Varonis Systems, Inc. (NASDAQ:VRNS) Q1 2024 Earnings Call Transcript

Varonis Systems, Inc. (NASDAQ:VRNS) Q1 2024 Earnings Call Transcript May 6, 2024

Varonis Systems, Inc. beats earnings expectations. Reported EPS is $-0.03, expectations were $-0.09. VRNS isn’t one of the 30 most popular stocks among hedge funds at the end of the third quarter (see the details here).

Operator: Greetings and welcome to the Varonis Systems, Inc. First Quarter 2024 Earnings Conference Call. At this time, all participants are in listen-only mode. A brief question-and-answer session will follow the formal presentation. [Operator Instructions] As a reminder, this conference is being recorded. It is now my pleasure to introduce your host, Mr. Tim Perz of Investor Relations. Thank you, Mr. Perz, you may begin.

Tim Perz: Thank you, operator. Good afternoon. Thank you for joining us today to review Varonis’ first quarter financial results. With me on the call today are Yaki Faitelson, Chief Executive Officer; and Guy Melamed, Chief Financial Officer and Chief Operating Officer of Varonis. After preliminary remarks, we will open the call to a question-and-answer session. During this call, we may make statements related to our business that would be considered forward-looking statements under federal securities laws, including projections of future operating results for our second quarter and full year ending December 31st, 2024. Due to a number of factors, actual results may differ materially from those set forth in such statements. These factors are set forth in the earnings press release that we issued today under the section captioned Forward-Looking Statements, and these and other important risk factors are described more fully in our reports filed with the Securities and Exchange Commission.

We encourage all investors to read our SEC filings. These statements reflect our views only as of today and should not be relied upon as representing our views as of any subsequent date. Varonis expressly disclaims any application or undertaking to release publicly any updates or revisions to any forward-looking statements made herein. Additionally, non-GAAP financial measures will be discussed on this conference call. A reconciliation for the most directly comparable GAAP financial measures is also available in our first quarter 2024 earnings press release and investor presentation, which can be found at www.varonis.com in the Investor Relations section. Lastly, please note that a webcast of today’s call is available on our website in the Investor Relations section.

With that, I’d like to turn the call over to our Chief Executive Officer, Yaki Faitelson. Yaki?

Yaki Faitelson: Thanks, Tim, and good afternoon, everyone. Thanks for joining us to discuss our first quarter results, which represented a strong start to the year. In addition to discussing the result, I would like to review a SaaS transition progress and the key drivers of our business for this year. But first, let me remind you where Varonis exists and the problems we solve. Data is valuable, which is why bad actors want to steal it. Companies invest in security to protect the data, but securing it is very difficult. Varonis solves the problem by helping companies locate their sensitive data, visualize who has access to it, lock down and detect and respond to threats on it. And because of the sophisticated automation that we have built into our Varonis SaaS platform, customers spend very little time and effort to protect their data.

And now, with MDDR, we reduce this even more. This allows companies to collaborate safely and get the most value from their data while managing risk. Our first quarter results reflect the sustained momentum of our SaaS transition and the positive reception of our managed data detection and response service, or what we refer to as MDDR. ARR grew 17% to $560.3 million and we generated $56.4 million free cash flow this quarter versus $35.7 million last year. SaaS ARR now represents approximately 30% of total ARR. Guy will review our Q1 results and our updated guidance in more detail. I want to express how proud I am of the Varonis team. While the selling environment had stabilized, it remains challenging and the Varonis team executed well during the first quarter and I believe that we are only scratching the surface what lies ahead for us.

The transition to a SaaS delivery model continues to show momentum because of the many benefits that our customers realize and I will quickly remind you of a few. Customers can achieve automated outcomes which means they can ensure the data is protected with very little effort. SaaS is quicker to deploy and operationalized because of significantly lower infrastructure and personal investment and SaaS is easier to maintain and upgrade. Additionally, there are three key benefits that we realize they are short of sales cycle, larger initial length and margin benefit over time. In addition to our SaaS transition, I would like to discuss these three additional drivers of the business that I mentioned last quarter which are our MDDR service, the adoption of enterprise generated AI and increasing compliance requirements.

