Tenable Holdings, Inc.
Q4 2020 Earnings Call Transcript

Published:

  • Operator:
    Greetings and welcome to the Tenable's Fourth Quarter 2020 Earnings Conference Call. At this time, all participants are in a listen-only mode. A question-and-answer session will follow the formal presentation. As a reminder, this conference is being recorded. I would now like to turn the conference over to your host, Andrea DiMarco.
  • Andrea DiMarco:
    Thank you, operator, and thank you all for joining us on today's conference call to discuss Tenable's fourth quarter and full-year 2020 financial result. With me on the call today are Amit Yoran, Tenable's Chief Executive Officer and Steve Vintz, Chief Financial Officer. Prior to this call, we issued a press release announcing our financial results for the quarter and full-year. You can find the press release on the IR website at tenable.com.
  • Amit Yoran:
    Thank you, Andrea, and thank you all for joining us today. I'd like to start off by saying, I'm incredibly proud of how our employees continue to respond as we navigate today's dynamic environment. Today, I'll highlight our strong Q4 results, our cloud security advancements, and some exciting channel expansions. But before I get into Q4, I'd like to comment on the current vulnerability management market and cyber security environment we find ourselves in. Through our dialog with customers and partners, we see the strategic importance of vulnerability management rising rapidly. Enterprises continue to prioritize VM as the critical building block to understanding their cyber security risk. This is underpinning the strong adoption in demand we saw from our customers throughout the year. We added one of our highest number of new platform customers over this quarter, 460, and one of our highest number of new six figure additions at 66. We also continue to see a healthy number of competitive displacements and continued optimism about the large greenfield opportunity in VM. About a third of our larger new platform adds came to us from greenfield accounts where they had no in-house organic VM capability.
  • Steve Vintz:
    Thanks, Amit. As Amit mentioned earlier, we are very pleased with our results for the fourth quarter, highlighted by attractive topline growth and impressive bottom line results. I'll discuss our results for the quarter momentarily, but please note that first all financial results we will discuss today are non-GAAP financial measures with the exception of revenue. As Andrea mentioned at the start of this call, GAAP to non-GAAP reconciliations may be found in our earnings release issued earlier today and posted on our website. Now onto our results, revenue for the quarter was $118.1 million, which represents 22% year-over-year growth. Revenue in the quarter exceeded the midpoint of our guided range by approximately $4 million. Our percentage of recurring revenue remained high at 94%, which is a result of our annual prepay subscription model. Revenue for the full year was $440.2 million, which represents 24% growth year-over-year. Revenue in the quarter was aided by strong demand for both new and renewal business. In terms of new business, we had one of our best quarters ever, we added 460 new enterprise platform customers and 66 new -- net new six-figure customers in the quarter. This brings the total number of customer spending in excess of $100,000 annually to $837,000. Our investments in product innovation and go-to-market reach has continuously helped us deliver a healthy number of greenfield opportunities and competitive takeaway throughout the year, despite the pandemic, and this quarter was no different. So we are delighted with the velocity in which we are adding new customers in the quarter. We're also very pleased to see upside in our expansion business, as customers adopted new modules and expanded asset coverage at a higher rate than what we saw earlier in the year. Of notice, cross-sell as Lumin, web application security and OT among others experienced significant growth in the quarter. We attribute our success year to an increasingly complex threat environment that highlights the relevance of our cyber exposure offering, specifically a platform that delivers broad asset coverage, accurate results and predictive analytics to help our customers understand and address the most critical vulnerabilities within their compute environments. This also benefited renewal business, which was strong in the quarter. This is reflected in our calculated current billings, CCB defined as the change in current deferred revenue, plus revenue recognized in the quarter grew 20% year-over-year to $150.5 million and overall, we are very pleased with our performance. As a reminder, CCB is a close, but not perfect proxy of the underlying performance of the business and can be influenced by such factors as deal timing, early renewals and multi-year prepaid deals, which have been impacted in the current economic environment.
