Well, good afternoon, everyone, and welcome to TD Cowen's 52nd annual TMT conference. My name is Michael Elias. I'm the Communications Infrastructure Analyst here. For this session, it structured as a fireside chat, we have about 30 minutes, and we have Akamai. And from Akamai, I have the pleasure of being joined by their Co-Founder and CEO, Tom Leighton. I have a bunch of questions prepared, but I'll do my best to pause at the end and take questions from the audience. But with that, Tom, thank you so much for being here today. Really appreciate it.
Thanks.
All right. So I wanna kick things off and talk about security. So I recall that one of the growth strategies for Akamai was to drive greater penetration of the security products into the installed base for the delivery business, specifically. You know, this strategy seems like it's been working, but I'm curious, where do we stand in that journey? And maybe to use a baseball analogy, what inning are we in of that evolution?
Yeah, a lot of our customers today buy a security product. That's actually the lead motion with the go-to-market team to lead with the security products. Next is we want them to buy more of our security products, and with some of the newer offers, bring on new customers that haven't used Akamai and really don't have needs for content delivery, per se.
So as we think of the go-to-market, start off with security. Do you ever have a security customer start off as security and then ultimately end up taking delivery? Or do you find that they take the security product, and it's generally just security?
Well, you know, with our WAF product, if they buy that, that includes basic delivery and even basic acceleration at this point. Now, if they want additional acceleration capabilities and the high-end stuff, then they might buy some more delivery. But most of the motion of the field is leading with security, and unless you're a big bit pusher, for some reason, you'd probably stay with the security product.
Can you remind us, are there certain security products that you have to be a delivery customer for?
Web App Firewall.
That's the only one.
Yeah. So because that is the same motion as the delivery product. As the request comes in for the user, you know, we're doing the Web App Firewall stuff, making sure it's not malicious or causing a problem, and if it's all okay, then we actually deliver the content they want in response. So that would be the sort of the base product. Now, there's other security products that have nothing to do with delivery at all.
Okay. Is there any natural overlay between the security and the compute part of the business? Because I'm trying to find the intersection points here, where, as I think through the cross-selling, where that opportunity would be on the, on the security side.
By and large, they're separate and set up to be that way, so you can use our cloud and not have to use our security, and you can buy our security and use other cloud providers. You know, there's some, some intersection where increasingly we're seeing, you know, the CISOs wanna have access to all their security data, run analytics on it. We have a cloud offering for that, so we'll store it. You know, when we have third parties on our cloud marketplace, they can use to analyze the data. And also on the basic, you know, compute service, you can buy some of our security services on top of that.
Okay.
But mostly, they're separate motions.
Got it. As we're thinking through the longer-term strategic growth roadmap for the security business, what I'm curious is: What are the drivers for success over the medium to long- term, driving that growth? Is it greater penetration of that, of the installed base currently? Is it adding additional products? How do you think of the evolution of that business and really getting it to be a larger and larger portion of the overall mix growth?
Yeah, I would say, you know, as I mentioned, a lot of our installed base has at least a security product, so it's more adding more products into the installed base that already have at least one. And then there's the new capabilities and, you know, adding new customers, for example, Guardicore. You know, most of that base wasn't initially Akamai. API security with our pending Noname acquisition, most of that base is not Akamai. And so there's a lot of opportunity to grow our base, you know, based on these new capabilities.
So new, new customers, just new acquisition, and then also just expanding, or selling more products into... That's really how you see it?
Yeah.
Okay. So along those lines, when we were off stage, we were talking about Guardicore, which I remember in 2021, you'd done the acquisition of that. It's now becoming a more material contributor-
Yeah
... to your, to your growth. You know, can you just unpack, now that it's been, you know, two and a half years since you did the, the acquisition, you know, how has that played out relative to your initial expectations, and what should we expect to see out of that product moving forward?