Today, I would like to focus on MDDR and Gen AI. Last quarter, we introduced our MDDR service, which is the first managed service for monitoring and protecting critical data. It is a paid service that builds upon our proactive incident response offering by providing a service level agreement and around-the-clock coverage. It is important to note that this service is only possible for our SaaS customers because of the visibility and automation built into our SaaS platform. We just began selling this offering in the first quarter, and we have already started to see great momentum with it. So let me explain why this is already happening and why we view this as a game changer for our company. MDDR is a natural evolution of our platform, instills a significant unmet need in the market.

One of the challenges people faces is that they don’t have the people to monitor and investigate alerts fast enough. Now with MDDR, we take this burden on customers and put it on us. If we see a threat anywhere within our MDDR customer base, we can stop it and simply notify the customer after the problem has been solved. We can do this because we pioneered the use of machine learning for data security and user behavior analysis, giving us years of experience using highly accurate threat models. Our team leverages the significant automation plus our unique metadata telemetry, such as data sensitivity, access event, and permission that allow us to detect if data is under attack and to cut threats missed by others. I’ve also been asked to clarify the value our MDDR service provides to customers that already have an endpoint detection and response service or a managed detection and response service.

The answer is actually very simple. When the perimeter fails, we believe that we are best positioned to save companies. Because we have been monitoring the data inside that perimeter, ever since we started, companies sometimes pay millions for other threat detection and response services, but when an incident happens, these services that don’t focus on data can only show you when the attack began. We started to answer the most important question with any data stolen. MDRs and EDRs can reveal how a bad actor gained access and what tactics they use to get in but cannot tell a customer, if any data was taken. The situation is that discovering the bank was robbed but having no certainty about the most important elements, whether money was stolen or if the vault remains secure.

This blindness is why organizations with sophisticated security stacks can filter victim to data breaches from insider threats or attacks bypass the perimeter. Without Varonis, data is usually far too accessible to anyone or anything inside the perimeter and isn’t closely monitored. This means more data is likely to be breached and companies have the harder time quantifying what was taken during the breach, making the liability much higher. Varonis customers automatically shrink the blast radius, which reduces the potential damage that an insider can do and forces bad actors to work harder to get to sensitive data, giving us more opportunities to catch them. With MDDR, we often catch bad actors before they get to data and because we watch the data, we are able to quickly quantify the damage.

This means we can stop the breach and limit their exposure and their potential liability. This is why no matter what platform a customer has; they will still need MDDR. To finish our bank robbery example, Varonis MDDR watches the money around the clock and can tell the bank manager that their money is safe and the vault is secure. Now, I would like to touch on our generative AI opportunity. This technology presents tremendous productivity opportunities. But in order to reap the benefits of it, you need strong data security. For example, AI can reveal critical data to the wrong machines and people because most generative AI tools utilize existing access controls, which most organizations haven’t locked down, leaving them overexposed. Companies also need to prevent sensitive data from being used in large language models and hackers leverage these tools to steal important data more easily.

Bottom line, generative AI is forcing organizations to take a hard look at their data security strategy. This is why we can continue to see generative AI coming up in so many of our customers’ conversations as organizations try to understand how they can safely realize the productivity benefits. So far companies are taking a very careful approach and are thoughtfully considering these potential risks before expanding from the pilot phase into organization-wide rollout. As a result, we expect the new term adoption of the widescale Gen AI to be measured as companies gain comfort around how they can secure their data. Overall, the feedback we are hearing from customers only serves to strengthen the conviction we have in our ability to benefit from this enormous secular trend.

Our partnership with Microsoft is progressing well. And one month ago, we announced the industry first cybersecurity solution for Microsoft 365 Copilot. This will be sold as an add-on to our existing Microsoft 365 staff package and allows organizations to monitor Copilot data access in real time. We test abnormal Copilot interactions and automatically limit sensitive data testable by both humans and AI agents. In addition to the enhancement to our platform, we are seeing Gen AI act as a catalyst for conversation with prospects. And although, we aren’t yet seeing material ARR from Gen AI-related deals, we are seeing healthy pipeline build with respect to this opportunity. With that, I would like to briefly discuss the couple of key customer win from Q1.

