All right. Good morning, everyone. I'm Griffin Gyr, Head of Investor Relations for N-able, and I want to welcome you to N-able's Investor Day. Before we begin, please note that we will be making forward-looking statements that contain risk and uncertainties, and I'd like to call your attention to and encourage you to read our Safe Harbor Statement, which is listed on our website at investors.n-able.com, as well as in our presentation today. In terms of logistics, our leadership team will be walking you through a presentation on the business, and we will conclude with a Q&A session. We will have a short break following the CTO section of the presentation, and we hope you can join us for lunch after the event. Please note that we won't take any questions during the presentation, and we ask that you hold your questions until the Q&A session.
With that said, it is great to see so many of you here in person, and thank you to all those joining via webcast as well. I'd also like to extend a special thank you to the New York Stock Exchange for hosting us here today. On behalf of our global N-able team, we are thrilled to share our story and give you a richer appreciation of the foundation we've built, the impact we're making, and where we are headed. I'll now turn it over to our CEO, John Pagliuca. John?
John, man.
Thank you.
Morning. It's pretty lame. As Griffin said, my name is John Pagliuca. Thank you for—let me get all my gear out. Thank you very much for coming. It means a lot to us for you all to come and spend some time face to face. For those of you streaming on the web, thank you for spending the next three or four hours with us as well. It's very much appreciated. We'd love to tell our story here at N-able and what we're about, what our mission and our vision is, and thank you. It's great to see some old faces. I mean, some familiar faces. No offense. Sorry about that. Yeah, sorry, Keith. It's also great to see some new faces as we continue on our journey here with you all. Griffin said you guys can't ask us questions until the end.
What he did not tell you is I can ask you questions, and I promise I will not do it too much, but I am going to ask for some questions at the beginning just to get a better understanding or engaging. Really quick, by show of hands, how many folks in the audience know what an MSP is or a managed service provider? Cool. All right. Four years ago, about half the hands would have popped up. Some of the sell-side guys, maybe one or two of the buy-side guys. It is a big testament to the fact of what is going on in the industry and the recognition that is in the industry. For those of you that popped your hands up, new to an MSP, who has an MSP in their business? Who actually leverages a managed service provider? Awesome. Awesome. Yep.
You're using an MSP to help you with managing your network, protecting your network, making sure that you know where your data is, protecting your data, business continuity. I'm just going to put you on the spot. Do you know what your MSP's name is?
The firm?
The firm or even the individual?
The firm.
Yeah. Any idea what the individual?
Yeah, the.
Cool. Great. Mark. He said Mark. We are going to use Mark, the MSP, in our story, and we are going to talk to you a little bit about the evolution of Mark, the MSP, how his needs have changed and how his landscape has changed and how your needs have changed as well and how that goes into the story. I am a slide back. There is my face. A little bit about me. I have been in software for about 25 years before SaaS was a thing. I have had the good fortune of taking three and a half companies public. We can talk about the half at lunch or over drinks sometime. I have been part of this business in various finance and leadership roles for over 12 years. It is amazing to think.
While I'm a finance guy by trade and came up through more of that finance accounting path and the CFO path, I'm really a business model person at heart. I've been a part of some tremendous businesses. I believe software businesses should make money. That's probably a software business that should make a profit. Here at N-able, we have an amazing business model. I'm going to walk you through elements of that business model. Me and the team here that you see in the front row will walk you through the elements of that business model, why it is profitable, what we've done to get to the first $500 million, and then what we're going to do to get to that next $500 million at a faster and faster clip. Sounds good? All right. Cool.
We have an amazing business model because it's underpinned by a vision that's been with us really from the beginning of time. That vision really is to enable, to enable, pun intended, the digital evolution of small and medium businesses and mid-market companies from our time. The mission every day, when we wake up every day, is to make sure IT professionals, folks that are using MSPs, can do their jobs efficiently, effectively, and most importantly, securely. It's that mission and vision that brings us to the business that we have today. It's a scalable business. We expect to do over $500 million comfortably of ARR this year. We're a global business. We have 1,700 employees. Actually, we just clipped over 1,800 employees worldwide.
As you know, for those of you that have been following us, about 45%, nearly half of our revenue is outside of the U.S. When I talk about the business model and what makes this business model special, what makes this business model, in my opinion, unique, makes this business model profitable in a rule of 45-plus business model, is we're able to gain access to the small, medium enterprises that you see, the over 500,000 small, medium enterprises. The business model primarily was accessing these 500,000 small, medium enterprises through a subset of that channel. That channel was the answer to the first question, managed service providers. When you think about the taxonomy of our business model, we were beginning really gaining access through the small, medium enterprise, leveraging the efficiency of the managed service providers that you all use in your business.
That was our route to market. The route to the MSP historically was via our RMMs. You see UEM there, Unified Endpoint Management. In that category, we have these remote monitoring and management tools. We actually have two here at N-able. One that's a little bit more focused on the small end of the market, one that's a little bit better suited for the large end of the market. Via that route, we're able to amass this type of business that we had. That business has evolved, and it's evolved, as you can see on the screen, to include security, security controls, security operations, and data protection and recovery. The reason for that evolution is because you all have evolved, right? If you notice, I didn't say digital transformation. You guys attend a couple of these.
How many see digital transformation on a slide almost every time? I think the phrase is dumb, frankly. You do not start as a caterpillar, turn into a butterfly, and the transformation is over. It is an evolution. I think as evidence of what you see on the screen here, that evolution is actually going faster and faster. The evolution is revolving. That revolution is actually happening at a faster and faster clip. Those that transformed now need to continue to transform. Now they need to continue to evolve. Why? Because of this screen. When we started in the business, Mark, the MSP was making sure, for those of you that are old enough to remember, to avoid the blue screen of death, right? You guys remember the blue screen of death?
Making sure that your Wi-Fi was working, making sure that your printers were on, making sure that you had access to the right stuff you had access to. The world got more and more complicated. The world began evolving. The bad guys, the threat actors, began focusing on the soft underbelly of the economy, the small, medium business in the mid-market, right? Mark had to begin thinking about how to protect you. He put antivirus as he evolved a little bit longer. He added EDR and mail security to help you with some of those bits, right? You began pushing more and more of your applications, more and more of your data to the cloud using SaaS applications. Shadow IT. What does that mean for Mark? Mark now has a problem. He's not really sure about the visibility as to what you're all doing.
You all are beginning to leverage AI, right? You want to make you and your workforce much more effective, much more efficient. Mark has an even bigger problem. Mark is faced with these problems, and it is really forced by the needs of the SME for the mid-market so they can do their jobs at scale in an ever-evolving world that is today. All of that really rolls up to about a $2.1 trillion, yes, trillion dollar market that I am sure you all have seen in similar places. What you are also probably recognizing is these big macro trends are very much the same. They are very much the same for Fortune 1000 companies, right? Very much for the New York Stock Exchange, those of us from the sell-side that are part of much bigger banks and institutes, same challenges.
The difference is small, medium enterprises need help. They need help because they lack the expertise. They lack the financial means to deal with all the stuff that's on the screen behind me, right? The rising IT complexity that we just talked to. We know that the bad guys are going after the vulnerable, are going after the small, medium businesses in the mid-market, and they need help with that. They can't afford to build a 24 by 7 SOC, a world-class. They can't afford to, even if they could afford, to attract the labor or the expertise to have what Adlumin has from a global type of threat actors or, excuse me, threat researching type of group. They can't afford it, and this data is exploding and going everywhere, as you know. They need help.
The way that the mid-market and the way that the SME needs help is through a solution provider, right? The solution provider is different, slightly different depending on where they are on their scale. I'll ask you to focus on the bottom part of the pyramid, right? At the bottom part, those that are using MSPs, you've made the decision to have a fully serviced outfit. You're outsourcing your entire IT needs and your security needs to an MSP. They're your trusted advisor, helping you with business continuity, helping you with compliance and all the other bits. As you go up, there's a little bit of a different mix. Some of the folks that didn't raise their hand that aren't using an MSP, two things. One, ask your IT department. They probably are using an MSP and a co-managed model. They're using an augment.
They're asking help for security. They might be asking help for help desk. You might not know, but your IT teams, your security teams, my guess is they're leveraging some outside help. Those that aren't, they might be doing completely internal, they need help. Because as we know, and you guys know better than me, the cybersecurity landscape is massive. It's overwhelming. If you're an internal IT department, if you're a CIO or a CISO, where do you begin to find the solution that is perfect for your needs? You turn to your trusted value-added reseller. We're going to talk a little bit about the dichotomy of the business and how that's been evolving and merging as we go through. Just as a note, we talk about the taxonomy of the business.
We've been primarily focused on the MSPs at the bottom of the screen here. I'm pointing here. You don't know where I'm pointing. The bottom of the screen here with the managed service provider. Regardless if the mid-market company or the small, medium enterprise is asking for help, the fully managed help for the MSP or for that value-added reseller to help them navigate, to be their Sherpa as they're trying to navigate through the overwhelming landscape, the problems remain the same. The customer challenges remain the same, right? This is true for the Fortune 1000, but they need to leverage help in a different way. Why? Because they're all focused on the customer outcome. You are the customer. They want to make sure that you have the right services.
They want to make sure if you put a help desk ticket to either your MSP or your internal IT department, it's immediately remediated, right? Why? Business continuity, productivity in the environment. That's the name of the game, and they want to do so in a cost-efficient manner. They're all focusing on better user experience. Automated patching. We know the world that is patching. We want to make sure that it's automated for these folks, right? They're also needing help with threat detection, understanding the threat environment. They're looking for business continuity, right? If a bad guy were to get in, can you recover? Or what if there's just a natural disaster, an earthquake or a flood? Your data is gone. Your servers are impacted. How quick can you be back online?
These MSPs or these internal IT departments, they're focused on customer outcomes for the business continuity to make sure the business they're running, running smoothly and, more importantly, running securely. Those folks, whether they're an MSP or an internal IT department, look to N-able for that help. Whether it's in our best-in-class UEM, security operations, or data protection, our focus is to make sure that they can be cyber resilient across the entire spectrum. We believe, I believe, we have a best-in-class offering for each, and they'll be very safe and secure if they use one of our solutions. Where they can gain more efficiencies, more efficacy, and have more security is by integrating and leveraging our entire platform for the cyber resilience experience. Those are our main offerings. The markets that we serve are quite large.
The markets that we serve are growing at a slightly different clip. In UEM, right, we're making sure that we're monitoring devices and workstations, the endpoint, and the data protection. We're making sure that those businesses are up and running if they have a cyber breach or if they have a natural disaster. Of course, in security controls and security operations. Pretty big markets, all growing at a pretty healthy clip. Earlier, I mentioned the $2.1 trillion. We believe the subset of the market that N-able serves is about a $44 billion TAM growing at a comfortable clip between 14%. It's been a durable business, and we believe that it has the ability to continue to climb as we go through. Our journey has evolved. I mentioned earlier about the taxonomy of the business model, right?
We began in the UEM business, and we began there with two businesses. We had an RMM based in Canada and one in, I was going to go Canada, but that's not the right, Canada and one in Scotland. We began that journey making sure that MSP can make sure that your networks are managed effectively and going on from there. We added, as a cross-sell motion and the power of the motion, things like antivirus and EDR, we added backup in the journey as a cross-sell motion. Due to the needs and the explosion of the data protection applications or SaaS applications like Microsoft 365, we saw a greater need. We began investing more in our data protection offering. After the spin, after the spin, we actually had an initiative internally called Bringing Backup to the Front. We rebranded our backup offering.
We made it much more robust, and we came out to the market with Cove. This changed our business model. I just want to settle in on this one for a little bit. We now went from having one new customer acquisition offering, our UEM offerings, to two, a data protection offering. It gave our sales team and Frank Coletti, we'll talk a little bit about this later, a big expansion now to go in and sell an addition bit, adding to our growth algorithm, adding to the new customer acquisition part of that model. Cloud, excuse me, our Cove data protection offering is cloud-first. It's architected to win. It's disruptive in the market. It's disruptive for Mark because Mark can save time. The TCO is fantastic. We're using next-generation architecture and AI to make the experience better.
We rip almost daily billion-dollar backup companies across the globe, and the Cove data protection offering fits perfectly in the MSP market. It also fits in the mid-market. Remember that. We saw the same trend that we saw with Cove, with security, and not just security controls, but with the need for MSPs and mid-market companies to understand, assess, and detect and respond to threats. We did the same thing with our OEM partnership with Adlumin, followed up with an acquisition in 2024, really bringing together the three stools. Now today, we have very much the three legs of the stool. We have our UEM, our security operations, and our data protection offering, which we believe now provides a complete cyber resilience platform. That is very much been our journey.
What it also does, and we'll get into this a little bit later, is flex our model, where now we have a third platform that we can move for new customer acquisition, a third area that we can bring in customers that have not brought in. Of course, we've expanded our cross-sell motion as well. We believe this complete platform is a winning combination for our customers. It makes them more efficient. The siloed approach, Mike Adler will talk a little bit about this later. The siloed approach lacks efficiency, it lacks efficacy, and it lacks the ideal level of security for these customers.
It is a winning formula for our customers, and we believe it is a winning formula and a differentiator for N-able today, now that we have the Adlumin acquisition and we are beginning to stitch that platform together to be a complete cyber resilience platform, and it will be a differentiator for our future. We typically compete against two flavors of competition. Flavor one are more of the ISVs, right? Folks that are focused in one of those three markets, a data protection market, security controls, or UEM. We win against those folks partially because of that complete story that I just told, right? They do not want point solutions or disparate tech stacks that are inefficient and having to bang in.
We generally win, especially for the mid-market and the small, medium enterprise, against the ISVs because of the complete story and because we are purpose-built, purpose-built for the MSP, purpose-built for the mid-market, purpose-built for the SMB. We serve them in a way that's unique and differentiated from the Fortune 1000. We also believe in a best-of-breed strategy. We compete against those ISVs. We also compete against other MSP platforms, those names not to be said, that are a little bit more indirect there. Our strategy is different from some of those players. We believe in best-of-breed. Each one of our offerings, whether it be the XDR from Adlumin, the Cove data protection offering, or UEMs on their own, are best in class. That's not me believing it. That's from organizations like Canalis, consistently putting us in the champions quadrant, or from our ratings from our customers.
They are best in class, and together, they create even a better, more complete story. Michael will get up here in a little bit and also talk about our philosophy toward our ecosystem. We do not only talk the talk. We walk the walk from an open ecosystem. We invest in an open ecosystem because we believe, while yes, we would love everyone to use completely their full stack from N-able, we also understand that there is a heterogeneous world out there, and there are some parts of the stack that we are not going to provide. Our open ecosystem provides a better experience and supports our mission and our vision to enable these small, medium businesses, and we will say enterprises, Vikram, small, medium businesses to do so more effectively. Lastly, we have the most comprehensive coverage in the market. Our UEM offerings cover Apple. They cover Windows.
They cover Linux in a way that no other competitor can do. We have the breadth and depth that allows us to win. That is why we have been winning. That is the change that we have been going through over the last couple of years since the spin, right? We have taken the business model that was primarily to the MSP via the UEM, and we began to evolve that. That got us to our first $500 million. We plan to get to that next $500 million in a much quicker clip. You probably fast-forwarded ahead to Tim's slides, but do not. If you have not done it yet, hold on. Tim will do the big reveal as to how we think we are going to clip into the path. I want you guys to take away three things as far as our acceleration.
Number one, we're going to be driving security and security operations in a much more meaningful way. We'll get into the why in a second. Number two, we're going to change or augment and really scale our channel go-to-market. Three, we're going to use a much more tailored approach to extract the value that is the massive value and the white space opportunity that we have. As it relates to security, why the need? A couple of years back, the number one ask for our MSPs and for our mid-market companies is, "John, we need help. We need help being able to understand all the threats. We need to understand Mark. Mark, the same Mark that was helping you with your network, is now being overwhelmed and trying to understand the threat environment. Mark's trying to use a SIM. Mark's trying to use a SIM.
Mark can't spell a SIM. Mark's trying to understand what's going on on the later security. He understands security controls, but how is he going to bring all this together? What we've seen is this big trend where IT ops and security operations are merging together. Mark is now a security expert. Mark needs to be a security expert because you're asking Mark to help you make sure that you don't have an extinction event, to help you with compliance, and to make sure your business is running. There is no separation in the mid-market and the small, medium enterprise. It was the number one need that we saw in the MSPs, which is why we made at least the initial beginning investment in the relationship, in the OEM relationship with Adlumin.
I'd like to pause and call to the stage Robert Johnston, who is the CEO and founder from Adlumin, to come up here and walk us through a little bit. I'll just give you a quick little bit. Rob, CEO and founder, we've actually had a strong OEM relationship at the very beginning. We looked across the universe and said, "Who can help us with this merging trend?" We very much didn't want services. We very much wanted a tech stack that was differentiated, cloud-first, and AI-centric to really propel this trend that we've seen. We looked high and low across the universe, found the solution that Rob built, and I'd ask Rob to tell a little bit of his story and a little bit more about the trend that he's seeing. Rob?
Yeah, good morning, everyone, and thank you for being here today. My name is Robert Johnston. I'm the original founder here at Adlumin. Very kind introduction. I feel like our businesses have been working together for years, and now we're one unit, and it feels really good. I've spent my entire career in security, have done everything from battling Russian and Chinese state-sponsored actors while working at the National Security Agency to leading the incident response engagement of the Russian hack of the Democratic National Committee in the 2016 elections while working at CrowdStrike. Security has been my entire career and a space that I know really quite well. When we founded Adlumin, we wanted to build a security operations-as-a-service platform that was purpose-built for the channel, that was cost-efficient, easy to use, and simple to integrate.
When customers purchase Adlumin, they really are looking for a product that can install in minutes, and it just works out of the box. That is what the mid-market and the SMB market and the MSP and channel space really demanded from our product, which means we needed to change the dynamic and build a security operations-as-a-service solution that was high in automation and had an extremely low requirement for customization. When we think about the Adlumin solution set, we really think about five truly unique differentiators that allow us to win in the market. The first is we are one of the only vendors, the only one that I know of, that has the capability to separate the software from the service, right?
Any customer, whether it's an MSP or channel business, they can buy the SIEM or XDR solution and operate it internally or build their own MDR service on top of it, or they can buy the Adlumin software and services set together. That ability to separate the software from the service allows us to meet them where they do business. There are more ways to win for us in the marketplace by being able to unbind those two together. The second, probably one of the most important business decisions we made about the product was to be endpoint agnostic. In the mid-market and in the SMB market, the endpoint utility is very, very diverse, right? They may use one EDR vendor today and another tomorrow. In an existing network, they may use two EDR vendors in this existing network.
We needed to be able to augment that and facilitate security and services delivery no matter what endpoint utility they decided to use. Being endpoint agnostic is another way that allows our solution sets to meet the customer where they do business. Multiple products in a single application, right? Adlumin is really a consolidation player for the MSP. It is a single SaaS application that allows the MSP to come to our product and acquire and complete a variety of security operations tasks across the spectrum, everything from log management to SIM and XDR to MDR to vulnerability management. All of these different security operations tasks can be acquired from a single platform and delivered through that utility. There is no way we could operate this business at scale without the use of a completely SOC security operations center and service delivery completely driven by artificial intelligence.
Today, when you look at our product set, 80% of what comes in is never touched by a human analyst. It's completely driven by our suite of artificial intelligence tools that allow us to not just detect threats, but to automatically mitigate threats, automatically make a decision about additional actions that must be taken to that threat, and communicate a very sophisticated topic in a concise way to an end customer that may not be as sophisticated and allow that topic to be easily consumable. All that can only be accomplished by our application of artificial intelligence into our platform across that entire chain. Finally, immediate time to value. We have to install in minutes. It's got to be an extremely low configuration product, and that allows very fast and high consumption of Adlumin in our customer base.
Yeah. Bringing it back to Mark, the multiple products from Mark, what that means is he just cares about one outcome. I can actually leverage this tool if I choose to, or leverage a service from our SOC and make sure that his customers are safe. That is the outcome he is looking for, to be able to respond or have us respond on his behalf to make sure his customers are safe while he is sleeping. What the AI allows us to do is to be able to bring this and democratize this entire space. We can bring in this at a price point with the gross margins that Tim will talk about later, at a price point that we can very much democratize this and bring this into his price point at the SMB and the mid-market that the competitors in the environment cannot today.
What this really unlocks is multidimensional value creation. The Adlumin product set combined with N-able is able to unlock security in a variety of different ways, creating that consolidation play, allowing an MSP a single location to come and accomplish whatever their security operations tasks are today and tomorrow and into the future.
Yeah. Rob mentioned we have been working together shoulder to shoulder. Our sales teams have been working shoulder to shoulder for quite some time. The number of Marks in a room like this that hand raise and say, "Who wants a solution like this? Who can meet them in their journey?" is overwhelming. If you have been following us on our earnings report, on our earnings calls, you have been seeing we have been talking about the pipeline and how fast even this product is ripping through our customer base. As an OEM relationship, we were only primarily selling this as a cross-sell component into our base. We will continue to do that. Now that we are under one tent, I was joking with Rob yesterday, we are willing to spend some CAC, so to speak.
We're willing to spend some cost to acquire and now bring this out into the market. By the way, about 70% of all of the opportunities, both inside of our base and now outside of our base, are greenfield opportunities. This is a wild greenfield opportunity that will really put an accelerator to Frank's model. The other byproduct of this, and this was not the primary driver, but one of the nice byproducts, Rob and his team built an amazing channel focused on mid-market. We've been leaning in and beginning to build our mid-market muscle as we go through. What we can do now is leverage the fantastic channel that Rob has built. Mark, geez. That Rob has built. Mark cannot build a channel.
Yeah.
That Rob has built and avail all of that N-able goodness, the Cove offering, the UEM offering, our other security controls to the channel that he has. Now we can bring his channel our offerings as well. There will be this fantastic little synergy that we can have from a cross-selling of the two existing channels. With that, Rob, thanks. I appreciate it.
Thank you.
Where does that leave us, folks? That leaves us really very much with a complete cyber resilience platform. It starts with monitoring and management. It ends with recovery. It has security controls and security operations in the middle. I would argue, and I'd ask if you feel differently, I don't believe there's another company on the planet that can go end to end and cover all the areas that we have, especially with the best-in-class offering that we have. We believe this will be a differentiator as we move forward, and we're going to continue to lean into this greenfield opportunity and expand this as a cross-sell. That's one of the big levers of the acceleration of growth. I talked about IT ops and SecOps coming together, the blurring of those lines, or not even the blurring of those lines, but the merging of those lines.
is another blurring of the lines that have occurred, and we touched on it a little bit with Rob. As the two companies came together and we looked at some of my customers and some of Rob's resellers, we actually saw some common patterns. We actually saw some same names. What we thought was an MSP, because they have an MSP practice, was also a VAR. That line has begun to blur. As I mentioned before, we have been really squarely focused on the MSP. It does not really matter what type of Sherpa, what type of guide the mid-market or small, medium business is looking to have. We want to make sure we can cover it all because the changes and the problems are the same.
They're both guiding their SMBs or mid-market or you all with their IT complexity, making sure that they're secure, helping them navigate the massive ecosystem that is cybersecurity and helping them do so in a labor-scarce and cost-effective way. Up until now, about 85% of N-able's revenue has been focused on only a quarter of the channel. I'll say it again. 85% of N-able's revenue has only been focused on the MSP part of the channel, the channel to the mid-market, the channel to the SME. Frankly, it's been more of a byproduct, not a focus area. It was more accidental than something that was actually an active type of sale. Now we're going to begin to really lean in and continue to lean in.
Frank, who's our CRO, will get up and tell a little bit of how we're beginning to augment and lean into this massive opportunity because those lines have blurred. Your mid-market companies are looking for a VAR, not just to fulfill the paperwork for an order, but to be their trusted guide as they try to navigate all these other bits. We believe this will unlock another lever. If you think about that business model, that thing that I love, we had that MSP. Now we're adding a whole other lever, whole route to market via this channel, a channel that you all are probably a little bit more familiar in some of the other companies that you cover. We're now beginning to build that. We're augmenting that with Rob, and Frank's team has been building it as well. That is the second bit.
The first two bits are really the big levers in the model. The third one is really now that we have Adlumin and now that we have done a couple of ads in our Cove offering, our economic tech stack, and for those of you that have been following us, have heard me tell the story a little bit, that economic tech stack that is our products. In other words, you take all of N-able's products, you take a look at their ASPs, it comes to about $30 per endpoint per month. You smash that number times the 9 million devices that you have, you get a $2.5 billion white space opportunity.
What it does, now that we have the Adlumin technology and some of the Cove offerings, now that tech stack has grown, about a year and a half ago or so was in the teens, probably like $17, $18, it now allows us to do a little bit more of a different pricing and packaging exercise, which is, by the way, why we did some of those long-term commitments and contracts. We wanted to lock in those customers for the long time because we knew we were going to expand our book, lock them in so we can gain access to this white space. What Frank and the team have done is come up with a much more tailored approach, a little bit more systematic approach to gain access and accelerate this white space.
We are going to begin to leverage a little bit more of pricing and packaging to accelerate how we can grow this revenue from the $13.6 million that you see in 2021 to $19 million in 2024 to something much higher as we go forward. When I speak to most of you almost on a quarterly basis, and for those of you that do not speak to us on a quarterly basis, happy to speak to you on a quarterly basis, talk to Griffin after, you typically ask me a very similar question. You say, "Hey, John, what are the signals, what are the indicators that we can look at that can hold you accountable to see if your business is on the right track?" I would argue, hold me accountable for these three areas.
Number one, make sure that our best-in-class cloud-native AI-loaded XDR offering is gaining traction, not just in my customer base, not just in the mid-market, but also in our new customer acquisition model. We will make sure that we let you guys know how that's expanding, what that adoption rate's going, and how that's pushing. Make sure you ask us about why security will be a big part and a bigger part of the N-able business as we go through. Ask us about our channel or the other channel in the reseller motion and how, if that is accelerating or growing at a faster clip than our MSPs, ask us how that reseller community is doing. Is it resonating? Are folks buying Cove? Are they leveraging XDR? I keep pointing to you, Rob, when I say XDR. Okay.
To come back and ask us, how is this new initiative going and how is that acceleration going? I expect this growth to very much outclip the growth of the MSP market, somewhat of a law of large numbers, but also a lot of the focus. Lastly, ask us how we're doing about that $30, right? I'm sure you sit in a lot of meetings like this when people are going to that $30. We're at about $4 or so right now per device per month. Ask us how we're accelerating and climbing. What is the adoption rates as we go through? Those signals, that's what we're going to be focusing on internally. That's what we're going to get done in the rest of 2025 and into 2026. If we do that, that bottom bar, we all should see.
We gave some folks some data points and some guidance on our ARR, but the biggest thing to hold us accountable for is that acceleration of ARR as we drive these three levers of the new business model to get us to the billion dollars. Makes sense? Looking forward to the 90-day checkpoint with all of you. With that, I'm going to bring to the stage our CTPO. We call him Mr. Adler, Mike Adler.
Thanks, John. Good morning, everybody. My name is Mike Adler, Chief Technology and Product Officer for N-able. I joined N-able four years ago. As many of you know the story, I joined just previous to the spinoff from SolarWinds to help unite all of our technology and product efforts and prepare for that spin. I have been with N-able for four years since then as we put together the story and the technical pieces to fulfill the business model that John's talked about. I spent a lot of my career previous to N-able. I was the Chief Product Officer of Security at RSA Technology. I spent a lot of formative years at Symantec in engineering, building Symantec endpoint protection and rolling that out to hundreds of millions of endpoints across the board.
I also spent some time at an issue you guys may know, Constant Contact, where I also ran engineering and delivered SaaS services to SMBs. A wide variety of experiences that all sort of unite into the job that we're trying to do, which is ensure that we can provide an end-to-end cyber resilience solution and set of solutions for SMB and mid-market. If you think about that customer persona, John introduced Mark. I'm going to introduce you to Kevin. You all know Kevin. Kevin's the person you've seen running around your office or you've seen him because you've gotten an email. He's the guy who's responsible for IT in your company. Maybe he uses MSP to get help, but he is the guy who's responsible for ensuring that each and every one of you can use the latest technologies in order to do your jobs.
He is the one who is responsible for managing the laptops, for managing the servers, for ensuring that the data is available, that you get email each and every day, yet also now responsible for ensuring that you can use the latest and greatest tools, SaaS applications, artificial intelligence, and bots, that you have access to information when you are on the road, that you can do all of those things securely in this incredibly complex world. As a matter of fact, Kevin has this hard job because all of us who maybe do not work for Fortune 1000 companies, but we want to be able to be as productive and use all of the tools that big enterprises can use.
How is a mid-market company, how is an SMB supposed to be able to have access to all the tools and technology that an enterprise does to be competitive and still maintain the manageability, the security, and the recoverability that's necessary to meet today's needs? That's Kevin's job. You all know Kevin. You've seen him, right? He's probably a little harried. He has dark circles under his eyes half the time. He's the guy you call up when it doesn't work and everyone complains about. If Kevin's really doing his job well and maybe using some N-able technology along the way, he fades into the background. That's Kevin. That's who we build our products for. They may consume them through the mid-market.
They may consume them through an MSP, but at the end of the day, there's a Kevin in each and every one of these SMB and mid-market companies whose job it is to make sure that you can use technology. John talked a little bit about this, but let's be really clear. Kevin's job has changed tremendously over the last 20 years. Kevin used to be responsible for giving you a laptop or a workstation and ensuring that it worked, right? They made sure that they had the applications that were installed. If it broke, you brought it to the IT desk. We all remember these days. Those worked really well. He was the guy who just ran IT. The world changed a little bit.
Kevin was responsible for not just making sure that the laptop worked and the servers had the databases and Microsoft SQL Server was running and Oracle was being used, but now he was responsible for securing it, providing you with identity, logging in, password management. You called them up when you had to forget your password and you had to have it reset. He had to deploy EDR technology or antivirus technology. He was responsible for ensuring that, since most of you are in the financial business, you were compliant with regulations and able to get cyber insurance. More recently now, Kevin's responsible not just for the security controls, but actually being able to answer the security questions because he now has to certify back up to the board or back up to the CEO, "Hey, we are going to be compliant.
We're doing the work that's required to not only make our workforce incredibly efficient, but also that we're doing it securely and that we're monitoring for threats and dealing with things that are happening. Because now if there's a use case where you can't log in and your identity is being used by an attacker, we want to see that. Kevin's responsible for reacting to that threat on a regular basis. Let's face it, it's about compliance. It's about regulatory control in many, many industries, but it's also about being able to prove not just in a regulatory way, but being able to prove to your cyber insurance provider that you are taking all the steps necessary to be able to manage, secure, and recover so that you're not going to have a large cyber incident. That's Kevin's job. That job has gotten harder and harder.
This is where the opportunity for N-able to go in and help make Kevin more successful and be able to be successful. When you look at what does it take for Kevin to be successful, there are different approaches for how you might be able to do that. One thing Kevin can do is he can put together a collection of best-in-case product point solutions. Let me get the best of this and the best of this and the best of this. If you're in the mid-market or you're in an SMB and you do not have a Fortune 1000-sized IT security team, how are you going to string those solutions together? How do you build those pieces together? How do you do it so that you can fit on that continuum and provide all these services without a massive investment in manpower?
Point solutions can be very expensive for those outside of enterprise to be able to deal with. Maybe you'll go to a platform and it's incomplete and it won't have all the solutions that you might need. Then I'm still going to have to bring in certain point solutions in order to be successful. Kevin's sitting there and going, "Well, is that really any different than the point solutions?
If I'm not getting all the capabilities that I need to be successful, is that really going to win for me? You can look at a platform that is pretty solid, but maybe it's closed and says, "Hey, it's a walled garden of solutions and I buy into it and it's great, but if I need that data, if I need to be able to integrate it with other things in my IT ecosystem, I can't do that. We're not going to be able to do that." That is a weakness in some of these closed solutions that you're seeing in the market, security-in-the-box companies. I can't get the data out. I can't use it in any other tooling that I might have in my IT ecosystem. These are all flaws.
Kevin looks at these and goes, "How am I going to solve this problem?" Kevin comes to N-able and sees three things. Number one, he can get uncompromised control and security from a single vendor. He can deal with management. He can deal with security. He can deal with the ability to recover. He can do that from a single set of tools. We are not going to restrict him to the ability of only being able to use just those tools. John mentioned this. We have a philosophy of an open ecosystem. Within each of these solution sets built on our platform, you can consume the manage, you could consume the secure or the recovery and get benefits from using them all, or integrate them into other tooling that you have.
Because every business will be able to use N-able solutions integrated in this wider IT ecosystem depending on their needs. There is a lot of power in being open and still driving best-of-breed solutions on a common platform. When you start with a common platform, someone like Kevin can look around and go, "Wait, so I can get benefit?" Yeah. When we understand your infrastructure, the list of laptops, the list of workstations, the list of servers, the list of cloud assets that you have, the list of identities, when you go to set up the next solution, if you've started from manage and you want to go to security monitoring, that information is all tied together. You do not have to redefine it. You do not have to copy it around. You do not have to manage it in a couple of different places.
Because you're building from a platform, that whole understanding of that ecosystem, both of the physical assets as well as who has permission to be able to use them, is already there for you. You don't have to worry about, "Hey, do I know does my security monitoring solution totally understand?" We've all heard the term CMDB, right? Do I have that list of assets that I know I'm supposed to monitor? If you get security from the same platform from which you're managing it, that information flows over directly. You also are able to automate across the various solution sets. One of the reasons you might want to be able to start from, let's say, our security monitoring platform and then have that recovery platform built in is that you can automate recovery.
Should an incident happen and you need to go in, you can actually use AI and automation to drive your recovery directly from your security monitoring platform because you've already tied those two together. Because you know the assets that were involved in the incident, you can recover those assets and do so automatically and quickly. Obviously, when you have all these pieces put together, you can scale and you can do it a lot more efficiently. You can get the power that you're getting from a Fortune 1000-type IT system from a much smaller, much more manageable place, making Kevin a lot more able to be successful at a much more efficient place without all the extra manpower. This is an incredibly powerful part of the N-able platform. Let's dig into a little bit of how this comes out in real life.
One of the cool things about the N-able platform is it's built on a set of AI learning algorithms. And we can use those AI pieces in a variety of different use cases. For instance, if you are integrating our platform into other things, let's say you have a ServiceNow integration inside your enterprise. And you want to use our manage capabilities to be able to drive out the manageability of the endpoints that are in your environment. How do you tie those two together? Kevin can come in and say, "Hey, I'm going to go to this developer portal driven by AI, and I'm going to say, I want to be able to provide code for these actions.
Please give me a snippet of code that I can integrate with ServiceNow to perform these actions on my endpoints so I can tie a workflow directly to those actions. You go to our AI portal, you ask that prompt, and it spits out the exact code snippet in a variety of languages that you can then take to your ServiceNow administrator and say, "Here's the actions for those things." You do not have to hire a developer. You do not have to do all this integration work. You can take the AI and have that go to your ServiceNow team and put the two together quickly. Power of AI in the platform using open tools and using AI to drive an integration. Obviously, AI has been a big part of security and threat monitoring for a very long time now, right?
That continues to be obviously one of the strengths of the Adlumin platform. I'll talk about that a little bit more deeply in a second. One of the things that you would see is not just the threat detection capabilities in the Adlumin platform, but the ability to respond automatically using AI, picking out what is the right remediation that needs to be dealt with. Is the right remediation, as I said, a recovery aspect? Is it a go back to manage because I want to reset passwords or I will need to confirm a new MFA token? The power of AI to be able to work across the platform and get quick remediation without human interaction is incredibly powerful. We could use it in our recovery platform.
Everyone knows that one of the keys about backing up and recovering data is do you have to perform adequate recovery testing, right? Are your backups viable? We give our Cove customers the ability to actually automate using AI that recovery testing. We will, on their behalf, use the AI agent to take those backups, restore them, and use AI to determine, yes, that restore was good, the machine booted, and here is the proof. They do not have to have a human being do it. This is where, as you start looking at, as AI comes out of the platform, it shows as useful features in each of the various solution sets that we offer, all by the learning that we get and the information that we get from a singular platform. Let us dig in a little bit to the underlying solution sets.
End Central, a world-renowned UEM product set. What does UEM really deal with? This is the ability for an IT administrator to be able to reach out to your asset, whether it's a laptop, a workstation, a cloud server, and perform IT actions. They're going to deploy software. They're going to run scripts. They're patching software. If you need IT help, they're remote controlling in, so you don't have to bring it to the IT help desk. That person can be anywhere in the world and can work with you remotely to get your computing resources into the right areas. It is super important here that End Central gives you the visibility and observability into your environment because it's this key observability and visibility and manageability that comes with End Central that really allows the IT administrator to have this basis of understanding and control.
Yes, if you get in trouble with your laptop, you can be helped and the data center can be managed, but it establishes the basis of control to understand what's on your network, who the users are, what identities are being used, what are typical actions, all of this information feeding in and giving an IT administrator control. This is how you do this automatically. This is the benefits of using End Central because when Kevin wants to jump in and give this out to his staff, we want to be able to use this really critical data-centric filtering because I can look at types of assets across my enterprise. And I can look at it across my business and say, "This is the policies that I want to automate.
These are the workflows that are important to me. If all the financial analysts who go out on the road and are creating research notes, they need to have these applications. They need to have their data backed up on a daily basis. I can automate that and monitor it for success. I can take the class of people who are in this room today as an IT administrator, set up monitors and rules, and have them automated such that no human then has to take care of ensuring that those are the policies and configurations that IT needs to keep you successful in your daily jobs each and every day. Now, this solution scales to tens of thousands of endpoints and allows them to create incredibly complex rules.
For those of you who have to separate your financial analysts from maybe your buy side and the sell side in the same firm, they can actually institute the rules so that those things happen automatically. It is these monitors. It is the power of being able to create exactly the business rules, the IT rules that are necessary that give End Central its tremendous power. The automation, the ability to be open, push and pull data in and out, and to drive this observability and visibility that everyone needs. It gives Kevin a bit of control over the sprawling IT enterprise that everyone finds themselves with. We see that our customers use this to accomplish a number of their business goals. They use it to drive great automation. They use this to drive security outcomes at the monitoring area.
They use this to make sure that their IT ecosystem is the system of truth to what's actually happening on their networks. An incredibly powerful set of capabilities. Now let's talk about Adlumin, right? Our security operations platform. We've talked a lot about how this works. If you think about it, we have this broad IT ecosystem of assets. There's a huge estate that has to be monitored. This is where the power of Adlumin comes in because really what they can do is ingest all of this data that's coming in, not just what you're seeing off all these endpoints, what's happening in the cloud, what's happening from SaaS applications, M365, Google Workspace, bring in all the data of what's happening and monitor for threats using AI to be able to understand exactly what's happening.
Yes, there's some of the simple things about, "Hey, I shouldn't be able to log in from China if I just worked a full day in New York." Those are the really basic cases. "Hey, does someone act differently? Their behaviors typically are 9:00 A.M. to 5:00 P.M. They're suddenly logging in in the middle of the night, and they're doing so from a VPN address located in Canada." That is just a little bit weirder, right? That should raise suspicion. You can look then for other things. This is where you're finding the needle in the haystack or finding the needle in the big pile of needles can be an incredibly complicated endeavor. This is where Adlumin shines. Getting rapid amounts of data and understanding it, filtering it down, using AI to find those threats, and then using AI to help remediate those threats.
It's incredibly powerful. It allows it to be used by customers in the mid-market and the SMB because they don't need to have this huge SOC across the board. We can lever this Adlumin solution to then provide SOC services. If there's using XDR, if you want to use it and it be your software solution, excellent. If you want to have N-able and Adlumin come together and provide outside business hour support, we can do that. If you're looking for a 24-by-7 monitoring solution, we can do that as well. This is how Kevin goes to sleep at night knowing that someone's got his back. Yeah, it's a lot of AI, and there's a lot of humans in his organization or in N-able helping him out a little bit.
He knows that he can go to sleep because someone's got his back and is monitoring that solution. What we see is that our customers are able to deploy the solution in minutes and get value. We've seen attacks where the solution was deployed in six minutes, and then within the next six hours, we were detecting things on the network and getting them remediations that they had not been able to find. This is leading to better outcomes that our customers feel immediately and are driving value across the board because it's easy to deploy, it's easy to use, and gives them the overall aspects of what they need to be able to do. As we think about how that Adlumin piece continues to drive value, we see the value that customers get. Again, it's that security blanket that happens across the board.
The last solution I want to talk a little bit about is our data protection solution. I know most folks are familiar with the space, but data protection really deals with the strengths that we have associated with getting data off of the IT assets, wherever they are, and getting them into a cloud. Cove is one of the first cloud-native SaaS data protection solutions in the marketplace. It is successful because it can get data from any source, whether, as I said, it is a laptop, a workstation, a database, M365, right? Getting data out of the cloud, getting it out of its natural state so that it is off of one place and into a secure vault where it can be stored, where it can be accessed, where it can be recovered from on a file-by-file basis, or if necessary, a full system basis.
This is driven by some real big differentiation because at the end of the day, how do you get all this data moved around and do so efficiently? We call this our True Delta technology. When you think about True Delta, this is the ability for us to move data around and into the cloud without impacting you while you work because no one wants to be able to have a database go down, right, while it's being backed up. You don't want to have your laptops be impacted with any type of speed issue while you're there. We can't guarantee that you have your laptop open at any given time. With Cove True Delta, in the background, little bits of data can be constantly put up to the cloud.
We are backing up data on a more regular basis with minimal impact to network and to the users that are using those software and data sources at any given time. Obviously, if you can get it to the cloud, you have to be able to restore it. The other magic to Cove is that you can restore this information to a different data source than the one you took it from. Imagine being able to pick up your laptop and be able to restore it into the cloud if necessary, right? This is the ability to be able to change form factor as you move forward. That is incredibly valuable because in a disaster, you do not know necessarily that you will have the hardware available that is exactly the exact same that you backed up from.
If you can restore to a virtual machine or you can restore to a cloud system, you're getting a lot more flexibility in the data resiliency that you have. When you think about it, if you go back to what Kevin needs to happen, Kevin needs that he needs to know that he can recover because there are lots of threats out there. Yes, we all hear about the external threat, right? If someone's stealing your data and being able to lock it up because a ransomware attack happens, right? You need to be able to get back and working as quickly as possible. There are other use cases out there. Sometimes a malicious insider, right, starts deleting files before they walk out the door. IT needs to be able to recover them.
Or it's somebody who accidentally deletes that PowerPoint presentation that they were supposed to give tomorrow, I don't know, at the New York Stock Exchange, and you might have to be able to recover that one really quickly too. Cove gives you the ability to know that that data is protected and to be able to recover under any number of circumstances very, very easily. If data gets compromised, being able to back up in time to a time before that compromise is incredibly powerful and incredibly reassuring. I talked a little bit about True Delta as one of the key differentiators of the Cove data recovery solution. It really boils down to the fact that data is off-site. What does that mean?
It means that as an IT administrator, I don't have to maintain my backups in a data closet because we all know that those data closets are going away, right? I don't need the people. I don't need the real estate. I can solve these problems in other ways. It's incredibly important that we're able to use these particular solutions. We're also able to now drive in the cloud looking for anomalies, which Cove Data Protection could look for anomalies in your data. Because you're using a cloud data protection platform, we can actually do additional work to find anomalies in your data. Hey, is there something changing in a weird pattern? Do you want to be aware of certain machines that are off schedule? Do you need to know new information?
More importantly, I think than all those things is the fact that when you use Cove Data Protection as the system for backing up data in your enterprise, there's only one place that you have to go and manage that. You're not using multiple backup solutions for laptops or for your cloud solutions or for your SaaS applications. You're going to one place, which means there's one set of rules. There's one set of permissions. There's one place that you go to recover. If you need it and if there's a crisis, you go to one place, you can see all the assets. You can make the decision about where you're going to recover them to and get that recovery happening within minutes as opposed to going to get to different systems in order to be successful. That's our Cove Data Recovery solution.
Again, customers get tremendous value out of this because it saves them time. It saves them money. It makes them more efficient. If you think about Kevin and his needs in the SMB and in the mid-market, he doesn't have that IT staff. He needs to be able to do these kinds of things effectively, efficiently, and with less human capital because he doesn't have the large IT team to be able to deal with it. If disaster strikes and he needs to do a disaster recovery test, he needs to be able to do that without necessarily waking up 30 people, but can he get just the people who he needs to be able to be successful? Customers feel this difference. They feel the end-to-end comfort. They feel protected. That's the power of Cove Data Protection. We bring all of these things together.
Each of our individual solutions manage, secure, recover. We wrap them around a set of APIs. They all look the same when you want to integrate. One of the things that we really try and move forward with is, as I said, making sure that we stay open. Why? Because we understand that these solutions exist in a broader IT ecosystem. Each of the solutions in the platform itself needs to be open so that Kevin can look at it and say, "Hey, I want to be able to plug this into ServiceNow," or, "I want to be able to plug this into other solutions that I'm using to manage my mid-market IT estate." APIs are incredibly important because it gives customers choice.
Yes, we're going to give them the best-of-breed solutions in our platform, but they're going to bring in other controls or other pieces that they want to bring together. Incredibly powerful to be able to fit into someone's IT ecosystem because we become a great partner for them in IT as opposed to telling them that it's only our way or the highway. One of the things this also drives is, of course, a rich set of partners and ecosystem partners that we're able to integrate with. Sometimes we'll build the integration, right?
We'll build an integration and say, "This is how you integrate with ServiceNow, and I use my AI-driven platform, and here's how you drive those pieces, and we can tie those things together." Or it'll be a piece where there's a ThreatLocker comes to us and says, "I want to make sure that you can deploy my software and manage my software from inside of End Central." They do that because we have an open set of APIs, and they can simply use those APIs from within their platform to take the right actions. Super powerful. We can also leverage this to drive business opportunities for us. John talked a little bit about this. As many of you who follow the story know, we have a very tight integration with SentinelOne.
That has allowed us to cross-sell some of these security tools directly to our customer base with an incredibly tight integration. Because we can provision and report and bill through our open APIs, we have business opportunities that the ecosystem and this openness provides as we look to be able to bring solutions to market. They could be things that they build. They could be things that we build, or they could be cross-sell opportunities that are even tighter. That entire continuum, because we are open and because we have these models, this entire continuum remains available to us across a wide variety of partners. The land of third-party integrations provides tremendous value and is built upon this open API and the way that we approach the IT ecosystem. Where do we go from here?
At the end of the day, it's still about making sure that Kevin can get some sleep, and Kevin feels better, and Kevin can be successful. We know it's a very dynamic market. We stay focused on continuing to build solutions that provide security and provide compliance for the mid-market and for the SMB moving forward. With that, I think we're going to take a little bit of a break, and we'll see you all in about 15 minutes.
Our distant drumlins, the roads I knew became a city. I wonder, will you wait for me? Although I'm far away, I know I'll stay. I know I'll stay right there with you. Though it might be too late, what would you say? What would you say? What would you do?
My filter high became one with the beams, but we fell like rain, got lost into the sea. If I do not know, the wind will carry me, so just hold tight. Though I am far away, I know I will stay. I know I will stay right there with you. Though it might be too late, what would you say? What would you say? What would you do? Over and over, many setting suns I have run. I have waited for the rain to come. When through that mist, I see the shape of you, and I know, and I know that I am in love with you. Though I am far away, I know I will stay. I know I will stay right there with you. Though it might be too late, what would you say? What would you say? What would you do?
I can't speak and I can't listen, and everyone is a curse or something worse. What can I say to the kid that made you complain and lie you were made to when you hate every God I pray to? Do not lie to me. I know I'm not as cool as I'd like to be. Why do you feel so down again? I know I'm not a very good friend. Why do you feel so down? Sure, there's not a big secret I have for. Why do you feel so down? Oh God, I know you think I'm safe and sound. I'm not. Why do you feel so down? I've gone weak and I'm sick of speaking. Hear me out, you're a cure or something more. I think you're one of a kind, so I'll never like myself.
I think you're older and wiser, so I won't let you tell. I think it over and over and hope you think and see. I think it over and over and hope I'm over you. Do not lie to me. I know I'm not as cool as I try to be. Why do you feel so down again? I know I'm not a very good friend. Why do you feel so down? Sure, there's not something I'm sick of. Why do you feel so down? Oh God, I know you think I'm safe and sound. I'm not. Why do you feel so down? One, I'm messed up again. One, I'm messed up again. One, I'm messed up again. One, do not lie to me. I know I'm not as cool as I try to be. Why do you feel so down again? I know I'm not a very good friend.
Why do you feel so down? Sure, there's not something that's sick of. Why do you feel so down? Oh God, I know you think I'm safe and sound. I'm not. Why do you feel so down? Why do you feel so down? I heard you sold the Amazon to show the country that you're from. You swear the world you want to be for finds something our people need. I'm faithless now, though you win every time, and I don't know how 'cause I haven't bought you, and I haven't sold me to people who'd like to get on TV. I heard you lose down the river somewhere. Six cars in this big bed. He got eyes, but he can't see. He talks like an angel, but he looks like me. Oh Lord, what if I be gone? I'm afraid. Oh God, I'm a father's son.
What you think you see? I know you can't even let me, but you can't stop me. Why would you lie? Why would you lie about how you feel? I'm on a mission. My mission is real. If you had a chance, it's you. You better know if I'm gonna burn your house down. Just break pieces of love when it gets me down. Oh Lord, how it gets me down. I heard you lose down the river somewhere. Six cars in this big bed. He got eyes, but he can't see. He talks like an angel, but he looks like me. Oh Lord. Play the beautiful game out in Brazil, 'cause everybody plays the beautiful game out in Brazil, 'cause it's all you've ever wanted, and it's all that you want still. Don't you want to play the beautiful game out in Brazil?
I want to play the beautiful game out in Brazil, 'cause everybody plays the beautiful game out in Brazil, and it's all you've ever wanted, and it's all that you want still. Don't you want to play the beautiful game out in Brazil? I heard you lose down the river somewhere. Six cars in this big bed. He got eyes, but he can't see. He talks like an angel, but he looks like me. I heard you lose down the river somewhere. Six cars in this big bed. He got eyes, but he can't see. He talks like an angel, but he looks like me. That was my triple collateral on free for all. Hopping on a train. How can I explain? Talking to myself. Will I see you again? We are always running for the thrill of it, thrill of it.
Always pushing up the hill, searching for the thrill of it. All along, all along, we are calling out loud again. Never looking down, I'm just ignoring what's in front of me. It's a crime not to be born, come on. I've been feeling off to be born, come on. Heart I'll never see. The love you found in me. Now it's changing all the time. Living in a rhythm where the minutes working overtime. We are always running for the thrill of it, thrill of it. Always pushing up the hill, searching for the thrill of it. All along, all along, we are calling out loud again. Never looking down, I'm just ignoring what's in front of me. It's a crime not to be born, come on. I've been feeling off to be born, come on. It's a crime not to be born, come on.
I've been feeling off to be born, come on. If you're not believing now. If you're not believing now. Don't stop, just keep going up. I'm your show, believe the world. So come on, deliver from inside. All we got is tuned and that is right to first light. It's a crime not to be born, come on. I've been feeling off to be born, come on. It's a crime not to be born, come on. I've been feeling off to be born. Just as you take my hand, just as you write my number down, just as the jokes are right, just as they play your favorite songs, you're better to disappear. No one will wind up like a spring before you had too much. Come back and focus again. The walls have been in shape. We gotta chase your cacophony. All blurred into one.
This place is on a mission before the night out, before the animal noises go. Look at cameras before you come much home. You run away from me before you're lost between the notes. The beat goes round and round. The beat goes round and round. I never really got it in. I just pretended that I did. It was a blur of instruments. The first time I saw that shot. It's coming in and out. Coming in and out. Coming in and out. Coming in and out. You run away from me before you're lost between the notes. Just as you take my mind, just as you dance with. It's a foreign embrace. The rain is my toothpaste spray. You hide each other as you pass. She looks great, you look bad. Not just once, not just twice. Wish you were in my hand.
You gotta have you can feel it on your back. You gotta feel it on your back. It's all falling into place. What you gonna do? You wanna get out? Tell me. What you gonna do? Do you wanna get out? What you gonna do? You wanna get out? What you gonna do? You wanna get out? Tell me. Get down on it. Get down on it. Get down on it. Get down on it. Come on, man. Get down on it. Get down on it. Get down on it. Get down on it. How you gonna do it if you really don't wanna dance by standing on the wall? Get your back up off the wall. Tell me. How you gonna do it if you really don't wanna dance by standing on the wall? Get your back up off the wall.
'Cause I heard all the people saying, "Get down on it." Come on, man. Get down on it. If you really want it, get down on it. You gotta feel it. Get down on it. Get down on it. Get down on it. Come on, man. Get down on it. Baby, baby. Get down on it. Get on it. Get down on it. I say, people, what? What you gonna do? You gotta get on the groove. If you want your body to move, tell me, baby. How you gonna do it if you really don't wanna dance by standing on the wall? Get your back up off the wall. Tell me. How you gonna do it if you really won't take a chance by standing on the wall? Get your back up off the wall. 'Cause I heard all the people saying, "Get down on it.
Get down on it. Get down on it. Get down on it. Winging dancing. Get down on it. Get down on it. Get down on it. Get down on it. Get down on it. Come on, man. Get down on it. Baby, baby. Get down on it. Get on it. Get down on it.
Our presentation will be starting again in a few minutes. Please come back in and take your seats. Thank you.
Get your back up off the wall. Dance, come on. Get your back up. Dance, come on. Get down on it. Come on, man. Get down on it. If you really want it, get down on it. You gotta feel it. Get down on it. Get down on it. Get down on it. Come on, man. Get down on it. Get down on it. Get down on it. While you're dancing, get down on it.
Get down on it. Get down on it. Down, down, down. Whoa, whoa, whoa, yeah. Get down on it. Down, down, down. You move me, baby, when you move. Get down on it. Down, down, down. Get down on it. Down, down, down. Get down on it. Down, down, down. Get down on it. Get your back up off the wall. Get down on it. Down, down, down. Get down on it. Down, down, down. Get down on it. Down, down, down. Get down on it. Get your back up off the wall. Get down on it. Down, down, down. Get down on it. Get down on it. Girl, close your eyes. Let that rhythm get to you. Don't try to fight it. There ain't nothing that you can do. Relax your mind. Lay back and groove with your mind.
You gotta feel that beat, and we can ride the boogie. Share that beat of love. I wanna rock with you all night. Dance you into sunlight. I wanna rock with you all night. Don't know what the night will bring. Out on the floor, there ain't no one to burn us. Girl, when you dance, there's a magic that must be loved. Just take it slow. You got so far to go. When you feel that beat, and we gonna ride the boogie. Share that beat of love. I wanna rock with you all night. Dance you into sunlight. I wanna rock with you all night. We gonna rock the night away. You can win the groove if you let it go. You know that love survives. So we can rock forever. I wanna rock with you. I wanna be with you.
OnePath is an IT managed services company, and we're headquartered out of Atlanta, Georgia. We serve companies who are 20, 30 employee type businesses all the way to multiple thousand employee organizations.
My name is Yazan, a network and cloud solutions consultant. I'm working in ReCycles, a leading IT solutions provider based in Dubai, United Arab Emirates. We have been delivering IT solutions and management services since 2014 in Jordan's market, and recently we have moved to Dubai for expanding our growing list of 65 clients, providing IT solutions serving businesses of all sizes, from small to enterprise across the Middle East.
I am Rebecca Romine. I'm the IT manager with SRP Companies. SRP delivers complete retail solutions across North America for several different grocery stores, convenience stores, amusement parks, and many more.
A key highlight of the experience with N-able's End Central is its ability to provide a comprehensive and centralized platform for managing IT infrastructure. We have experienced a notable decrease in downtime, ensuring continuous operations and productivity thanks to proactive monitoring and issues detection.
We uncovered Cove, and we went through the normal evaluation process from a technical perspective, and our technical folks were enamored with the product, absolutely enamored with it. You know, all the labor component, it has made a markedly decreased. We're not spending near as much time administering these platforms, three different platforms, as we are now. Just in licensing costs, I'm not sure if I should say this, but I'm going to save about $20,500 a month. We were blown away with the MDR product from N-able.
With N-able MDR, a lot of the struggles that we had as an MSP were immediately alleviated. The initial investigation, ruling out the white noise and the false positives, that is all done for us, and we are only getting the escalations to our SOC team that need to be reacted to. Now I do not need to plan for expanding the tier one SOC team for this year. It is built into the MDR platform, and it scales appropriately as we bring new customers on.
I would confidently recommend N-able to my peers as it has significantly contributed to our success and could likewise really benefit other businesses or organizations.
My experience, particularly with N-able, has been one of the richest, deepest relationships. The team from N-able really cares about our business, is engaged, and willing to jump in and help on any topic.
I find that it's one of the best partnerships we have today, and it's one of the main reasons I really love doing business with N-able.
Good morning and welcome back. Hopefully, you had the opportunity to get some refreshments and, more importantly, get some caffeine in you. I'm Frank Coletti, Chief Revenue Officer, and I've been part of this dynamic and growing industry and part of N-able's go-to-market team for the past 20 years. You heard that right, the past 20 years. I'm excited to be here today. I'm excited to share with you our multi-dimensional go-to-market strategy and also talk to you about our customers, the customers we serve. For the past two decades, I've traveled the globe and met with customers and have built a network across the globe, working with them day in and day out, understanding their needs and their requirements.
I have witnessed numerous technologies come and go, trends come and go, competitors come and go, but one thing has stayed consistent, and that has been our competitiveness, our ability to connect with our customers, our ability to understand how to meet the needs from a technology perspective and a business perspective. We constantly listen to our customers, and we work with them on a day-to-day basis, and that gives us a competitive edge in the marketplace. It is a mindset. It is in our DNA, and it is who we are. I am excited to walk you through our journey today. At the core of our approach is a channel-driven model to access millions of SMB and mid-market customers. We have a one-to-many strategy. Why is that important? That is important because rather than trying to sell to every single one of those million SMB and mid-market customers, we leverage the channel.
We leverage them to act as a bridge between us and the SMB. What this does is drive scalability and reach for us globally. You saw in John's presentation that we manage 9 million endpoints globally. That is across 500,000 small, medium businesses and mid-market customers. Unlike other vendors that are trying to get into this space, N-able was born in this space. It has evolved in its space, and we have evolved with our customers. That gives us an advantage to understand their challenges and their needs. We have built technologies from our unified endpoint management to our data protection and our security offerings to meet the needs of those customers. Customers want to work with N-able because of our partnership. They want to work with us because of our technology.
This is a critical market that represents a huge opportunity and represents a $2.1 trillion spend across the entire market. We're a global company with a local touch and a customer-first approach. Approximately 45% of our revenue comes from outside of the U.S. That's a lot of travel. It's a lot of air miles. It's a lot of dinners. It's a lot of places that I've been from Finland to parts of the U.K., Western Europe, and all the way down to Australia. We've built an international business, and it's been fun, but it's been challenging. It's been a roller coaster of change that we've seen in this market. We serve both emerging markets like Brazil and also established economies like the U.K. or Germany or North America.
What this has allowed us to do is replicate our go-to-market strategy on a global scale. Having these partnerships, having these relationships in the local market allows us to drive our business forward. Our partners have gone through a transformation, our customers. The coming together of the managed service provider, the MSP, and the value-added reseller and distribution network has really given us an advantage to take advantage of the changes that we're seeing. As you saw in the video, we serve two different ICPs. Mike talked to you about Kevin, the IT professional, and John introduced Mark, the MSP. Let's introduce Vince, the value-added reseller. As we've talked about, the MSP provides that complete end-to-end service offering for IT and security needs for an SMB or a mid-market customer.
Vince focuses on delivering best-of-class technologies to a mid-market customer or an IT professional that's looking to protect their environment. In some cases, they outsource parts of their IT, and in many cases, they just look for technologies or some form of co-managed. N-able brings two elements to the table that allows us to work with these partners on a global scale. The first is our product, is our platform, the N-able platform, a cyber-resilient platform made up of three solution areas. I get excited every day in training my team, enabling my team to go to market and win in each of those three categories because we have the best-of-breed technologies that allows us to win.
We couple all of our go-to-market programs to meet the needs of the market across the globe to give our customers the best advantage, a competitive advantage in their market, in their local markets to be successful. We do not just say that we are a leader. We have a proven track record, and we have a proven brand in the market from analysts to publication and to our customers year after year after year. We have achieved and received many accolades across the globe, and we are extremely proud of that because that is what drives our reputation. If you work in the channel, having those relationships, being consistent day in and day out is what matters.
The minute you break that trust, you lose that relationship, and you lose access to those millions of SMBs and mid-market customers because it's impossible to reach all of them without the power of the channel. That is why we have many top customers across the globe, be it the CRN list or other elite customers across the globe. That has allowed us to win the right relationships and bring our programs forward. Now, there are three critical levers in our business. We have established our ICP. The first lever is delivering a cyber-resilient offering across our land and expand motion, how we bring customers in and how we build our customers. The second is taking that land and expand formula and applying it to the channel and the mid-market channel. The third is about fueling customer success, our DNA, our differentiator, our competitive moat in the marketplace.
Our land motion has just been supercharged with the addition of the Adlumin XDR and MDR offering. A few years ago, my sales team predominantly led with our unified endpoint offering. That unified endpoint offering allowed us to land thousands of customers, and it allowed us to cross-sell data protection and security offerings. As we got successful, we saw a lot of demand in the market, and we rebranded Cove, and we invested in Cove, and we started to land new customers and new cohorts with data protection and Cove. That allowed us to have two routes to market. Now with the addition of Adlumin and our own security IP, which is a greenfield opportunity for us, we're now landing customers in a third route to market.
That's allowing us to win more customers, and that's allowing my reps to have more at-bats to generate more opportunities and to win. A few years ago, when we approached the market, if they had a Cove Data Protection, so if they had a data protection offering and they were in a contract, we'd have to walk away, and we couldn't compete. Today, we could offer them the Adlumin security suite. Or if they were using a unified endpoint management offering, we now can offer them a Cove Data Protection offering. What this has done is created a repeatable and a multi-pronged go-to-market approach that allows us to build those cohorts of the future. More importantly, it's allowed us to build specialized sales teams that can compete in each of these three categories.
We compete every day in security against Arctic Wolf, eSentire, or Huntress, and we win. We compete in data protection against Datto or Veeam each day, and we win. In the UEM space against our known competitors. By having a specialized sales team, we can go deep into each space, and we can win against the competitors and take advantage of the technologies that we bring them. Now, the proof is in our bookings. As you can see, we have a 25% CAGR over the course of the past three years. Bookings are what my reps do. They land new logos, and they cross-sell and upsell those new logos. Our bookings are a leading indicator of our business. I get excited, and I get confident about the way that we're winning and the acceleration that we're having in our business.
What is unique is the way each of the three categories are growing along the way. That has given us the right validation that we have the technology at the right time for our customers. Now that we have established how to land a customer, it is time to expand them into that vast white space that we have. This is the secret sauce to our model, the most important part, the expand motion within our business. There are two ways that we expand, active and passive. First, in the active state, opportunities are created within the platform. The platform has product-led growth built into it. Because of the way the platform is built and the common experience across the platform, customers are able to experience not only unified endpoint management, but data protection and security.
This is where my reps spend their time, upselling and cross-selling through the platform. The second way is through a passive expand. This is where there is no go-to-market involvement. This is really important because every time we land an MSP, we grow. Every time that MSP adds an SME, we grow. Every time that SME adds a user, we grow. As you add more technology and solutions to that endpoint, be it data protection or security, we grow. The product has just a natural consumption model built into it that allows us to expand and to grow. This creates a natural force multiplier for us in our business. It has allowed us to take the opportunity per device over the past few years and bring it up to $30.
That allows us to really address a lot of the white space within our business. On top of that, our partners are ecstatic about this part of our model because, number one, the platform is driving product-led growth. Number two, we have simplified their billing. Now they can deal with one vendor in three categories. We have reduced the vendor sprawl that they need. That reduces the cost within their business, and they can partner with one vendor that brings them three best-of-breed technologies in the right space. This is what an active and a passive MSP customer looks like in practice. It demonstrates the power of the model. This is Mark, the MSP. They are a $100 million MSP in the Southeast with hundreds of customers. They specialize in network management. They specialize in cloud services and cybersecurity. They are a longtime partner of N-able.
What's interesting about this partner is they've gone through the full evolution from being a local MSP to a regional MSP and now to a national MSP. They've gone through that transformation that John talked about, the blurring of the lines. Along the way, they've done multiple acquisitions, not only of other MSPs, but of value-added resellers. They serve not only the SMB, but the mid-market. Having that ability has allowed them to grow quite nicely, as you could see. There's still room to grow significantly. They've just started to adopt the Adlumin XDR, MDR platform. There is lots of white space for them to still penetrate across their entire customer base. That allows them the competitive advantage to go to market with all three offerings. That was the MSP model. Now let's take a look at the mid-market.
This is a growing part of our business. This is the market that you're typically accustomed to, where you have the disty VAR network. This part of the business gets me excited because I have access to thousands of sellers, additional sellers than to the N-able sellers. It is a different type of a leverage model within our business because now when you take our land and expand model and you apply it to this model, it can supercharge that growth. Adlumin was a natural fit. They came into N-able with their own channel, and that channel created a lot of synergies. What it allowed us to do was take our North American channel and accelerate it in a much faster way. It brought us a lot of best practices that we're now able to expand internationally in the U.K., in parts of Europe, and in Australia.
Illumen provided a catalyst for this part of our business. We went out and hired key executives with the right relationships internationally to take advantage of those programs. Of course, we modified and invested in our programs to take advantage of it. When you apply that land and expand strategy to this evolving part of our customer base, it allows us to pull the lever of growth. You can see that in this case study. This is Vince the VAR. Vince has an accelerating business. He's out there talking to customers, owns the relationships with those SMB and mid-market customers. Vince is based in the Northeast. He has thousands of customers, approximately 2,600 employees, and focuses on the commercial, sled, and manufacturing industry.
You can see that, again, they've done quite well at selling, in their case, data protection and with a big spike in 2024. That spike in 2024 was because of the synergies. They were both an N-able partner, customer, excuse me, and an Adlumin customer. Now we have the opportunity to cross-sell both ways into this base because of that power of the channel. The channel for us is very important. When you take a look at this lever, taking that land strategy and bringing that to our customers and then applying the expand component to it gives us the ability to pull on this lever and move up market to those mid-market customers. The third lever is customer success, our competitive moat, our differentiator.
I can tell you that in our 20-year history, I have heard partners say time and time again, "Wow, it's a breath of fresh air working with you. Wow, so impressed with your programs." That is what Vince and Mark are looking for. They are looking for that trusted partner, someone that can bring them programs and technology to go to market and be successful. It is in our DNA. It is who we are. We go above and beyond. There are reasons for that. We will talk about that. The technology is critical, but the relationship is more important at times. The reason for that is because our customers are the men and women in the arena. They are the last line of defense in the market. I will give you a couple of examples because there are many of them. I have received numerous text messages or calls from customers.
One sticks out from a customer of ours who said, "One of your solution engineers, they were at dinner with their family at the Outback restaurant, and they helped me with a restore. They just saved me hours of work and downtime for one of my customers." A customer of mine in Texas said, "I can't believe it. One of your sales engineers came all the way across town and spent the night helping me get all of my devices up and running because they knew exactly how to build automation scripts within our UEM platform." There are many of these cases. That is really important because when you look across these industries, our technology is mission-critical. It is mission-critical to their business. It is important in order for us to establish the relationships with our customers that we do these types of things.
It is exciting because it happens organically within the business. The Adlumin business and the Adlumin channel have a very similar approach, focusing on that channel to drive growth. When you look at all three of the levers, they work hand in hand. Number one, landing customers and then expanding those customers through our cyber-resilient platform. Secondly, taking that and applying it to an adjacent market that is growing, that is merging with the MSP market. Thirdly, taking our DNA, our customer success, and applying it right across the entire group.
As I look forward, as I look to the growth of our business, as I look to the levers, I get excited because my sales team, my go-to-market team that we work with every day, we're focused on making sure that we're bringing those technologies to our customers, that we're training them on how to beat the competition, on how to win, and how to land more and more customers, and then how to expand those cohorts. The customers always come first. Because of the best-of-breed technology, we're able to focus on that aspect of our business. We've talked a lot today about our model, the ability for us to reach millions of SMB and mid-market customers. There are three key takeaways.
We are a channel-driven organization, and we're focused on the SMB and the mid-market, which represents a huge growth opportunity, three markets that are growing. We have the power in our N-able platform, our cyber-resilient platform made up of three core solution groups that are meeting the need of the market. Our sales teams are perfectly positioned to take advantage of that. Lastly, our customer success. It's in our DNA. It's who we are. It's spread right across those 1,800 N-ablites that we have across the globe. I get excited at the opportunity that we have to continually grow this company and ensure that we reach success. With that, I'd like to turn it over to our CFO, Tim O'Brien. Thank you.
Thanks, Frank. It's good to see you all here today. Thanks to those joining us virtually as well. For those of you that don't know me, I'm Tim O'Brien. I'm the CFO here at N-able. I've been in the high-tech space my whole career and spent the last 12 years here at N-able. I've seen the industry grow and evolve considerably over this period and into the strong and growing market that it is today. I'm excited to walk through the business model, the efficiency that it drives, and the many growth levers that we have. I'll start with a look back on the strong performance of our business since the spinout in 2021 and unpack some of the dynamics of the 2025 outlook. Next, I'll walk through the key growth drivers and opportunities that we are executing on.
Lastly, I'll make you wait until the end for our target model and growth algorithm and how we plan to achieve it. Our results have been strong and steady for a long time, but I'll focus in more on the period since the spinoff in 2021. The midpoint of our guidance for 2025 has us approaching $500 million in revenue. We expect to surpass $500 million in ARR this year as well. Our average revenue CAGR has been about 12% over that period of 2021 to 2024. Over that same period, we've produced a cumulative adjusted EBITDA margin of 34%. John touched on this. We are strong believers in running profitable businesses, balancing growth and profit. That's what we have done, and that's what we will continue to do here at N-able.
These charts show the annual consistency of how we've delivered on a rule of 40 or greater business over the past four years. Sorry, over the past four years. We've been able to grow both revenue and EBITDA on a double-digit CAGR of 12% and 14%. The results have been consistent. We've added about $115 million or more of revenue since the spinoff, again, producing that 12% CAGR. The key drivers of growth over this period have been data protection, endpoint security, and UEM. We've produced consistent results quarterly, either meeting or beating our guidance every quarter. We've steadily increased the revenue per customer at a 12% CAGR since the spin. This represents the power of the business model. This represents the power of the cross-sell part of our business model.
It is a key part of what drives the levels of profitability that we have been able to achieve. I want to reiterate our 2025 guidance, and I also want to unpack some of the dynamics in our 2025 outlook. As a reminder, about 50% of our business is outside of the U.S. We have assumed FX rates of 1.04 for the euro and 1.25 for the pound in our outlook. On ARR, we guided $514-$522 million in ARR, which represents about 7%-9% in constant currency. I want to make sure it is clear that this is on a like-for-like basis versus 2024 as the Adlumin deal was closed on November 20 of 2024. The velocity of the Adlumin channel business, which is growing faster than the overall N-able business, is driving about a point of positive impact to growth in 2025.
Revenue on a constant currency basis of 6-8% includes a 4% headwind due to the ASC 606 revenue recognition dynamics from our long-term contracts. We also have a 4% tailwind from the inorganic impact of the Adlumin acquisition on 2025. Those two factors on revenue are generally neutralizing each other. Our adjusted EBITDA margin will be below our target model for 2025. We have lifted out the breakdown of some of those dynamics on bridging 2024 to 2025. The Adlumin acquisition is driving about three points of impact. The ASC 606 headwinds are driving about two points of impact. We are investing in a new site in India from a development perspective. In 2025, that will have about a point of impact. Between other income and other investments across the business, those make up the balance of the bridge.
Lastly, we expect to convert about 65% of our EBITDA to unlevered free cash flow in 2025. I'm going to walk through the growth opportunity that N-able has in front of it and how we plan to grow the business over the next three years or so. Driving security success. We've got best-of-breed solutions with Cove, Adlumin, and UEM that put us in a great position to capitalize on three large growing markets. We'll be scaling and expanding our go-to-market to capture all channels that the SMBs and the mid-market are driving their IT spend through globally. We'll be executing on the large white space opportunity that we have sitting in the current customer base and product portfolio, which has doubled since 2021. Starting with new customer acquisition, this breaks down the new customer contribution of our growth algorithm. It's been touched on by others.
We've historically landed new customers with UEM and then cross-sold Cove and security either at the initial point of sale or in subsequent periods. This evolved in 2022 when we created the Cove brand in data protection and began landing materially more new customers in 2023. Here we go. They're changing screens on me back here. This evolved in 2025 with the Adlumin acquisition. So Adlumin, via the disty VAR channel, which they built, they've been able to produce a significant amount of new business coming through that channel. Now in 2025, on top of the Adlumin business and the model that they've operated in, we're going to begin landing new customers with Adlumin via the MSP channel. We'll begin pushing UEM and Cove platforms through the disty VAR channel in a much more proactive fashion in 2025.
You can really see the mix shift that's happened over the past four years. We've gone from, you can see primarily the majority coming from the UEM offering now to a pretty balanced mix between all three categories in 2024. We expect that to continue to evolve into 2025 and beyond. I touched on the fact that at point of sale, we do look to cross-sell and sell the portfolio of products. We don't just sell a single category at a time and then in subsequent periods look at it. In 2024, about 23% of our ARR came from multi-SKU transactions in 2024. That's something we plan to lean into. We've been beta testing some bundling strategies that we look to more formalize in the back half of 2025 this year. This is a breakdown of the evolution of the sales capacity in 2025 versus 2023.
It was touched on the big opportunity that we have, but not as proactively focused on as a business over the past three or four years in that disty VAR channel, which is substantially bigger than the MSP channel from an opportunity standpoint. You can see where our weight was in 2023 at about the inverse of where the actual market opportunity is based on our history. In 2025, we are really evolving the sales capacity to better balance where the market opportunity is. The MSP business continues to be the majority of the sales capacity. The MSP capacity has grown at a double-digit CAGR still from 2023 to 2025. We believe a mix shift here will help us achieve our goal of accelerating ARR growth in 2025 and beyond. We have touched on the large opportunity that we have sitting inside of our customer base.
This breaks it down in a little bit more granular fraction as to where it sits. John and Frank previously covered the $30 per device per month opportunity that we have inside of the portfolio and across the customer base. This opportunity has doubled since the spin. The key drivers of that doubling, one has been Adlumin, and two has been new features on Cove with recovery testing and disaster recovery as a service. The three new customer acquisition paths that we now go with between UEM, security, and data protection will continue to fuel the cross-sell opportunity as we execute on this in the coming years. Cross-sell is a big part of the growth algorithm, and it's also a very efficient part of the business model as the cost to drive cross-sell revenue is far less than that of landing new customers.
The top chart's a good representation of the power of the cross-sell in the model. Customer ASP has grown at a CAGR of 12% since the spin. I also wanted to touch on the strategy around the long-term contract initiative as well. We started 2024 with about 8% in committed ARR. That evolved to about 57% of committed ARR exiting 2024. There are a few reasons why we drove that strategy in 2024. One, we saw some aggressive pricing strategies leveraged by some of our competition. Two, the consolidation theme within the MSP space has continued over the past three or four years. Probably most importantly, with the great cross-sell opportunity that we have in front of us to execute on, this really allows us to go on the offensive with these customers when they're in these committed contracts.
The ARR over $50,000 continues to become a bigger part of the business. We have historically driven about two to three percentage points of better gross retention from this category of customers versus the overall business. In 2024, the $50,000 customers felt more of the impact of the optimization that we drove from the long-term contract initiative. About two-thirds of the ARR that we have committed is in this category. That is part of the slight trendline dip in 2024. It felt the optimization piece more materially from the long-term contracts. This group also makes up the lion's share of the multi-year deals that we have within that committed customer base. This is probably one of the slides which brought you all here today. I want to talk through the components of how we chart our path to a billion dollars in ARR.
We've broken down the current size of the UEM, data protection, and security aspects of the business, as well as the market growth outlook for each of these categories. We mentioned recently that data protection was now the largest component of the business. Data protection and security are two-thirds of the business, with UEM making up the other third. We've historically been overweight with our UEM revenue as it relates to the overall market size and market growth. We have just added Adlumin and XDR MDR offering. We believe this subsegment of the security market is outgrowing the broader security market rate. Our strategy here will be to leverage the UEM to drive growth across the security and data protection markets, two markets that are larger and growing faster than UEM.
We believe the best-in-class offerings in all three categories in these markets that are all growing will be a winning strategy for the long term as we execute on these targets. The key drivers of how we drive overall ARR growth. I'll start with our gross retention. Exiting 2024, this was at about 85%. This includes about 2% impact from the optimization that we saw from our long-term contract initiatives. The key drivers of improvement here are driving the long-term contract renewals and lapping the periods of optimization that we felt in 2024. Also, as the 50K customers make up a bigger part of the business, and reminder, the retention there is about two to three points better versus the total company, there'll be a natural tailwind in the business as that group of customers begins to make up a bigger portion of the overall ARR of N-able.
Looking at the expansion piece between gross retention and net retention, we expect this to be about 20% or more across these three key drivers, the biggest component being the cross-sell of the product portfolio and burning down the white space opportunity that we have in the customer base. Next, we will be on the piece that Frank just touched on, on the growth from the SMB and mid-market capacity expansion. That comes in a few different flavors. One, when MSPs land new SMBs, we grow. When SMBs hire new employees, we grow. Also, the dynamic of the usage that happens in the model after the sales teams and the go-to-market teams drive either a new SKU or a new customer business. Our products just allow them to use past whatever their initial purchase was. That falls into this category as well.
The last piece is on pricing and packaging. I mentioned that we plan to bring some more bundling strategies to market in the back half of 2025. We also do our annual price increase, which I would expect to be in the 1-2% range as we move forward from an impact on the model. Lastly, on the new customer piece, this has historically been about 4% from a growth algorithm standpoint. There are some new dynamics at play that give us opportunities to really perform better on the new component of the growth algorithm. One, we are going to begin selling Adlumin to the new MSP customers. The Adlumin Disty Var channel that Adlumin built their business on also has a much higher mix of new business just due to where they are at in their life cycle.
We are also going to bring the Cove and UEM offerings into that disty VAR channel in a much more proactive fashion as we go into 2025 and beyond. This is probably the other slide that has brought most of you here today. We plan to operate at scale in a rule of 45 or better model balancing growth and profit. Gross margins are expected to be in the 80% range, assuming a slight mix shift in revenue with the Adlumin portfolio outpacing overall company revenue growth. To be clear, Adlumin will produce quality software margins through AI and automation as we scale. Rob touched on the fact that over 80% is non-human touch at this point, and there is room to improve that as we go. On the sales and marketing front, we expect to gain leverage as we grow into the Adlumin acquisition.
We execute on a more efficient cross-sell sale and begin to realize the return on the new channel investments that we've been making. On the R&D front, we expect to gain leverage as we build out our new India development site. We realize increased velocity with the modernization efforts that have been ongoing and the leverage of AI. On the G&A front, we expect to gain leverage as we scale the business, again, leverage automation and AI within the G&A functions, and also leverage some lower-cost site utilization. This all amounts to an adjusted EBITDA range of about 32%-36%, which is where we have been operating with a cumulative EBITDA of about 34% from 2021 to 2024. Our confidence is high to continue to operate in this range as the business grows and scales.
We expect to drive mid 20% unlevered free cash flow margin with conversion of EBITDA to unlevered free cash flow of about 70% in our target model. From a CapEx perspective, we expect to be in the 5% range as a percentage of revenue. On the cash tax front, we generally pay most of our cash taxes in the U.K. and Canada, which dates back to the origins of the N-able business. Historically, our deferred revenue has generally been flat. Our net working capital has been slightly negative due to the monthly billing nature that we have in the MSP channel. Our net working capital will improve with the Adlumin acquisition and the Disty Var channel expansion as both of those channels bill annually upfront versus month to month.
Lastly, our dilution has been pretty minimal since the spinoff, and we expect it to remain at less than 3% as we move forward. On the capital allocation front, our strategy here is to drive enterprise value. We started at about three times leverage at the time of the spinoff, and we brought this down to just under one prior to the Adlumin acquisition. We have been active on the M&A front the past couple of years, which resulted in the acquisition of Adlumin in November of 2024. We recently added the ability to buy back shares with the authorization that we announced yesterday.
Looking at the course of 2025, we'll assess the capital allocation opportunities that we have on both the M&A and the buyback front with the focus on driving shareholder value while keeping focus on the leverage as we assess these capital allocation opportunities. Lastly, why N-able? Our best-in-breed products and people are serving large and growing markets. Our best-in-breed product strategy is resonating in the market, and we believe this will be a long-term winning strategy. We are penetrating our target market of SMBs and the mid-market through multiple different efficient channels, driving strong profitability and cash flow, and we'll continue to operate in a balanced fashion, driving growth at healthy profit levels. With that, we can open it up for Q&A. Take a demographic cheers.
Sure.
Now they've got nicer chairs back there.
These ones? These other ones?
Sure. Sure.
Put me in the hot seat.
That's it.
Where do we want to go? The left or the right? Keith.
I wanted to ask about the dynamics of your longer-term strategy on one factor you're looking to go up market, if you will, from the traditional focus on MSPs to the mid-market. Yet you're also trying to increase your margins, and your R&D budget is 15%-17% of the valuation of your venture. When you think about that, when you go to mid-market, you're going to embrace a new set of competitors, right? It's not going to be your typical vendors because some of the companies are large organizations with a much larger R&D budget. I'm just wondering how you balance those tensions on going more against the pure players who have larger budgets, and yet you're trying to grow your margins at the same margin.
Sure. I'll start, and anyone can hop in. Great question. I'd say it's a couple of different things. One, we're winning against the mid-market right now. Our data protection offering is winning against the Veeams, is winning against the Rubriks, is winning against the DATOs. We're winning today. We just really haven't invested in really the channel, to be frank. Rob's solution wins against the Arctic Wolfs, wins against a whole slew of shops that are also focused on the mid-market. Frankly, what we're really doing is looking instead of figuring out ways to climb the tree and pick the fruit up, we were saying, "Hey, we just need to pick the fruit up off the ground." The opportunity's there. The solutions are built for the mid-market. The other thing is bringing that whole resiliency platform, that complete end-to-end.
Nobody else—I will challenge the room—nobody else is going from the whole suite. This need and this merger of the IT ops and SecOps, it is not just at the small shops of the SME, it is also at the mid-market. It is a differentiator. Our R&D has been efficient. I think we can, as Tim mentioned in the bit, we are going to continue to leverage India a bit more so we can gain a little bit more efficiency there. The solutions win. They win today. What this is is just adding a little bit more gas on our sales and marketing, leveraging the channel that Rob built. We have actually been building this channel prior. Frank mentioned internationally, we brought on a couple of different leaders. We had a couple of press releases that you guys can see.
We brought folks that built global best-in-class channels, and we're beginning to leverage that. We believe it'll scale nicely. Frankly, when we look at the product roadmaps, they're winning today. We do not need to really lean in and do an exponentially kind of different change in what we're delivering today. The solutions are winning.
Is there a parameter that you define?
Yeah. Thank you. In case anybody couldn't hear me before, is there a parameter that you define the SMB? In other words, 2,000, 3,000, 5,000 seats? Is there some upper bounds that you think are natural?
I think we typically look at the sweet spot as 2,500 seats in Dallas at 2,000, 2,500 seats on down. I don't know, Rob, if you're looking at a different—but that is typically speaking, that's what we believe to be that sweet spot.
Okay. Thank you.
Mike.
Oh, thanks.
Thanks, guys. Mike Cikos from Needham & Company. Just wanted to ask on the go-to-market and some of the ARR disclosures. And thanks for doing this, right? On the ARR, I think you said about 15% of calendar 2024 is tied to VARs, Disty's Direct, which puts you at about $70 million plus in ARR tied to that channel. I imagine, call it about $22 million is from Adlumin following this acquisition. You guys were already successfully moving in that direction anyway. I'm just trying to get a sense of how additive Adlumin is from that angle, or maybe I'm just misinterpreting.
I think your math is actually spot on. Maybe the part that I need to emphasize, we were not marketing or selling to this area, but they were buying from us. Actually, I think you said it in the dry run.
I don't know if you said it today. A lot of our wins in this mid-market was through indirect. We would be marketing, and we would be indirectly getting these mid-market personas to come in through our door. Truthfully, this has not been a direct thing. Remember our origins. When we were part of SolarWinds, frankly, we were not really allowed to sell into the mid-market or to the enterprise. For those of us that have followed the space, whatever we got was because they came to us. Really, frankly, it's a little bit of focus, a little bit of our messaging. You'll start seeing our messaging starting to speak of personas, starting to see me use words like mid-market a little bit more. We'll be going there.
We'll start to attend events like RSA that we'll be attending as a full cyber resiliency platform targeted to the mid-market because we see this gap. We see the enterprise players. They're not able to service the mid-market or the small medium enterprise the way that we should be able to, and they don't have the complete IT platform that we have. It's really that focus, Mike. Your math was right. We have been, I would say, gathering the fruit off the ground from the mid-markets, but now we're going to actually try. Now we're going to put some sales and marketing focus to it, change a little bit of the way that we position, and put money in the channel. As Frank mentioned, and we're all EBITDA Hawks, myself included, this is a different leverage, right?
The MSP has a fantastic leverage model, but these resellers have a very similar leverage model. I went to a large reseller in Portsmouth, New Hampshire. I'm in the Boston area. I walked in, and I looked at their website first, and they talked solution provider, solution provider. I said, "Okay, they're MSPs." I walk in, and they have an MSP practice, but they're a solution provider. Their sales team is as big as the N-able sales team in Portsmouth, New Hampshire. Now what our CAMs that came from the Adlumin side, what they're doing is educating this huge sales team, not just with the Adlumin XDR solution, but with the Cove solution and the UEM solutions. Now we have this huge other type of leverage model, right, that was never before.
The fact that they had success with the Adlumin model, they're building that success there. We believe we can displace and add on to these resellers' bench and get better penetration in the mid-market by trying and focusing in a little bit more. There does seem—maybe just a little bit more color. Prior to the Adlumin, it was more of a 90-10. When you do that math, of the 10, only about 2% was really through the Disty VAR channel. The other 8% came directly to us, and we transacted directly with the end customer. More like in that indirect model, "Hey, you want to buy the software? We will let you buy the software," was more that model. It was really only 2% or so prior to Adlumin was really in the—I almost lost the water there—in the VAR reseller model.
One, we picked that up with the Adlumin acquisition, five points there. The investment we were making is in that channel model versus that indirect kind of model that people were coming to us with. There sometimes seems to be a little misconception that these two channel go-to-market strategies are so different from each other. They are not. They are very close cousins of each other, to speak metaphorically. They are exactly the same. VARs, channel strategies, VARs want to be MSPs. The nice thing about the VAR, though, is the SME, the end customer that sits beyond the VAR, is typically larger. An MSP, your average SME size, so the dentist office or whatever that sits beyond it, might only be an average of 50 users.
Whereas in the VAR space, historically, they came from resellers, they became VARs, they want to become MSPs, but they have larger customers. The average customer size there is 250, right? The ASPs are just higher, but the motion, the go-to-market motion, is no different. It is a historical legacy misconception that these two are different motions. They are channel strategies, but they serve slightly different segments, arguably the VAR segment. Same channel strategy as the MSP, larger ASPs. I will go to Jason and then—hey, the sell-side guys are dominating, so some buy-side folks, if you want to get Jason.
Yeah, hey guys, Jason Ader with William Blair. Just wanted to follow up on that last point and thank you, Rob, for the clarification on MSPs versus VARs. I guess when I think about the spin, though, was not part of the reason for the spin that there was channel conflict between SolarWinds and SolarWinds MSP, which was you guys? Can you talk through that? The other thing that I am thinking about is just you have some pretty aggressive competitors in the MSP software space right now. I am thinking of one that just did a big round and is growing really fast. I almost feel like should not you be doubling down on the MSP space? Now it seems like you are shifting some of your resources and focus towards VARs and Disty's.
I'm glad you asked.
Can you just talk through that?
I'm glad you asked. The primary driver for the spin is the MSP business, the now known N-able business, and the SolarWinds business, frankly, just had a different rhythm, and we needed a different type of P&L. That business was really a rule of 45-plus, rule of 50 business where they were single-digit growers and they were pushing more to EBITDA. Honestly, their relationship with the customer and the type of customer was very different. They were focused on the mid-market and the enterprise where we were focused more on the MSP. When we did the spin, it was really to kind of lean in, not just on—not really on mid-market, but just to lean in on a little bit more of the P&L, on R&D, focus on things like M&A.
Because when I was in the room as part of the broader SolarWinds bit, my priorities were never necessarily the highest priority for the business. It was really what I would say on the F word is what we called about it, the focus on our M&A strategy, our R&D strategy, and our go-to-market strategies. That was the big bit. On your second point, the company that you're referring to is NinjaOne. What I would ask is to double-click. From what I've been told from a couple of different sources is a lot of their growth is actually in the MME, is actually in the mid-market enterprise. I would double-click there. If you actually look at some of our competitors, the way that they present themselves is actually more mid-market friendly. They're talking about SLED. They're talking about mid-market enterprise.
They are really, frankly, putting a broader remit. That is true for Ninja. That is true for some of the other competitors, as we see. At N-able, we like to say we are customer-obsessed. This is a baseless kind of line that I am ripping off, but customer-obsessed, competitor-aware. We are aware of what they are doing. We are seeing where their investment is. Actually, a lot of their growth is actually overweight on some of the other parts of the space, I would say.
Hey, guys. Joe Vandrick from Scotiabank. The $750 million ARR target for 2028, I think it implies a compound growth rate of about 12%. The 2025 guide is for 78% growth. I guess when should we kind of expect that upward inflection in growth? Is that back half of this year? What's giving you confidence there? Is M&A contemplated in that long-term target?
Sure. I'll start, and Tim and others feel free. M&A will go in reverse order. M&A is not contemplated in that number. That's an organic number. We can talk about other areas of M&A later if you guys would like. Number one. Number two, the acceleration should be starting. It's starting happening already. I'm not going to give you a prescriptive time as to when the 12% period would be. What I will tell you, we guided the range that we guided, and we were clear in the earnings call. I'll reiterate, we're very prudent in some of the assessments there. We just recently did the acquisition for Adlumin. We want to make sure that we understand there and making sure that integration and acceleration continues.
We are also prudent to make sure that some of the investments that we made in 2024 and in the first half of 2025 will pan out. We have the confidence on the guide. The acceleration, we expect to begin in the second half of the year. That 12% number, I believe it's really attainable in the short term. You had three questions. I think I got all three. Yep.
Thanks for taking the question, Gabriel of JPMorgan. Just wondering on the makeshift following Adlumin, how you see that growing this year and in the long term, if there's a difference in the makeshift, and when you think they'll start growing at market rate.
Sure. What we really try to provide in that slide, I called it the money slide, but is really an indicator as to how we think the shift will actually occur. Tim said this as well. Data protection as a service and security, both security controls and security services, will outpace the broader bit. The way you can think about it, we should, with our best-in-class offering, perform at or better than what the market growth rates are there. You will continue to see us slightly shift the revenue away from the UEM and more toward data protection and security. Please make no mistake on this. It does not mean that the UEM category or the service that it provides is not valuable. It is hugely strategic.
It is the vehicle or the vessel where the IT professional at an MSP, if it's Mark or if it's Kevin, that's how they're provisioning the software. That's how they're monitoring the software. They can provision their EDR. If they're using a SentinelOne or some of these other bits, it might take an MSP 30 minutes to provision an endpoint. With us and the power of our endpoint management and the automation that we have, what was 30 minutes is now 30 seconds. That UEM is a vessel. You might not see the dollars next to UEM climb as fast as the other bits, but it's very strategic. It plants the purple and black flag at the estate of the MSP or at the estate of the mid-market company. It allows us to expand in data protection and security.
That is the strategy, which is why we tend to not necessarily give you guys this breakdown every quarter because it kind of conflicts with the strategy. It is a complete cyber resilience platform strategy. We will continue to seed with all three. The UEM will continue to seed on because we have such the brand recognition. We are known as the best UEM. We will continue to seed there. Then we can get that $30 per device via the data protection and security controls and security services part of it. Yeah, good question. Other questions? Competition? Thought you guys put Mark Rob, but Jesus did it again. Rob in the hot seat. Mike?
Yeah, on the pricing and packaging.
Yep. Sorry. You sound better with the mic. Yeah.
The voice of God.
Yeah.
On the pricing and packaging, I just wanted to get a better sense of where we are in that effort. Should we think of that as like a strategic initiative for you guys as you're looking to move up market? Is that just a better way to sell into those customers? Or is it, hey, we're just trying to get broader adoption of the platform into the corporate space?
Sure. Sure. Great question. Look, our goal is to put as many services into these customers, whether they be MSPs or mid-market customers. One, from a revenue point of view, but also we very much believe, we fundamentally believe it's a better experience for these customers. They can be more effective. They can be more efficient. More importantly, they can be more secure. The silent approach creates gaps. Those gaps create inefficiency. Those gaps create vulnerabilities and a potential for a security breakdown. The complete resiliency platform is the best experience for these folks. In order to kind of get through some of those, and actually it's a little bit more of an efficiency play, pricing and packaging will play. Pricing and packaging is not new to this industry.
I know there was a lot of buzz when some of our competitors went with more of a branded type of a bundle. Pricing and packaging has been in the industry since the beginning. When we talk about RMM, we're already pricing and packaging a take control tool, an automated patching, and a monitoring and management solution. That is being bundled in our RMM today. What we are doing is now that we have this bigger stack, this economic and technology stack, we now are taking a step back and being a little bit more thoughtful, frankly, to have bundles across the entire portfolio. Where it can provide a good, better, best type of offering. Mike, the one thing I just want to clarify, this is true for the low end and for the high end.
For the low end, efficiency really matters because these are two or three-person shops, five-person shops. If we can provide them one package where they can consume the whole stack at a pretty attractive price point, that might make sense. We do not really have that today. For the high end, we want to provide them a little bit more of a choose-your-own-adventure because of that best-in-class breed. Their environments are a little bit more complex. We just need to get a little bit more thoughtful with the packaging. I expect, and Tim teased this a little bit, the second half of this year, we will have a refreshed view of pricing and packaging for the low end and a pricing and packaging that promotes this concept of, hey, it is a better story. They are a better together story. Data protection and the XDR—I keep doing it wrong.
The XDR offering is a better together story. End Central and pushing the logs from End Central into the XDR is a better together story. That is always a little bit better if we can provide a little bit of economic incentive. The goal is, look, how quickly can we ramp up and consume and really sell into that $30 opportunity? We have brought on some internal resources. We have engaged with some experts that we are talking to. We will be ready to begin to do some of this pricing and packaging later on this year. Keith?
Yeah, excuse me. Two questions. One, you mentioned that you might be able to accelerate customer growth as you look to your longer-term targets. I was wondering what that entails. Is that just capturing now you're going to put more weight beyond the MSPs into the VAR community? Is there something else there? I had a follow-up.
Just to make sure, I'll start giving you the answer and then redirect me if I'm on the wrong. Look.
The number was 4% new logo growth.
Oh, sure. Okay, got it.
You said you were going to accelerate.
Easily. Yeah. Okay, great. Remember our roots, right? New customers came in through our door, through our store, excuse me, through one door. That door historically was the UEM door. We brought in and opened up a whole new door with data protection. Now we are blowing open a garage-sized door with XDR.
Getting the land.
Correct. Just make sure this part's important. XDR is 70% greenfield. UEM category in the MSP space is not. Data protection has a little bit more greenfield, especially cloud data protection, but not like the 70% that we're seeing. Couple that with the fact that this was the number one thing our customers have been asking us for for two years. Now we have a best-in-class solution to bring that to market. That is what's giving us the big part of it. Yes, also the channel. We are now flexing this channel muscle, opening up, as Rob mentioned, this blurring of the lines, gaining access to these resellers that can now amplify Frank's team to bring in more land. That 4% we believe can get higher. It will take a little bit of time, right? That snowball, you guys hear my analogy a lot.
That snowball will take a little bit of time from the land point of view, but then also to manifest itself into a new MRR snowball that should take some shape. Those are the two big areas. It is the new doors, and then it is the additional channel.
Keith, I touched on it, but just the 4% was more on the legacy N-able business prior to the Adlumin acquisition. The weighting of the Adlumin channel business that we acquired, that mix was 20-30% new. So that blended mix is already pushing us 5% plus. Just executing on bringing the rest of the products through that channel and bringing new customers in there will be kind of just gasoline on top of it. Okay.
To Adlumin, how does it compare and contrast with what the SentinelOne relationship? So SentinelOne has XDR. So Adlumin has XDR. How do you manage that process?
Sure. I will take that, and then I will have you expand it a little bit. The relationship we have with SentinelOne has been a strong one. It is a positive one. I would say it is not necessarily a monogamy type of thing, right? SentinelOne has other partners in the channel. We go to market today with N-able EDR. We leverage the SentinelOne agent, the SentinelOne technology for N-able EDR. We provide them our customers, and we have been selling what we call vigilance, right, which is more of a managed EDR. If a customer wants help with managing the EDR, they can consume that through SentinelOne if they choose. Rob's solution is much bigger than that. Rob's solution can do the endpoint. It does not need to be SentinelOne. It can be Microsoft Defender. It can be a whole host of endpoints.
Rob's also ingesting from the firewall, ingesting from different SaaS applications, like M365. It's a much more comprehensive solution. We don't plan to bring a solution from SentinelOne like that into our market. We're just limiting what they're doing to the EDR. We believe Rob's is a much more comprehensive one. Frankly, we'll use the managed EDR bit as a little bit of a beginning entree, so to speak, into this augment of cyber services. We will continue and expect to upsell them with the proper XDR that provides a little bit more of a comprehensive solution.
Yeah. Adlumin's goal was always to provide that security operations as a service platform built for the channel. When it comes to relationships with EDR, why Adlumin chose to be endpoint agnostic is when you look at our MSP channel and you look at our VAR and DISTI channel, in both of those channels, each one of those partners, they have four different EDR relationships. They're selling four. Call it good, better, best, great, right, into different customer segments that they may have, right? They needed an operational solution that not only could fit into their end customers, but also could fit into their business, being the VAR and DISTI business or the MSP business. One that they could apply to their entire end customer base as opposed to just one. W hen you take a look at consolidating on, say, SentinelOne solution, it's a great EDR, right?
You got to stick with that endpoint solution, right? For that VAR and that MSP, that only fits into one component of their EDR business, only one segment, one vertical, right? Adlumin can exist everywhere. We fit really nicely into those businesses, which is why you see rapid adoption in the channel space.
Yeah, a quick one for Tim. I think you said the percentage of customers that are buying more than one SKU, but that was for new business, correct?
Yes.
Do you have that metric for your total ARR? What percentage of customers are buying more than one product from you?
The majority of customers are buying more than one product. I don't have the exact figures off the top of my head. I can follow up with it. We have, with just endpoint security, for example, attaching UEM and either AV or EDR, that adoption rate's in the mid to high 40%, just as an example. Most customers are buying multi-SKUs from us. That 23% was just at the initial point of sale in that new ARR. We're also cross-selling kind of at the point of initial kind of commercial relationship with a new customer.
Okay, great.
We also disclosed in the last call, Cove is in 180,000 SMBs today. We have over 500,000 total. That gives you an indicator for the type of crossover that we're seeing in the SMB. That doesn't mean they're fully penetrated even at the SMB, but that just means that from how many folks are buying multiple SKUs, you can kind of get a good sense for that crossover there as well.
Okay. And then just on the security front, I guess two parts to this question. First is, is the sales motion changed now that you have Adlumin? Are you basically going in with XDR and then the endpoint is sort of a little bit of an afterthought that whatever endpoint security they want to use? Or are you still going in with the EDR and then it's an upsell to XDR? The second question, more for you, Rob, is there's a lot of different XDR solutions. I mean, there's Arctic Wolf and there's, you mentioned a few of them, Huntress, Black Point Cyber. How do you help explain the differentiation and why Adlumin is better than some of the other solutions out there?
Sure. I'll take the first one, then I'll obviously defer to you on the second one. Yes, slightly on the first one. We'll continue to cross-sell SentinelOne's or N-able EDR into that base, for sure. From a new customer motion point of view, we'll lead with either XDR and UEM. The way I think about our EDR offering, it's almost do you want fries with that? We'll look to bundle EDR from a new customer acquisition motion. We won't really prioritize N-able EDR as a new customer acquisition motion. We'll prioritize XDR, UEM, and Cove. EDR is a great add-on to whether it be the XDR offering or the UEM offering, again, because of the blending of those two worlds. On the cross-sell motion, EDR continues to be a very high-demand offering. We'll continue to sell that.
This is also a little bit of the ideas of some of the packaging and bundling that I alluded to a little bit earlier. I think from a new customer acquisition, that's not necessarily a focus. Frankly, it's not our IP at the core root of it. We want to make sure that we're leading with our IP and XDR, our IP and Cove, and with data protection, our IP with UEM. I'll defer to you, sir, on the XDR bit.
Yeah, sure. Adlumin's unique differentiators can be boiled down to those five kind of main pillars that I mentioned in my presentation. I think first and foremost, the most important is that we can separate the software from the service. All the names you just mentioned are incapable of doing that. The entire laundry list that you can think of are also incapable of doing that. Now, what does that really boil down to as far as what does that mean? It means that there are more ways to win for our platform. There are software-only wins for us, and there are managed security services wins for us. The software-only wins is a different customer segment. Think SIEM, right? Think XDR solution. Think MSSP routes to market where someone else is using our software to deliver their own MDR service. That might be for the entire customer estate.
That might be for 50% of the estate is on their MDR service because of margin requirements. And the other 50% is on our MDR service. There are more ways to win and different ideal customer profiles for us to put that product, right? Endpoint agnostic, some that you just mentioned, require their endpoint. Without it, it does not work. There are other endpoint agnostic solutions as well, but it is a way to create differentiation, right? Multiple solutions in one SaaS product. We have an entire array, more than anyone else, on the number of security operations tasks that we can accomplish from our SaaS platform. Now we have even more than everyone else given the other products from the N-able acquisition in the portfolio, like data protection and unified endpoint management. We have the most comprehensive platform as a company than any of those other providers.
This all just boils down to Adlumin from the beginning has been successful in a 100% channel go-to-market strategy. Before the acquisition, we were successful in MSP, but we were also successful in VAR and distribution in the mid-market all the way up to the tail end of nipping at the heels of enterprise, right? We were successful across that broad array. Those competitors are not. They are MSP-only players or maybe mid-market-only players. Now, with the broad portfolio that we have and the 100% channel go-to-market strategy that we have, we have the ability to be successful in more places than they are unable to, right, with more products that they are unable to compete with.
Yeah. Just to add, a lot of the vendors that you listed out, it's legacy tech. I'm not saying it's bad tech. It was just legacy tech. Rob was born cloud-first, leveraging AI. What does that allow us to do? First of all, it allows us to drive a lot more of that autonomous, no-touch type of detection and response in a bunch of different ways. We can, A, modularize our offerings in a way that these competitors can't. We can also put it at a price point that they can't and still drive that software-type margin that Tim and Rob were alluding to earlier. The other bit, just to maybe say it slightly differently, is what they're doing, they're providing an MDR black box service. They're just telling their customer an answer.
The customer does not necessarily always want just the answer or a small R, "Okay, now I need to go respond." Rob's technology can respond on their behalf, shut down access, take the actual remediation step in an autonomous way, and it avails to them everything that they are doing. Their techs can see the same thing that Rob's techs or our techs can see. That is a powerful differentiator. It truly meets them where they are on their journey. You might have an MSP that says, "Hey, I might want to build my SOC someday," or, "I might be in the process of building my SOC," and this technology, because it is software-first and software-only, they can buy the software. We can provide a nights and weekends plan for them if they want to, or they can provide it more for the whole service. It is really differentiated.
It's a testament to how the technology was built. It's thoughtful with the AI forward type of approach. It's just a differentiated overall bit, giving us a lot more, I would say, levers and optionality.
Hi, Hendi Susanto from Gabelli Funds. Question for Tim. Tim, would you be able to provide more colors and then dissect the 2025 guidance in terms of headwinds and EBITDA margin reflection of the investment? Specifically, how should we be thinking about the trend from one quarter to another in 2025, whether certain headwinds or investment have more weights in certain quarters? In the EBITDA margin line, other income and all other, will it be gone toward the end of 2025? Which items will continue beyond 2025? Which item may end in 2025? Thank you.
The trends over the time?
Yeah. No, I think from an Adlumin investment standpoint, we touched on the fact that we plan to flip that to cash flow positive in Q4 of this year. I'd expect that impact to subside as we go through calendar 2025. On the ASC606 front, I would expect that to subside in 2026, generally. On the India investment piece, I would expect that to subside in 2026 as well. On the other bits, I would expect the other income to continue. That was more a product of the nature of the interest that we earned is classified as a dividend post-Adlumin acquisition. I would expect us to begin to gain leverage on other parts of the last piece of that bridge in 2026 as well. Yeah.
Just to add, we gave guidance on Q1 in the year for EBITDA. You can take a pencil and kind of a ruler and see how that's going to slope up. Part of that is a lot of it what Tim was just saying. We also provided some intel as far as we believe 2026 we'll get much closer to that target model. EBITDA for 2026 should begin with a three handle as we go through. You'll start to see some of those EBITDA headwinds dissipate as we go through the year, for sure.
Just a follow-on question. When do you expect the long-term contracts headwind to abate?
I expect that headwind to subside in the second half of 2025. That's the optimization piece, to be clear, not the 606.
Tim, I think you mentioned that you guys decided to start the long-term contract initiative partly due to aggressive pricing strategies that were leveraged by some competitors. Is that dynamic still playing out today, or is that gone? How are you feeling about competition as of now?
It's a competitive market. It's a big and growing market. I think we welcome the competition, right? We did do a lot of that to lock in the customer. Tim mentioned a couple of points, though, right? One, it was good defense off so it allows you to play better offense, right? We wanted to lock in the customers and lock in them in at a price point, locking them in for a period so that we could actually lean in and sell. We knew that we were about to expand our white space opportunity with XDR and some of the bits from data protection and locking in some of those customers now for two-year, three-year deals. It allows us to kind of lean in. It also drives a lot more efficiency in our organization.
Instead of folks being month-to-month and having our customer success reps or some of our other reps dealing with some of the ups and downs in the month-to-month business, the customer is locked in. We can now build, and we have built, a more efficient renewal process in lower-cost areas. So our cost to retain can be improved there as well so that we can go on the offense. That is the plan. That is why we did it. In part, absolutely a little bit of defense, but it was in defense that we can actually go on the offensive with the pricing and packaging, with the renewals rate, making that a little bit more efficient. The other part, M&A is a part of this business, right? MSPs, what was 17 MSPs is now one MSP.
People always ask me, "Hey, is that bad for you?" And my answer has been pretty consistent, "No, it's good. It's good for the industry, and it's good for N-able." Because as these MSPs consolidate and as more and more smart money—I'll put that in air quotes—as more and more smart money comes into the space, managed service providers are climbing the stack, right? When Frank got into this business definitely 20 years ago, when Tim and I got into this business 12 years ago or so, managed service providers were not really selling into Fortune 1000 companies. They were more talking what Rob was saying, more of those 20-person shops. As these companies have gotten bigger, we have MSPs that are billion dollars in revenue. Yeah, billion dollars in revenue. MSPs that are part of publicly traded companies, they're able to climb that stack.
As the market consolidates, the TAM on which the managed service provider we sellers are servicing are getting bigger and bigger. We wanted to be able to make sure we can lock in those customers, especially at the bigger end. When they do an M&A deal and they're looking at rationalization of a tech stack, if we're on one side at a month-to-month and our competitor has them locked in at three years, even if we're the better tech, that's a pretty tough bar to overcome because they're locked into a three-year deal. Let's go and lock in our customers for those two or three-year deals. When they're having that M&A conversation and they're trying to rationalize tech stacks, we're going to come up on the jelly side upside, so to speak, side of the equation. Yep.
It's been really impressive to see the growth in the product portfolio and the time since the spin and now with the three legs of the stool, so to speak. Just curious, looking out over the next few years, is there a fourth or fifth leg of the stool that you can envision? Are there other main kind of key product areas that customers are asking you guys for that you could see getting into? Maybe one for Tim, just to put a finer point on the margin question, is there a specific timeframe you envision to get back to that long-term target model?
I would expect it to align with kind of the midterm guide that we gave on the $750 million of ARR. Like we said, we gave color on 2026 that we expect EBITDA to be north of 30% next year. Yeah. My promise, and Mike, I will pass it over to you too in a little bit, but my promise is we're going to continue to run this business as a rule of.
Frankly, as the opportunities, if we're continuing to build the momentum that you saw on the bookings charts that Frank was showing earlier, and we continue to see the fantastic uptick on one of the legs of the stool, if NCA, new customer acquisition on XDR, continues to get white hot, and that might force us to put a little bit more sales and marketing to continue that momentum, we're going to do it because it's a rule of business. We will have that nice growth, excuse me, that EBITDA handle where it was, but is it going to be 34 in 2026? If we see the growth numbers, we're going to keep leaning in on the growth numbers. It'll be a balanced approach, but again, that's always how we manage the business.
On the fourth leg of the stool, thank you for adopting the third leg of the three legs of the stool. On the fourth, I would say nothing screams immediate from an M&A point of view. You did not ask that. There are absolutely some complementary or ancillary services that we can now fill in. We are bringing to market this year vulnerability management, and that is just the beginning parts. We will have layers of vulnerability management that we will look to bring on. Compliance is also a big need for the mid-market and for the small, medium business as well and for the MSP. Those are a couple of specific hotspots. Mike, I took your answers, so I will look to you. I do not know if there is anything else that is glaring, but. Yeah. I would phrase it just a little more specifically. There are areas of security controls.
We're seeing them regulated that drive cyber insurance rates at S&B and mid-market companies. As you start looking at how the pressure points are being played into the buying behaviors, I think we'll want to expand in each of our areas the ability to help IT professionals meet those requirements. I do think, to John's comment, and then be able to help IT professionals drive and demonstrate compliance. There's some interesting spaces here around, again, without a large GRC function, how are you going to demonstrate that evidence, audit that evidence to your regulators, to your cyber insurance provider? Can you do that efficiently with few resources to help you get the best rates and continue to be efficient from your spend as an IT organization? I think those two areas are, I think, particularly interesting right now.
What about PSA? I mean, do you think there are some smaller private company insurance space? Do you have some?
I'll start.
Sure. I'll start. The PSA, frankly, it's something we look at. By the way, first, we have a PSA. Our PSA services over 3,000 of our customers. I'd say by and large, it's the smaller of our partners, our MSPs that consume our PSA, but it's a fantastic offering and provides a lot of efficiency for those customers. The strategy we've been taking with the PSA, and I'll get into a little bit of the business part, is actually a three-pronged approach. At the low end, we provide our PSA, our MSP manager type of offering. On the medium size, we continue to integrate with a bunch of parties, frankly, even some of our competitors, but other PSA pure plays like Halo and some of these other players.
At the large size, as the trend for these MSPs are getting larger and larger, more and more of them are beginning to look at ITSM shops, ServiceNows, or what's it? SureWells. Yeah. A couple of those types of shops. We have great integrations and relationships with those companies too that we can provide a full stack of an end-to-end solution with a company like ServiceNow. That has been the multi-pronged approach. Look, that being said, we continue to have conversations, and we look at integration partnerships and other bits, but right now, that's not a top priority from an inorganic point of view. For us, we like to focus where it's the messiest for these mid-market customers and the messiest for these MSPs. Frankly, that's the merging of ITOps and SecOps.
Security is top of mind, and that is the messiest. We want to matter where it's the messiest for these folks. It fits our mission, and it fits our vision. Frankly, the PSA part of the world, it's getting simpler. They have some integrations, but that part of the world is not necessarily as messy. We believe we can continue to deliver value by focusing on the messy areas for these small, medium enterprises and mid-market companies, in particular, data protection and security. Yeah. I think we're at the top of the hour here. John, maybe any closing statements, and then we'll conclude.
Thank you. Thank you for spending the time with us. Hopefully, you'll be able to stay with us for lunch. Thank you for those that are streaming.
In the room from N-able, so we have some members of our senior leadership team. We also have our general managers in the business. Rob, who's running our security operations. Chris Groot. Chris Groot runs our data protection business. Riley. Is Riley in the house? Riley, Sexton, thank you. He runs our UEM business. And Truls Rasmussen runs the security controls in BizDev and CorpDev for us. Do me a favor. Spend some time with these folks, right? Understand why we're winning with our best-in-class offerings in these particular areas, and then talk to this guy and some of us as far as why we believe that comprehensive suite is the winning solution. We have members of my executive team raise your hand as well that we can talk about, whether it be our Chief Marketing Officer, our Chief Strategy Officer, Chief People Officers in the house.
We had to bring Peter, our lawyer, to make sure that I do not go off the rails as we go from there. Do me a favor. Spend some time. You are here. Grab some food. Spend some time. Talk to these general managers. Understand why we have a best-of-breed product in these growing market areas, and then get a better understanding as to why the cyber resilience platform is the winning formula for these IT professionals, these security professionals, both in the mid-market and in the small, medium business. Thank you guys.