Rubrik, Inc. (NYSE:RBRK) Q2 2026 Earnings Call Transcript

Rubrik, Inc. (NYSE:RBRK) Q2 2026 Earnings Call Transcript September 9, 2025

Rubrik, Inc. beats earnings expectations. Reported EPS is $-0.03, expectations were $-0.33894.

Operator: Good afternoon, ladies and gentlemen. And welcome to the Rubrik Second Quarter Fiscal Year 2026 Results Conference Call. At this time, all lines are in a listen-only mode. If at any time during this call, you require immediate assistance, please press 0 for the operator. This call is being recorded on Tuesday, September 9, 2025. I would now like to turn the conference over to Melissa Franchi, Vice President, Head of Investor Relations. Please go ahead. Hello, everyone. Welcome to Rubrik’s Second Quarter Fiscal Year 2026 Financial Results Conference Call.

Melissa Franchi: On the call with me today are Bipul Sinha, CEO, Chairman, and Co-founder of Rubrik, and Kiran Chaudhry, Chief Financial Officer. Our earnings press release was issued today after the market closed and may be downloaded from the Investor Relations page at www.ir.rubrik.com. Also on this page, you’ll be able to find a slide deck with financial highlights that, along with our press release, includes a reconciliation of GAAP to non-GAAP financial results. These measures should not be considered in isolation from, or as a substitute for, financial information prepared in accordance with GAAP. During this call, we will make forward-looking statements including statements regarding our financial outlook for the third quarter and full fiscal year 2026.

Our expectations regarding market trends, our market position, opportunities, including with respect to generative AI, growth strategy, product initiatives, and expectations regarding those initiatives, and our go-to-market motion. These statements are only predictions that are based on what we believe today and actual results may differ materially. These forward-looking statements are subject to risks, and other factors that could affect our performance and financial results which we discuss in detail in our filings with the SEC. Rubrik assumes no obligation to update any forward-looking statements we may make on today’s call. With that, I’ll hand the call over to Bipul.

Bipul Sinha: Thank you, Melissa. I want to start by thanking everyone for joining us today. We are pleased with our second quarter results that once again exceeded all guided metrics across top line and profitability. Here are five key numbers. First, subscription ARR surpassed $1.25 billion, growing 36% year over year. Net new subscription ARR reached $71 million in the second quarter. Second, our subscription revenue was $297 million, growing 55% year over year. Third, our subscription NRR remained strong once again, above 120%. Fourth, customers with $100,000 or more in subscription ARR crossed 2,500, growing 27% year over year. Finally, on profitability, we once again made material improvement in subscription ARR contribution margin, up about 1,800 basis points year over year.

On cash generation, we are very happy to report we generated over $57 million in free cash flow this quarter. This combination of top line growth and cash flow margin at our scale is rare. We remain confident about the opportunity ahead, and thus, we are raising our outlook for the year. Let me first give you some context on where we are focused. Rubrik is evolving into the security and AI company. In the last several quarters, it is clear to us that as we continue to focus on and win the past cyber resilience market, we also have a tremendous opportunity in the enterprise AI acceleration. Let’s start with cyber resilience. And the broader context of the market opportunity. From our inception, Rubrik was designed to help customers achieve the fastest cyber recovery time.

Q&A Session

To deliver this, we uniquely combine data security posture management, identity resilience, and cyber recovery natively on our Rubrik Security Cloud or RFC platform to achieve complete cyber resilience. And at the center of our differentiated architecture is the Rubrik preemptive recovery engine. In Q2 alone, I had over 125 meetings with customers and prospects worldwide. What was abundantly clear is that IT and security leaders now have an assumed breach mindset. Simply meaning they are certain that cyber attacks are inevitable despite significant investments they have made in cyber prevention and detection. At the same time, these enterprises are also looking to replatform and modernize their infrastructure in preparation for the imminent enterprise AI transformation.

As companies shift deeper into cloud engine AI, customers continue to turn to us, Rubrik, for complete cyber resilience. Delivering uniform and consistent data security policy control as well as rapid accurate recovery from cyber attacks. Concurrently, our Predibase acquisition I’ll discuss later in my remarks, also allows us to deliver enterprise AI acceleration. The bottom line is this. We have tremendous opportunities ahead of us. First, we continue to lead the vast cyber resilience market. And second, at the same time, we continue to build a new future for enterprise AI. Now I’ll detail some of the wins across our initiatives at varying scale. For our cyber resilient data protection business, we continue to add solutions across new applications and workloads.

