Thank you for standing by. Welcome to the Qualys' Third Quarter 2021 Investor Call. At this time, all participants are in a listen-only mode. After the speakers' presentation, there will be a question-and-answer session. [Operator Instructions] I would now like to hand the conference over to your first speaker, Mr. Blair King, Investor Relations. Sir, please go ahead, sir.

Thank you, Rachael. Good afternoon and welcome to Qualys' third quarter 2021 earnings call. Joining me today to discuss our results are Sumedh Thakar, our President and CEO, and Joo Mi Kim, our CFO. Before we get started, I would like to remind you that our remarks today will include forward-looking statements that generally relate to future events or our future financial or operating performance. Actual results may differ materially from these statements. Factors that could cause results to differ materially are set forth in today's press release and our filings with the SEC, including our latest Form 10-Q and 10-K. Any forward-looking statements that we make on this call are based on assumptions as of today, and we undertake no obligation to update these statements as a result of new information or future events. During this call, we will present both GAAP and non-GAAP financial measures. A reconciliation of GAAP to non-GAAP measures is included in today's earnings press release. And as a reminder, the press release, prepared remarks and investor presentation are available on the Investor Relations section of our website. With that, I'd like to turn the call over to Sumedh. Sumedh?

Thanks, Blair, and welcome, everyone, to our third quarter earnings call. Continuing to build on our momentum, we are pleased to report another quarter of solid financial performance while further advancing our strategic agenda to re-accelerate growth and drive continued platform innovation. Taking a closer look into Q3, cloud agent subscriptions grew 40% year-over-year to 70 million reflecting steady adoption of our Vulnerability Management, Detection and Response, VMDR solution, which is now deployed by 32% of customers worldwide. Further validating our security solution consolidation approach and the power of a single agent, several of our top new customers not only purchased VMDR, but also made additional Qualys solutions a part of their first purchase. Highlighting a few of these notable new wins in the quarter, a multi-national bank selected VMDR and Patch Management together to continuously detect and prioritize vulnerabilities and misconfigurations across its hybrid IT environment. The ability of the Qualys Cloud Platform to respond rapidly to remediate and patch assets that are vulnerable, or already compromised, from a single platform with built-in orchestration stood out among several competing solutions. We believe this approach will help them to reduce their risk much faster than siloed point solutions. Our newly released Cybersecurity Asset Management application received a lot of interest from customers, and we are pleased with the early momentum we are seeing. This early momentum illustrates our ability to understand our customer's evolving pain points, respond quickly with updated roadmap and accelerate our time-to-market with differentiated security solutions that help fuel our growth. A Forbes 2000 company selected VMDR along with Cybersecurity Asset Management over several competing solutions. The ability to provide comprehensive asset discovery across its infrastructure to uniquely add context for security-centric visibility, CMDB sync integration, alerting and response capabilities was a key differentiator compared to other…

Thanks, Sumedh, and good afternoon. Before I start, I'd like to note that, except for revenue, all financial figures are non-GAAP and growth rates are based on comparisons to the prior year period, unless stated otherwise. We're pleased to report continued growth acceleration in LTM calculated current billings with another quarter of solid revenue growth and profitability as reflected in the following financial and operational highlights. Our quarterly revenue surpassed $100 million for the first time, growing 13% to $104.9 million. With our Q3 LTM calculated current billings growth at 16%, up from 13% in Q2, and 8% in Q1, we believe that we've crossed that growth inflection point and are on track to accelerate revenue growth. Paid Cloud Agent subscriptions increased to 70 million over the last twelve months, up from 64 million for the 12 months ended in Q2 2021. We're excited by the continued adoption of VMDR with the total customer penetration now at 32%, up from 28% in Q2 and 12% a year ago. Our scalable platform model continues to drive superior margins and generate significant cash flow. Adjusted EBITDA for the third quarter of 2021 was $50.3 million, representing a 48% margin, in line with last year. Non-GAAP EPS for the third quarter of 2021 was $0.86, up from $0.77 last year and our free cash flow for the third quarter of 2021 was $41.3 million, representing a 39% margin versus 52% last year. YTD free cash flow margin was 47% versus 44% for the same period last year. In Q3, we continued to invest the cash we generated from operations back into Qualys including $7.2 million on capital expenditures and $31.7 million to repurchase 290,000 of our outstanding shares. We're pleased to announce that our Board has authorized a $200 million increase to our…

[Operator Instructions] Your first question comes from the line of Matt Hedberg from RBC Capital Markets. Please proceed with your question.

It's Dan Bergstrom from Matt Hedberg. Thanks for taking our questions. It is really nice to see the revenue acceleration here at 13% this quarter versus 12% in the first half, guidance implies 14.5% at the midpoint of fourth quarter. Can you talk a little bit about the components leading to revenue acceleration here in the second half and then particularly with the fourth quarter guide?

Yeah, happy to. So we've been talking about the revenue acceleration for a while now. And as you can tell by the LTM current billings, what we're really seeing is the continued growth for this span from existing customers as well as new. So if you take a look at our bookings trajectory and looking at the pipeline, and what we're seeing right now, it's continued adoption of VMDR which has been created and strategically very important to us. And as customers continue to adopt VMDR and increase customer penetration from a product perspective that's been helping us to land more customers as well as cross-sell additional products as Sumedh mentioned during his portion in the spreads like stack [ph] and patch management, we also introduced a new product like CSAM. So overall, I think that our market positioning has strengthened with the new product launches and that has helped with increasing spend from existing customers as well as with our pipeline and our new deals.

Great. And then you mentioned VMDR there. Could you talk about the traction in multi-product adoption by new customers, you mentioned that in the prepared remarks and the last couple of calls, what's driving that trend? Is it simple as vendor consolidation or are customers increasingly realizing the power of the platform on that initial sale?

Yeah, I think it's a combination of both those things. I think, NEC, so you talk to, they really do want to consolidate their stack. And too many vendors solutions and the time is wasted in trying to get the solutions to work with each other. So when you take that, that's essentially that's what the market is really looking for. And then when you look at the Qualys' approach of the platform, where it's a truly unified platform, not just a combination of different tools put together, what that does give with VMDR is that ability to shorten the amount of time that they potentially have to have exposure, because we not only give you a list of vulnerabilities, like other scanners do, but then we take that into the prioritization as well as the ability to provide patching of those vulnerabilities with the same solution. So you can really get that ability to reduce the exposure window and make that much quicker and faster. And a big part of VMDR is also the adoption of the agents approach, right. So as customers who deploy the VMDR and they have agents, then that ability to drive additional module consumption when you already have the agent certainly is a quicker way for them to see the value so that they can turn on File Integrity Monitoring, they can turn on cybersecurity asset management. And so what we see right now is new customers, when they are coming to us they are in the mental state where they really are looking to re-architect their security solution and look for a new vendor. And so when they see that Qualys is providing not only just a list of vulnerabilities, but the ability to patch, the ability to have asset inventory, the ability to have File Integrity Monitoring and other capabilities, policy compliance built in that's why we see that our top new customers this quarter, as we said also last quarter, right out the bat when they buy something from Qualys, they're not just buying VMDR, they're buying other capabilities, including patch management, as well as file integrity monitoring and other solutions right off the bat. So we see that desire to consolidate with the fact that our platform actually provides that in a seamless and easy manner. A combination of that is what we see in our conversation with customers.

Great, thank you.

Thank you. Your next question comes from the line of Curtis Boulanger from Summit Point Capital. Please proceed with your question.

Hi. Thank you very much for taking my question. I want to get your thoughts on capital allocation. So I noticed the Courtot Family Trust has been selling shares in the open market since August. So, it looks like it's been a bit of an overhang and probably explaining the 10% short interest in the stock. I mean, given how well you're executing and tailwinds you are experiencing on cyber, I'm a little bit surprised that stock is higher. So I know you spoke a little bit about share buyback authorization, but I was wondering if you'd be willing to get a bit more aggressive with share buybacks or maybe conducted tender offer to remove the Courtot Family Trust overhang? Yeah, just kind of getting a little bit more aggressive than just offsetting dilution from share-based comp.

Yes, it is great question. We've actually been talking about the capital allocation strategies on a regular basis with the Board and with management as well. And this is actually one of the reasons why the Board has authorized additional 200 million when we had slightly over 100 million left as of Q3. We do believe that our stock is undervalued from our perspective, so it's a good opportunity for us to leverage our cash on our balance sheet with our cash and short-term marketable securities kind of nearing that 500 million mark and so that is our intention. We will be executing based on the revised spread.

That's fantastic. Thank you.

Thank you. Your next question comes from the line of Erik Suppiger from JMP Securities. Please proceed with your questions.

Yeah, thanks for taking the call. A couple questions. One, just in light of a number of new executives that you've brought on, including the CRO, I'm curious, have you formulated any differences or changes in strategies in go to market or anything - any observations that we could take away? And secondly, in terms of the XDR product, I'm just curious, are there any particular profile customer that you're looking to take that into? Is there a logical direction that you would initially take with taking that to market?

Yeah, great questions. I think, first, I am definitely excited to have these seasoned leaders come on board. I think, as we have stated, our focus really is to drive continued platform innovation and that's where bringing someone on board as a CPO really helps us ensure that we are continuing with our innovation, continuing with our engineering innovation and then working closely with the CRO and the CMO and their teams to have a much better education between the product and the new products that we are creating and the new opportunities that we are creating and ensuring that we have a good sales enablement, we have a good end-to-end workflow between marketing and sales so that we are getting all the campaigns driven through the product from other sources, as well as the driving that to the sales team so that they can focus on converting these accounts. And Alan now has been here for five, six months and we really work very well together and we've really established a really good working relationship there, so quite excited to see him start to focus on having an impact here. And we have been working through different strategies in terms of how we want to proceed with investments, where we want to make them. And I think as we will work through that to the rest of the year and we should have some additional thoughts on the Q4 earnings. And then on the XDR side, I think there's a lot of SIM solutions that are starting to brand as XDR but the issue with a lot of them is that the SIM solution really does need the ability to have other vendors deployed to collect the data and pipe that into the SIM solution and that's where we…

Very good. Thank you very much.

Thank you. Your next question comes from the line of Brian Essex from Goldman Sachs. Please proceed with your question.

Hi, good afternoon and thank you very much for taking the question. I was wondering maybe if I could fall into one of the previous questions that were asked and I apologize if I missed it, if it was commented on before but I guess on sales and marketing initiatives, given the changes in executive management, any sense of what we might anticipate for the trajectory of spend there, and how you might think about incremental spending relative to maintaining profitability to drive growth.

Yeah, in terms of the sales and marketing, we're working very closely with our CMO and CRO, as well as our new CTO to understand the incremental spend that we think that is necessary, and we should be spending. And, we do have an intention to increase that investment, as we said all along. And I'm sorry to repeat that every quarter, but it is taking a little bit of time for us to formulate a plan, just because everyone is new and of course, it takes time to further increase spend in a meaningful way, keeping the right ROI in mind. So with that said, we're going through the budget planning cycle right now, we will be providing additional color and guidance at next quarter when we will provide the annual revenue guidance as well as the ETS.

Got it. That's helpful. Thank you. Nice to see the incremental VMDR penetration within your installed base. Have you offered how and I apologize again, if I missed it, but the percentage of VMDR as a percentage of total bookings over the last 12 months or any kind of other metrics to give us kind of a bookings or revenue penetration rate.

Yeah, so in terms of the bookings, as a percent of LTM bookings, VMDR now makes up over 40%, so it is significant. And I know that one of the metrics that we talked about that the quarterly renewal ones that are up for renewal with the VM solution, we're talking about that percentage actually went up to 57%, up from 47% last quarter. So what you're seeing and what we're seeing in the momentum of the business that we wanted to make sure that we communicate and relay that message to investors is, we really see this as an inflection point where you see a couple of quarters of consistent kind of uptick in the leading indicators that we're tracking, VMDR is one and that has kind of contributed to some of the customers purchasing additional solution. It's still a little bit earlier on but we do see it. We do see a pattern, a strong retention rate continuing that upsell rates and as those continues to track the momentum in the business, we believe that this will lead to further acceleration in revenue. We're hoping to give a little bit more color and of course, a full year guidance next quarter.

Got it. That's helpful. Thank you very much.

Thank you. Your next question comes from the line of Hamza Fodderwala from Morgan Stanley. Please proceed with your question.

Hey, guys, thanks for taking my question. Apologies, I dialed in a little bit late, so if this is already answered. But just, first question for Joo Mi, just a housekeeping one, for the current billings metric, was there any sort of contribution from the total cloud acquisition at all, either to acquired deferred revenue or revenue in the quarter?

No, it had no impact to that top line financials at all, so it's outside of that.

Got it. And then just my follow up on the hiring environment, obviously, it's a very difficult labor market. A lot of companies are seeing a lot of wage pressures. I'm curious, as it relates to hiring, what's the experience been like there in the past couple quarters and how you're kind of reflecting that into your forward margin outlook? Thank you.

I think if you will see, we have done, I would say, a good job in the last few months of getting a lot of the key hires hired in the company, right. So yes, I think the market is interesting. But I think when there is a good strong opportunity, and these leaders as they are coming into Qualys, believe in the story and opportunity here, I think we're seeing that we do feel the market right now can get sometimes inflated for certain roles, etc. But I think when we are spending the time to talk to the right people, show them the right growth that they can have at Qualys, I think we're seeing good results in terms of us continuing to be able to hire the right people and bring them on board. And I think that's what we are looking at across the board, even on the engineering side. And then also it helps us in different ways, because a good part of what we do with engineering product development is also spread out with our teams in India, where we have a large presence as well. So it gives us more opportunities to be able to find good talent between different locations and continue to invest and hire the right resources and the right talent in India as well. So that kind of helps us in terms of being able to withstand the pressure that we get from the market right now and in the hiring scene that we're seeing right now.

Yeah, and in terms of our margin forecasts, primarily if you take a look at our Q4 that implied margin, it's slightly lower than what we've been achieving so far year-to-date and primarily it's due to our Q4 event. As Sumedh mentioned that QSC is live, it will be in person in Las Vegas. We will of course have some sessions available online as well but we do have incremental additional marketing expanse that we typically incur in Q4.

Okay. Thank you

Thank you. I'm showing no further questions. I would now like to turn the conference back to Sumedh Thakar. Please go ahead.

Thank you all for joining us today. We believe that we are well positioned to capitalize on the move in the market towards a consolidated security and that sort of platform solution really offers. We look forward to sharing continued progress in coming quarters. Thank you very much.

Thank you. This concludes Qualys' third quarter investor call. Thank you for participating. You may now disconnect.