Yeah, it's doing very well. We crossed over the $100 million mark, growing at a rapid rate. We just announced the new Guardicore platform, which combines the traditional Guardicore solution with Enterprise Application Access. So that's North, South, East, West, now in one offer with one control plane and importantly, one agent, you know, that goes—that you would put on a server or an application. One, you know, a piece of software you're putting on the device, and customers have been asking for that. And we have the market-leading segmentation solution, and now it's unique in that you get that and, you know, a very strong employee access solution. In addition, we folded in MFA and DNS security and threat hunting, so it is a full platform.
We just announced it at RSA, and we have a cool new interface based on GenAI, so that in human language, you can query your internal infrastructure and find out what a particular application is or what a particular device is. You can ask about, are your firewall rules up to date? You know, are you seeing anomalous behavior somewhere?... and it's in a human language, which is pretty cool. So a lot of positive reaction to that at RSA.
As you think about that intersection, that to me was unique, talking about, you know, the north-south, and then the east-west. Who else in the market is providing a solution similar to that?
Yeah, nobody.
Is that really differentiated for Akamai?
Yeah. No, we have competitors in each of the two separately, but nobody has a combined solution like that.
Okay. No, that's, that's helpful. Just wanna shift a little bit and talk about M&A. So you recently did the acquisition of Noname. I believe you mentioned, yes, it's pending. Can you just give, for those who may be a little bit less familiar, the strategic rationale for that acquisition, and how you see it fitting into the broader security portfolio?
Yeah. Well, we think API security is gonna be a really critical area. You know, the analyst community projects a billion-dollar TAM by 2027. I think that's probably right. Pretty much every CISO I talk to knows they got a problem, and they know that they don't know all the APIs that got exposed. And so now we have the market-leading solution to tell them what are their APIs, are they vulnerable somehow, are they being exploited? And then ultimately, to put it in a block mode, so you proactively block the exploit from happening. So I think it puts us in a great position. It's very synergistic with our current capabilities there, and our goal is, by the time of the close of the acquisition, towards the end of this quarter, we'll have integrated the two.
You know, that was what Noname was really lacking, is the integration to our web app firewall. 'Cause we have the leading web app firewall, and obviously, a lot of the APIs go through that, and they have the leading solution for API security, and now they will be integrated.
When I think about, you know, your historical acquisition approach, you've done smaller tuck-in deals, and then also you've done some larger deals. Guardicore and NoName would be examples of that. What I'm curious about is how you think about the buy versus build decision. 'Cause when I think of Akamai, I think of Boston, I think best and brightest coming from MIT, you know, so there's the technical prowess there. But how do you internally think of the calculus of the build versus the buy decision?
Well, we do both. You know, and a lot of our security products have been homegrown. Web App Firewall is a, you know, a marketplace that we created a little over 10 years ago. Bot management, we did a acquisition, but a lot of that's been internal, you know, development. Account Protection's internal, Client Protection, a lot of the things are, the services, you know, are internal, capabilities. And even when, you know, we bought Guardicore, we've done a ton of investment around that and further development there. And combining it with our enterprise application access, that, of course, is now organic development built on top.
So it's a combination, and every once in a while, we'll see a really compelling product or capability with a really strong technical team that we think would be a good fit and cultural fit with Akamai. And if the price makes sense for shareholders, then we will execute on it.
So there's technical, like technical competency in the market. Like, you see someone with a very sharp team that's culturally, that's something you'd look to do, obviously, price being right. But then also, I think of it as, you know, you take a product, and you can really scale up the, the customer base that it can address.
Yeah.
Like, those are the two ways that you're when you're going to market for M&A, that's what you're really thinking about.
Yeah. If we're gonna spend, for us, a lot of money, a lot of people work really hard, you know, to generate that amount of money, it's gotta be something that we think really puts us in a very strong position in what will be a very large market.
You know, when we have talked about doing M&A, M&A in the past, the sense that I've gotten is that the environment was tougher, like the assets were expensive. How have you seen that market evolve? You know, have you seen... You know, look, there's private equity capital that's been in some of these companies for a while, now they're looking to exit. Does that increase the pipeline at all? Curious what you're seeing in the landscape as you, you know, look to add additional products.
Well, yeah, it's still highly valued out there. It's, you know, not cheap. You know, and it's a lot to spend what we spent, you know, or spending on Noname. But yeah, the price has come down. You know, a couple of years ago, we liked the company then, was triple the price for half the revenue, and they weren't the market leader then. You know, and so, yeah, not gonna make sense, but, you know, things have changed some to the point where, for example, that acquisition did make sense for them.
I'm curious, do you see with that being an example, do you see additional opportunities, maybe, you know, stuff that you've circled in the past and you're seeing the price come back in, that could lead you to be potentially more acquisitive in the near- term? Just curious how you think.
Well, you know, we're always, you know, looking for opportunities, but we're pretty disciplined, and, you know, there's only so much we're gonna do at any given time. And, you know, an acquisition of that size is a pretty big deal for us. You know, we generate ballpark $1 billion a year, and that's enough to buy back the equity we give in employee programs. And over time, we've bought back a little bit more opportunistically, so about an extra 1% a year of our outstanding equity. And then there's enough left over to do something on the size of a Noname or a Guardicore. Doesn't mean we will, but, you know, we have that possibility.
Yeah. Just gonna think, as I think back, I remember when you did the Guardicore acquisition, that was like November 2021, and shortly thereafter, you did the Linode acquisition.
That was unusual.
Okay, all right.
That was very unusual.
Okay. When you travel, I know that you meet with customers typically when you're, when you're in, somewhere for either an investor conference or, or something like that. Sure they express to you what the pain points for them in their business are?... As you've been traveling recently, what are customers saying to you that, you know, "Hey, this is an issue for me and my business," and then as part of that, you know, how is Akamai positioned to help address that?
Yeah, it depends on the customer's vertical and what their role is. You know, most enterprises, certainly if you're talking to the CISO, they know they've got a big problem with API security. They know they're exposed, and they gotta, they gotta do something. Generally, they're very worried about ransomware and a data breach, and so segmentation is a big conversation. You know, on the other side of the house, compute bills is a big topic, you know.
Pricey egress?
Yeah, just in general, but certainly the egress, you know, is a monster. But all the things are getting charged for now, including a lot of the third-party SaaS companies. It's the spend is out of control, and it's now costing them a lot more to be in the cloud than to be in their data center. And it's untenable. And so that's a great conversation for us to talk about our compute capabilities, because we can substantially lower their costs. We'll give them better performance, and that's a great conversation for us to be having now.
We'll get to compute, but I wanted to kind of round out this conversation. At the beginning, I asked you, you know, the strategic roadmap, and you were talking about adding new products. As you look at your current portfolio, you know, where are the. Do you see any gaps in the product portfolio? Where like, okay, this is something that we need to, this is something that we need to address, or do you feel like right now, based on where the market is, you know, you're adequately covered?
You know, I think at the high level, we're in a good position. You know, at the macro level, the big gap for us was the core cloud compute, supporting VMs and containers, you know, in a way that can really compete with the hyperscalers. That was a big gap and a huge opportunity, which, you know, we're in a good position there now. You know, within security, there's always new developments, new kinds of attacks, and that's constantly evolving. And so not like there's a glaring gap there, but I'm sure there'll be other things we're gonna wanna do in the future.
Okay. As you think of the frontier of where the attacks are happening currently, you know, what are you seeing in, you know, at the leading edge? And is there anything we can infer to kind of the direction of travel for the broader security industry?
I'd sort of say two things. First, you gotta have the basics. Make sure your doors and windows are locked, and today that means you need API security. 'Cause you might have you'll have your web app firewall or something like that, but if you don't have API security, your windows are all open, and that's bad. And then the second thing is, even when you lock all the doors and windows today, you can buy everybody's products, malware's still getting in, and with GenAI, that just gets worse. And so what you really most need now is your interior layer of defense, the last line of defense, which is segmentation.
Yeah.
And that tells you that you've been penetrated, so you know, you know, very quickly, and it proactively blocks it from spreading. You know, ransomware is not so bad when it gets into that first server. It gets bad when it spreads and locks everything down. If you can stop the spreading, you've limited your damage. Same with data exfiltration malware. It's not so bad when it gets into your HVAC system. You know, it's when it sits there and uses that as the hub to go get all your data and then exfiltrate it to the botnet, and that's where you're in big trouble. And so that's why I think, you know, Guardicore is, you know, doing so well as a product because you need to have that capability.
Yeah, it's the evolution of the defense. Yeah. Yeah. Maybe shifting over and talk a little bit about the compute business. You know, you've talked about in the past that you believe it could be your largest product line in three to five years, and you're also reallocating resources out of delivery into the compute business. I'm curious if you can share any color in terms of how you see that shift progressing in terms of the reallocation of resources, and then also, just outline what the biggest opportunities for you are in the compute business.
Yeah, we've reallocated a lot of resources. You see it in our CapEx breakdown, you know, that what used to be, what? 88% of revenue in platform CapEx for delivery, that's down to about 3% now, and it includes security too. So there's been a big shift there. You don't see it as much in the people, but we moved a ton of our people all the way from development, operations, procurement, deployment, from delivery into compute. So we got a huge investment going into compute, and in particular, it's upgrading Linode to work for the big enterprises for mission-critical apps. And we're just now getting to the point where we can start to sign those deals. So this is the first year that pretty much the whole field force is comped on getting compute. Last year, it was a few people in media.
So we're finally to the point we can start selling, and we did in the call breakout that, okay, at the end of Q1, we had $50 million in ARR, up 4x year-over-year. So huge potential from here. Our goal is to take that little $50 million and make it billions, and that's what we're working really hard on, and the initial sweet spot for us is big media. And there's several reasons for that. First, they need to cut cost. Second, they're spending a fortune with the hyperscalers, usually with a hyperscaler that is their biggest competitor, and that's not a nice place to be. They care about performance. We know them well because we do the majority of their delivery and provide their security. We know the CXO there. They like us.
You know, they tend not to like their big cloud provider, who's their competitor. And at the same time, we put a focus on our marketplace and our ecosystem for cloud with media workflow companies, so that now we can actually offer the media workflow on our cloud to compete with an Elemental, say. So you don't have to be locked into your hyperscaler. You can use Akamai. And our first big wins, you know, that contribute to that $50 million ARR are big media.
Big media companies. Along those lines, one of the things you just mentioned is that getting the Linode platform to be, you know, essentially ready to sell to the large, large enterprises. I mean, that's really how you drive the growth. You get a share of that-
Yeah
-that wallet.
Yeah.
What were some of the, maybe features or functionalities that Linode on its own was lacking? Was it just global scale or geographic scale?
Everything. Capacity, scale, certifications, reliability, some of the basic functionality, VPC, just a lot, storage, to be able to do the upload rates and egress rates that you need for big companies. Linode was great, you know, designed for small and medium-sized companies or developers. You know, very easy to use, very popular, not ready for big enterprises at all. So it takes time, you know, to build something that can legitimately compete in, for some applications and customers, with the hyperscalers.
Where do we stand in that evolution in terms of getting it to the point where it can be, you know, broad-based sold to these large, to these large enterprises?
Well, we're to the point now where we can sell it.
Okay.
So we are. You know, it's now worth our reps' time out there to do it, and of course, we still, it's not, we're not going after everything. You know, if you've got an application that's using 20 applications in the marketplace, that's hard. Or you really have gotten yourself locked into a hyperscaler, probably not worth the effort. So we focus in particular areas where it is worth the effort to migrate to our platform, and we will save them a ton of money and give them really good performance. So we're to the point now where we can start selling. So on the selling side, we're in the first inning, and of course, we spent a lot of time getting ready to be there.
Okay. So you we should be seeing the fruits of these labors.
Well, that is the goal, yeah.
Starts around... Okay.
Yeah.
In terms of the build-out, right? Just think about, you know, a Cloud platform or Compute platform. You need distributed compute, right?
Yeah.
You've talked about kind of expanding the number of core locations that you have. Where do we stand in the build-out of the actual infrastructure to support this, the Compute business, and kind of what should we be expecting moving forward in terms of additional locations?
Yeah, in terms of the core locations, we're in 25 cities.
Yep.
We are, this year, expanding out some of the original Linode locations, and we're doing that with a new architecture and sometimes in a new data center. So it'll be the same city, but a different data center with new capabilities. But most of that is done. This year, we're doing what we call Gecko, which is the next level of supporting containers and VMs in our existing larger edge regions. And we're live in beta today with a bunch of customers in 10 cities there, including some cities and countries where there's no hyperscaler. And the goal, by the end of the year, ballpark, to have 100 total cities all in. So we, counting the 25 we got from the core, the 10 we've got so far, but build out more of these Gecko regions.
That, you know, will be more than any hyperscaler has in terms of cities where they can actually support VMs or containers. And then we've had before, legacy, the ability to do function-as-a-service or JavaScript. And so we'll spin up your JavaScript apps in a few milliseconds in all 4,000 edge PoPs, and that today is in 750 cities. So it's sort of a, a hierarchy, but the goal is to have more and more of the support be close to the end users.
As you build out more of these locations, is that leased data center capacity that you're taking with a third-party operator to support the compute?
Yeah. Now, in some cases, those locations, most of our edge locations, we don't have to pay, because the local carrier or local ISP wants us there-
Yes
'Cause we help their performance and lower their cost with all the content that we carry. Some of the bigger ones we will pay for that, and in some cases, it means we're adding new hardware, in some cases, maybe not. In any case, they tend to be less expensive. The big ones are already connected into our backbone, or already set up there. So it's a much easier deployment for us and lighter weight than the big core data centers.
So let's shift gears a little bit. You know, AI is obviously a hot topic. One of the questions that I get from investors is: Is Akamai positioned to benefit from AI? You know, one of the areas that comes to mind is in the compute within the compute business. But I'd be curious, how do you think, you know, as we iterate through AI, whether it be through the security vertical, there being more traffic that gets generated as a result of more compute, how do you see your business benefiting from.
Yeah, we've used AI forever in security. It's how we decide if you're a bot or a human, if somebody's logging into your bank account, it's how we decide, is it you or somebody who stole your credentials? Anomaly detection, you know, so just across the board for a long time. Now with GenAI, we're using it, as I mentioned, with the new user interface to Guardicore. We have in development, you know, a capability that it will suggest the right way to segment your network for you, you know, these kinds of things. So early days, but there seems to be potential there. Unfortunately, it really helps the attacker. It's really easy to develop really nasty malware now using GenAI.
Now, on the compute side, Gen AI is gonna drive a lot of cycles for compute. You know, to the point where you know, it potentially puts stress on the whole power grid, just to power all this. That's good for the Compute business, because we're in the business of selling compute cycle.
Now, today, we don't do the heavy GPU training stuff. You know, we're not doing that. We do have GPUs, we're buying more, most of them actually for graphics, for our gaming customers, but we also do some of the gen AI stuff on it. Most of our spend on the CapEx is for CPUs. And most of the inference work for AI is using CPUs. And that's because it's more cost-effective for us and for the customer. But we certainly are capable of supporting the GPUs and, you know, we'll do that if the economics are right.
Do you see as we move past the training phase into the inference phase? Do you see that driving a tailwind? F or the compute business?
Yeah.
You give the customer control over their, you know, over their data, which obviously, for these enterprises, data is key.
Yeah.
You know, how do you see that, that playing out, and maybe the role that the compute business can play in the inference stage of AI?
Yeah, so we're already doing it for customers. You know, a commerce site wants to tailor the content for the user, you know, ad selection and targeting. So already we're seeing that on the compute platform. In terms of traditional inferencing, not GenAI-
Yeah
But traditional inferencing, heck, we're our biggest customer for compute doing that. You can think of Akamai as the equivalent of a $100 million a year compute customer, 'cause we moved our security solutions onto it, and they're doing inferencing. We have partners in our marketplace, our ISV program, that are specialized around, you know, GenAI and inferencing. You know, now, today, most of the enterprise compute revenue is not that. It's more boring stuff, you know, media workflow, transcoding, and stuff like that. But I do think inferencing is a growing part of that.
Just wanted to shift to delivery in the remaining time that we have. You know, we've seen the delivery business face headwinds since we've come out of the pandemic. And I believe that the last analyst day you had, the guidance was for 0% to -4% CAGR over 3-5 years. You know, given we're still seeing headwinds in the business, do you think it's reasonable for us to expect to get back to positive growth for that delivery business? Or do you view it as a business that's, it's just in structural decline?
Yeah, I don't think what we're seeing now is structural.
Okay.
You know, we're seeing significant challenges in a very large social media customer. And that, you know, was the majority of the takedown on revenue in the guidance we gave. You know, I think long-term, they've got issues that probably beyond their control to really solve. You know, media as a whole is not going away. Traffic is gonna grow, probably at a maybe a slower rate than maybe what was historical, certainly during, you know, the pandemic. It would be nice to see some stabilization in pricing. It's a very competitive market. You know, two players have exited, two more are in very difficult circumstances. I don't see how they can keep pricing where they are over any kind of medium or long- term. So I do think over time, that stabilizes and ultimately can grow as a business.
So, we are experiencing, certainly challenges this year. I don't see that as a long-term phenomenon. Also, in terms of Akamai as a whole, delivery today is only about a third of our revenue. In a couple of years, at the rate security and compute are growing, if there is a bump in the road in delivery, you're not gonna notice as much. Just it won't be that big a part of the business.
That's, that's a fair point. You know, I think one of the, the points that an investor would make is like, that business does throw off a healthy amount of cash.
Yeah, it does.
Which allows you to reinvest it, as you've talked about.
Yeah
Doing into areas like security and, and compute. You know, just sticking on the topic of delivery for a second is: have you ever seen a period. Because generally, the market is characterized by traffic growth, countervailed by price declines. Right? Have you ever seen a period where you saw a slowdown in the rate of price declines? Is maybe that, is that potentially a lever that can change the growth dynamic?
Yeah, we're certainly slowing down the rate of our price declines. That's for sure. You know, and traffic growth hasn't been as strong, and we're walking away from more, more of the business we just don't think makes sense for us. And we've talked about certainly spiky traffic and stuff that's just bottom of the barrel, not engaging in. And our goal is not the primary goal isn't to make delivery revenue grow. The primary goal is to make Akamai grow in the long- term, and to accelerate growth, and to be very profitable, and that dictates what we're doing in the delivery business. And you're right, it is a very good business in terms of cash generation or profitability, and it's enabling us to make large investments in security and compute, which is our future areas for growth.
Yeah. Last question for you is, during the pandemic, we saw, I would say, a structural shift in the way that we consume. We all went home, and, you know, we were on our devices, we were using Zoom, a lot more video, and obviously, that drives a lot more traffic through the system. As you kind of put your forward-looking hat on, do you see anything driving changes in the amount of traffic that you're pushing through the system beyond your typical traffic growth, right? You know, not to bring it back to AI, but maybe that's something. Just curious if there's anything you see on the horizon.
Well, if we all start wearing goggles all day, that'll be really good, but
Fair point
Yeah, that hasn't happened yet. I think also we'll see where gen AI goes. You know, if we're all running around with a copilot, you know, at some point, that's gonna drive a ton of growth. Otherwise, I think for now, as we give the outlook for the year, we're taking a more conservative posture on traffic growth this year. So it's growing, but at a little bit slower pace than we started the year.
Yeah
And then it certainly was during, you know, when we were all locked up at home.
Well, with that, we're just about out of time. So, Tom, thank you so much for joining us. Really appreciate it.
Thank you.