Leveraging the same underlying preemptive recovery engine to deliver risk and remediation capabilities. This unique architecture consistently enables us to outperform both legacy and new gen backup vendors. Let me highlight this with two illustrative customer events from the quarter. A major North American oil and gas company selected Rubrik after its legacy backup provider was unable to support a fast recovery following a disruptive cyber attack. Rubrik was selected because of our superior recovery time relative to both legacy as well as new gen alternatives. Our comprehensive yet radically simple platform cyber recovery across all workloads including the cloud, was another key reason for the legacy backup replacement. In another example, a Fortune 50 pharma leader turned to Rubrik to protect its critical applications displacing its twenty-year-old legacy backup vendor as well as native cloud backup solutions.

We also outcompeted new gen backup vendors for this opportunity. Rubrik was selected due to not only our ability to deliver greater cyber resiliency, in the face of escalating cyber risk, but also more efficient cloud storage cost. Let me now talk about innovations in cloud protection that are delivered from RSC which is a single unique platform across center, cloud, SaaS, and identity workloads. We continue to expand our purpose-built cloud data protection solution to more applications services, and databases in the public cloud. This quarter, we expanded our cyber protection of AWS RDS database. And added comprehensive protection for Amazon DynamoDB strengthening Rubrik’s leadership in cyber resilience for cloud databases. We’ll continue to build upon our code to cloud cyber resilience platform which offers protection from the first line of code full stack of applications in production across the major hyperscalers.

Let me highlight a few customer wins cloud and SaaS protection. First, a global Fortune 500 transportation organization increased their investment in Rubrik this quarter, adding M365 protection. Protection for Azure workloads, code-based recovery for GitHub, and Azure DevOps as well as Jira protection. This expansion bolsters the company’s cyber resilience. And reduces recovery times across its critical cloud applications. Another example is with the Fortune 500 logistics and supply chain company that also expanded its partnership with Rubrik, by fortifying its mission-critical data state in Azure and M365 applications. After adding Rubrik to safeguard its data center applications in the past. Furthermore, the customer added identity recovery, reducing recovery time of directory and Entra ID, from several weeks to mere hours.

Rubik’s cyber resilience platform now avoids an estimated $65 million losses per day for this customer in case of downtime due to cyber attacks. Now let’s turn to our opportunity in identity resilience. In just a couple of quarters of general availability, we have seen notable momentum for Rubik identity recovery solution with now over 200 customers. Rubik is addressing a critical need for enterprises by enabling the rapid recovery of their identity services following cyber attack, or operational failure so that they can return to business as usual. We are the only vendor in the market that delivers rapid recovery of both active directory and intra ID in a hybrid cloud manner the backbone of identity solution worldwide. Let me give you two specific customer wins in identity.

This quarter, a leading UK financial services company strengthened its partnership with Rubrik by adopting Rubrik Identity Recovery, prompted by a recent cyber attack on a major UK retailer the company evaluated vulnerabilities within its own active directory environment. They recognize that these weaknesses could lead to significant post-attack disruption resulting in substantial market cap declines and potentially affecting millions of pensioners. By consolidating data and identity protection with Rubrik, this company now considers Rubrik one of its top three strategic IT vendors. In another example, a Fortune 500 financial institution in The US turned to Rubrik after an audit uncovered that its active directory recovery would take upwards of seven days with millions of dollars at risk each day.

By adding rubric identity recovery, they reduced recovery times to under two hours preventing potentially significant business disruption and satisfying board mandate. We continue to invest in our identity solutions. We deepen our innovation with the general availability of Rubik identity resilience. Like I mentioned in the last quarter’s earnings call, we are bringing together Rubrik’s identity and DSPM solutions. Our latest Rubik identity resilience solution brings together data security and identity intelligence for the first time. Similar to how we monitor and sustain data, Rubric Identity Resilience continuously monitors and protects human and nonhuman identities. Tracking misconfiguration, as well as high risk and malicious changes in the active directory and intra ID.

It also ties identity-based information like privilege access to rubrics, DSPM sensitive data context and activity. To strengthen risk posture and accelerate cyber recovery. Next, let’s talk about our innovation in the Gen AI space. As I noted during our IPO, Rubik by design perpetually lives on the frontier of innovation. And our long-term success depends upon our ability to continuously create and commercialize pioneering products. As part of this, we continue to build a portfolio of innovation at different stages and at different levels of risk. This approach allows us to stack multiple f curves to maintain maximal momentum. While preparing for what’s next. Along these lines, I will talk about our longer-term initiatives for GenAI. While GenAI can unlock significant new efficiencies for every organization, there are significant barriers like accuracy, cost, and security which hinders its adoption beyond proof of concept.