[Inaudible] and their affiliated hospital system, with 6,000 employees became and launched SaaS and MDDR customer this quarter, their board mandate to secure sensitive data led to a risk assessment where we discovered 4 million sensitive records and 2 million instances of student and patient PII exposed to everyone in the organization. This university evaluated several CSPM and DSPM and legacy data security solutions but ultimately purchased the only Varonis with MDDR protection for the Unix and hybrid Windows environment with our automation and unique data-centric telemetry, Varonis MDDR will supplement their existing MDR and MSSP vendors by providing protection that is focused on securing their most valuable asset, the data. We’re also seeing strong engagement from existing customers.

A broadband provider initially became a customer in 2014, with the goal of identifying and remediating overexposed sensitive data and enhancing their spread detection capabilities. With our self-hosted offering, this required some customer effort and meaningful infrastructure investment. This customer converted to Varonis SaaS with MDDR protection for the hybrid Windows environment. They will benefit from our automated remediation and will realize infrastructure savings while freeing the security team sensibly monitor and respond to alerts. In summary, Varonis off to a strong start driven by the automated outcomes that customers receive from our SaaS platform and our recently introduced MDDR offering, which we believe is a game -changer for our company.

We are excited to capitalize on the tailwind of MDDR, Gen AI, and increasing data-centric compliance regulation as we capture our significant market opportunity. With that, let me turn the call over to Guy. Guy?

Guy Melamed : Thanks, Yaki. Good afternoon, everyone. Thank you for joining us today. We are pleased with how our team performs in the first quarter and the continued momentum of Varonis SaaS furthers our confidence in completing the transition in 2026, one year earlier than our initial timeline. At the end of Q1 SaaS represented approximately 30% of our total company ARR driven by strong contribution from new logos and existing customer conversions. As Yaki mentioned, the other key driver of our business this quarter was MDDR. This paid offering is an evolution of proactive incident response that comes with an SLA and assurance that Varonis will respond to ransomware attacks within 30 minutes. MDDR has been extremely well received in the first quarter driving new business, increasing deal sizes and simplifying the conversation with customers.

In addition to MDDR nearly every customer conversation we have touches on generative AI, which reinforces our view of this secular tailwind. We’re seeing healthy leading indicators with respect to the opportunity, but as we discussed previously, we continue to expect the adoption of Gen AI will be measured. As we look ahead of the rest of this year, we’re excited to begin phase two in earnest in the second half of 2024, which will be focused on converting our installed base of on-prem subscription customers to our SaaS platform. As a reminder, we expect that the ramp-up of this phase will not be linear, and momentum should grow in each quarter and further accelerate in 2025 and 2026. In the first quarter, ARR grew 17% year-over-year to $560.3 million, and we generated $56.4 million of free cash flow, which was up from $35.7 million over the same period last year.

These metrics demonstrates our commitment to balancing top line growth with improving cash flow generation during the transition. Turning now to our first quarter results in more detail. As a reminder, the leading indicators of our transition are ARR, free cash flow, and ARR contribution margin. As we have said many times, the faster we progress through the transition, the more headwinds we will experience to our traditional income statement metrics. We view this in a positive light. In the first quarter, we continue to see stabilization of the macroenvironment. Item deals scrutiny persisted, but we are seeing positive momentum, especially with regard to the adoption of SaaS and MDDR. Q1 total revenues were $114 million, up 6% year-over-year.

During the quarter, as compared to the same quarter last year, we had approximately a 9% headwind to our year-over-year revenue growth rate as a result of having increased SaaS sales in our booking mix, which are recognized readably versus the upfront recognition of our on-prem subscription product. As we have done in the past, we are committed to being as transparent as possible throughout the transition, which includes providing you with the key metrics that track our progress during the next phase. This quarter, we’re providing SaaS revenue for the first time, a metric that we will provide going forward. We will continue to provide SaaS as a percentage of total ARR each quarter until we successfully complete the transition. In the first quarter, SaaS revenues were $34 million.

Term license subscription revenues were $56 million, and maintenance and services revenues were $24.1 million as our renewal rates were again over 90%. Moving down the income statement, I’ll be discussing non-GAAP results going forward. Gross profit for the first quarter was $95 million, representing a gross margin of 83.3% compared to 86.5% in the first quarter of 2023. Gross margin continues to track ahead of our expectations, and the change is primarily due to the much higher mix of SaaS revenues versus last year, which caused a revenue headwind due to the ratable recognition of SaaS versus the upfront recognition of on-prem subscription licenses. The recognition of compute costs associated with our increased SaaS revenues and increased hiring in certain departments within COGS to service the anticipated strong ramp in MDDR drove the remainder of the change.