  • Amit Yoran:
    Thanks, Steve. As I stated earlier in the call, recent security events have raised the profile of vulnerability management. SolarWinds shows that we can't rely on strong perimeter defenses and has highlighted the need for assessing devices across the entire enterprise. Our message has been very consistent. For Tenable, our core strength in VM has driven our success and aided in our natural expansion across the attack surface into improving the security posture of cloud and OT deployments. Our strengthening platform of capabilities positions us for long-term success as our customers shift to hybrid and cloud environments. We hope to see many of you virtually at the Goldman Sachs, Morgan Stanley and Truist tech conferences in the coming weeks. We'd now like to open the call up for questions.
  • Operator:
    And our first question comes from Brian Essex with Goldman Sachs. Brian, please state your question.
  • Brian Essex:
    Great, thank you. Good afternoon, and thank you for taking the question. Guys, nice set of results. Amit, nice progress in the service provider market, and appreciate the color there. Maybe could you provide a little bit of incremental color in terms of the types of customers that you're attracting in that market? The dynamics of those deals and how meaningful you expect that segment of business to be from a mix perspective?
  • Amit Yoran:
    Yes, I'll provide maybe some color context. I think the service provider market is incredibly strategic. We see that market really going after a diverse set of customers. So the natural one which comes to mind is certainly the mid-market where lot of organizations that don't have the in-house expertise, gravitate toward -- gravitate toward managed security providers. And then, we've also seen a noteworthy number of large enterprise customers, which choose to use managed service providers, managed security providers as part of their ongoing security operations. So, we really see it is a pretty important pre-strategic route to market for us along both tracks and we're early in those relationships but seeing some early results and really excited about the opportunity that both of them represent for us.
  • Brian Essex:
    Got it, that's helpful. And maybe to follow-up, can you maybe talk about the OT market, the nice six-figure OT win. Given the I guess growing concern of state-sponsored tax and how deep those might go from an operational perspective -- I mean, how are you gaining -- I guess how does traction in that market look and how meaningful do you think that might be over the next year or so?
  • Amit Yoran:
    I think -- that is a market that we believe has very strong potential. There is no doubt that some of the most critical business operations occur in and on and rely on OT environments and then OT is an increasingly critical part of business efficiency and fueling economic growth. So the awareness for OT security has grown rapidly in the last two to three years, and we've seen IT security programs and IT security leadership play an increasingly critical role in product selection and solution selection and providing security into corporate OT environments, which historically have been managed by different teams. So we feel like we have a real position of strength in understanding risk across IT and OT and the convergence of security regimes across both of those platforms. In terms of the potential for that market, I think Steve can do some analysis on asset numbers and industries and the breadth of industries that rely on OT. But I think -- it's -- there's a pretty substantial opportunity that we're going after there.
  • Brian Essex:
    Got it, very helpful. Thank you very much.
  • Operator:
    And our next question comes from Joshua Tilton with Berenberg Capital.
  • Joshua Tilton:
    Hey, guys. Thanks for taking my questions. Can you hear me?
  • Amit Yoran:
    We can.
  • Steve Vintz:
    Hi, Josh.
  • Amit Yoran:
    Yes.
  • Joshua Tilton:
    Hey, guys. How are you? Just two quick ones from me. First, I believe last quarter you guys mentioned that the renewal rate was 110%. I was just curious if you guys could comment on what it was in this quarter? I think the commentary in your prepared remarks kind of suggested it was positive. And then also, what is -- what numbers baked into the guidance that you gave for 2021?
  • Steve Vintz:
    Hi Josh, this is Steve. Well, first, we did comment in the quarter that upsell was notably strong this quarter, really on the backs of higher asset coverage as well as higher cross-sells, one of the best quarters ever for us in terms of cross-sell. So we're very pleased with the level of upsell this quarter, this is a positive development after several quarters of moderation earlier in the year. We don't manage the business to a single metric, we know that in terms of opportunities, pipeline can vary between opportunities from new customers as well as upsell opportunities from existing customers. And the number that we disclose in the filing is on an LTM basis. So the good news is, we saw notable uptick and upsell this year, well in the backs of high renewal rates, strong cross-sell and we think that bodes well heading into 2021. I think in terms of 2021, more broadly, we're assuming that the demand environment is largely the same and with no notable change is from what we saw this year. The one thing that I will say is -- the takeaway here is -- look, we're very pleased with our results in the fourth quarter. We saw our performance in both the top line and the bottom line. CCB growth was 20%, revenue growth was 22%, better than expected both the top line and the bottom line. Customer demand underpinning all this was strong as Amit mentioned earlier and to my comments earlier, we added 460 new enterprise platform customers and it's one of our best quarters ever. And in fact, it was our best quarter ever for landing new large deals. That said, looking ahead in 2021, there's still a lot of uncertainty out there with the macro. As we head into the year many geos and countries are imposing further lockdowns and restrictions. Our guidance assumes just more broadly, notwithstanding the rental rates and expansion rates that the crisis will continue but abate over time, sometime in the summer with modestly improving demand in the second half of the year. And overall, we're pleased with the results of the quarter and it gives us confidence as we head into 2021.