We are addressing these challenges while leveraging our unique ability to extract, manage, and business data. Rubrik’s data platform not only delivers robust cyber recoveries, but also provides clean, secure data with the necessary permission and policy enforcement to power generative AI applications. This ensures only the right person has access to the sensitive data. Our recent acquisition of Predibase furthers this vision. Just as Rubrik is working to simplify data access for GenAI, Readybase works to solve performance and cost issues around deploying GenAI models for proprietary AI applications. The Predebase platform allows enterprises to fine-tune GenAI model and run an optimized inference stack for faster accurate results at lower cost.

We believe the combination of Rubrik and Predibase is incredibly powerful in accelerating GenAI from proof of concept to full production and value realization. We welcome the pretty based team to Rubrik. Where they have hit the ground running and continue to innovate and define new frontiers in enterprise agentic AI. We recently announced agent rewind, built on our Rubrik’s secure data platform underpinned by ReadyBasis AI technology. We have spent years helping our customers recover from cyber attacks and operational error. With Agent Rewind, we can now help customers undo the mistakes of AI agents without full system rollback. Which is crucial for a scalable and secure AI adoption. We are still in the early stages of optimizing product market fit for our AI solutions.

Including agent rewind. We plan to add more capabilities and investments to enable confident enterprise AI transformation and agentic work adoption. This is our multiyear initiative to scale rubrics AI solutions. In closing, I would like to share my gratitude. First, thank you to all my fellow Rubik continues to win the cyber resilience market. Because of Rubikanth’s collective focus and disciplined execution. We continue to break new grounds for enterprise AI acceleration. And you know what? It’s still early days for all the opportunities ahead of us. Also, a big thank you to all our customers and partners. Your trust inspires us to continue to lead and define future of cybersecurity and enterprise AI. And lastly, of course, thank you to you, our shareholders, your continued support and trust.

With that, I’m pleased to pass it over to our Chief Financial Officer, Kiran Chaudhry.

Kiran Chaudhry: Thank you, Bipul. Good afternoon, everyone, and thank you for joining us today. We had a strong Q2, which was highlighted by solid growth at scale and continued improvement in profitability. We continue to benefit from our leadership in the growing market for cyber resilience, and we are pleased to raise our outlook for the year. Let me start by briefly recapping our second quarter fiscal 2026 financial results and key operating metrics and then I’ll provide guidance for the third quarter and full year fiscal 2026. All comparisons, unless otherwise noted, are on a year-over-year basis. We are very pleased to have ended Q2 with subscription ARR of over $1.25 billion, growing 36%. We added $71 million in net new subscription ARR.

We continue to drive adoption of our Rubrik Security Cloud which resulted in $1.1 billion of Cloud ARR up 57%. Our differentiated land and expand model benefits from multiple avenues to gain new customers and grow our footprint after the initial contract. Expansion occurs through increased data existing applications, securing more applications or identities, or adding more security functionality. As a result, we continue to see a strong subscription net retention rate which remained over 120% in the second quarter. All vectors of expansion are healthy contributors to our NRR. Highlighting the meaningful runway we have to more deeply penetrate our customer base. Adoption of additional security functionality contributed approximately 35% of our subscription net retention rate in the quarter.

We ended the second quarter with 2,505 customers with subscription ARR of $100,000 or more up 27%. These larger customers now contribute 85% of our subscription ARR up from 82% in the year-ago period as we become an increasingly strategic partner to our enterprise customers. For our second quarter, subscription revenue was $297 million up 55%. Total revenue was $310 million, up 51%. Revenue in Q2 benefited from our strong ARR growth and tailwinds from our cloud transformation journey. We also saw a higher nonrecurring revenue which was accounted for as material rights related to a crowd transformation. This contributed approximately seven percentage points to the revenue growth this quarter. Which was a few percentage points above our expectation.

