There we go. Ready to go? All right. Good afternoon, everyone. Thank you for joining us. My name's Brian Essex. I'm JP Morgan's cybersecurity and DevOps analyst. With me today, I'm very pleased to have Thomas Hogan, Cellebrite's CEO, and David Barter, their CFO. Both of you, thank you so much for joining us. And by the way, for those in the audience, I'll leave 10 minutes or so at the end of the event just to take any questions that you might have. Maybe a great place to start would be with this quarter's results.
For those that may not be too familiar with what you do and the trajectory of the company and the, and the pathway that you're on, maybe we could start with what you do, just a very high level. Then, you know, Dave, if you wanna hit the results because I think it's, you know, worth noting the growth rate, profitability, and so forth of where you are, because I think a lot of people are focused on that right now, so.
I'll do the quick flash on who we are.
Sure.
For those that aren't familiar. Then I'll let David Barter give you the cliff notes of the or snapshot of the P&L and progress of the company. I guess in the simplest terms, we truly make the world that we live in safer. Our software, our platform, and to some extent we're an appliance, is used by virtually every law enforcement agency in the free world, any democratized nation, both at the local law enforcement and the intelligence and federal level to help prevent bad things from happening. When bad things do happen, we help catch really bad people and put them away. That's what we do.
We've been in business for just about 20 years. We're recognized and I think acknowledged as the market leader, clearly. It's a small universe of people, we're the market leader. Like, if you're a citizen or you have children, like, you're glad we exist. Even though you may not know us, you're happy that we exist. That's what we do. Dave.
Well, thank you, Tom. Brian, thanks so much for having us.
Sure.
Just a couple of highlights in terms of, you know, as you think about Q1, and really as you think about this fiscal year, it's really, for us, it's an acceleration of ARR. We came off, you know, last year. When you think about the heritage of our business really around unlocking, extractions, we've really been building up a growth portfolio. We're real pleased with ARR growth of 21%, free cash flow margin on a trailing 12-month basis of 32%. You know, for us, you know, this quarter was really about just getting started. Had ability to launch a couple products towards the end of the quarter, started early access on an AI product.
Really, this is one of those stories that's the best is yet to come because we'll have almost a dozen releases over the course of this year. I think we're really just pleased with how the year started in terms of really building that base of, you know, how we're extending the platform.
Got it. Then maybe, Tom, just one layer deeper. You build a platform that extracts data from mobile devices, right? An analytics platform to help analyze and, you know, digest that data, store that data, share that data. How much of your revenue is hardware versus software? Can you talk a little bit about customers that use your platform and exactly the value proposition that you have for those customers?
I'll Dave, you go first with the mix of hardware and software, and then I'll kick in.
Just because you said you're an appliance, so I just want to make sure you address.
Yeah.
That comment. Yeah.
Such a strategic part of the business. About 8% of the revenue is non-recurring.
That's in the little mix of hardware as well as some professional services.
Right.
That go, you know, into making customers successful. 92% is a mix of terms, term-based subscriptions.
We also have cloud subscriptions and even consumption contracts.
Right.
Contemporary business in terms of our mix of our software revenue, and all running at about an 86% gross margin.
Right.
Yeah.
Last year was kind of interesting. You had a number of different headwinds that you managed through. Can you maybe talk about, you know, what some of those headwinds were and then, you know, the outlook that you have for growth this year, now that that kind of environment's behind you, and then you have a number of different, you know, I think attractive levers to really throttle your growth a little bit?
Yeah. I mean, our historic growth rate over the past several years has been in the low to mid-20s on an ARR basis while delivering, I think, healthy levels of EBITDA and free cash flow. In 2025, we dropped below 20, that headwind was almost exclusively from, we do just under 20% of our business in the U.S. federal market, so I think in the 17%-18% of our business is U.S. fed. When the administration turned over 18 months ago, a combination of chaos, change in leadership, the whole early days of the DOGE initiative, but then the passing of the BBB, but the time it took for that to work its way through the system.
I mean, all those things conspired to take our U.S. federal business, which has historically grown in the kinda the 24% range, to essentially flat in 2025. When 20% of your business is modeled at 24% growth and that goes to flat, it's tough to keep the total in the 20s%. We dipped into the, I think, the 18-ish% range as a company last year. As you know, investors don't like decel on the top line, even though we maintained healthy margins on the bottom line. Now segue to this year, we signaled throughout the year that this was a temporal sort of situation and a sort of a set of circumstances that I just described, and expected that we would have a strong rebound in 2026, which we have, building confidence is going to happen.
We actually signaled in our last earnings call that we think there's at least an opportunity for the growth rate in that business to not just get back to where it was, but we think we have an opportunity to exceed those historic growth rates. Partly catch up, but largely due to the expansion of the portfolio and assets that are relevant to the U.S. federal market. Unfortunately for all of us, the geopolitical instability around the world is also exacerbating the appetite for the things that help mitigate cyber and digital risk.
Great. Maybe if you can talk about, you know, the, where you go from this quarter. You, you reported 21% ARR growth, healthy profitability. You know, to your point, you know, pretty well-positioned to go greater than your historical growth rate. Can you talk about some of the levers that you have? I mean, you just launched Genesis, which we can talk about, Advanced Unlocking Services, Guardian Investigate. We have a federal recovery. We've got international momentum. Like, a lot of different things are kind of like working in your favor. You mentioned the Big Beautiful Bill Act, which I think you've identified. You have a half a dozen or so different initiatives in that act that could bode well for, you know, spending in your exposed categories.
Of all of those things, I mean, you know, which are you the most excited about? Relative to your, you know, guidance in the high- teens for revenue, like, what has to go right to get you into that kind of like low 20s or better category?
Yeah. You know, I'm gonna answer it a couple different ways. If you look at just size of TAM and growth rates, we announced a product called Genesis, which we think is the market-leading agentic AI. I know everything is whitewashed AI. This is actually a real product. It's being used today by 500 people in the law enforcement and intelligence community as early adopters. The feedback will make your head spin in terms of the impact it's having on the efficacy and speed, efficiency, productivity of processing all this data and information. The other thing that we're hearing is we've tinkered with virtually every LLM in the market, thinking there's got to be some gold in those LLMs, and we get garbage data back.
We deployed the Genesis product from Cellebrite, and the quality, and the insights it's generating are things that we didn't even think was imaginable. We're solving cases in minutes and hours that would have taken months to go solve. So, we've pegged that TAM at $12.5 billion, which is about 3x- 4x the size of the TAM we've been chasing for the last 20 years.
It's a big market. We expect it to grow significantly, but it will ramp. It's not gonna be an overnight thing. The product that, Brian, that I get excited about relative to this call in the next 12 months and upside to the current model that we all have is actually in the defense and intelligence space.
That leverages things like our Kiosk capability, Corellium, Genesis, and the drone forensics asset is of huge interest to intelligence and defense people in democratized allied nations around the world.
Their ASPs are orders of magnitude bigger than what we have seen before. If we execute and convert in that space, the revenue potential there in the next 12 months is actually probably the thing that gets me most excited because I am seeing these things, and we can touch them. The Genesis thing is going to happen, it is going to build.
Right.
I don't know, Dave, if you have a different point of view.
I completely agree, and I think maybe to complement just being able to have our case evidence being through FedRAMP, which was an 18-month investment.
Yeah.
When I think about the government vis-à-vis maybe some other verticals that have been slow to digitally transform.
you're just at that point where you can really help the government, do really what they're looking for. This is within the agencies, but also even within the congressional ranks where people are looking at the opportunity of connecting the data within the government, all in the name of public safety and really accelerating justice.
Right.
I think looking at that as a lever where, gosh, we just got ATO, and, already customers are lining up.
Yeah.
That's a kind of an interesting dimension in terms of just thinking through a vertical that's a laggard in cloud adoption.
Right.
It's something that plays to our strength.
If you're not a government geek, FedRAMP basically is the certification to run your asset in the government cloud, and there are different levels of certification. Level 4 is the highest. Level 4 is reserved for data and applications and services that if there's a breach or leak, there could be catastrophic harm to the United States. To achieve that level, you have to clear over 400 security controls. It is a non-trivial, multi, two-year, millions of dollars, lots of people, and there are about 95 companies on the planet. Think about all the mega techs, you know, Oracle, Google. Those are the people on that list.
We're the only company that's in this space that's achieved certification and authorization to operate at that Level 4, which means if you're a government and you want any cloud-based asset to make our world safer, we're the only answer.
Yeah. I wanna ask you a little bit about the federal business. I mean, Israeli company. You'd already grown a federal business a pretty meaningful size, but a while, not too long ago, you bought a business which became Cellebrite Federal. Can you talk a little bit about the composition of that business, the management structure of that business, and how that changes the access that you have to federal contracts now?
Yeah. We formed because we're viewed as foreign-owned. By the way, ironically, we're labeled an Israeli company because that's our roots and half of our employee base and our R&D is based in Tel Aviv. We're actually, when you say foreign-owned, we're 41% owned by the Japanese, not by Israelis.
Well, the question was the creation of Cellebrite Federal.
A proxy unit.
The business that you acquired.
We sell, we have been selling to Federal for a long time, and the foreign ownership didn't preclude that, but none of our people could get cleared. Therefore, if it was a super classified sensitive project, and they needed on-site expertise from Cellebrite to come help with the design or the deployment or the usage, we were unable. All we could do was sell our stuff, throw it over a firewall to the FBI or to Langley or to somebody and wish them luck.
The federal government asked and wanted us to set up this proxy company called Cellebrite Federal, a very clever marketing name. Basically it's a firewalled company with an independent board of directors. We have three independent board members that are not affiliated with the parent. There's a firewall of information, so anything that's classified, I don't even get to see. It fully rolls up as a consolidated operation.
We do shared services for G&A things, but the IP and then the work on specific government classified projects and getting classified people now sits in that proxy company.
What does that do for the health of that business in terms of the pipeline that you have, particularly if you consider the headwinds that you had in federal last year, and then the new products that you can sell into the federal?
It, it-
You know, this year?
That plus the FedRAMP ATO were the two big investments that took us a lot of time and some money to go set up to open the aperture of opportunity. Now it turns out that we bought a company. We announced the intent to acquire a company called Corellium in June.
last year. We closed that transaction in December. As part of the mitigation, risk mitigation strategy of buying a very sensitive classified technology, the CFIUS, which inspects U.S.-owned assets being acquired by a foreign company, it turns out that the proxy company is gonna end up being a benefit or a tailwind for us because it is likely CFIUS will request or mandate, depending on how you describe it, that the IP and Corellium be housed and contained within that proxy company to give them comfort that that IP is being protected from bad operators and, or other countries around the world.
Right. Now that you mention Corellium, we'll kinda bring that one up too. You know, particularly given the demand that you see in that business from a defense and intelligence, you know, how do you extend that technology meaningfully into enterprise or law enforcement accounts?
Yeah. The most immediate opportunity. If you think about our cohorts, we have a, you know, we sell to the Global 5000, that's roughly 7%-
I think, of our total P&L. We sell to classic state and local law enforcement in the U.S. and around the world. Next week I'm gonna be with the commissioner of the Garda, which is the national police force in Ireland, the Metropolitan Police in the U.K., the national police in Australia. They're all customers of ours, as well as every major city. Every major city in the United States uses our technology and our products. Remind me again.
Oh, just how do you bridge the Corellium technology from DNI over?
So.
To commercial and the like?
That said, the Corellium asset plays most predominantly in defense and intelligence. What we're seeing is a big use case opportunity in the private sector, which has been kind of a slower grower for the last couple of years.
Corellium's ability to assist with dynamic security, DevSecOps, and mobile pen testing, and some other use cases, specifically in the automotive space or any space that has an intensity of Arm-based technology, is turning into a very powerful use case. It's like a barbell where Corellium has huge upside and usage in defense and intelligence, and we think equally big opportunity in the enterprise. There is opportunity at the state and local level, but there's much bigger TAM, we think, in DNI and the private enterprise.
Got it. Then, you know, in the international space, you know, how should we think about the international pipeline and, you know, the demand that you're seeing there across multiple regions? Is it concentrated? Is it broad-based? You know, is that really how levered is that to geopolitical conflict that we might hear about every day?
I'll let Dave add some commentary, but we had a very robust quarter in Europe. Asia Pac was in the low 20s. I think Europe was in the mid-20s in terms of growth. Europe gets credit for. We made a conscious decision to move a year ago from the traditional, you know, post-bang crime happens to get into prevention and intelligence, w hich really plays to the military.
Like, if you're in the military, whether you're, you know, the national army of, you know, you name the country, you know, you're not worried about a murder case. You're trying to protect your country.
Right.
I don't know, if you know, if you wanna add.
I think just in general, I'd say the team in Europe has done a great job extending the platform.
I think they're one, you know, I give them a lot of credit where they've done a great job of going from the unlock extraction really through Guardian and starting to bring out the platform. They do a great job with things like Pathfinder, which is really oriented around multiple device situations where you might have 100 to 300 phones, and so they've done a great job on the advanced analytics. Similarly, in APJ, which has also stepped up growth four or five points sequentially, they're starting to build out case evidence of the Guardian platform in places like Australia. They're also seeing incredible adoption with Genesis early on.
Those are kind of all new things in the sense that historically we've needed to move our products into a sovereign cloud, and we're starting to see those two regions in particular adopting Genesis, on an early access basis.
Yeah.
Even though it isn't in a sovereign environment. I think we have great commercial leadership in those regions extending the platform to its full potential.
Yeah. Europe really moved first on the focus in DNI, and we saw their year-to-year growth bump up, what, 10 points from 15% to 25%.
Exactly.
That's being driven by DNI growth in the mid-30s. We think that we expect and hope that that's a harbinger of what's about to happen in the U.S. market now that we have ATO done and we've been focused on DNI.
Got it. That's super helpful. you know, I wanted to ask about, you know, relatively new management team. I mean, you've been on the board, but, you know, previous CEO, CFO were based in Israel. You guys are based in the U.S. How does both the style of management as well as your ability to be domiciled where most of your revenue originates change the way that you're able to manage the company?
Yeah, we should pull Roni up here. He's one of our long-term veteran, Israeli employees. You know, what I like to tell people is we're not an Israeli company. We're not a Japanese company. We're not a U.S. company. What I tell the market and our employees and our investors, this is a global company that's a force for good.
In this day and age of digital, you know, just take the notion of work from home and extend it, where the leadership team sits to us is less relevant, I think we communicate and operate as a team. I just want I have to give a shout-out to 50% of our employees are in Israel.
We haven't skipped a beat in the last two years, in spite of all the conflict and turmoil and things that our Israeli employee base has had to deal with, which is a remarkable testament to their commitment to the company. I think it's working. You know, most of the senior leaders now are U.S.-based, but still 50% of the employees are in Israel.
Right.
We're in it together, and we have a common bond, which is our mission, which is to make the world safer. We unite behind that, and we communicate.
Very helpful. That's awesome. I do have one more question, and I'll open it up because we do have a couple of minutes left, but just wanna ask more detail on the Big Beautiful Bill Act. How much Like, what are the programs that you've identified that you have exposure to? As we kind of track what materializes out of that effort, how should we think about the way these programs will be, you know, identified, funded, distributed, as we're just basically trying to track your exposure to those spending initiatives?
You know, it's pretty, it's spread across the board, which is what's exciting, and I think speaks to the power of the portfolio. To give you some examples, there's a lot of money that's earmarked at digital e-evidence management and collaboration. I mean, Dave touched on, you know, just to give you an example, I'm working with one of the leading congresswomen from Florida, who's trying to sponsor a bill to create Here's a big idea, okay? Child exploitation is a big problem, and one of the ways to fight it is to share information.
Sharing information, CSAM information, is hugely sensitive and can be toxic. She reached out and said, "I want to sponsor a bill, and I've heard Guardian," which is our repository for digital artifacts, "has now got ATO certification, which means it's the most secure cloud-based data you can find. Can you act as a repository so that we can share critical information across agencies and geographies across the United States to protect children from child exploitation?
That's an example. A lot of focus in right now on fentanyl and opioid. In the defense sector, there, I don't have to remind people about drones. You see it every day on the news.
You know, what can you do with field-based triage for drone forensics and digital devices? Those are some of the categories in the BBB that And by the way, some of the specs that are coming out specifically are, explicitly say, "This must be cloud certified.
Right.
Because of the efficiency for delivery and security. We're the only player in the space that has that certificate. It's across the board, counterterrorism, child exploitation, sex trafficking, fentanyl. All the things that you would expect, actually we're in the middle of them.
Great. With that, I wanted to reach out. Anyone in the audience have a question? All right, Ken, we'll get a mic over to you so we can hear what you say.
I would just ask, can you give us a feeling for how you grow? We understand you have these digital forensic tools that are the best, that they all need, but what drives your growth? Is there's more need to use it to drive it? Do they pay per usage, or do they buy for capacity? What drives your growth?
Yeah. It, and it, the answer is yes, and but I'll do a click down and give you a little bit of color. Our Guardian product, which you think, you extract data from a device. Now, what do you do with it? Well, in the old days, they would put it on a thumb drive in the police department or wherever they were, and then if they wanted to share it, say, if Austin PD wanted to share it with a DEA agent on the Texas border, guess what they did? They took the thumb drive, and they got in a squad car and drove, because they had to maintain chain of custody, right? Guardian is our cloud-based purpose-built repository to store that, and that is based on it's not usage in the sense of users.
It's usage in the gated by terabytes of information that's stored in that platform. Genesis, which is our new AI application, agentic AI, also not based on users. That's based essentially on prompts and queries, and it's a tokenization model, so the more they use the AI engine to help solve crime, it's a variable cost or variable revenue source for us that effectively becomes value-based. On top of those, you have portfolio expansion. We've been very aggressive in the last 18 months in a combination of inorganic and organic build-outs, so we have new things on the truck to sell. Unit growth is going up because unfortunately, digital crime is going up, not down. Pricing.
We have pricing power, and we don't abuse it. You know, it's probably 4%-6% pricing power. There's unit growth. There's portfolio expansion in terms of new product, and then there's usage of either terabytes for storage or tokens for AI.
Thank you.
Yep.
I think we're about out of time now, so I apologize for that. With that, Tom, David, thank you very much for joining us. We really appreciate it.
Thanks for having us.
I do think, by the way, I think there's also gonna be a webcast, so there should be a transcript of this up there.
Great. Thank you. Appreciate it. Raise interest.
Thank you. Take care.