Try our mobile app
<<< back to CYBR company page

CyberArk Software [CYBR] Conference call transcript for 2022 q2


2022-08-10 10:28:14

Fiscal: 2022 q2

Operator: Good morning. My name is Rex, and I'll be your conference operator today. At this time, I would like to welcome everyone to the CyberArk Q2 2022 Earnings Conference Call. All lines have been placed on mute to prevent any background noise. After the speaker’s remarks, there will be a question-and-answer session. Thank you. At this time, I'd like to introduce Erica Smith, SVP, Investor Relations and EFG. Ms. Smith, you may begin your conference.

Erica Smith: Thank you, Rex. Good morning. Thank you for joining us today to review CyberArk's second quarter 2022 financial results. With me on the call today are Udi Mokady, Chairman and Chief Executive Officer; and Josh Siegel, Chief Financial Officer. After prepared remarks, we will open the call up to a question-and-answer session. Before we begin, let me remind you that certain statements made on the call today may be considered forward-looking statements which reflect management's best judgment based on currently available information. I refer specifically to the discussion of our expectations and beliefs regarding our projected results of operations for the third quarter, full year 2022 and beyond. Our actual results might differ materially from those projected in these forward-looking statements. I direct your attention to the risk factors contained in the company's annual report on Form 20-F filed with the US Securities and Exchange Commission, and those referenced in the press release today that are posted to CyberArk's website. CyberArk expressly disclaims any application or undertaking to release publicly any updates or revisions to any forward-looking statements made today. Additionally, non-GAAP financial measures will be discussed on this conference call. Reconciliations to the most directly comparable GAAP financial measures are also available in today's press release as well as in an updated investor presentation that outlines the financial discussion in today's call. We also want to remind you that we provide a calculated revenue headwind for additional color on the impact of our subscription bookings mix shift. But it should not be viewed as comparable to or a substitute for reported GAAP revenues or other GAAP metrics. A webcast of today's call is also available on our website in the IR section. With that, I'd like to turn the call over to our Chairman and Chief Executive Officer, Udi Mokady. Udi?

Udi Mokady: Thanks, Erica, and thanks to everyone, for joining the call. We had an outstanding second quarter, best categorize by momentum. Momentum for our Identity Security platform, momentum across our Solutions, PAM, Endpoint to Privilege Management and Access, momentum in the channel and momentum with new logos and an existing customers. Before diving into the details, I want to provide a few financial metrics that underscore our stellar performance. ARR remains the best metric to measure our success. So, subscription ARR reached $255 million, drawing a 133% year-over-year demonstrating the continued acceleration of our subscription engine. Total ARR grew 48% year-over-year reaching $465 million. We are pleased with how quickly our recurring revenue business is scaling to our $1 billion ARR target. And total revenue exceeded our guidance range coming in at $142 million, with growth accelerating to 21%. It is important to keep in mind that the subscription transition continues to impact our reported P&L. Or said another way, we are growing much faster than the 21% revenue growth we posted in Q2. In fact, our bookings were again well above our guidance framework, best evidenced by the combination of higher subscription bookings mix at 88%, revenue above the guidance range and nearly 50% ARR growth. The revenue headwind from the subscription bookings mix was about $16 million in the second quarter. Normalizing the mix to the second quarter of last year, our total revenue line would have grown by 35% this quarter. Josh will talk about it later. But given the strength of our execution, we are raising our full year revenue and ARR guidance. Our pillars continue to be growth, innovation and profitability. Starting with growth. Over the last few weeks from the RSA conference to our recent Impact customer event, we met with hundreds of chief information security officers and senior security professionals. Nearly every discussion centered on the major challenges facing the industry. They are ready to digitize, adopting zero trust and staying ahead of attacker innovation are accelerating trends pushing Identity Security to the top of the CISO priority list. Our strong secular tailwinds and execution have kicked our platform selling motion into a higher gear, which you see in some of the trends from the quarter. We surpassed 1,000 customers with over $100,000 in annual recurring revenue, up over 50% from Q2 last year. SaaS continues to serve as the foundation of our growth, leading the way in almost all regions. Our move to subscription business model is delivering transformative value both to us and to our customers. While PAM remains the predominant landing spot for customers, increasingly, new logos are beginning their Identity Security program with Endpoint and Access and then expanding back into PAM. And when it comes to Access, our truly differentiated approach is resonating, delivering another strong quarter in Q2, we are creating seamless Access across the entire workforce. The combination of single sign-on and adaptive MFA with innovations like secure web session and workforce password management, all based on intelligent privileged controls is enhancing security and increasing productivity, a combination not replicated by any other vendor. We had impressive diversification in our new logos, signing nearly 250 customers in the second quarter, up over 30% year-over-year and included enterprise wins like Fortune 500 manufacturing companies, banks, major retailers, critical infrastructure and energy and power companies. Momentum continued to pick up in our commercial segment as well with wins like a next-gen cloud Fintech, a well-known conservation society and multiple school systems among many others. A few new business highlights include: in a greenfield PAM deal, a North American retailer had two catalysts for implementing Identity Security; digital transformation and cyber insurance requirements, one of the many examples of cyber insurance contributing to our business. This customer embraced our platform buying Privileged Cloud, Endpoint Privilege Manager, Access and Secrets Manager enterprise-wide, including protecting UiPath and ServiceNow through our CCube integrations. A restaurant chain landed with adaptive MFA, SSO workforce password management and advanced life cycle management to help mitigate risk, expanding the PAM is next on its horizon. Our land and expand strategy is demonstrated across examples like a Fortune 500 manufacturing company landed with EPM in Q4 and after just two quarters is replacing a legacy PAM solution with our Privileged Cloud because of the amazing customer experience. In a highly competitive Access deal, an existing PAM customer in the healthcare vertical expanded with single sign-on and MFA. The CISO cited key differentiators, such as our security first mindset and our unwavering commitment to maintaining the long-term vision and purpose. A financial services company is expanding from PAM to protect Kubernetes at the edge and CI/CD pipelines with our secrets management solution. Secrets management has had a strong quarter and was included in eight of our top 10 largest wins. Momentum also continued across the partner ecosystem. We are particularly excited about strengthening our relationships with the SIs, managed security service providers and with AWS. Our partners are building identity security practices with plans to significantly increase their business with CyberArk. Year-to-date, the number of CyberArk certified professionals has nearly tripled with the average number of certifications across our products also trending up, a very strong indicator of the momentum with partners. We also deepened our relationship with AWS Marketplace. The deals closed in Q2, and our strong pipeline give us confidence that AWS will be a contributor to our growth over the long term. Moving on to the innovation, the cornerstone of our strategy. Our DNA is innovation, and we challenge ourselves every day to lead the industry. We were pleased to be named a leader in the July 2022 Gartner Magic Quadrant for Privileged Access Management, positioned both highest in ability to execute and furthest in completeness of vision for the fourth time in a row. At our recent annual impact live customer event, we showcased the depth, breadth and considerable differentiation of our identity security platform. We hosted more than 1,000 people in person and 2,000 virtually at our marquee event and the feedback was incredible. Customers and partners recognize that we are putting much more distance between us and the competition. The benefits of our security-first approach are well understood and increasingly a priority in this severe threat landscape. We also demonstrated how we can elegantly secure all identities across environments while driving the business forward. A few highlights from the product announcements. Secrets Hub positions CyberArk as the backbone for secrets management for application -- for all application types across the enterprise. Developers seamlessly access secrets through familiar workflows in AWS. At the same time, the security team can secure and rotate all secrets in CyberArk, centralizing visibility and control with a single pane of glass across hybrid and cloud environments. This win-win solution increases alignment between cloud-native DevOps and Security. It is a game changer. Conjur Cloud is now in early availability. In addition to faster deployment and tactive value with SaaS delivery, much of the power of Conjur Cloud comes from the tight integration into our identity security platform. In Access, we introduced identity flows, which streamlines workflow with advanced and modern no-code application integration and automation. And Identity compliance streamlines across streamlined access certifications campaigns with comprehensive, risk-driven identity analytics. Secure Cloud Access marks the third solution, along with cloud Entitlements Manager and Dynamic Privileged Access in our cloud privileged security pillar. Going well beyond just in time, basic just in time, secure cloud access integrate session monitoring and enhanced lease privilege permissions for DevOps and cloud consoles. This functionality significantly enhances security and better allies to the principle of Zero Trust. To accelerate our development in cloud security, in July, we acquired C3M, a provider of multi-cloud security and compliance solutions for AWS, Azure and Google Cloud Platform. We are pleased to welcome about 40 talented cloud security experts and are looking forward to working together to deliver against our cloud privileged security road map. Moving on to profitability. Our reported P&L continues to be impacted by the subscription transition. We haven't changed our investment approach. We are delivering excellent returns, including rapid revenue growth rates and accelerated innovation. We expect to be a Rule of 40 company with strong growth, profitability and cash flow as we move past the subscription transition dynamics. Before I turn it over to Josh, I wanted to talk about the macro environment. The broader economic uncertainty we are all hearing about has not impacted our business. We are watching very closely and analyzing the trends in our business more frequently. We continue to execute our strategy. Our close rates are strong. Our pipeline is at record levels, and we are seeing an acceleration in demand. In fact, the first half of 2022 was one of the best in the company's history, and our Q2 performance demonstrates. First and foremost, Identity Security is more critical than ever. Second, our Identity Security platform is gaining momentum, and we are increasingly protecting across workforce identities, privileged users and machines. Third, we are in the best competitive position in our history. And lastly, we are increasingly confident in our ability to execute against a multi-year durable growth opportunity. I will now turn the call over to Josh, who will discuss our great financial results in more detail and provide you with our outlook for the third quarter and full year 2022, including raising our total revenue and ARR guidance. Josh, off to you.

Josh Siegel : Thanks, Udi. As in prior quarters, we posted slides to the website that walk through our results. As Udi mentioned just now, we had a stellar second quarter. Momentum continues to build in our business, fueled by amazing execution, strong secular tailwinds and a robust demand environment. In terms of the headline P&L, total revenue exceeded guidance coming in at $142.3 million in the second quarter with growth accelerating sequentially to 21% year-on-year from the 13% growth rate in the first quarter of 2022. We are thrilled to begin exiting the revenue trough created by the subscription transition and be back again above 20% growth. Annual recurring revenue continues to be the best metric to evaluate the business and remain incredibly strong in the second quarter, growing 48% year-on-year and reaching $465 million. The business continues to fire on all cylinders and grow at high rates. The subscription portion of ARR reached $255 million. That's increasing 133% and now represents 55% of our total ARR. Just a year ago, the subscription portion was only $109 million or 35% of the total. The maintenance portion was $210 million at June 30 and in large part because of the timing of renewals. Moving into the details. Subscription revenue generated from SaaS and self-hosted subscription contracts reached $66 million and represented 46% of total revenue in the second quarter, with growth accelerating to 144% year-on-year. Consistent with the progression of our business model to subscription, perpetual license revenue came in at about $11 million. Our maintenance and professional services revenue was $65.3 million with $54.4 million from recurring maintenance and $10.9 million in professional services revenue. Recurring revenue reached $120.4 million. That's 85% of total revenue with growth accelerating to 49% year-on-year. We are pleased to be quickly approaching our target of more than 90% of revenue coming from recurring. Before moving on, I wanted to point out that we did have a negative currency impact, which lowered our total revenue by about $2 million in the second quarter, making our outperformance even that much more impressive. Our subscription bookings mix was 88% in the second quarter compared to our guidance of 87% booking mix. With our mix and revenue, both above expectations, highlights that total bookings again exceeded our guidance framework. Economically, the headwind created by the mix was approximately $16 million in the second quarter, when we compare it like-for-like to the second quarter last year with only 65%. Taking the calculated revenue headwind into consideration, total revenue growth would have accelerated to 35% year-on-year. As a reminder, our second quarter guidance implied about a 30% growth rate normalized for the transition. So exceeding that by a full five percentage points is just another indication of the strength of our outperformance in the second quarter. Geographically, the business is well-diversified. The Americas revenue reached $84 million, representing 59% of total revenue. The Americas grew by 21% and again, had the strongest percentage of SaaS bookings during the quarter. EMEA also grew by 21% year-on-year with $44 million in revenue or 31% of total revenue. APJ grew by 25% to $15 million in revenue or 10% of total and continues to gain traction with subscription and SaaS ahead of our expectations. If we look across all the geographies normalizing for the mix, the Americas and EMEA revenue would have grown by approximately 35% and APJ by about 40%. Now moving to the P&L. On line items in the P&L will be discussed on a non-GAAP basis, and please see the full GAAP to non-GAAP reconciliation in the tables of our press release. Our second quarter gross profit was $116.9 million or an 82% gross margin. That's compared with 84% gross margin in Q2 last year, and it's primarily the result of the increase in our SaaS business. We continue to make investments to drive innovation and growth, resulting in operating expenses of $127.5 million, a 33% increase year-on-year and an operating loss of $10.7 million in the quarter. Our operating results were lower by approximately $16 million from the calculated revenue headwind. Normalizing for this mix, operating margin would have been a positive 3% in the second quarter. As a reminder, this only level sets the mix to the prior year and not all the way back to the beginning of the transition, which would result in even a much higher operating margin. Net loss was about -- was $10.7 million or $0.27 per diluted share for the second quarter. We continue to attract and retain top talent. That's a testament to our culture. We added just over 130 employees in the second quarter, ending June with over 2,400 employees worldwide, including about 1,100 in sales and marketing. For the first half of 2022, free cash flow was $6.6 million or 2% free cash flow margin, and we continue to have a strong balance sheet, ending the quarter with $1.2 billion in cash and investments. Turning to our guidance. Our guidance for the third quarter and the full year reflects robust industry tailwinds, strong execution and our growing ARR base. For the third quarter of 2022, we expect total revenue of $147 million to $153 million, which represents another sequential acceleration of our growth to 23% year-on-year at the midpoint. We expect a non-GAAP operating loss of about $11 million to $6 million for the third quarter, and we expect EPS to range from a non-GAAP net loss of $0.27 to $0.14 per basic and diluted share. Our guidance assumes that our subscription bookings mix will remain over 85% and that the resulting calculated revenue and profitability headwind will be between $9 million and $11 million for the third quarter. If you normalize for the mix, our estimated revenue growth at the midpoint of the range is over 30%. Since we have now exceeded our target for subscription bookings mix for the last two quarters, going forward in the second half of 2022, we will only start to provide a range for mix and headwind versus the specific targets. Our guidance also assumes 41.4 million basic and diluted shares and about $2 million in taxes. For the full year of 2022, we are raising the midpoint of our guidance and now expect the total revenue in the range of $589 million to $601 million, our guidance assumes a subscription bookings mix in the high 80s and our revenue headwind of between $61 million and $63 million. So, if you normalize for the mix, our estimated revenue growth at the midpoint is over 30%. For the full year, we are improving the range for our non-GAAP operating loss to be $30.5 million and $20.5 million, and we expect our non-GAAP net loss per basic and diluted share to be in the range of $0.82 to $0.57. For the full year, we expect about 40.7 million basic and diluted shares and about $11 million in taxes. We are pleased that our operating loss and EPS range are improving while facing currency headwinds and absorbing the increased operating expenses from the acquisitions of APi and C3M. Our improved bottom line is further validation that our approach to profitability has not changed. Today, the profitability of our business is still masked by the subscription transition, and we expect to return to a Rule of 40 company over the transition -- once the transition dynamics play out. We are also meaningfully increasing our full year guidance for ARR, which we now expect to be between $543 million and $549 million at December 31, 2022, or that's 38% to 40% year-on-year growth, respectively. We are thrilled to raise our ARR guidance, which demonstrates the considerable strength we continue to see in our business. While we experienced over a $2 million sequential increase in maintenance ARR in the second quarter, we still anticipate that maintenance ARR will decline in the back half of the year. I would also add, we do not anticipate products from APi and C3M, to contribute to ARR or recognized revenue in 2022. I did want to mention FX. While we do not plan to provide our results in constant currency, isolating the impact from FX reinforces the overall strength of our outperformance and our guidance raise. We expect to see a full year estimated currency impact to annual recurring revenue of about $5 million for the full year, and that's related to the pound and the euro. We also estimate that the recent currency moves will lower our recognized revenue by about $5 million, and that the net impact will lower our operating income by about $3 million for the full year 2022. That's compared to the rate last year. These currency moves are already reflected in the guidance I provided just a few minutes ago. Moving to free cash flow. We still anticipate that it will be in line with our non-GAAP net income margin over a 12-month period. Second quarter was another strong quarter. As Udi mentioned, our results demonstrate that momentum is in our business is still building. We are confident that demand for our Identity Security platform is highly durable. We remain focused on capitalizing on the massive opportunity in front of us that will deliver profitable growth and strong cash flow, creating long-term value for our shareholders. I will now turn the call back over to the operator for Q&A. Operator?

Operator: Your first question comes from the line of Saket Kalia. Your line is open.

Saket Kalia: Okay. Great. Hey, good morning, guys, and thanks for taking my questions, here.

Udi Mokady: Good morning, Saket.

Saket Kalia: Hey, good morning, Udi. Maybe just to start with you, from a product perspective, it sounds like you're seeing more deals include Access and Conjur or secrets management rather given the competitors in those spaces, can you just talk about why you think CyberArk is winning? And whether you think the strength in cross-selling here is sustainable?

Udi Mokady: Absolutely. I would say that, the go-to-market motion of selling Identity Security as a platform. And again, with our leadership position coming from a leadership position in Privileged Access Management, is really continuing to gain traction. Customers are recognizing the need for a complete security solution all the way from human identities to workforce and machines. And to your point, we're seeing customers land with more solutions adding on more users faster. We had more than 60% of our new logos landed with multiple products in Q2. Now, it's highly differentiated. On the Access side, we're highly differentiated with having security controls, rep around the various use cases with secure web sessions with workforce password management, which gives customers peace of mind that we're taking a security approach to access. And on the Secret side, customers are appreciating that we can support all types of applications and at scale. And with the new innovation like Secret hub that we announced that we're taking an approach that bridges to the DevOps, allowing them to work transparently, and with high productivity. So, all that is taking place, and definitely, we expect the – both the landing with more products and that cross-sell motion to continue.

Saket Kalia: Got it. Got it. That's really helpful. Josh, maybe for you as a follow-up, just to address the topic of macro backdrop. Both of you have seen ebbs and flows in the macro backdrop before here at CyberArk. Josh, maybe for you, how are you handicapping that potential in the guide? Because it is a very strong guide, particularly when you adjust for FX, whether you have a quantitative answer there or a qualitative answer I think it'd just be helpful to hear kind of how you thought about that?

Josh Siegel: Yeah. Thanks, Saket, for the question. And I think it's both quantitative and qualitative to a lot of extent. You heard our remarks already today. On a quantitative perspective, we're doing and looking at our guide in the same way we always have. We look at our historical trends, but we're also looking at the current pipeline, our current close rates and of course, quantitatively, I already discussed in my remarks kind of the impact of taking into consideration the change in FX how that's affected, how that's impacted our -- both our revenue, net income and our guidance, but we still were able to raise even with that FX impact. From a qualitative perspective, I mean you heard a lot of comments by Udi and by myself, the macro environment, we're hearing still very strong feedback from customers, and we're seeing in terms of our responses on the pipeline that identity security is remaining a top priority and their budget seem to still be safe. So we're using that as well in our guide. But we are an experienced team, all of us around this table and we have a lot of fingers on the pulse, and we're increasing our touch points all the time with the field, and we feel like we're in good shape and confident in the way we're looking at the second half.

Udi Mokady: And I would say second that I love that we finished our transition, because it sets up -- with this high priority for Identity Security and private access management, it sets us up for this long-term durable growth including in this market environment.

Saket Kalia: Very helpful. Thanks guys.

Operator: Your next question comes from the line of Hamza Fodderwala. Fodderwala, your line is open.

Hamza Fodderwala: Hey guys, good morning. Thank you for taking my question. Maybe jump off for either Udi or Josh. Can you talk a little bit about how the SaaS transition or the subscription transition overall has perhaps made you more resilient in this current macro backdrop? It seems like -- is there something going on in terms of shortening of sales cycles or more cross-sell, up-sell momentum through the partners even that's kind of separating your performance versus maybe prior macro cycles where you would have seen those headwinds more upfront?

Udi Mokady: Yeah, absolutely. I think like I mentioned now, so it's -- we're pleased to be in this position where our market I would say, from a demand environment, we are in high priority and built such a big pipeline and then we can execute on it with the SaaS motion where we can land provide quick time to value so quickly to the customers and then get them into the add-on motion much faster. And again, also the variety of landing spots that we now have across the portfolio, again, SaaS landing spots with EPM with access we now came out with Conjur SaaS and of course, with Privilege Cloud. So having that -- the multiple landing points all centralized platform is we're really benefit for this in this -- including in this environment. And I think like Josh emphasized, we really have strong controls into the field to see the increased demand, the record pipeline and so it's kind of a perfect way to execute with the SaaS platform on the opportunity.

Hamza Fodderwala: Maybe just a quick follow-up for Josh. I know it's really early. But when you look at the early cohorts of the subscription or SaaS customers that has started to come up for renewal. What are those like net expansion rates look like so far?

Josh Siegel: Yeah, I mean you are right, Hamza, it's still early. But what we've seen now so far is really what we consider best-in-class in terms of what -- how we're getting renewals and also expanding and retention rates for them. But we're still early in that cycle in the first duration period of the transition. But we like what we see so far.

Hamza Fodderwala: Okay. Thank you.

Operator: Your next question comes from the line of Rob Owens. Your line is open.

Rob Owens: Great. Thanks for taking my question. Josh, as you talk about making it through the revenue transition, but you obviously have a lag when it comes to operating profitability, free cash flow. Can you remind us how long that lag is? And when you expect to return to kind of that Rule of 40 company from a profitability standpoint? Thanks.

Josh Siegel: Yes, Rob. Yes, you're right, we've always talked about kind of the lag being a couple of quarters past the transition. So we're not obviously guiding it into later years, but we definitely feel comfortable and confident that 2023 operating margin will already improve incrementally to 2022. And we're -- we believe that over the -- in the next couple of years, we will already be seeing Rule of 40 results. But stay tuned, we'll talk about out years as we finish up 2022. But we are confident that in a couple of quarters, the operating income margins will start to improve as it should coming out of the transition.

Rob Owens: Great. Thank you.

Operator: Your next question comes from the line of Fatima Boolani. Your line is open.

Fatima Boolani: Good morning. Thank you for taking my question. Hey, Udi, I wanted to go back to your comments in the script around CyberArk landing new logos within EPM and DAA and the suite of solutions. I thought that was really interesting because PAMs, of course, our flagship. So I'm curious to get your perspective on what it's going to take either from you from a sales execution standpoint or from a market level standpoint to get the AAM franchise to be as large as the PAM franchise? And then I have a follow-up for Josh, please.

Udi Mokady: That's great. I would say we're seeing, like I said, landing with Privilege Cloud, EPM, Secret Management and Access. So those have all become landing spots from us. And in fact, the subscription ARR for all of these doubled in -- if you look at Q-over-Q in all of those solutions. So we're very excited how they're performing. As you recall, we structured speed build structure to allow us to really execute on the opportunity and be very agile on both Access and our Secrets Management areas. I love your question. I mean that's the approach we have with Secrets Management. We believe that human identities, the non-human identities are fast expanding in the recent conference, we put out a survey that we have that there are 45 non-human identities for every human identity and enterprise. So those are exploding with digital transformation. And we're going after that with a single platform. So we see the opportunity we're executing on it. Part of the how is what I mentioned the bridging the gap between security and DevOps, and we're doing it the CyberArk way, not coming in with a very strong security solution, but understanding that developers want to work transparently, the announcement of Secrets Hub, which is our first foray with Secrets Hub integrating with AWS, a key management solution so that the developer can develop on AWS and transparently work the same way while security gets our central backbone with CyberArk being behind the scenes rotating and managing all those secrets. So that's an example of how we're expanding and we're going to go after all of the cloud providers in the same fashion. I think you had a follow-on question.

Erica Smith: Hi, Rex.

Operator: Gregg Moskowitz, your line is open.

Gregg Moskowitz: Okay. Thank you very much and congratulations on a very good Q2. So the increased ARR guidance was impressive and especially on a constant currency basis, given the macro environment that we're in. So two questions here, if I may. Udi, some security and broader software vendors who have recently reported earnings have spoken about longer sales cycles among larger enterprise customers. Obviously, CyberArk's focus is the enterprise. So I just wanted to confirm that you are not seeing any elongation in sales cycles among any of your customer segments, including at the enterprise level? And then secondly for Josh, did the prior ARR guidance, which I believe was $535 million to $541 million, does that not include any FX headwind? Just wanted to clarify that as well. Thanks.

Udi Mokady: Great. So, Gregg, right -- you're correct. We are not seeing that. I think we're performing exceptionally well as we -- as we've shown in the results and have not seen any impact on close rates. And actually, I talked about the strong pipeline or on the speed of going through the cycle. So, things our business as usual. And I think it's really down to us being a very impactful security layer for our customers and our projects are important and going through. As Josh mentioned, we keep a close eye. We're very connected to the field. And we're seeing the same cycles and priority actually continuing to move up. In some of the large deals, we've seen more approvals in the process, but it did not slow down the business. And again, Identity Security is a top priority.

Josh Siegel : And Gregg, with response to the FX question. So the last ARR guide that we put out there included about $1 million to $2 million of FX impact considered that.

Gregg Moskowitz: All right. Super helpful. Thanks guys.

Josh Siegel : Thank you.

Operator: Your next question comes from the line of Brian Essex. Your line is open.

Brian Essex: Great. Thank you. Good morning and thank you for taking our questions, and really nice set of results here. Maybe, Josh, on year-end, really nice sequential increase in net new ARR. As we think about the guidance and the setup for the back half of the year, how do you think about seasonality a perhaps the mix of term and SaaS in there? And how do we get confidence? I mean, and it looks like you've got a little bit more difficult comp in 4Q for net new ARR growth, but just maybe give us a sense of like how you're thinking about the guide and the level of confidence you have to hit that in considerations you might need to make as we fine-tune our model.

Josh Siegel : Yes. Thanks, Brian. So level of confidence that we've been talking about it all morning, we're confident to guide for the increase, which is significant, as you pointed out. So – and it's going to come from the SaaS and subscription piece of the business. As we talked about, actually, the maintenance ARR could see some decline in the back half, and we'll go into more than make up for that with SaaS and Self-Hosted subscription I think the business is continuing with two-thirds of it being SaaS heavy versus Self-Hosted. So I would continue to see that going into the second half. And in terms of seasonality, you're right, Q4 has the difficult compare. And of course, we're much – so I think that, it will be probably a slower growth rate than Q4 compared to Q3.

Brian Essex: Got it. That's super helpful. And maybe if I could just sneak one more in. You mentioned Marketplace as a traction there, it sounds like this quarter, particularly within identity, there's an increasing amount of business going around the resellers and through the marketplaces. I know it's kind of early stages for you, but could you give us maybe a sense of what you're seeing? And what are the dynamics of those deals, or is it enterprise just kind of truing up commitment, or is there kind of like new initial traction going through that channel?

Udi Mokady: You're referring to our commentary on AWS marketplace?

Brian Essex: Yeah.

Udi Mokady: Yeah, yeah, yeah. So I would say, it's down to the increased awareness of the ability of enterprises to leverage their relationship with AWS and – and procure, and I would say, leverage the faster process. We saw an incredible pipeline to build up. And I can say that, that in this first half, we had more business through AWS than in the entire year 2021, which was kind of the year that we announced the marketplace and that's augmenting the channel, and that's what we really love about is that we can work with our system integrators and with our VARs. But the last mile can be fulfilled through that AWS resellers, AWS, I would say, streamlined process. So it's inclusive to the channel partners and its all part of an ecosystem that's working together. They actually really recognized that is also good for them. I mean, they being the VARs and the integrators, it's good for them to also partner on the AWS front.

Operator: Your next question comes from the line of Roger Boyd. Your line is open.

Roger Boyd: Great. Thanks for taking my question, and congrats on the nice results. Udi, you had mentioned MSSP partners in your prepared remarks, which I think is a relatively new channel for CyberArk. You talked a little bit about the certifications of 3x, but can you just talk about the momentum you're seeing there the potential for that channel maybe as you work further into the commercial cohort?

Udi Mokady: Yeah, exactly. We see that as a long-term important channel movement for us. Many of our existing partners are – and strong relationship partners are actually building managed security service provider's capability, because their customers are coming to them with that motion of shortage of staff, or as they go further down market, and they want them to manage it completely. And the Identity Security platform, our platform really resonates to that, that our partner can deliver value by – by being a managed service provider. So I would say, it's a relatively early program, but we're seeing that kick in. We sometimes see large enterprises benefit from, for example, from a telco that launched in MSP and is managing end-to-end PAM for a customer or an MSP that launches and goes after and helps us go after the mid-market like you mentioned. So, it's a dual motion and we're making it continuously easier for these partners to learn how to onboard new customers and certify and leverage our platform. I would say it's early days, but on fast growth, and we'll see it be an important motion for us for many years.

Operator: Your next question comes from the line of Adam Borg. Your line is open.

Adam Borg: Hey guys and thanks much for taking the question. Maybe just on cyber insurance. You talked about that in the script. I know we've talked about that in the past. And it just seems that there's more and more challenges and heightened awareness about organizations getting cyber insurance to begin with. So, love to hear more about the demand drivers of cyber insurance overall, what inning are we in with that? And even if there's regional differences between what you're seeing in the US and international? Thanks so much.

Udi Mokady: Absolutely. So, I'll start with the innings. I think it's still early innings, but we added kind of to the list. We already have a lot of secular trends pushing offering what we would add it as an additional driver where customers are trying to obtain cyber insurance the requirement is for them to have privileged access management controls, MFA, single sign-on, really the important proactive security hygiene layers, and they know that CyberArk is market-leading and can be -- they can also achieve success with us. Of course, the insurers also view CyberArk as a market leader in the space. So, we primarily -- like you mentioned, we primarily see it in the US. It's often this additional driver or accelerator on a deal or nothing. But when it shows up, it becomes an additional accelerator on a deal, but it's still early innings. And then we're actually investing in educating the both insurers and of course, everything that we do around the broad customer base and prospect base because we believe it will trickle to additional markets like the European market where it will become a requirement. And with all the experience we have and insurance customers as customers themselves really the major ones that it gives us a great advantage in capitalizing on that.

Operator: Your next question comes from the line of Jonathan Ho. Your line is open.

Jonathan Ho: Hi good morning and congrats on the strong quarter. I wonder, could you maybe quantify or help us understand how much of your existing license shifting from permanent license to SaaS? And maybe how that impacts ARR?

Josh Siegel: Yes. It's still -- if we're talking about the notion of converting from perpetual to SaaS. It's still a very small percentage of the book. Of the ARR, it's still in single-digit percentages of the ARR growth that we're seeing is coming from conversion,

Udi Mokady: -- which is a great upside for us because we're seeing the -- we're landing a lot of SaaS. The vast, vast majority of new logos are -- have been landing with SaaS and subscription, and we're working closely with the customer base to convert when they are ready to convert. Of course, we shortened maintenance cycles to usually be a year and it gives us more opportunities for those conversion conversations, but also existing on-prem customers are buying -- complementing and adding SaaS solutions to complement their on-premise solutions. So, we have all of that at the same time. And thanks for the congrats, Jonathan.

Operator: Your next question comes from Eric Heath. Your line is open.

Eric Heath: Hey Udi, Josh, my congrats as well. So Udi, mean you continue think it's also pretty clear that PAM is kind of having a really strong kind of demand as well. So just curious your thoughts on kind of why PAM continue to see such strong demand and even accelerating demand? And I guess how CSOs thinking about PAM strategically as part of their kind of broader move to the cloud and zero trust architectures?

Udi Mokady: Yes, it's exactly that. It's exactly that. It's become increasingly clear that you can't the CICO cannot sleep at night if they don't have controls over privileged access. We're basically an insider or an outsider can take over their entire infrastructure, turn off security controls. So, it becomes a fundamental layer one, before you can really put additional security layers in place. And then in parallel, seeing the proliferation of privilege. So, it was maybe a little easier to map out where our organizations had privileged users to be managed in more on-prem infrastructure and with the proliferation and adoption of cloud and of course, more and more examples where a workforce employee or a developer has privileges, they need a holistic solution to go after all of this. Now you can't achieve Zero Trust, if you don't if you don't have a privileged access management controls in place, if you don't apply lease privilege on the endpoint, which is our EPM. And it's been really – the market has been understanding that. Our strong channel network that we've built, including the big 4s and advisory firms that are educating CICOs out there and of course, the VARs and it's become a clear layer on how do you achieve an impactful layer. And of course, every time a company does Red Teaming exercise or brings a third party to analyze their security posture. First and foremost, if they capture the flag and they achieve privileged access, it's game over. And so that's why it's so important for them to invest in this, and that's why it is in such a high priority. As a company, we're going after it, like Josh mentioned, we're investing in the opportunity, leveraging our market leadership positioning, leveraging the strong channel network to go after both the PAM and the broader identity security opportunity.

Operator: Your next question comes from the line of Joshua Tilton. Your line is open.

Joshua Tilton: Hey guys. Thanks for taking my question and congrats on the quarter as well. I just -- I wanted to follow up on Hamza's question, but I wanted to put the macro aside. How much easier for you guys has the cross-sell conversation become with customers simply because it's now just one SaaS-based platform or as a customer, I can just easily turn on additional functionality versus when you sold separate perpetual licenses?

Udi Mokady: Yes. It's exactly that. The fact that they are onboarded on a SaaS platform, they can get early access. They can – to additional functionality for -- they see the light and we saw the light, like all of the investment in in pushing out and investing and creating the SaaS platform, leveraging our strong credibility out there in the market for our leadership is paying off to exactly that motion. This is why, I would say, in the last two years, we really invested in the team -- the customer success team to measure and continuously take the customer on these journeys to success so that they can expand within the solution they first acquired but also cross solution as they go with no need to set up infrastructure like you mentioned, with the -- really the power of SaaS.

Operator: Your next question comes from the line of Trevor Walsh. Your line is open.

Trevor Walsh: Good morning. Thanks for taking my question. Udi, maybe just for you, a quick one. I appreciate the fact that the demand has remained strong and no aging of sales cycles, et cetera. But we move into 2023 and things potentially get more challenging for customers, how do you balance the innovation pillar versus growth as far as kind of maintaining your competitive edge around products and kind of engineering or versus the go-to-market team. And what -- how do you think about that as you might have to either tighten belts in certain places or kind of pick one over the other, or is there an option too? Thanks.

Udi Mokady: Yes. No, there's -- Josh alluded to it, there's a real advantage of being experienced. I mean, we've been around. We've been around cycles. We're I would say we keep close attention to changing themes probably earlier than others do, and we're very, very diversified. So we're very diversified geographically. We're very diversified vertically. And now we have such a huge portfolio, a SaaS portfolio to go on the market with. So we have a lot of different levers. As Josh mentioned, we're investing in the opportunity because we're seeing that high demand and record pipeline, and we'll continue to stay close to that. On the innovation side, it's been a big differentiator for us and customers appreciate that. So it kind of success breeds success. They see us coming out the first to come to market with any new innovation on the PAM side or an Identity Security side or secure web session, coming out with Secrets Hub. The virus announcement we just did an impact are strengthening customer conviction to invest in us and go for the platform. So the short answer on we're going to continue to be to do both because that innovation leads to that success in this very important market. And of course, we've always stayed away from nice to have innovation. It's always been protecting against attacker innovation. So we'll always keep it real.

Operator: Your next question comes from the line of Alex Henderson. Your line is open.

Alex Henderson: Great. Thanks. I have two questions. One on the product side and one on the OpEx side. On the product side, I was wondering if you could talk a little bit about your success in penetrating the coding community and to what extent you're finding an ability to compete more aggressively on the coding infrastructure side of things. But the primary question is really on the impact of FX on operational costs. Can you talk a little bit about how you're structured against the currency changes? What -- to what extent that's going to play through the cost structure in the back half of the year, or if it's hedged how you would be impacted in 2023 if the exchange rate, particularly the shekel stay where they are today, how much of a benefit would that accrue?

Udi Mokady: Great. So I'll start, and I'll hand it over to Josh to talk about FX. I think we're making great progress on penetrating the coding community but doing it the CyberArk way. So coming in with that credibility from the security teams, where the security team know that this is a solution that they trust, and increasingly making it more transparent to the coater. So reducing the need to even educate them. Secrets Hub, of course, is a great example where in AWS -- where a developer using the AWS platform will not even feel or know that behind the scene CyberArk is the backbone that is managing secrets, but also before that, we made it continuously very, very native approach to the developers. I would say we're kind of digging the tunnel from both sides coming in from security, where it's our stronghold, but also having ease of use/transparency for developer. And again, we're very confident that executing on the Secrets Hub solution and doing more of that will really make it easy for developers to adopt.

Josh Siegel: Yeah. Hi, Alex. With regard to the FX, so as I talked about earlier today, while we're getting about a $5 million hit on the P&L. From a revenue perspective, it's only a $3 million hit on the operating income, because we're getting this year some benefit on the expense side in sterling and euro by about $2 million in that guide. This shekel is not really moving for us this year relative to guide because we've been pretty well hedged for this year from the beginning of the year. If we think about next year, again, on the shekel side, it really depends. I mean, we gotten a little bit of some benefit towards the beginning of next year because of where the shekel has weakened in the last quarter. But it's still too early to tell what will be the impact for all of next year because we typically won't go a hedge out further than nine to 12 months.

Operator: Your next question comes from the line of Andrew Nowinski. Your line is open.

Andrew Nowinski: Great. Thank you. I was wondering if you think the acquisition of Ping Identity could have the same near-term impact that we saw when some of your primary PAM competitors were acquired in 2018, given the disruption that these acquisitions typically create. And then related to that, are customers asking CyberArk for a more integrated IGA solution to complete the platform? Thanks.

Udi Mokady: Okay, Great. So we weren't seeing Ping a lot in competitive situations, but fully agree with the premise, and we've seen it again and again that as companies have been acquired by private equity, there was disruption out there. We've even seen channel partners really worry about those companies that that went private. Are they going to continue to invest in the enablement and all the things that the channels need for success. And, of course, customers want to know that in critical investments that they have a long-term partner out there. So there will be some disruption. And again, we're going after that market. We haven't seen them as much, but I agree on that premise. And with regards to IGA, our approach, and you saw that we've released our Identity compliance or now started Identity compliance solution at impact. It's really taking care of, I would say, very focused use cases, allowing our PAM or Access customers to certify Access. And if they want a full fledged IGA solution, we continue to refer them to our partner SailPoint. I think in the long-term, we will see more convergence with more modern use cases and that we will be able to answer within the platform.

Operator: There are no further questions. At this time, I would like to turn the call over to Udi Mokady for closing remarks.

Udi Mokady: Great. Thank you. We are thrilled with another stellar quarter and the momentum of our Identity Security platform. And as always, I want to thank our customers and partners for being the cornerstone of this success. I also want to extend special appreciation to the entire CyberArk team around the world for their hard work and strong execution this quarter. Thank you very much, and thank you for all those who joined the call today. Thank you.

Operator: This concludes today's conference call. You may now disconnect.