Operating expenses in the first quarter totaled to $105.6 million. As a result, first quarter operating loss was negative $10.6 million, or an operating margin of negative 9.3%. This compares to an operating loss of $4.3 million or an operating margin of negative 4% in the same period last year. During the first quarter, as compared to the same quarter last year, we had approximately an 8% headwind to our operating margin as a result of having increased SaaS sales in our booking mix, which are recognized fully ratable versus the upfront recognition of our on-prem subscription product. First quarter ARR contribution margin was 13.7%, up from 5.6% last year. The significant leverage improvement, even during the early stages of the transition, reflect our ability to drive strong incremental margins while growing ARR and transitioning to SaaS.

During the quarter, we had financial income of approximately $8.2 million. driven primarily by interest income on our cash, deposits, and investments in marketable security. Net loss for the first quarter of 2024 was negative $3.7 million or negative $0.03 per basic undiluted share compared to net loss of $0.1 million or net loss of $0.00 per basic undiluted share for the first quarter of 2023. This is based on $110 million and $108.4 million basic undiluted shares outstanding for Q1 2024 and Q1 2023 respectively. As of March 31, 2024, we had $774.4 million in cash, cash equivalent, short-term deposits, and marketable securities. For the three months ended March 31, 2024, we generated $56.7 million of cash from operations compared to $36.8 million generated in the same period last year and CapEx was $0.3 million compared to $1.1 million last year.

Turning now to our updated 2024 guidance in more detail. For the second quarter of 2024, we expect total revenues of $123 million to $126 million representing growth of 7% to 9%. Non-GAAP operating loss of negative $6 million to negative $5 million and non-GAAP net loss per basic undiluted share in the range of negative $0.03 to negative $0.02. This assumes a 111.7 million basic and diluted shares outstanding. For the full year 2024, we now expect ARR of $622 million to $628 million representing growth of 15% to 16%. Free cash flow of $70 million to $75 million, total revenues of $536 million to $546 million, representing growth of 7% to 9%. Non-GAAP operating income of $9 million to $14 million. Non-GAAP net income per diluted share in the range of $0.13 to $0.16.

This assumes 128.4 million diluted shares outstanding. In summary, we are encouraged by the continued momentum of Varonis SaaS and initial reception of MDDR. The growing demand for these offerings is strengthening our ARR performance and cash flow generation as we move through the second phase of our transition, which we believe will unlock meaningful value for both our customers and our company. With that, we would be happy to take questions. Operator?

See also 20 Natural Healing Hot Springs to Visit in the World and 30 Wealthiest People in India.

Q&A Session

Operator: [Operator Instructions] The first question comes from the line of Saket Kalia with Barclays.

Saket Kalia: Hey, great. Hey, guys. Thanks for taking my questions here. And nice start to the year-over-year on ARR. Yaki, I’d love to start with MDDR. And maybe the question is, what’s been the initial feedback that you’re getting from customers on the offering? It seems like it’s off to a good start. And the Guy just related to that, can you just talk about to what extent is MDDR maybe pulling through more interest in SaaS since it’s only available to SaaS customers? Does that make sense?

Yaki Faitelson: Definitely. So in terms of MDDR, the customer feedback and the facts that are really behind it are basically exceeding their expectations. And effectively, a fact can come from anywhere and any device, but only going in one direction, which is the data. So perimeter security is great and there are many amazing companies, but if you think in probabilities, there is high probability that your perimeter will fail. And once you have an identity, there is no perimeter anymore. You’re getting into the data. And we just automatically understand how people need to use data and can stop these attacks and make sure that you will not take the data breach. In our opinion, it’s the best way to avoid a data breach, and you’re doing it completely automatically.

So it just works extremely well if you have more platforms, and a lot of the way that we bundle it, Edge, and the other products Active Directory, and entry ID, it works extremely well. So customers love it, and we are just on a daily basis saving them and stopping them for breaches. And we really believe that the data security platform is an MDDR. It’s the first thing that the organization needs to do, and the last thing that will save you when everything is failed.