  • Joshua Tilton:
    Yes, that was very helpful. And then I guess, kind of just to confirm a little bit on what you said for 2021, you're baking in no change to the demand environment. But you also mentioned that the recent attack kind of brings the importance of VM into light. So should we view the billings guidance as conservative, so is not baking in any incremental demand from the recent attack, or is it just too early to see any meaningful change if any?
  • Steve Vintz:
    It's more of the latter. Specifically, in relation to CCB, it's important to note that first, we haven't provided a full-year guide to CCB, in over a year since February of our last call. We feel like today's guidance is appropriate. It certainly reflects the uncertainty of the macro, but the fact that we're providing this guide now is certainly a clear indication of our increasing confidence in the business. Again, we're not -- we are factoring some of the uncertainty related to the macro, but we're also not considering any tailwinds from the recent SolarWinds breach, which are difficult to predict. We think it has the potential to lead to better spending environments in 2021, but we view the guidance today for CCB, really it's a good starting point. The fundamentals of our business are very strong, and we look forward to updating you throughout the year.
  • Joshua Tilton:
    All right. Thank you very much. Really appreciate the color.
  • Operator:
    And our next question is from Hamza Fodderwala with Morgan Stanley.
  • Hamza Fodderwala:
    Hey, guys. Thank you for taking my question. Just a couple from me. The first is on the solar SolarWinds impact. You mentioning sort of the rising priority of VM. Can you maybe talk a little bit about for -- to -- for a meet, to what degree -- is it may be starting to influence pipeline or perhaps getting brought up in customer conversations? And then I have a follow-up.
  • Amit Yoran:
    Yes. It's definitely become an important part of our customer conversations and I think we saw that almost immediately as the news began breaking where even going back with the FireEye breach and even before the SolarWinds. As each data point comes out, I'm wondering with high profile breaches, first question corporate leadership are asking is, am I exposed, are we at risk, are we secure, what are we doing about it. And so being able to -- for the IT security team to be able to -- in near real-time say with all of the attack tools which were part of the red team kit that was stolen from FireEye, we already checked for those, and here's where we stand from the exposures perspective. Or when the SolarWinds twisted breach came up, being able to say here's exactly where we're running SolarWinds Orion and within that, here's the version of SolarWinds Orion, and be able to have that very immediate certainty to understand the level of exposure and/or where the exit response teams can start -- it can start swinging into action. So it's an important part of risk management and being proactive -- and proactively improving your security. But in time of crisis having a mature VM program just provides the agility for incident responders to move with much greater certainty and much more rapidly. So it became an immediate part of the conversation right away. And I think as Steve said, we're just early in this -- in the process into the cycles to be able to quantify and say, here's how we believe it will impact pipeline development and our expectations for '21. But customer engagement around it has been high.
  • Hamza Fodderwala:
    Got it, got it. And then just a follow-up for Steve. So, you managed the business pretty well during the worst of the pandemic, right? Current billings has been accelerating 20% plus over the past couple of quarters. You mentioned, so a record number of net new enterprise customer ads, accelerated pace for share gains. I'm wondering how you kind of -- how that kind of jives with the deceleration implied in the 2021 outlook? I respect that there's still some conservatism around the pandemic, but obviously that those headwinds have been around and if anything should keep -- based on your commentary be improving in the back half of this year. So, maybe, is there anything else that you're kind of being a little more conservative on, whether it'd be sales productivity or anything else? That's it for me.