Adjusting for the benefit from material rights in Q2, total revenue grew approximately 44%. Turning to a geographic mix of revenue. Revenue from The Americas grew 53% to $225 million. Revenues from outside The Americas grew 46% to $85 million. Before turning to gross margins, expenses, and profitability, I would like to note that I’ll be discussing non-GAAP results going forward. Our non-GAAP gross margin was 82% in the second quarter compared to 77% in the year-ago period. Our gross margin benefited from the revenue outperformance including higher nonrecurring revenue, reduced hosting costs from new cloud contracts, including a one-time hosting cost credit, and the improved efficiency of our customer support organization. We anticipate total gross margin to remain within our long-term target of 75% to 80% in fiscal 2026.

As a reminder, we look at subscription ARR contribution margin as a key measure of operating leverage. We believe the improvement in our subscription ARR contribution margin demonstrates our ability to drive operating leverage and profitability at scale. Subscription ARR contribution margin was positive 9% the last twelve months ended July 31 compared to negative 8% in the year-ago period. An improvement of approximately 1,800 basis points. When normalizing for the $23 million, in employer payroll taxes associated with the IPO in the prior period, the improvement was approximately 1,500 basis points. The improvement in subscription ARR contribution margin was driven by higher sales the benefits of scale, and improving efficiencies and management of costs across the business.

Free cash flow is positive $57.5 million compared to negative $32 million in 2025. This increase was driven by higher sales including timing of renewals, improved operating leverage, and optimizing our capital structure. Turning to our balance sheet, we ended the second quarter in a strong cash position with $1.5 billion in cash, cash equivalents, restricted cash, and marketable securities and $1.1 billion in convertible debt. Let me now provide some context for our outlook for fiscal 2026. We remain confident about our outlook given the strength of the fiber resilience market and demand for our differentiated offerings. We believe these drivers alongside our strong and consistent execution will deliver strong subscription ARR growth ahead.

In terms of operating investments, we continue to invest in R&D to drive innovation in the large and growing markets we operate in across data, security, and AI. We’ll also continue to make investments in go-to-market where we see the most compelling ROI across select regions and verticals and to find product market fit and scale our new innovations. Let me discuss our current outlook on quarterly seasonality. After a strong first and second quarter, we anticipate Q3 will contribute approximately 21 to 22% of full-year net new subscription ARR. In addition, subscription ARR contribution margin has some seasonality due to the timing of net new subscription ARR and operating expenses each quarter. Based on our current net new ARR linearity and investment plans, we continue to anticipate the subscription contribution margins will be the seasonally lowest in Q3 before moving higher in Q4.

In terms of revenue, we now expect material rights related to our cloud transformation to contribute approximately six percentage points to revenue growth for the full year. Up from our prior expectation of a few percentage points. As a reminder, the revenue related to material rights is nonrecurring, and we expect minimal revenue contribution from material rights in fiscal 2027. Please see additional modeling points for fiscal 2026 in our investor presentation which can be found on our investor relations website. Now turning to our guidance for the third quarter, and full year fiscal 2026. In Q3, we expect revenue of $319 million to $321 million, up 35-36%, which includes a few percentage points higher benefit from material rights than previously expected.

We expect non-GAAP subscription ARR contribution margins of approximately 6.5%. We expect non-GAAP earnings per share of negative $0.18 to negative $0.16 based on approximately 200 million weighted average shares outstanding. For the full year fiscal 2026, we expect subscription ARR in the range of $1.408 billion to $1.416 billion reflecting a year-over-year growth rate of 29% to 30%. We expect total revenue for the full year fiscal 2026 in the range of $1.227 billion to $1.237 billion reflecting a year-over-year growth rate of 38% to 40%. Or 32% to 34% without the benefit from material rights in fiscal year 2026. We expect non-GAAP subscription ARR contribution margins of approximately 7%. We expect non-GAAP earnings per share of negative $0.50 to negative $0.44 based on approximately 197 million weighted average shares outstanding for the full year.

We expect free cash flow of $145 million to $155 million. Finally, we are pleased with our execution in the first half of the year as we continue to deliver cyber resilience to organizations around the world. With that, we’d like to open up the call for any questions. Thank you. Ladies and gentlemen, we will now begin the question and answer session. You will hear a prompt that your hand has been raised. Should you wish to decline from the polling process, please press star followed with the number two. If you are using a speakerphone, please lift the handset before pressing any keys. In the interest of time, please limit yourselves to only one question. Your first question comes from the line of Saket Kalia from Barclays. Your line is now open.