Guy Melamed : And second, you’re right that it’s only offered with the SaaS offering. It was definitely a key driver for our business this quarter. When you think about the MDDR, it’s been an evolution of the proactive incident response. And it comes with an SLA and kind of assurance that Varonis will respond to ransomware attacks within 30 minutes. So it’s very compelling. And when you look at kind of how it was received this quarter, it’s been extremely well received, both from driving new business, increasing deal sizes, and simplifying the conversations for our customers.

Yaki Faitelson: And just to add a bit about what Guy said, when we build our SaaS solution, it was critical for us, this is a software solution, to build a lot of automation to make sure that we have tremendous force multiplier to our analysts. So we build a lot of robots and using a lot of AI to make sure that our people are extremely productive. This is almost completely a service of software performance.

Operator: Next question comes from the line of Hamza Fodderwala with Morgan Stanley.

Unidentified Analyst : Hey, guys, this is John on for Hamza. For Yaki, just a question for you. How often is Microsoft Copilot coming up in your customer conversations versus three months ago? And is the expanded partnership with Microsoft Copilot driving more pipeline?

Yaki Faitelson: It’s front and center in every conversation. Microsoft is still not pushing its full force to the customer base. You see that a lot of customers experimenting with it. I think I broke my record of seeing customers in Q1. And there is a very consistent theme. They’re starting the Copilot evaluation and stopping it because it’s exposing a lot of critical data. So just protecting these Copilots and they are connecting to many sources is coming with each and every conversation. And I think that it’s just exposing the problems and organizations understand that they need to take data security very seriously in order to benefit from the automation of these Copilots that are based on LLM. It’s starting to build a good pipeline in the places that we engage with Microsoft.

It’s also starting to go in the right direction. But remember, Microsoft are still not pushing its full force. I believe that once they will have its core revenue and push it full force, it can have a big impact on the business. But if the world wants to benefit from Copilots and all these LLM robots, if you will, to get the productivity gains, they will need to take care of the data security problem.

Guy Melamed : John, just to reemphasize what Yaki was saying, in terms of the reported numbers for Q1, we didn’t see Copilot as part of the reported numbers in Q1. But definitely, when we look at all the leading indicators, they appear there, and we’re seeing a pipeline increase for them.

Yaki Faitelson: There is still not a revenue impact, but we’re starting to see a pipeline impact and a lot of conversation. People are in the initial stages to figure out how to do it in the right way.

Operator: Next question comes from the line of Matt Hedberg with RBC.

Matt Swanson: Yes, thank you. This is actually Matt Swanson on for Matt. I mean, it was great to hear some stabilization in the macro. I mean, it feels like it’s been a long time coming for all of us. But you’ve done a really successful SaaS transition during a really uneven macro. And Yaki, you mentioned some of the advantages of SaaS, the lower infrastructure personnel costs, easier to maintain. Can you just kind of talk specifically for the SaaS transition, kind of the headwinds and tailwinds of a challenging macro. Like, are there any parts of it that were actually helped the transition when things are a little tougher?

Yaki Faitelson: The thing that what happens is, what helps first is the reality is that breaches almost always, not always, but almost always are data breaches. And the security industry is a bit upside down in the sense that you spend a fortune on perimeter security and you just fail, small failures, and then you have this massive blast radius and you are completely exposed. Think about it, it’s like to have a, to do business with a bank that doesn’t have a ledger, can’t tell you what happened with the account and just can’t tell you that you have a strong password and from where you logged in. It doesn’t make any sense. And the other thing that happens with SaaS, it’s primarily that it provides automated outcome and clearly scales extremely well.

We took everything we learned from the on-prem and we built just a lot of automation and a lot of coverage and the customer with 5%, 10% of the effort can get ten times more value. So this is also the way it works. And I also think that slowly but surely this everyday organization just realized that this is something that they need to do sooner rather than later. And obviously with AI and all the attacks that are always going towards the data, organizations understand that this is the way to go. It’s a gradual process, but we definitely feel that the technology is just speaking the reality. If you want to make sure that you don’t have a data breach, you need a data security platform with automated outcomes.