  • Steve Vintz:
    Yes. Thanks for your question. So by every measure possible, we had a strong print in the fourth quarter, we're delighted with our results as we talked about. But that said, we're not going to trek with the results for one quarter, for entire year for this year. Keep in mind, we are a global business, we transact sales in over 160 countries, we have feet on the street in 30 countries. We try not to look at our business monolithically. And instead, different segments of countries in different sectors of the economy are different phases really of the pandemic. Some countries are imposing further lockdown and restrictions. While it does create a little more uncertainty in some of those shields and while others are more steady state. And so for us, I think we take all that into consideration when we provide a guide. The good news is we have a business model that's high recurring revenue, high gross margins, high renewal rates. So it gives us a lot of visibility going into the year, but it is early in the year and there still is a lot of uncertainty and we're not factoring any V-shaped recovery or any changes here in broader market dynamics that would change the business short term. And Amit talked about follow winds and its potential impact on the company, obviously, has the potential to create some tailwinds for us. But with regard to the fourth quarter, particular is something that played out, late in the quarter, lot of the opportunities in the pipeline were dialed in, deals were slated to close. So we're actually having conversations with our customers and our partners to determine what the opportunity is, if any, and what the potential impact is here in terms of timing. So overall, all this is really factored into our calculus when we give the guidance, again reinstating CCB guidance, something that we haven't done in over a year. We feel this is a good early guide for us and a good starting point and we'll -- and it certainly gives us -- the strength of the Q4 results gives us momentum on that headed into the year.
  • Hamza Fodderwala:
    Thank you very much.
  • Operator:
    And our next question comes from Sterling Auty with J.P. Morgan.
  • Sterling Auty:
    Yes, thanks. Hi, guys. So coming into 2020 and the beginning of 2020, it was pretty clear that at least the commentary and the results, your margin performance was really good and you said you'd focus on that and we've seen really good margin results throughout 2020. But the growth rate has decelerated through the year. And now -- am I reading it correct? It sounds like with the commentary around investment for both R&D, quota carrying, and sales and marketing, that perhaps now with the growth rate decelerating, that the focus is shifting back to invest to hopefully stabilize or maybe reaccelerate growth, but it's going to take a couple of quarters to -- for those investments to pay off? Is that the right read or am I missing here?
  • Steve Vintz:
    Hi Sterling, this is Steve. Look I think that is a fair characterization and inference in our guide. We have a lot of confidence in the market. I think we have more conviction now than we did certainly a couple of quarters ago. We weren't sure what to expect headed into the pandemic. I think CCB growth was -- like was by 20% plus in Q1 and then in Q2, I think it was like 13%. We talked about some timing differences of deals and how that played out and that it was over 20% in Q3, and then we're delighted to report 20% in the fourth quarter. So we feel really good about the fundamentals of our business, we're adding customers at a very high rate, transacting larger deals. I think we'd be remiss if we didn't highlight the investment opportunities, and the opportunities for us really to generate long-term attractive top line growth. So the investments in go-to-market, investments and product are all paramount, we certainly want to run for growth, we want to have the opportunity for growth despite the uncertainty with the macro, and we think the investments that we've talked about today and outlined today, give us the best chance for that. At the same time, we have -- our guidance certainly implies expanding operating margins, we did -- had a lot of leverage in the business this year. If there's a market that has to spend as a percent of revenue came down from I think close to 60% from the full-year 2019 to something in the low 40% range in the fourth quarter of 2020. And so there's a lot of leverage in the business. We talked about the improvement in free cash flow, we even talked on the call that despite these investments, we expect the free cash flow margins to improve this year. So we're trying to strike the right balance. We were certainly a big believer in the market. We think these investments, give us the opportunity to lean in on growth, but at the same time be efficient and continue to drive leverage on the bottom line.
  • Sterling Auty:
    Okay. And then one follow-up. Amit, there's been news reports that maybe a couple of the cyber security vendors may have had either some sort of breach or exposure with all the happenings over the last month or so. Is that actually opening up opportunity to gain market share or an increased opportunity for you guys or is that not part of the conversation you're seeing?
  • Amit Yoran:
    I do know that customers and prospects as you say, in the market more broadly places greater emphasis on security and the vendor and supply chain versus management. Greater emphasis in value on that than they have in previous periods. I think, highlighted by SolarWinds and some of the high-profile security company breaches. I don't know that I would translate it directly into saying there's an opportunity -- it represents a great opportunity for displacement for us, but certainly our stance in terms of Best of Breed provider and quality provider places a tailwind and obviously no security program is perfect, but we do invest in our security and have continued to do so.