Saket Kalia: Okay. Great. Hey, guys. Thanks for taking my question here and another nice job this quarter. Absolutely. You know, guys, the number that really jumped out to me the most of all was the free cash flow margin at 19% in the quarter. I think that’s now four consecutive quarters of positive free cash flow. Bipul, maybe the question is, what’s changed strategically in driving that type of profitability? And, Kiran, is there anything that we should think about in the second half on free cash flow as we fine-tune our models?

Bipul Sinha: Thanks, Saket. As I’ve said before, I’m a capitalist. And I love profitability and cash flow. But, look, we are in a very large and an expanding market of cyber resilience. And as customers are looking to transform their businesses into AI enterprises, they are doing multiple transformations around cloud, around infrastructure, and cyber resiliency is the number one topic for them because if your data doesn’t have integrity or availability, none of the AI will be useful. Or helpful. So we are helping do that cyber resilience transformation for our customers. Giving them like, AI-based ransomware detection, fast recovery, capabilities like that. And that’s what is helping us win in this large market. And as we are scaling our business, the efficiencies are kicking in. I would love to have Kiran add some more from a finance perspective.

Kiran Chaudhry: Sure, Bipul. And hi, Saket. I’ll just give you a little bit more context both for the cash flow in the quarter and assumptions on the guide. So super pleased with the $58 million we generated in free cash flow this quarter. As you said, 19%. It was 3,500 basis points improvement year over year. And then from 700 basis points from last quarter Q1. A few reasons for that. Starting off with stronger ARR performance, than anticipated, and then the margin improvement as well, 9% sub AR margin. That was a key driver for the cash flow. In addition to that, you’d have seen we made some capital structure optimization in the quarter. We settled our private company debt, which has a higher interest coupon with a 0% convertible.

So we had more cash on the balance sheet and less interest expense, which we sometimes pay out in cash. So that helped as well. And then on the duration front, we saw favorable duration this quarter. As you know, we increasingly sell cloud-native products, which tend to have a shorter contract length as well as shorter payment terms, and we didn’t see that compression duration this quarter. And the last thing I’ll say is that there’s probably more timing related, but we saw more early renewals. Related to the usual trend and some of which was multiyear as well. This was in the context mostly of customers co-terming renewals with active expansion. So all of that really drove the cash flow outperformance to 19% margin this quarter. I look at the guide, we are happy to raise the guidance for the year.

We previously had guided around 6% margin and we’re guiding to 12%. And that’s a thousand basis point or 10 percentage points improvement year over year. Some of the trends continue. Obviously, it’s based on our ARR guide as well as the higher investments we are making in the second half from an OpEx perspective. Obviously, the capital structure portion will continue. But specifically in the duration, we are not assuming the compression continues. We are modeling in a little bit more compression. Would say low to mid-single digits through the rest of the year, and that is all the assumptions. We have made in the guidance.

Saket Kalia: Super helpful, guys. Thank you.

Melissa Franchi: Thank you, Saket.

Operator: Your next question comes from the line of Andrew Nowinski from Wells Fargo. Your line is now open.

Andrew Nowinski: Good afternoon. I just wanted to say, I think the net new ARR in Q2 is really impressive. Considering you went through a sales comp change, moving to annual sales comp plans this year. And so I know the change really didn’t have an impact on your year-over-year growth in Q2, but I was wondering if you could just talk about whether you saw any impact from that and whether you’re expecting higher seasonality in Q4 because of that change? Thank you.

Bipul Sinha: Let me give you some qualitative perspective on it, and I’ll let Kiran provide some more details. Look. We have been running our business on a per-year net ARR basis. And it jumps this quarter, that quarter, depending upon the deal timing and deal closure. But we run our business on a full-year new ARR. We used to do a quota compensation for the sales team on a half-yearly basis. So starting this fiscal year, fiscal year 2026, we decided to align how we run the business with how we compensate our sales team. And that change in the first half so far has not brought out any material impact to how we see our business or their achievement. Obviously, we have the rest of the year in front of us and we’ll know more about the impact by the end of this year. But so far, it has gone well. Kiran?

Kiran Chaudhry: I’ll just add a few more thoughts here. So there are, of course, some shifts in seasonality. But it’s only the first half. So we can give you a full update on our first year with this sales compliant change at the end of the year. But so far, it’s been smooth and there’s been no disruption. But from a modeling perspective, since we don’t have a Q2 accelerator as we had in the previous half-year plans, Q2 and Q3 will look somewhat similar. That is reflecting our guidance, but Q4 will be seasonally strong. And this is reflected both in our subscription ARR guidance as well as the margins and free cash flow.

