Cyberark (Cybr)
**Revenue** In Thousands
13 $27,961 $20,052
14 $17,935 $21,338 $27,961 $36,305
15 $32,915 $36,375 $40,056
Revenue was up 43.26% this quarter YoY. While the Revenue has been growing sequentially the growth rate in revenue has been dropping. Q1 growth rate was at 89%, Q2 growth rate was at 70%.
**Net Income** in Thousands (Gaap)
13 $3,312 $1,396
14 $1,248 $1,230 $3,312 $6,660
15 $4,166 $4,922 $6,773
Net income on a Gaap Basis was up 104.50% and on a Non-Gaap basis it was up 56%. Non-Gaap net income was at $11,112 this quarter. The difference between Gaap and Non-Gaap is the following.
Share based compensation was at $2,105
Amortization of intangible assets- cost of revenues as at $19
Amortization of intangible assets- R&D was at $271
Acquisition related expenses $429
Taxes on income related to non-Gaap adjustments ($382)
```
**Earning Per Share** adjusted (Non-Gaap)
13 $.20 $.08
14 ($.14) $.09 $.20 $.21
15 $.16 $.19 $.26
```
Earnings were up 30% QoQ YoY the earnings were up 256%.
In a YoY comparison N-Gaap earnings are accelerating.
This company is a relatively new company. It Ipo'd in the third quarter of 2013.
**Free Cash Flow** in thousands
13 $12,258 $7,149
14 $7,608 $4,125 $ 386 $10,313
15 $14,249 $20,987 $3,325
As you can see FCF is fluctuating from quarter to quarter. But this company has been FCF positive since its IPO
Cash and Debt
Their cash is at $249.7 million down from $283.8 million sequentially. They have 0 debt at this time.
1YPEG = .25
Conclusion
This Company is from Israel so you can imagine that is one of their red flags. This is a volatile region and if something happens in Israel I am sure we will see this company take a hit. But they actually have offices in many other places so they are well diversified. The reason this company caught my eye is because they are in the It Security business. Unlike Feye they are profitable. Another thing I like about them is they have a good portion of cash on the balance sheet and no debt. They also are FCF positive. This, I believe, if you want to have a position in the IT security business is the company to buy. While CSCO is profitable it will not have the growth that this company has. I recently bought this company for my portfolio and plan to grow my knowledge as I watch them. They recently acquired a company called Viewfinity which will allow them to better spot in –progress attacks.
Who is Cyberark
They are a pioneer of a new layer of IT security solutions that protects organizations from cyber attacks that have made their way inside the network perimeter to strike at the heart of the enterprise. Their software solution is focused on protecting privileged accounts, which have become a critical target in the lifecycle of today’s cyber attacks. Privileged accounts are pervasive and act as the “keys to the IT kingdom,” providing complete access to, and control of, all parts of IT infrastructure, industrial control systems and critical business data. In the hands of an external attacker or malicious insider, privileged accounts allow attackers to take control of and disrupt an organization’s IT and industrial control infrastructures, steal confidential information and commit financial fraud. Their comprehensive solution proactively protects privileged accounts, monitors privileged activity and detects malicious privileged behavior. Their customers use their innovative solution to introduce this new security layer to protect against, detect and respond to cyber attacks before they strike vital systems and compromise sensitive data.
Products of Cyberark
Privileged Account Security Solution Their comprehensive, purpose-built Privileged Account Security Solution provides their customers a set of products that enable them to secure, manage and monitor privileged account access and activities. Their Privileged Account Security Solution consists of Enterprise Password Vault, SSH Key Manager, Privileged Session Manager, Privileged Threat Analytics, Application Identity Manager and On-Demand Privileges Manager. These products share a common technology platform that includes our Digital Vault, Master Policy Engine and Discovery Engine, and integrates out of the box with over 100 types of IT assets in the datacenter or the cloud.
Enterprise Password Vault. Their Enterprise Password Vault provides customers with a powerful tool to manage and protect all privileged accounts across an entire organization, including physical, virtual or cloud-based assets. Customers can control how often to require scheduled password changes for different privileged accounts or grant passwords solely for one-time use based on operational needs and regulatory requirements. This automated process reduces the time-consuming and error-prone task of manually tracking and updating privileged credentials thereby enhancing system security and facilitating observance of audit and compliance standards.
SSH Key Manager. Their SSH Key Manager product, which they launched in November 2014, securely stores, rotates and controls access to SSH keys to prevent unauthorized access to privileged accounts. This includes the protection of keys at rest and in transit, granular access controls and integration with strong authentication solutions. Detailed audit logs and reporting capabilities provide visibility into key usage to meet audit and compliance requirements. SSH keys are used as an alternative to password credentials, commonly used for administrative access for users, devices and applications to UNIX and Linux systems. SSH Key Manager is a logical extension to our Privileged Account Security Solution, leveraging our shared technology platform infrastructure, enabling organizations to protect all privileged credentials with a single integrated platform that can be built out over time in accordance with business needs.
Privileged Session Manager. Their Privileged Session Manager protects IT assets including servers, applications, databases and hypervisors from malware and provides command-level monitoring and recording of all privileged activity. Privileged Session Manager prevents malware on an infected workstation from capturing a privileged credential and spreading to additional assets. It also provides a single point of control, forcing all privileged access to pass through our server, ensuring that all privileged activity is monitored and recorded. The single point of control also allows for real-time viewing of privileged activities, enabling customers to terminate privileged sessions in real-time as a threat is detected. In addition, Privileged Session Manager records complete privileged sessions and stores the recordings in the Digital Vault to prevent tampering. Auditors, forensics team and others are able to view and quickly search through an entire session recording for specific activities. Privileged Session Manager does not impact the privileged account session and can operate entirely in the background,
although customers can opt to deter privileged account users from prohibited conduct by alerting users that their sessions are being recorded. We offer customers the choice of licensing Privileged Session Manager based on the number of devices secured or the number of concurrent sessions it monitors. Our Privileged Session Manager and Enterprise Password Vault serve complementary functions and are part of a shared platform. As such, they frequently sell them together.
Privileged Threat Analytics. Their Privilege Threat Analytics product uses proprietary algorithms to profile and analyze individual privileged user behavior and creates prioritized alerts when abnormal activity is detected. For example, our product can be used to detect privileged account access at unusual times or access to an abnormal quantity of privileged assets and terminate the session in real time. Privileged Threat Analytics uses historical data collected by our Privileged Account Security Solution and other network data sources to create and maintain a current profile of each privileged user’s behavior. It allows incident response teams to investigate the details that triggered the alert in order to prioritize and respond to the threat. They specialize in analyzing behavior related to privileged user behavior, thus providing vital intelligence on the most critical attack vector. This intelligence can be integrated into an organization’s existing systems and incident response processes enabling a faster response time.
Application Identity Manager. Their Application Identity Manager addresses the challenges of hard-coded, embedded credentials and cryptographic keys being hijacked and exploited by malicious insiders or external cyber attackers. This is enabled by our proprietary Digital Vault application provider technology, which eliminates the need to store such credentials in applications, scripts or configuration files. Instead, Application Identity Manager allows for secure, programmatic retrieval of needed credentials only at run-time and based on master policy control and monitoring.
On-Demand Privileges Manager. Their On-Demand Privileges Manager allows customers to limit the breadth of access of Unix/Linux administrative accounts and granularly restrict them from performing certain commands and functions. They also offer this product to customers using Windows through software licensed from an outside vendor.
Shared Technology Platform. Their shared technology platform is the foundation of our Privileged Account Security Solution and includes our Digital Vault, Master Policy Engine and Discovery Engine. Our Digital Vault is an encrypted server that only responds to preset vault protocols to ensure security throughout an organization’s network. Our Privileged Account Security Solution’s products use our Digital Vault to safely store, audit and manage passwords, privileged credentials, policy information and privileged account session data. Our Master Policy Engine provides a single, user-friendly interface for customers to set, manage and monitor privileged account security policies across an entire organization in a matter of minutes while allowing for granular level exceptions to meet the organization’s unique operational needs. Our Discovery Engine enables organizations to understand the scope of privileged account risk and helps to ensure that all privileged account activity is accounted for by automatically discovering new privileged accounts or changes to existing accounts. Our platform integrates out of the box with over 100 types of IT assets in the datacenter or the cloud, including leading operating systems, databases, network devices, security appliances, hypervisors, applications, industrial control systems and application servers. Our platform further leverages our proprietary vault protocol technology to enable distributed deployments across global networks for central management and auditing while providing enterprise-wide global coverage.
Sensitive Information Management Solution
Their Sensitive Information Management Solution provides a secure platform through which their customers’ employees can share sensitive files while enabling the customer to monitor who is sharing these files. This allows organizations to isolate, store, share and track sensitive files and documents, such as customer credit card information, human resource records, intellectual property documents and legal information in a secure, internal environment. It also allows organizations to exchange sensitive information securely and efficiently with their business partners, customers, suppliers and subcontractors. Their Sensitive Information Management Solution integrates with an organization’s existing applications and can be deployed on-premise or as a cloud service for faster audit readiness without the need for significant upfront cost.
Their Services
Maintenance and Support
Their customers typically purchase one year or, to a lesser extent, three years, of software maintenance and support in conjunction with their initial purchase of their products. Thereafter, they can renew such maintenance and support for additional one or three-year periods. These two alternative maintenance and support periods are common in the software industry. Customers pay for each alternative in full at the beginning of their terms. The substantial majority of their contracts sold are for a one-year term. For example, for the years 2012 through 2014 more than 90% of the renewal contracts were for one year terms.
Their global customer support organization has expertise in their software and how it interacts with complex IT environments. When sales are made to customers directly, They typically also provide any necessary maintenance and support pursuant to a maintenance and support contract directly with the customer. When sales are made through indirect channels, the channel partner typically provides the first and second level support and Cybr provides only the third level support if the issue cannot be resolved by the channel partner.
Their maintenance and support program provides customers the right to software bug repairs, the latest system enhancements and updates on and if and when available basis during the maintenance period, and access to their technical support services. Their technical support services are provided via their online support center, which enables customers to submit new support queries and monitor the status of open and past queries. Their online support system also provides customers with access to their CyberArk Knowledge Base, an online user-driven information repository that provides customers the ability to address their own queries. Additionally, we offer email and telephone support during business hours to customers that purchase a standard support package and 24/7 availability to customers that purchase a premium support package.
Professional Services
Their products are designed for customers to be able to download, install and deploy their software on their own. They are highly configurable and many customers will select either one of our many trained channel partners or Cybr’s professional services team to provide services. Their professional services team can be contracted to help customers fully plan, install and configure their solution to the needs of each organization’s security and IT environment. Their professional services team provides ongoing consulting services regarding best practices and the proper implementation of our solution to meet the requirements of each customer. Additionally, they teach best practices associated with use of our software through CyberArk University, which offers in-person and WebEx courses globally.
As of December 31, 2014, they had two issued patents and 14 pending patent applications in the United States. They also had one patent issued and 16 applications pending for examination in non-U.S. jurisdictions, and two pending Patent Cooperation Treaty patent examinations, all of which are counterparts of our U.S. patent applications. The claims for which they have sought patent protection relate to several elements in their technology, including the Discovery Engine within their Privileged Account Security Solution, Digital Vault, SSH Key Manager, Privileged Threat Analytics, Privileged Session Manager and Application Identity Manager.
Their corporate headquarters are located in Petach Tikva, Israel in an office consisting of approximately 38,320 square feet. The lease for this office expires in December 2016. They recently signed a new lease with their current landlord which will commence in 2017. Their U.S. headquarters are located in Newton, Massachusetts in an office consisting of approximately 21,000 square feet. The lease for this office expires in April 2022 with the option to extend for two successive five-year periods. They maintain additional sales offices in England, France, Germany and Singapore. They believe that their facilities are sufficient to meet their ongoing needs and that if they require additional space to accommodate their growth they will be able to obtain additional facilities on commercially reasonable terms.
Key Financial Metrics
They monitor several key financial metrics to help them evaluate growth trends, establish budgets, measure the effectiveness of their sales and marketing efforts and assess operational efficiencies. The key financial metrics that they monitor are as follows:
Revenues.
Non-Gaap operating income
Non-Gaap net income
Net Cash provided by operating activities
Total deferred revenue
Customers
As of the third quarter 2015, they had approximately over 2000 customers, including approximately 40% of the Fortune 100 and approximately 18% of the Global 2000. They define a customer to include a distinct entity, division or business unit of a company. Our customers include leading enterprises in a diverse set of industries, including energy and utilities, financial services, healthcare, manufacturing, retail, technology and telecommunications, as well as government agencies. They sell their solution through a high touch, channel fulfilled hybrid sales model that combines the leverage of channel sales with the account control of direct sales, and therefore provides us with significant opportunities to grow their current customer base. This approach allows them to maintain close relationships with their customers and benefit from the global reach of their channel partners. Additionally, they are enhancing their product offerings and go-to-market strategy by establishing technology alliances within the IT infrastructure and security vendor ecosystem.
Geographic Breakdown of Revenues
The United States is their biggest market, with the balance of their revenues generated from the EMEA region and the rest of the world, including North and South America (excluding the United States) as well as countries in the Asia Pacific region. The following table sets forth the geographic breakdown of their revenues by region for the periods indicated:
Year ended December 31,
2012 2013 2014
United States $26,178 55.4% $32,041 48.4% $60,761 59.0%
EMEA $14,148 30.0% $25,796 39.0% $33,198 32.2%
Rest of World $ 6,882 14.6% $ 8,320 12.6% $ 9,040 8.8%
Total revenues $47,208 100.0% $66,157 100.0% $102,999 100.0%
Andy