million and the largest deal, I think kind of $55 million. I think we are starting to see opportunities to potentially acquire companies that are somewhat larger, not billion-dollar transactions but probably something over $100 million. And so we've yet to find something that we're really excited about that we'd want to go close on, but just something for everybody to keep in mind as part of the calculus here, we went out and raised $400 million of debt over the last several years in terms of our convertible bonds, both of which are well into the money now. So, we are looking at potentially leveraging some of that cash in the right kind of transaction at some point here, it may not be this year, it may not be till 2018. It's been kind of a slow year for M&A activity so far. And those of you who know Manish know that I'm putting a little watch on his badge because he hasn't really been doing much lately, but we'll see if he'd come up with something of interest to add value for shareholders at some point later this year.
Gur Talpaz:

Great. Thanks for the color.
Operator:

And we'll go next to Jayson Noland at Baird.
Jayson A. Noland:

Okay. Great. Thanks for bringing me on. Paul, I wanted to ask on contract duration. You mentioned it shortened to the low end of the range in the prepared remarks. Anything specific that drove that, or is it just how the quarter played out? Thanks.
Paul R. Auvil:

No, it's really just how the quarter played out. And as I know you're familiar with, as our – many of the other people who followed the company for years. Our focus really is, is doing single year contracts. We think we delivered great value for customers, our churn rate is low, we think we create better long-term value and cash flow for shareholders by doing one-year deals that we renew year-after-year. Those renewal opportunities create entry points to sell additional products, of course, we also engage in add-on sales outside of that renewal cycle. And so it's sort of a return to our historical norms. Now could be any given quarter that we do have some customers like we had in the fourth quarter of last year who, for better or worse, want to give us a large amount of money upfront for a multi-year commitment. We'll of course, engage in those transactions. I can't refuse that money if people want to give it to me, but it's not our preferred course of how we run the business. So, as I look at the third quarter, I would say that again, our guidance is built around maintaining this kind of lower end of the range in terms of duration. It's possible that a few larger deals come along that could push us up a little bit, but as I look at the pipeline of opportunities going into quarter, it feels like we should continue to be down in the mid- to low teens.
Jayson A. Noland:

Thank you.
Operator:

And we'll go next to Sarah Hindlian at Macquarie. Sarah Hindlian - Macquarie Capital (USA), Inc. Great. Thank you. Hi, Paul and Gary. Congrats on the quarter. I'll limit myself to one question and maybe a follow-up if we have time, but I'd love to hear an update on how you're doing in federal after some of those FedRAMP cert crossed the wires, and we saw a little bit of traction in our channel work and would love to hear how we should be thinking about that going forward?
Gary L. Steele:

Yes, thanks, Sarah. So we're excited about the opportunities in federal. The investments that we've made in terms of launching the FedRAMP initiatives. That's critical to that overall initiatives. Overall, in the U.S. federal government, there is a strong move to cloud and as part of that strong move to cloud, we feel like we can just like we're doing in the commercial segment today, we can leverage our cloud strength to go help those organizations better defend themselves. So I'm very excited about the opportunity. Don't expect us to have a massive federal Q3 2017 in the federal fiscal 2017, but I do think that we're laying the groundwork for lots of opportunity in federal in quarters to come. So I'm super encouraged about the long-term potential there. Do you have a follow-up Sarah? Sarah Hindlian - Macquarie Capital (USA), Inc. Yes. I just wanted to know a little bit about the opportunity to even start thinking about some BPAs in that segment as well. Is that in a couple year time horizon? Or is that further out?
Gary L. Steele:

So I'm not familiar with BPA, what you're referring to? Sarah Hindlian - Macquarie Capital (USA), Inc. The purchasing agreements that makes it easier for the government agencies to come in and buy a product.
Gary L. Steele:

Yeah, I think that's a little ways out for us. We do have a customer federal pricelist that we operate from with couple of our federal partners. And so I think our initial transactions will be driven off of that. I think as we drive a little bit more market share in Fed, there's an opportunity to put those in place, but it's a little early right now. Sarah Hindlian - Macquarie Capital (USA), Inc. All right. Terrific. Thank you, guys so much. I appreciate it.
Gary L. Steele:

Thanks.
Operator:

And moving next to Gabriela Borges at Goldman Sachs.
Gabriela Borges:

Great, good afternoon. Thank you for taking my question. Maybe just a follow-up on the commentary on the sales force balancing their time between the longer-dated archiving deals and the shorter faster closing emerging products deals. Maybe you could just help us understand how much of that is a trade-off between these two versus maybe being able to execute on both as some of the two issues are coming to the pipeline?
Gary L. Steele:

Yes, no, that's a good question. And so when you think about how Tracey manages her entire sales organization, there's this notion of, obviously, any given time we're looking for each individual salesperson to deliver their numbers for a particular quarter. And so we look at their short-term pipeline and are you going to make your quarterly quota. And then, of course, there's that next element, which is, well let's look at how we think you're going to do for the year or for the next 12 months when we're in the middle of the year like we are today. But then there's also this notion of just having a balance between short-term and long-term opportunity. And so we think that archiving continues to present a significant opportunity for Proofpoint overtime, particularly in large regulated verticals like financial services and healthcare. And so for the sales reps that have those kind of opportunities in their past, there's a whole separate set of ongoing dialogue and effort that ties directly to those longer-lead archiving sales cycles. And we had another good quarter with archiving, closed some nice business, you saw the growth rate at high-20s% again, this quarter. We do aspire to ultimately push that growth rate up over time, although I suspect it'll come down a little bit before it moves back up. And it is essentially just focus on driving longer sales cycle opportunities, which are working in the background as a sales team member, while also focusing on shorter-term opportunities, which we see as kind of that classic Protection and Targeted Attack product line family, as well as these emerging products. As you can imagine, with the EFD product for example, it's really the right product at the right time to deal with this next set of business email compromise threats that go after not only your existing employees, but also cascades all the way across your supply chain. It's a great solution to sell both as a new product entry point typically on a compelling sales cycle in terms of timeframe, as well as add-on sales into existing customers and a product that we sell on all of our net-new opportunities, which is the catalyst that's helped drive that nice uptick in growth rate over the first several quarters of selling. So long way of saying, we are always focused on the balance of having salespeople have both bigger longer-term opportunities that we're cultivating while they're going out and chasing the shorter opportunities to close to make the quarter over the next six months, and it is a pretty sophisticated part of how Tracey and her team run our sales operation.
Operator:

And we'll move next to Anne Meisner at Susquehanna Financial.
Anne M. Meisner:

Hi, everyone. Nice quarter. Most of my questions have been asked already, but I have one follow-up on the overseas build-out and strategy there. So as you're investing resources there, would the go-to-market strategy for Europe be relatively similar to that of the U.S.? Or would you address it more with kind of a higher mix of indirect? Or would it be sort of the same mix as direct versus – sorry indirect versus high touch, similar to the U.S?
Gary L. Steele:

Yes, our overall sales go-to-market is very similar in Europe that is as it is to the U.S. We do see more channel involvement that the channel is you really use there to help us identify opportunities and bring us in where we ultimately work hand in hand with those channel partners to drive the deal, but structurally we think about it the same, the same combination of both inside sales, field sales and using resellers to drive leverage in the various geographies.
Anne M. Meisner:

Okay. Great. And just quick follow-up on the FedRAMP, do you have any thoughts on timing in terms of when you'd actually achieved the FedRAMP status?
Gary L. Steele:

I suspect we haven't published a date, but I suspect it will be sometime in 2018. The nice thing about FedRAMP unlike other federal certifications is organizations will buy while you're in process. So you start with the sponsoring organization, which we obviously have, but organizations can and will buy during the process, while you're getting FedRAMP certified, so we don't feel that the in date is really pertinent or relevant to our ability to go prospecting, close business in the federal side.
Anne M. Meisner:

Okay. Excellent. Thanks, Gary. Very helpful.
Gary L. Steele:

You bet.
Operator:

And we'll move next to Patrick Colville at Arete Research.
Patrick E. Colville:

Thanks very much. Can you go little bit deeper into how the shift to user targeting benefits Proofpoint? And if you've got any examples, that's wonderful?
Gary L. Steele:

You bet. So when we talk about user targeting, we're really referring to socially engineered phishing attacks, driving a very specific threat or a piece of malware to a particular individual. And so this is what we see every day from threat research standpoint. It's then backed up by what we hear from all of our large customers. So I was just out at a Fortune 100 pharmaceutical company. (46
Patrick E. Colville:

Got it. And I've got time for another one. Have you given the percentage of new and add-ons from McAfee?
Gary L. Steele:

We don't provide a specific number in terms of what the actual number was. The value of the deal that we booked that were customers coming from McAfee, but what we did note though in our prepared remarks is that the percentage of business that came from McAfee was within our historical norms. So there was no big spike in this quarter for example. It was within our historical norms.
Patrick E. Colville:

Wonderful. Thank you very much.
Gary L. Steele:

You bet.
Operator:

And we'll go next to Steve Koenig at Wedbush. Please go ahead, sir.
Steve R. Koenig:

Thank you very much. Just one probably for Gary here. You know, so it just seems like the major vendors are all talking about platform solutions that's been attacked factors. (48
Gary L. Steele:

You bet. I'll tackle that one first and then talk platform. So effectively, what happened on the day of WannaCry, we had one of our threat researchers sitting at his grandmother's dining room for Mother's Day – for Mother's Day weekend, and he had been given a sample that had triggered on our one of our network centers. We had been looking at the EternalBlue vulnerability, and this triggered that vulnerability. The threat researcher grabbed that piece of code, sent it off to our threat researcher at his grandmother's dining room, and that individual then unpacked the code. The reason that why this is relevant for us is we do broad threat research because we want to understand what's going on. These new forms or derivatives of ransomware, other forms of malware, while this showed up as a network worm. These things oftentimes then get spread another way. And the most common way to spread these kinds of modes of code is through email. So we want to be on top of this. We give our threat researchers a lot of freedom in how they operate because we want to make sure that they're out on the forefront of what's going on, and it really speaks to the level of investments we're making in this particular area. And through that interaction, for example, we got more press in one day than we ever had in the history of the company. Because of our involvement in that and the role that we play. So we think this is a critical investment. It makes us sharper and it actually better defends our customers because this malware ultimately spreads most commonly through email. Now moving to your platform question. There's been lots of discussion by vendors about the platform. The one benefit that we get every single day in the capabilities that we're selling is we consolidate spend, which is I think what customers most want to do. And so we're going in and very effectively consolidating spend on a single platform of capabilities. And that's what ultimately driving a lot of our deal size, and you could hear it in the examples that we gave, customers are buying as many products from us as they can, and they're taking out existing vendors and consolidating around us. And so broadly speaking, the platform promise has been you're getting better protection, and we leverage the relationships that we have in ecosystem to drive broad efficacy across network with the vendor like Palo Alto, email, which is another obvious one through us. And then how it then feeds into the other solutions and environment, like security analytics with Splunk. So I think that we navigate quite well in a world of a platform. And today we're benefiting from a platform approach, we're giving customers consolidation, which seems to be their highest priority at this point.
Steve R. Koenig:

Sounds great. Thanks a lot.
Gary L. Steele:

You bet.
Operator:

And we'll move next to Andrew Nowinski at Piper Jaffray.
James E. Fish:

Hey, it's Jim Fish on for Andy. Congrats on the quarter and thanks for the questions. Can you go into how the mid-market penetration was in the second quarter and specifically, your recent partnership with Ingram Micro, I think it's been a couple of months here now?
Gary L. Steele:

Yes. I mean it continues to go well. We're pleased with both how Ingram is coming along as a partner in helping us serve. Think of it as sort of the second tier of resellers in a more efficient way than how we've been handing in the past. And overall mid-market continues to be very productive for us. We have a couple of fairly large teams of sales reps that serve the mid-market as inside salespeople, but for bigger deals we're going to play in and travel out to see the customers. And their performance in the second quarter is consistent with what we've seen in the past. So that continues to be a very compelling source of growth for us. And as we look across again, the broader product line, which includes some of these new emerging products, whether it's the EFD capability, whether we think about TAP-SaaS Defense and some of the other parts there, all these things are very important and appropriate to that mid-market as part of that defending their enterprises. In fact, you could argue that these somewhat smaller enterprises who have less security resources that are dedicated to managing their problem need more comprehensive capabilities running in the cloud that can take care of these problems for them, because they just don't have as many dedicated specialists to deal with those challenges. So we're continuing to be excited about the mid-market and the success that we've seen there.
James E. Fish:

Got it. Thank you.
Operator:

And we'll go next to Tim Klasell at Northland Securities. Please go ahead. And hearing no response, we'll go next to Erik Suppiger at JMP Securities.
Erik L. Suppiger:

Thanks for taking the question. Want to get a little better perspective on the Palo Alto-Proofpoint integration. I think you said that half of your combined customers have the integration adopted. I don't think the integration product generates revenue. Can you talk a little bit about how you are leveraging that solution to increase revenue from those customers? And how much overlap in customer do you have with Palo Alto at this point?
Gary L. Steele:

Yes. So as you described it, Erik, the way it works is that we offer the integration between Targeted Attack Protection and WildFire. What a customer does to take advantage of that they basically enter a WildFire license key into TAP. And then from that point forward we basically share, dynamically share threat intel with WildFire to determine whether we should condemn an attachment or not. The value that customers get, they effectively just get better threat protection by leveraging both the intelligence of Proofpoint and Palo Alto. The way we're economically benefiting from this is there is very good sales cooperation to drive deals, so when we have a common competitor such as a Cisco, it works phenomenally well when we're cooperating in the sales process, as well as we can deliver value technically. So, it's worked really well. And while the integration is free and I think that's what our customer would expect, landing the account and then driving further penetration in the account is really the objective, so we're seeing good benefit from that. In terms of the numbers, there's no numbers that have been published in terms of how much overlap we have between Proofpoint and Palo Alto, but it's in the number of customers today in the – that have turned the integration on is in the range of hundreds.
Erik L. Suppiger:

Good. Thank you.
Gary L. Steele:

You bet.
Operator:

And we'll take our final question today from Srini Nandury at Summit Redstone Partners. Please go ahead, sir.
Srini Nandury:

All right. Thank you for taking my call. Can you provide some color update on your archiving business, what portion of installed base uses your archive product now? And what drives the archiving business for you, in general, since it looks like your usual cross-sell, up-sell opportunity doesn't have this product in the sales cycle?
Paul R. Auvil:

Yeah. So I'll start and Gary, can add some color. So keep in mind that the archiving governance segment represents roughly 25% of our business, and it grew in the high 20s%. It's – let's just say, overrepresented in terms of revenue as opposed to the percentage of customers that we have, because the ASPs on archiving tend to be on the higher side compared to our other products. So with that said, we're very pleased with how it's come along over the last several years. And we do see particularly with the recent evolution of people who have served that market, whether it's the Autonomy capabilities that are now moving over to Micro Focus or whether it's the original capabilities that had been owned by Symantec that are now in the hands of Veritas. We see customers on those platforms feeling like enough is enough, it's time to move on to a company that really takes this seriously and is going to invest. And Proofpoint fits that profile perfectly. So from our perspective we do see a nice pipeline of opportunities that are coming along here some of them, smaller ones close more quickly, but bigger ones that really have the ability to move the needle on that revenue segment are ones that have longer cycles and can be a little unpredictable in terms of exactly when the customer will close the deal. Keep in mind that these large customers may have hundreds and hundreds of terabytes of data that they need to extract from the existing solutions and move into our cloud. And so that gives you sense for sort of the magnitude of how that can affect the timing of this because those legacy systems were not ever made to provide for the mass extraction of data. So pulling that data out organizing in the format to importing to Proofpoint is a lengthy process. But nevertheless, we see archiving as a very interesting category where we have some very differentiated products and an area that I think will continue to prove lucrative for us in terms of both growth and contribution to profitability and cash flow overtime. Gary I don't know if you have anything to add.
Gary L. Steele:

Yes. Two quick points, one is we have a very healthy pipeline of existing Proofpoint customers that have an interest in archive, where they're coming off as Paul described one of those existing legacy vendors. And we also pursue independent archiving opportunities outside of an installed base and use that as a entry point into new customers. I would say we're doing more selling into the installed base today, but there's a nice healthy mix between the two.
Srini Nandury:

Okay, thank you very much for detailed answer.
Operator:

And that does conclude our question-and-answer session. Mr. Steele, I'd like to turn the program back over to you for any additional or concluding remarks, sir.
Gary L. Steele:

Great. We want to thank, everyone, for joining us on the call today. And we look forward to seeing you at our Analyst Day in September in New York. Thanks so much.
Operator:

And once again, ladies and gentlemen, that does conclude today's conference. Again, I'd like to thank, everyone, for joining us today.

Proofpoint, Inc. Q2 2017 Earnings Call Transcript

Other Proofpoint, Inc. earnings call transcripts:

Proofpoint, Inc.
Q2 2017 Earnings Call Transcript