  • Sterling Auty:
    Understood. Thank you.
  • Operator:
    And our next question comes from Andrew Nowinski with D.A. Davidson.
  • Andrew Nowinski:
    Great, thank you for taking the questions, and congrats on a nice quarter. I just want to go back to one of your comments about the greenfield opportunity. I'm trying to better understand really how nascent your market opportunity is. And I know you said about third of those 460 new adds, or greenfield this quarter, which I think is similar to what you said last quarter. But do you think that's reflective of the broader market opportunity, meaning one-third of the companies out there have nothing for VM and how do you think that will change at the end of calendar '21? Because I think many people believe that after the Equifax breach, most enterprises deployed some sort of VM solution, therefore the bear thesis suggest that most of your growth would have to come from vendor displacements. Just wondering, how you're thinking about -- or how we should think about that nascent opportunity.
  • Amit Yoran:
    Yes. I guess I’d be careful making assumptions about rational behavior in the security community. One would assume -- and coming into Tenable about four years ago, when I first started getting exposed to the data was shocked, when the team would come back and say, hey this quarter about a third, sometimes as high as 40% sometimes as low as 25%, but pretty consistently about a third of our new large enterprise transactions are coming to us from greenfield, meaning they're not using Tenable, they're not using any of our primary competitors, they're not even using Nessus, they have no organic VM program capability. They're literally relying on an annual audit or assessments from a PW -- from Big4 or some other security consultancy as their enterprise understanding of cyber risk, which is -- which I thought was complete lunacy back then. And as the market has continued to mature, that continues to be the case where we're seeing a lot of new adoption, about a third of the larger enterprise transactions coming to us from organizations that still entering 2021 or in the fourth quarter of 2020 have had no organic VM capability. So that greenfield -- we do talk about competitive displacements and growth through increased asset coverage in our existing customer base, new asset types and the like, but there is a very healthy amount of greenfield that remains in this market and we tried to highlight that through calling out the amount of greenfield that we're landing, through calling out the number of new enterprise -- new customers landing onto our enterprise platforms every quarter, and try and be fairly transparent about it. And this quarter 460 is I think one of our best quarters ever.
  • Andrew Nowinski:
    Okay, that's great, thank you so much for that. Just a quick clarification as well. Your sales and marketing expenses modestly increased quarter-over-quarter and year-over-year in Q4 here, and you demonstrated very good leverage -- operating leverage in calendar ' 20. I'm just wondering how much the SolarWinds attack factored into your decision to increase investments for the coming year or if that's something you had you had planned regardless of the breach?
  • Steve Vintz:
    I think that's just one of many factors that goes into us running the company. We look at broader market, competitive dynamics, and we also look at some of the secular trends in the market. So I think our results, more broadly in the fourth quarter gave us confidence to invest in the regular trading new customers, certainly underscores that our ability to transact larger deals, so in the progress on competitive takeaways, our Best of Breed focus. We have a lot of confidence in this market, gives us the confidence to invest more so certainly in 2021 than what we did in 2020. And we believe there's a compelling long-term opportunity here. So, yes, I think it's a combination of a lot of things, not just any one thing specifically, but just really reflects the broader enthusiasm and confidence we have now in our ability to execute, but also in the backdrop of the broader market opportunity.
  • Andrew Nowinski:
    That's great. Keep up with the good work, guys. Thanks.
  • Steve Vintz:
    Thank you.
  • Operator:
    And our next question comes from Jonathan Ho with William Blair.
  • Jonathan Ho:
    Hi, good afternoon. Just wanted to just start out -- I think you had some commentary around multi-product cross sell motions and maybe reducing some of the friction there. Can you talk about maybe what you're doing with some of your programs and whether there's any significant opportunities that you see around further driving that cross-sell motion?
  • Amit Yoran:
    Yes, Jonathan. Great, great question, an observation about some of the talk track earlier. We believe that there are tremendous opportunities for the creation -- for value creation for our customers in some of the products. Specifically, as you look at container security, as you look at frictionless assessment, as you look at IO and some of the things that we're doing around cloud security, coming up with packaging that makes more sense or lowers the web application security, all aspects of cloud security making it easier for customers to embrace cloud security capabilities or the things that we would have traditionally looked at. So, hey, we have to do a cross-sell here between this product and that product. And now say, you know what, can we create a value for customers in how these products work together, we identify something can it automatically trigger a different method of assessment that makes more sense, can give more detailed answers for customers as well as the packaging that would go along with that, and ease the amount of work if you will, that's required to move customers between and across product lines. So we're working on some of that with some of our early access customers and excited about the opportunity to do so.