Andrew Nowinski: Thank you very much.

Melissa Franchi: Thank you, Andy.

Operator: Your next question comes from the line of John DiFucci from Guggenheim.

Howard Ma: Great. Thank you. This is Howard Ma on for John. I guess either for Bipul or Kiran, can you help us better understand how you’re levered to data growth? So for instance, there’s an aspect to your pricing model that’s based on volume tiers. Which you could argue is directly tied to data growth. And then there’s a user-based element especially with securing SaaS apps, So what is the mix today, and is there an opportunity for a purely consumption-driven component that gets bigger over time?

Bipul Sinha: So Rubrik’s products are a combination of data volume, and data security features and capability that we attach to it. And the combination of the two is the pricing for our different editions like enterprise edition, foundation edition, So we don’t separate the two. And we help our customers identify all of the critical data and deliver all our security capabilities on those critical data. And as their data grows, as their applications or number of users grow, as they adopt more workload for Rubrik, we grow. So we have multiple growth vectors in Rubrik. One vector is organic data growth within a workload and applications that we are already securing. The new workloads that are coming to Rubrik, or existing applications, which are moving to Rubrik.

And then the third piece is attaching the data security products. For products such as M365, which is tied to the number of users, We have a licensing model that aligns to that SaaS program. So we’ll make it easy for our customers to adopt Rubrik and for them to understand the pricing model and expense based on how they pay for their core platform.

Howard Ma: Does it answer your question?

Bipul Sinha: Yes. That does. Thank you so much.

Melissa Franchi: Thank you, Howard.

Operator: Your next question comes from the line of Eric Heath from KeyBanc. Your line is now open.

Eric Heath: Hey, guys. Thanks for taking the question and congrats on the results again. Kiran, I want to ask a few different questions on the model if I could. Could you just help us understand maybe what drove some of that early renewal activity given some of the sales comp structure changes to make it more year-end? I would have thought the opposite would have happened given the comp structure change. And if you could just speak to what’s driving the decline in non-cloud ARR quarter over quarter is a little bit bigger than normal one. And lastly, if I could, if I could push it. But on the material rights, just what’s driving that higher material rights activity that you’re not necessarily expecting or you weren’t expecting? Thanks.

Kiran Chaudhry: Sure. I’ll take them in order. So from a renewal perspective, we always see some early renewals every quarter. I mean, some of this is timing. Right? We have some on-time renewals, which is the majority. And some early and some late. But the renewals which occurred this time were more related to our expansion deals, which were in process with the same customers. And, typically, customers’ core term the renewal activity with the expansion itself. So that was really the driver of the early renewals. And I also pointed out that some of those renewals are multiyear in nature. So that obviously impacted cash flow because of the higher billings. And just to add one more point, that is not related to the comp structure changes because that is tied to expansions, which is occurring along with renewals.

So I wouldn’t relate those two activities. And the second question, the non-cloud ARR, most of our since we’re about 85% cloud right now, most of the cloud ARR is net new in the sense either coming from new customers or expansion with current customers. But there’s still a small element of migrations which are happening from the non-cloud part. So you still see that declining a little bit. And at some point, we’re getting towards the, I would say, point where it optimizes to a more steady rate it’s a few points more than 80%, after which you’ll see the non-cloud ARR grow as well. And then on the last point on the material rights, just to give some context, these are related to some qualified customers who had gotten some credits at the time we start our cloud transformation and those credits are beginning to expire.

In some cases, where the qualification is possible, the customers use the credits to purchase some newer expanded products. In other cases, they expire. So the accountant treatment is slightly different. When those credits are used to purchase something versus when it expires. So that drives variability as well, and there’s some timing element to that. Too, which we saw outperformance this quarter.

Eric Heath: Thanks, Kiran. I threw a lot at you, but appreciate that. Thank you.

Melissa Franchi: Thank you. Yep. Thank you, Eric.

Operator: Your next question comes from the line of Kash Rangan from Goldman Sachs. Your line is now open.

Matt Martino: Hey, guys. This is Matt Martino on for Kash. Thanks for taking my question. Bipul, Rubrik’s brought to market a slew of new innovations across identity AI and data security. As you expand from a core product to a multiproduct platform, how do you see your go-to-market and sales motion evolving to effectively sell this broader, more complex vision to the C-suite? Thanks.

Bipul Sinha: So multiproduct sales for some time now. Because we started with our core data protection business for data center as well as cloud, then we added M365. Then we added like, Salesforce, then we added now identity recovery, identity resilience, We are now building solutions for AI. So we have a kind of, like, a pipeline of three stages. So the stage number one is what we call RubrikX. That actually is the incubation phase of new products and go-to-market. And then the next phase is PLS, which is our product line sales team. That takes the early majority of product to scale it to be ready for the core sales team, and then we’ve transferred it to the core sales team. That’s how we kind of scale our multiproduct go-to-market strategy.

Obviously, we are doing all our product in a single platform. Rubrik Security Cloud. So that when our customers adopt more of Rubik’s solution, our platforms get smarter and smarter and deliver more value. For example, if our customers have M365, as well as on-premises data center solutions. If there is a threat actor on both sides, we will be smart. We’ll be giving our customers a smarter information about the complete picture of their data security and cyber resilience. As opposed to dumping logs and having them analyzed separately. So that’s the platform strategy that we have taken from day one. And that’s how we are building a multiproduct portfolio, but driving the value from a single platform.

Matt Martino: Very helpful. Thank you, Bipul.

Operator: Your next question comes from the line of Gregg Moskowitz from Mizuho. Your line is now open.

Gregg Moskowitz: Great. Thank you for taking the question, and very nice quarter, guys. I wanted to ask about the DSPM. First of all, how it did in Q2? But more broadly, because it remains a hot area within cybersecurity, But, you know, these days, almost all the larger vendors have some sort of offering. Clearly, a significant majority of enterprises have yet to implement DSPM, When I think about Rubrik, I know you have a differentiated position here, but is there a point at which you think we’ll see an inflection in DSPM market adoption? How do you think this will all evolve?

Bipul Sinha: We have a belief that cyber resilience requires both resilience and identity resilience. And combining DSPM, is the data portion with identity information is needed to provide complete cyber resilience. Because when a privilege gets escalated for a user, inside your active directory, you may want to understand what new sensitive data is now being exposed to this customer and what is the blast radius for the customer credential get compromised. So bringing the identity intelligence and data security intelligence in a single platform is differentiated. We have this new unique vision in this market, and we believe that the future is going to be a holistic view for the customers from data identity and cyber recovery to be able to drive complete cyber resilience. And that’s what we are driving for.

Gregg Moskowitz: Okay. That’s helpful. Thank you.

Melissa Franchi: Thanks, Gregg.

Operator: Your next question comes from the line of Todd Coupland from CIBC.

Todd Coupland: Great. Good evening, everyone. You Bipul, you gave a number of examples on competitive wins this quarter. Could you just talk about the environment and your major sources of share and update us on your deal win rate? Thanks a lot.

Bipul Sinha: As far as we are concerned, there is no change in the competitive environment for us. We still win the vast, vast, vast majority of deals against all competition legacy as well as new gen vendors. And it is due to our unique platform Rubrik Security Cloud, it is underpinned by a preemptive recovery engine that pre-calculates a clean data state even before the cyber attack happens. So that our customers are ready to recover as soon as they have a successful cyber attack. As a result, many of our customers are not in the news even when they are confronted with significant cyber attacks and they are not disrupted. And that’s what is differentiated about Rubrik. And, again, we are equal opportunity replacers. For both legacy solutions as well as new gen solutions because they lack cyber resilience.

Capabilities in a way of preemptive recovery engine. Just to give you an example, a European multinational industrial company replaced the legacy backup vendor with Rubrik’s cyber resilience platform because a third-party audit found that they were not ready to recover upon a cyber attack, and they needed to upgrade their resilience posture. And they chose Rubrik for fast recovery for a simplified software platform for cyber resilience. So that’s what we see in the marketplace. Again, our win rate comes from a very differentiated platform that we envision and built in the last ten years.

Todd Coupland: Great. Thanks for the color.

Operator: As a reminder, if you wish to ask a question, please press 1. Your next question comes from the line of Junaid Shah Siddiqui from Truist. Your line is now open.

Junaid Shah Siddiqui: Great. Thanks for taking my question. Bipul, as the MCP protocol adoption gains traction across the cybersecurity ecosystem, do you view it as a strategic growth lever that could expand Rubrik’s role from, you know, data protection into a broader security orchestration platform?

Bipul Sinha: The way we see Rubrik is not in the prevention and detection business. We are in the cyber resilience business. Because we have a fundamental belief you can’t prevent the unpreventable. And the world requires cyber resiliency and cyber recovery capabilities, and that’s what we are focused on. Having said that, if you take a step back, Rubik is really a secure data lake. And we use that data lake data to recover applications. And recover your system. And this data is governed and secured and classified. And with Anapurna platform, we built vectorized search to deliver embeddings directly into GenAI applications. And now Predibase which is the fine-tuning and serving platform, And now we are building AgenTeq Rewind that combines our core cyber resilience plus the AI platform technology to really deliver capabilities around undoing the action bad actions of agents.

So we are looking at AI in a holistic way. But we are not just focused on securing the AI. What we are focused on security, which is the cyber resilience business, as well as AI operations business, which is about agent fine-tuning, serving, agent rewind plus plus. So that’s why we are defining ourselves Rubrik is the security and AI company.

Junaid Shah Siddiqui: Thank you.

Melissa Franchi: Thank you. Yeah.

Operator: Your next question comes from the line of James Fish from Piper Sandler. Your line is now open.

James Fish: Hey, guys. Sorry for any background noise here. Just wanna go back to the DSPM side. Any way to think about the updated penetration here? What you’re seeing competitively just within this part of the market? And then additionally, what are you guys assuming you’re thinking about for Fed here heading into, you know, the big Fed? And understanding it’s been a small part historically, you know, what do you actually see for maybe some disruption there? Thanks, guys.

Bipul Sinha: Sorry. Did you say Fed? Fed. Okay. As I said, we see the opportunity in the data security market around combining data and identity together. Because I don’t believe just the data classification itself is a long-term sustainable business or a platform. So our vision is that how do we combine identity and data together to give a full picture of not just the posture of the data and identity, access to the data, but at runtime understanding what is really happening to the data and should anything bad happen. How do we do data recovery or identity remediation? And it’s all data is the underpinning technology or the platform across all three. And that’s the vision that we are driving. In terms of the again, this is still in the investment phase for us.

And we are continuing to kind of build the cyber resilience transformation for our fed customers. It is high priority for fed organization given the nation-state actor and the fed that they face. It is we continue to invest in the growth and develop the Fed market for ourselves. We recently received Fed RAMP Moderate, For example, this quarter, a Fed agency had a challenge of deployment of a new gen vendor that they had bought a couple of years ago. So they are replacing that new gen vendor with Rubrik to protect their mission-critical databases. Which is required for their cyber resilience. And they picked Rubrik for our ability to deliver faster recovery times on the data. So fed again, we continue to win in the fed. It’s still a developing market for us.

Continue to invest. And we believe that Fed will continue to be a significant opportunity for us given how important cyber resilience and cyber recovery is for this market.

James Fish: Thank you, James.

Operator: Your last question comes from the line of Shrenik Kothari from Baird. Your line is now open.

Zach Schneider: Great. Hey, guys. This is Zach Schneider on for Shrenik. Thanks for taking our question. So I believe nearly half of new deals are landing in the enterprise tier with foundation still key entry point for budget-constrained customers, and please correct me if that number is wrong, But could you just walk us through how deal sizes, renewal patterns are subsequent expansions differ across the tiers? Especially over multiyear contracts? Thanks.

Kiran Chaudhry: Hi, Shrenik. So this is Kiran. I’ll take your question. So on the first part, it’s generally the trend has been similar. Close to half of our lands are coming from the enterprise edition. And then a mix of both the business and foundation with foundation being the larger of those two. And the enterprise the expansion path can vary. As you know, we are a multiproduct company. So customers start with one of these editions and maybe a couple of one or two of these workloads, and then they can expand by either expanding to a higher tier edition if they start with foundation or business, or if they already start with enterprise, they could expand to other workloads as well. And start with Microsoft 365, go to a native cloud workload or an Oracle workload, or database workload. So the expansion paths are not limited just because you started in a higher edition because you can always add more workloads as well.

Zach Schneider: Great. Thanks a lot.

Melissa Franchi: Thank you.

Operator: This concludes our Q&A session. I would now like to turn the call over to Bipul Sinha for closing remarks.

Bipul Sinha: Thank you. Thank you, everyone, for joining us today. We remain very excited about the cyber resilience opportunity as we build the future of AI transformation in terms of the enterprise AI acceleration. Much appreciate your support and trust. Again, very early days for Rubrik. We are in the first decade of our multi-multi-decade story. Thank you so much for your time. Talk to you three months from today.

Operator: Ladies and gentlemen, this concludes today’s conference call. Thank you for your participation. You may now disconnect.