  • Jonathan Ho:
    Got it, got it. And just as a quick follow-up. Just given the change in administration and some early readings towards potentially interesting cyber security spend on the government side. Can you talk about what you're seeing there in terms of government spending? And do you expect that to be, I guess an above-average growth vertical this year or given 2020 was the year of the vulnerability for U.S. Fed was it -- was some of that brought forward? I'm just trying to get a sense of what you're thinking.
  • Amit Yoran:
    Yes. Well, I think every year is the year of increased vulnerability, increased risk, increased exposure, and certainly it was true in the federal market in 2020. There was a lot of confusion, if you will, in the final days of the last administration, you saw a lot of change over a lot of trashing of senior leadership positions, especially, not limited to, but especially, from our perspective in the cyber domain and the cyber ranks. And so, there is the opportunity I think for the incoming administration to place the priority on cyber, bring in strong leadership and implement increased or enhancements to program and potentially even launch new programs and new initiatives to reduce federal cyber security risk. And there certainly is the awareness in the administration and we know that there's already been a sort of $10 billion plus proposal put out there as well as cyber being an important part of the early administration dialog. So, we're -- it's as we said, we're in the early periods here and we'll wait to see how this plays out but there certainly is the potential for good growth in the federal market as a result of that and we had an exceptionally strong position in the federal cyber security market. And 2020 would continue to be a strong year for us in that market.
  • Jonathan Ho:
    Great, thank you.
  • Operator:
    And our next question comes from Rob Owens with Piper Sandler.
  • Rob Owens:
    Yes, good afternoon, guys. Just one relatively quick one from me, I guess. Amit, could you talk a little bit about where customer conversations are around containers and container security and we've got the CSPM market, the cloud workload protection markets. Are they looking for these technologies from a single vendor and with all the noise out there and obviously, it's a big land grab at this point, where are points of leverage in your mind in terms of who might win in these markets? Thanks.
  • Amit Yoran:
    Yes. And I don't think unless I'm mistaken, I would be shocked if there were any one particular winner in these markets. It depends on who the buyer is, what the use case, what they're trying to achieve, and in many cases, enterprises are using cloud in very different ways, not only SaaS and cloud-based infrastructure, DevOps environments, web applications -- there is just a whole lot of -- there is no one cloud, there's a lot of different uses a lot of different ways customers engaging in their adoption of cloud. From our perspective, we are not trying to go out and say, we're going to be a soup-to-nuts cloud security vendor provider, we're going to do every aspect of cloud security for you. We're thinking there's going to be a very rich ecosystem of solutions out there, some coming from attack detection response company, some coming from infrastructure protection company, some coming from the cloud infrastructure vendors themselves, embedding capability into the cloud. And so from our perspective, we are engaging with our current users in the current use case that we help them solve and address just expanding that into the cloud. And so that -- by that I mean, we're helping them really with this business of assessing the security of their cloud environment. We're not protecting cloud environments. We're not doing all the attack detection and other aspects of, and tightening down of configurations and other things. It's really about how do I assess the security of my cloud workload and of the assets that are in that cloud. And we have a number of ways to do that, whether it's through IO and with frictionless assessment through our cloud-native connectors, whether it's through the web application capability through the container inspection capability and a number of other techniques. So from our perspective, it's still this question, how at risk am I, how secure am I. And really expanding that visibility that they rely on us for into these new cloud paradigms. And soon to be -- I think Q4 was a quarter where we saw increased adoption of those cloud security products and so we tried to call some of that out earlier in the -- on the call.
  • Rob Owens:
    Great, thank you.
  • Operator:
    And our next question is from Daniel Ives with Wedbush Securities.
  • Daniel Ives:
    Yes, thanks. So just sort of follow-up to some other questions and to summarize. So when you seem at the -- what we're seeing on the federal side with the $9 billion, $10 billion incremental, So where winds hack those tailwinds, could we say that that additional area in terms of cybersecurity spend, that you're not factoring in to your guidance? Just to be clear.
  • Steve Vintz:
    Yes, I think that's a fair characterization. We certainly know that there is a compelling opportunity in fed as Amit called out earlier. Obviously, the potential for a better a spending environment -- more broadly for SolarWinds. But the timing of that and the impact of that, if any, is really hard to assess at this point. So yes, I think our guidance that -- certainly reflects some broader uncertainty and without those potential opportunities. Correct.
  • Daniel Ives:
    Okay. And then, just a follow-up to that. So just given this high, that's now there in terms on the cybersecurity side, we specifically on the federal then bell, once it gets approved, but then also post SolarWinds. Are you doing anything differently, internally to block and tackling to make sure these opportunities, especially, where you guys sit within the bell-way that you could capture, or is it just the traditional sort of Tenable execution model? Thanks.
  • Amit Yoran:
    Well, it was -- we're very focused on the execution model, helping customers in time of crisis being there for them, interacting with them, giving them the insights that we have into the challenges that we're seeing. Obviously, we help them in their environments, but what we're seeing more broadly across the community are important giving them the accuracy and the confidence so that when they are reporting issues or that there are no issues, that they're doing so from a position of strength. So I think first and foremost that traditional execution aspect of our customer relationship remains the most important thing and then we do engage with policymakers and others trying to educate and inform them on, hey, what are the key issues, and what are the right approaches to dealing with these issues? And so we have spoken with folks regarding the SolarWinds breach and continued ways to help the government assess the state of cybersecurity and some of the challenges in front of it. So, I'd say it's a sort of a two-pronged approach. First and foremost execution, but certainly also that more strategic dialog with key government leaders and policymakers.
  • Daniel Ives:
    Thanks for the insight.
  • Operator:
    And our next question is from Gray Powell with BTIG. Mr. Powell, are you there?
  • Gray Powell:
    Hi, can you guys hear me okay?
  • Operator:
    Yes.
  • Steve Vintz:
    We can now, Gray. Thanks.
  • Amit Yoran:
    Sure, can.
  • Gray Powell:
    Okay, great. Great, it really helps when I turn the mute button off, but thanks for taking the question. I really appreciate it. Yes, I just had another question on the SolarWinds breach. I know you've answered a bunch on it already, but just one more follow-up if I could. So do you see customers -- I guess how do you see it playing out over the next 6 to 12 months? Do you see customers looking to increase asset coverage? Does it speed up evaluations of things like Lumin? Or is it more of a lever to drive new customer wins? Yes, just any thoughts on that dynamic would be really helpful.
  • Amit Yoran:
    Yes. I'd say first of all, I'm extremely proud of how our team responded during the question in terms of getting information out to customers on a near real-time basis and understanding of the breach and understanding how to use the technologies to assess, where they may have potential exposures and chase those to ground, which are again all critical when the security program is trying to respond to corporate leadership that has a visibility into a breach like this. So I think that is foundational, and from there, the natural questions are, okay, where do we have visibility, where do we have coverage, where don't we have coverage. And making sure that organizations have whether it's through increased asset coverage, coverage across the enterprise, coverage into unidentified assets as well as doing some of the prioritization activities, so that high-risk, vulnerabilities risks, which are more likely to be vulnerabilities which are more likely to be exploited or being exploited out in the wild. Good organizations can get on top of those and be a little bit more proactive with their security. So I think the short answer is, this could be a catalyst for increased levels of risk -- sub-security risk management, and we think we're the primary platform to help enterprises do that. And so, it could translate into increased business. But it's hard, we're still in the early period, so it's harder to look at that and then translate into, this is what it's going to be and so what it's -- what the impact is going to look like as we enter the year.
  • Gray Powell:
    Understood. Okay, thank -- thank you very much.
  • Operator:
    And this concludes today's question-and-answer session ladies and gentlemen. I'd like to turn the call back over to management for closing remarks.
  • Amit Yoran:
    Great. I'd like to just thank everybody for joining the call and the insightful questions and look forward to seeing you at the investor conferences that we noted earlier, and thanks for your time.
  • Operator:
    Thank you all. This concludes today's conference, you may disconnect your lines at this time. Thank you for your participation, and have a great evening.

Other Tenable Holdings, Inc. earnings call transcripts: