Day, ladies and gentlemen, and welcome to the Qualys First Quarter 2016 Investor Conference Call. At this time, all participants are in a listen only mode. Later, we will conduct a question and answer session and instructions will follow at that time. As a reminder, this conference call is being recorded. I would now like to introduce your host for today's conference, Ms.
Sheila Innis, Investor Relations for Qualys. Ma'am, you may begin.
Thanks very much. Thank you, and welcome to all of you. We would like to remind you that during this call, we expect to make forward looking statements within the meaning of the federal securities laws. Forward looking statements generally relate to future events or our future financial or operating performance. Forward looking statements in this presentation include, but are not limited to, the following: statements related to our business and financial performance and expectations for future periods, including the rate of our growth or of our business our expectations regarding capital expenditures, including investments in our cloud infrastructure and the intended uses and benefits of those expenditures trends related to the diversification of our revenue base our ability to sell additional solutions to our customer base and the strength of demand for those solutions, our plans regarding the development of our technology and its expected timing our expectations regarding the capabilities of our platform and solutions the anticipated needs of our customers our strategy, the scalability of our strategy, our ability to execute our strategy and our expectations regarding our market position, the expansion of our platform and our delivery of new solutions the expansion of our partnerships and the related benefits of those partnerships our ability to effectively manage our costs, our expectations for foreign currency exchange rates, our plans to pursue arrangements with MSSPs, which are multiyear contracts at fixed prices.
And finally, our expectations for the number of weighted average diluted shares outstanding and effective GAAP and non GAAP income tax rates for the Q2 and full year of 2016. Our expectations and beliefs regarding these matters may not materialize and actual results in future periods are subject to risks and uncertainties that could cause actual results to differ materially from those projected. These risks include those set forth in the press release that we issued earlier today as well as those more fully described in our filings with the Securities and Exchange Commission, including our annual report on Form 10 ks that we filed on February 26, 2016. The forward looking statements in this presentation are based on information available to us as of today, and we disclaim any obligation to update any forward looking statements except as required by law. We also remind you that this call will include a discussion of GAAP and non GAAP financial measures.
The non GAAP financial measures are not intended to be considered in isolation or as a substitute for results prepared in accordance with GAAP. A discussion of why we present the non GAAP financial measures and a reconciliation of the non GAAP financial measures discussed in this call to the most directly comparable GAAP financial measures are included in our press release issued earlier today. Joining me for today's call are Philippe Courteau, Chairman, President and CEO, Qualys Nancy Shung, VP and Corporate Controller, who will run through our financial results from the Q1 and Melissa Fisher, our newly appointed CFO. Philippe?
Thanks, Sheila, and welcome to all of you. As you have seen by now in our earnings press release, we kicked off the year with an excellent Q1. We have made great progress both with customers and with partners who are shifting away from traditional enterprises, security and compliance point solutions and increasing their commitment to our Pure SaaS platform. In fact, in one interesting development, we have struck a new arrangement with 1 of our key managed security service provider. This MSSP partner has now committed to a multi year purchase order with fixed Quali payments, rather than the prior arrangements where each reset of Qualys solutions was accounted for separately.
Our first quarter reported figures were boosted somewhat by the effect of these new arrangements and I will come back to these in a moment. Excluding these new arrangements, our Q1 financial results were at the high end of our revenue guidance and in excess of our EPS guidance. We're also very pleased to have announced today the appointment of Melissa Fisher, our new CFO. You will hear from Melissa a bit later in this call. But first, let me share some of the business highlights from the quarter.
I want to underscore that I believe that each of the achievements can be tied directly to the fact that we offer a pure cloud security platform with a 100% SaaS business model. Pure cloud solutions are increasingly preferred by enterprises who understand that they must transition from reactive to proactive approaches. They understand that cloud based solutions provide a very robust and cost effective way to handle the massive amount of data involved in making that transition. We believe that our platform strategy is the key driver to the rapid uptake of our newest offerings, which we are beginning to see. So let's take a look at the results.
We reported 23% revenue growth over the Q1 of last year, which includes a positive impact of approximately 200 basis points from the new multiyear MSSP arrangement affected during the quarter. We also delivered strong improvement in our profitability in the Q1 of 2016, which was reflected in our 35% adjusted EBITDA, which was up from 32% in a year ago quarter. More importantly, we are beginning to see the economies of scale of our platform provides. Being purely cloud based enable us to release new features and functionalities continuously and as market needs emerge. We released the Qualys Cloud Agent platform for Linux in March and for macOS in April, adding to the platforms existing support for Windows.
Support for the Linux and macOS operating systems is key to securing servers, endpoint and elastic cloud environments where these operating systems are predominant. Adding the ability to see these endpoints increases the size of our addressable market, drives larger revenue commitments from our customers and its capabilities is a meaningful competitive differentiator. Our agent technology brings the real time, continuous security that enterprises now require. We have begun to see significant upsells and we believe that many more of our customers could meaningfully increase their annual spend with us, simply as a result of our ability to manage servers, endpoints and elastic cloud environment with our single platform. The excitement about this new offering was quite visible at the RSA Conference in early March.
In addition to demonstrating the real time capabilities of our agents, we also unveiled Threat Protect at RSA. This allows users to visualize and prioritize remediation of vulnerabilities, thus minimizing exposure to the most critical threats. We can achieve this by correlating data from vulnerability scans and active threat data from multiple sources into a single dynamic dashboard. By providing customers a comprehensive and contextual view of their organization's threat exposure, they can proactively triage and apply their mitigation efforts. In addition to the expanded MSSP commitment I noted earlier, there are other signs that our platform is enabling us to become a key strategic security vendor to our customers.
We announced at the RSA Conference a new OEM partnership with HEETS Software to deliver a cloud based patch management offering to our customers globally. The partnership allows us to embed Heat Software best of breed Patch Link technology within the Qualys cloud agents to distribute and apply patches. The single cloud based console is key to effective Patch Management, which as many of you know is often disjointed and therefore costly and ineffective process. Dispatch Management offering is currently scheduled for beta release in Q4. I had the chance to speak with many of our largest customers at this important conference.
Let me share with you a particularly interesting conversation I had with the CISO of 1 of our Fortune 10 customers. He had a high praise for the effectiveness of the 4 Qualys solutions they use today: vulnerability management, policy compliance, PCI and web application scanning. More importantly, he stressed how important it is for Qualys to continue to leverage our platform by adding to our suite of solutions. He is in fact eager to reduce the number of security vendor he has under contract and views Qualys as one of his key strategic vendor. We believe market concerns about putting security solution on the cloud platform are behind us and this creates a tremendous tailwind for our business on both the top and bottom line.
As I noted, we have released on schedule and on budget the agent technology that we believe permanently changed the vulnerability management landscape. One indicator of the pent up market demand for new approaches is that the uptake of our cloud agents is an order of magnitude faster than for any other product released in our history. We believe it is our current technological lead as well as the extensibility of our platform that has prompted MSSPs and outsourcers to feature Qualys products in their offering. Let me describe the new MSSP arrangement we've reached in the Q1. For the existing base of renewing end customers we share, this MSSP has extended their commitment to Qualys by entering into a multi year with fixed quarterly payments instead of individual contracts for each customers.
I'm pleased to report that these improve our revenue predictability as revenue that would have been subject to varying renewal dates is now on a quarterly program. The streamlined arrangement also reduces our costs. Expanding the scope of our capabilities also allows customers to standardize on the Qualysecuity platform. We are seeing more and more enterprises adopt multiple solutions in their initial increasing occurrence of standardization arrangements both with customers and with partners will result in our winning a larger share of the security wallet and allows us to outpace the core VM market growth rate, which IDC pegs at 10%. I will note that these larger contracts and renewals with upsells can sometimes take a bit longer to close.
At the end of Q1, a few renewing customers took longer than we expected to close the upsell components of the contract, which delayed the issuance of this purchase order. Most of these POs were received early in the Q2, so the differential is days, not month. You will note the effect of the timing in lower than expected backlog growth and deferred revenues in Q1. However, there is no change to the revenue we expect to recognize from these contracts for the full year 2016. With upsells becoming larger, in some cases multiple of a customer core VM subscription, we have decided to decouple the renewals from the upsell negotiations.
Renewals will be executed when they are due and upsell will be completed separately. We expect this will restore the predictability of the renewal revenue streams. However, in general, the timing of larger contract encompassing multiple products is ordered to predict reducing somewhat our visibility on the timing of revenue streams for new business and upsells. As it is a sign of our becoming a more strategic vendor to our customers, increasing our shares of our customer spend, This is a trade I'm quite happy to make. We're making terrific progress in our evolution from a single product company to strategic platform vendor with multiple integrated solutions.
One key aspect of scaling up is adding talent. I could not be more pleased to introduce our newly appointed CFO, Melissa Fisher, who joined us last week. Melissa is joining Qualys at a pivotal time in our history. She brings a unique blend of tech industry operational experience and Wall Street savvy. She was most recently at Zynga and before that at Digital River, an enterprise SaaS software company.
Before moving into industry, Melissa builds a tremendous amount of public markets experience in 15 years earlier Investment Banking. She worked with technology companies on both M and A and financings for such banks as Goldman Sachs and Bank of America. Melissa will lead all the elements of the company's financial organization, including finance, accounting, Investor Relations, Treasury and Tax. Welcome to Qualys, Melissa.
Thanks, Philippe. I am thrilled to join the Qualys team at this exciting time as the company continues to leverage its cloud based platform to be a strategic partner to its customers. I have spent most of my career working with software companies and it's unusual to find a SaaS company still focused on customer success and yet which developed early on a sustainable scalable business model with both leading margins and multiple levers of growth in front of it. I see Qualys as a pioneer and visionary, having built a disruptive offering that eliminates the infrastructure operations and maintenance costs of traditional enterprise security software solutions. Like we have already seen with commercial software, the security industry is ripe for the adoption of cloud based solutions and is in much need of vendor consolidation.
Qualys is uniquely positioned with its platform to easily enable additional features and applications, thus becoming a one stop shop for IT security and compliance solutions for its customers, a significant competitive advantage. This added value can enable higher growth Qualys as it enlarges its market opportunity by expanding the scope of the solution and coverage to additional devices. I look forward to leading the dialogue with our investors and analysts in the coming weeks about our competitive positioning in the market, our business and opportunities for growth.
Thanks, Melissa. I look forward to working with you and welcome. We are indeed at an exciting point in our history. Qualys has evolved from a point solution vendor to a strategic platform. Today, we are becoming recognized as the disruptive cloud based security and compliance platform delivering centrally managed and self updating security and compliance solutions.
While IDC estimates that the Vulnerability Management market will grow at 10% in 2016, We are sustaining top line growth at about twice that rate by offering a rich set of incremental capabilities such as Elastic Search, Dynamic Dashboards, Asset View, Cloud Agents and Threat Protect, which had our customers deploy state of the art security and compliance at a much lower total cost of ownership. We are seeing strong demand for agent technology as we see both our existing and new clients driving rapid uptake rates. We believe our platform provide us with a unique ability to benefit from the trend toward vendor consolidation, which we are beginning to see in our expanding deal sizes and the standardization on Qualys by MSSPs and outsourcers. We have enhanced our management team with the addition of Melissa, well as new business development, sales and product marketing talent. We'll continue to add the executives that we believe are necessary to support our next phase of growth, we could not be more pleased with the talent we are attracting.
We are off to an excellent start for 2016. Nancy will now take you through the details of the Q1 financials. Nancy?
Thanks, Philippe, and good afternoon. Total revenues in the Q1 were $46,200,000 which represented 23% growth over the Q1 of 2015. As Philippe noted, our Q1 results include the benefit of the new arrangement with 1 of our MSSPs. The change resulted in some revenue that would have been recognized over the course of 2016 being additionally recognized in the Q1. Excluding the effect of this change, our revenue growth would have been at the high end of our guidance at 21%.
Our current deferred revenue balance was $102,000,000 at March 31, 2016, 15.5% greater than our balance at March 31, 2015. While there is some negative impact from the new contract terms associated with the MSSP we've mentioned, specifically the effect of quarterly billing instead of annual billing, we also had a few renewals that we expected would close in Q1 push out a few days into Q2. As Philippe noted, these delays were the result of the longer procurement processes associated with customers purchasing additional solutions on top of their renewing subscription. While the timing impacts our current deferred balance as of March 31, it does not impact our expectations for the contribution from these accounts for the full year. The U.
S. Represented 71% of revenues, slightly higher than the Q1 of 2015. Foreign currency continued to present a headwind, which we expect to decline over the course of the year, becoming negligible by year end. Moving down the P and L. For the Q1 of 2016, we are reporting both GAAP and non GAAP results.
A full reconciliation of all GAAP to non GAAP measures is provided in the financial tables of the press release we issued earlier today and is available on the Investors section of our website. To provide investors with additional information regarding our financial results, we disclose adjusted EBITDA, adjusted EBITDA margin and free cash flows, which are non GAAP measures. We have provided a full reconciliation table in our press release. GAAP gross profit increased by 25% to $36,800,000 in the Q1 of 2016. GAAP gross margin was 80% compared to 79% in the same period last year.
Non GAAP gross margin was 80% in both periods. Adjusted EBITDA for the Q1 of 20 16 increased by 35 percent to $16,100,000 compared to $12,000,000 in the Q1 of 2015. Again, the MSSP contract change had a positive effect since revenues were higher, but excluding this impact, adjusted EBITDA would have still increased over the Q1 of 2015. Adjusted EBITDA margin increased to 35% in the Q1 of 2016 compared to 32% in the prior year Q1. Margins are expanding as we add services to our platform and get better at leveraging channel partners.
Net cash from operations in the Q1 of 2016 increased by 71 percent to $17,100,000 compared to $10,000,000 in the same period in 2015. Free cash flow generated in the Q1 of 2016 was 12,800,000 dollars compared to $3,800,000 in the comparable period of 2015. The significant change is a strong indicator that our business is scaling up successfully. In the Q1 of 2016, capital expenditures were $4,200,000 compared to $6,100,000 in the Q1 of 2015. In the Q2 of 2016, we expect capital expenditures to be in the range of $5,000,000 to $6,000,000 Moving on to earnings per share.
For the Q1 of 2016, GAAP EPS was $0.13 per diluted share versus $0.08 for the Q1 of 2015. Non GAAP EPS was $0.21 per diluted share in the Q1 of 2016, up from $0.15 in the Q1 of 2015, and also ahead of our guidance of $0.14 to $0.16 per diluted share. Now turning to guidance, starting with revenues. For the Q2 of 2016, we expect revenues to be in the range of 47 point $6,000,000 to $48,300,000 At the midpoint, this represents 20% growth over Q2 2015 revenue. For the full year 2016, balancing the effect of the increased revenue from the new MSSP arrangement and the momentum we are seeing in the business with somewhat uncertain timing of increasingly larger contracts, we are reiterating our outlook for revenues to be in the range of $195,600,000 to $198,600,000 At the midpoint, this represents 20% growth over 2015 revenues.
As to earnings per share guidance, we expect GAAP EPS for the Q2 of 2016 to be in the range of $0.06 to $0.08 per diluted share, and non GAAP EPS is expected to be in the range of $0.15 to $0.17 per diluted share. For the full year of 2016, we are reiterating our expectations for GAAP EPS to be in the range of $0.36 to 0 point 41 dollars and non GAAP EPS to be in the range of 0 point 7 $4 to 0 point 7 9 dollars Our 2nd quarter EPS estimates are based on approximately 38,400,000 weighted average diluted shares outstanding, and our full year 2016 EPS estimates are based on approximately 38,900,000 shares outstanding. For the Q2 and full year 2016, we have used an expected effective GAAP tax rate of 37% and an expected effective non GAAP tax rate of 36%. With that, Philippe and I will be happy to answer any of your questions. Operator?
Thank you. And our first question comes from the line of Sreedhar Panaghi of Credit Suisse. Your line is now open. Please go ahead.
Thanks. Melisha, congratulation on your role as CFO.
Thank you.
So, Philip, I just wanted to dig into this billings weakness. How much of that, the MSSP are and maybe you're saying how much of that as a percentage of your business? And then also, you talk about some of the deals, miss. Did you close all the deals that in Q2? And just I have a follow-up.
So essentially, as you just said, it's a combination of the fact that we wanted to quarterly payments instead of yearly payment with this large MSSP. That's one factor. The other factor is that, which is a good thing is that we are seeing larger upsell with our renewals and some of these renewals which arrive at the end of the quarter are just dragged because of these additional purchases which put them back into procurement and that's few delays. And so that shift the business. But as I mentioned in the script, this is not month, this is days.
And in fact, yes, we did receive the majority or more or most of these orders if not all. So we and we expect to have them all. So this is why we took some measures now to decouple the revenues, the renewals a bit from the upsell and insisting that our customers renew at the date at which they will renew and if the upsell come later then so be it instead of having to drag everything together. So that's a new measure that we've implemented with our sales force.
And then just digging into your the VM market, you said it's growing around 10%. What was the growth rate for you guys in Q1? And if you could give some color in terms of what you are seeing in the market in terms of competition or pricing pressure or anything you're seeing there?
Yes. So in fact, yes, in fact, IDC project that the growth rate of the overall vulnerability management and application is about 10% growth rates and we are essentially growing. And we have been by the way growing at that rate for the last 8, 9 quarters, 2 years. So and we believe we can absolutely maintain if not exceed that growth rates and it's because of the addition of the new services, which now fall into the bucket of VM such as continuous monitoring, the cloud agents and our Threat Protection, which by the way went GA as we had announced 1 GA this month. And we're expecting quite a big uptake from Threat Protect.
We have already a big pent up demand and quite a few trials, which I think will turn into purchase order pretty quickly. So that's the new dynamic if you prefer on VM. As I mentioned also earlier, our cloud agents are not only significant, but still potential for the VM, but also brings real time capabilities to VM and have become a significant differentiator. So while we see our competitors fighting and trying to reduce the price as they compete in themselves. So we'll be capable of really maintaining our pricing.
And just to clarify, Siti, when we're talking about the market versus our growth rate, we've been growing at double the market rate, and we don't see any reason that should slow down.
Correct. That's what I think I said, yes.
Thank you.
Thank you. And our next question comes from the line of Steve Astley of Robert W. Baird. Your line is now open. Please go ahead.
Terrific. Just like to go back on Citi's question regarding the impact of the slipped deals and then the 1 SSP deal on deferred revenue. Can you give us any idea how many 1,000,000 of dollars we're talking about associated with those events? Is that a couple $1,000,000? Is it more than that?
Any quantification there would be helpful.
Yes. We're in the couple of 1,000,000 of dollars, yes. Okay. And
it's a combination of both. So excluding the impact of the MSSP as well as the slipped deals, deferred revenue growth would have been largely in line with historical periods.
Yes. So maybe a couple of million higher. That's terrific. And then I was just going to ask on the cap business, what was the impact in the period? Meaning, was there actually billings?
And did you sign deals? And can you tell us a little bit more color on that?
Yes. No, we did sign these. They are part of the billings and we see a significant pent up demand to give you. So this is something that we expect to accelerate and to continue. So, a huge success, huge success.
From by the way every components of our business, which means the large enterprise, the mid market and the SMB everybody is taking on the agent. And we saw first of all to be a bit more, we see more today an uptake on the agent for the VM and now we're starting to see an uptake on the agent on the policy compliance application as well.
Perfect. Thank you.
Thank you. And our next question comes from the line of Sterling Auty of JPMorgan. Your line is now open. Please go ahead.
Yes, thanks. One question, one follow-up. I guess it wasn't clear, you usually give vulnerability management as a percentage of the total. What was the percentage this quarter?
So the split between VM and non VM is still largely about eightytwenty as we have with previous periods. But we wanted to point out that the characterization is changing. The business VM business is evolving and a lot of our new services are VM related, continuous monitoring, cloud agent, threat protect. And so it's we expect that VM and non VM will continue to both grow at the same at similar paces. So it may still be eightytwenty.
Yes. And I could add even some more specific Sterling and I think we increased the value of our existing it increased the value of our existing renewal base as people are adding the agent to their current to the devices that they currently scan and that essentially creates an uplift to our subscription. But they also bring us now to both to 2 new market for us, which are the endpoints and as well as the Elastic Cloud environment. So that's a significant new driver of our business. Other example like the continuous monitoring, which we see a continuous adoption of the continuous monitoring added about 20% of the VM subscription for those who adopt the continuous monitoring.
Threat Protect was priced at 30% of the current subscription. So as you can see, we have built significant accelerator around our VM business. And the thing to point out here is that this is an extremely leveraged business. It doesn't cost us significantly more to essentially add provide these new capabilities to our customers. The purchasing for them is very easy.
They do the trial. They like what they see and then they just send us a purchase order. So it's very efficient and effective model that we have built. Okay?
Got you. And then as a follow-up, if I add a couple of million into kind of the revenue plus change in deferred revenue, I'm still seeing a pretty healthy deceleration. I want to connect the dots between that along with sales and marketing, I imagine, was a little bit light as some commission expense probably slipped into the Q2 on the timing of those deals, but also the commentary about deal sizes growing and some of the factors that would intonate that maybe we're seeing some acceleration in the fundamental business?
I'm not so sure that I understand here you're meaning the acceleration that you mean. So what's I'm not sure that I understand exactly the point here.
So if I put in if I add $2,000,000 into if I look at revenue plus the change in deferred, if I add $2,000,000 to account for the MSSP deal and the slip deals, it would put kind of a proxy for billings at about $50,300,000 which would be up about 14% as compared to through most of the last year, it was growing anywhere between 20% 29%. So I didn't know if there was other structural changes in terms of the billings on other contracts that just showing up in deferred revenue? Because I wonder what's going to be the better indication of the top line revenue growth sustainability? Is it what's the top line growing today? Or is the revenue plus change in deferred maybe a leading indicator of perhaps some slowdown in revenue growth as we move through the year?
So I think the couple million is actually a little low. It's probably the combination of both the MSSP deal plus the slip deals into Q2 is a little bit more than that. I think the other thing that needs to get that we should be considering as well is that historically we've had a lot of annual most of our subscriptions have had annual billings. And so this MSSP deal specifically was a quarterly billing arrangement. So that changes a little bit of how we look at deferred revenue.
Yes. And I would add also that we have a very healthy pipeline. So as we see, we see still a very strong business. I think this is more the fact that today timing is becoming a much bigger element than it used to be in the past and I think we discussed that also earlier on. So the timing of big deals when they arrive, whether they arrive at the end, in the beginning or in the middle of the quarter, all of that is starting to be significant as we do $1,000,000 of sales for example today, which was a year ago was essentially extremely rare.
So our business has changed in many ways and for the better. I think we have a very, very strong pipeline. So we see the market fundamentally coming our way. And let me reemphasize again that we don't see our VM market going down as some people have predicted. We see the market growing up significantly.
The VM market is becoming very strategic. And for one very simple reason, today companies are realizing that you cannot secure what you don't know. What Verity Management does is allowing you to identify all of your global IT assets and Qualys does that better than anybody else. And then from there, you want to ensure that you have a good view of the security and compliance of those assets, that you understand the vulnerabilities. And now with Threat Protect, we allow you to prioritize the radiation according to the threats of there.
So that's another significant enhancement. It's totally native. Our current customers today could only do that by either buying additional solution or just putting the data into Splunk and doing the correlation themselves. Now all of that is native on Qualys and that's what I've mentioned earlier that we see a significant pent up demand for this solution Cloud Agent and Threat Protect. Okay?
Thank you.
Thank you. And our next question comes from the line of Michael Kien of Imperial Capital. Your line is now open. Please go ahead.
Hi, good afternoon guys and welcome Melissa to your new appointment to your new position.
Thank you.
So with regards to the MSSP channel, do you see an underlying shift towards multi year and quarterly billings away from annual? And more broadly with the indirect channel, are you continuing to see that becoming a larger portion of the mix?
So, yes. So, in fact, the MSSPs channel, we like it very much and as you may recall, we have already a significant share of MSSPs and we believe we are going to continue adding more. For us, we're becoming very strategic for them because it's a natural complement or the services that we provide are natural complement of their business. We also add additional profitability and that's the reason why we see them more and more looking instead of having like they were doing in the past buying a customer at a time they are really coming to us to essentially negotiate a longer term contract, which of course against some preferable treatment in terms of the pricing, but give us significantly more predictability. And I would say add exclusivity also to our contract because of course they are not meant to provide any other solution than Qualys.
So we see that as a recognition one of the fact that we are out of the box, essentially highly scalable, we deploy globally, we integrate very easily with our services. So that's a huge position of strength and of productibility. So it's also very cost effective for us, because we don't need of course to have sales people out there pushing our solution as they come with the managed security service providers offering and they have huge sales force as well. We see that same trend now happening with the outsourcers which see Qualys as a very strategic component. And to finish on the channel, we see the traditional enterprise channel, which are very much interested of Qualys because now the breadth of product and because of the platform.
So we see also the traditional channel coming our way. So bottom line, as I mentioned earlier, we do anticipate to see more and we have been seeing an increased market increased volume from our channels. Now we don't see that yet that much on the revenue side, because we as I mentioned earlier are doing very big upsell with our current and large customers. But that's in a way masked the fact that a lot of new business for example is coming off to our channel partners. But of course, it's not yet enough volume growth there to compensate for the big large upsell that we're seeing with our current installed base, which again and direct partners, which again is quite sizable as we have 60% of the Fortune 100 today.
With regards to the upsells, can you characterize what's driving the larger upsells? Is it primarily focused on VM or are they taking on additional Qualys solutions, policy compliance or web app scanning? Any color would be helpful.
It's a combination. It's a combination of everything. First of all, as we mentioned many, many times, we are still far being penetrated fully with all of our customers. For example, we have some customers, large financial institution that deployed Qualys and that's resulting in 7 times the initial VM subscription. So it has been a long process to get to this huge deployment.
The advantage of Qualys here is that we deploy at a scale that no competitor can follow us. So that's very good for us. So we have very large upside on VM, but also of course some customers are now suddenly adding the policy compliance, the vulnerability management application, again the cloud agent and very soon Threat Protection, all of that creates naturally large upsell on the customer base, which today is pretty big. So we have very good upsells on the enterprise market, on the mid market, much less upsells on the low end of the marketplace, the SMB, because this is more like an all in one solution. But on the SMB and the enterprise, we see a very healthy business of upsells.
Great. Thank you very much.
Thank you. And our next question comes from the line of Rob Owens of Pacific Crest. Your line is now open. Please go ahead.
Great and
thanks for taking my question. Curious how the quarter played out from a linearity standpoint?
Okay. So Nancy, you want to?
So in Q1, it actually was okay. The excluding the impact of MSSP and these large deals, our revenue actually ended up in the high end of the guidance anyway. So it proved that the activities this quarter really didn't have a huge impact on linearity. It does a little bit going forward. The timing of when these larger deals are closed, will have an impact, but in Q1 it didn't have much.
So to that point then, Nancy, what happened to DSOs because they seem to slip quite a bit. And I would think given the relationship with the MSSP and the payment terms associated with that, you would have shown better DSO, but given that split the joint points to weaker linearity. So just trying to, I guess, understand the 2 different comments.
I'd have to take a look at the DSOs, but from a revenue standpoint, it didn't really have an impact. I think we have had continued work to do on the collection side of things that carried over a little bit from year end, that you're probably still seeing a little bit of that impact or you're still seeing some of that on the March 31 balance sheet.
Okay, great. And then in terms of the growth, the 20% ish year over year, can you help me understand what's coming from existing customers in terms of renewal with upsell or expanded opportunities versus new customers and what they're driving in terms of growth? And I know it's not something you've historically split out, but any color would be helpful. Thanks.
Yes. So what I would say here, this is part of maybe a much bigger discussion here as it's very clear that some of the guidance that we provide will revise that because they do not represent anymore really the Qualys business. One example of that is the number of customers which have acquired more than one solution, which is around 62%, if I remember correctly. But that doesn't represent at all anymore the adoption. We know that most of our customers, if not the majority they are adopting our new solution, but the SMBs again being an all in one that is not much of sale there and they do represent the fast growing segment of our customer base.
So we do not provided the mix between existing customers, the new customers. But I think now with the Melissa coming on board, I think one of her tasks will be to really sit down and absolutely look at what is the color that we should be providing with you guys.
Great. Thanks for taking my questions.
Thank you. And our next question comes from the line of Gur Talpaz of Stifel. Your line is now open. Please go ahead.
Great. This is actually Chris Speros on for Gur. Can you guys talk about the traction you're seeing with your secondary solutions, specifically the WAF? And are customers outside of your VM installed base expressing interest in those products?
Okay. So the WAF specifically as we discussed last time on the earnings calls, it is doing well. We are expecting that component of the marketplace to accelerate with the combination of our WAF. If you recall, we had introduced the WAF, the web application firewall quite a while ago and we put it back because we wanted to do some more engineering work on it. We still don't believe that we are on track to bring that at the end of the summer.
And I think the combination of WASS and WAF will essentially bring us into defining a new category, which will be the web application security instead of making the distinction between web application scanning on one hand, which is to identify the vulnerabilities on your web application and Qualys does that at a scale that again none of our competition competitors follow, but then adding the WAF, which is the remediation. So having essentially WAF and WAF together and that's I think will really provide a very strong offering in the marketplace.
Great. And one follow-up, if you don't mind. Are you guys seeing any benefit from McAfee's discontinuing of their VM product?
Significant. In fact today we have been in fact replacing gradually the large installation of McAfee. So I could divide that McAfee market into 2, the large accounts and the more smaller accounts. So on the large account Qualys was always essentially the market dominant, but it was taking time because to displace this kind of solution once they've been established takes time. So now of course with the fact that they have thrown down the gauntlet or abandoned that marketplace, this is in fact accelerating the demand for the quality solution for the large accounts.
And there we are very uniquely positioned against our competition because of scale again. On the mid market, that's where we're competing more actively with our competitors there. So for us, it's very good news because it accelerates the adoption of Qualys by these large McAfee accounts since they have abandoned them and they are currently bidding quite a few of them.
All right. Thank you.
Thank you. And our next question comes from the line of Sareen Nandoori of Summit Research. Your line is now open. Please go ahead.
All right. Thank you for taking my call. Filipe, can you talk about the competitive landscape for a moment? How do you see Rapid7 Antennium in the market? And do you see them in your accounts?
And can you talk about the win loss rate if you're competing against them? And in general, can you also talk about your deal cycles last 1 year? Have you seen any lengthening of the deal cycles over the past 1 year? Thank you.
What was the last question? If I see the deals increasing or
The deal cycles. The deal cycles.
The deal cycle. Okay. So to speak about the competition, today we see Rapid7. They're strong where they always have been strong, which is in the mid market and we compete very actively against them and I would say successfully. And we do not see them being really capable of moving into the cloud, because that's a huge undertaking.
They have made as I'm sure you know, since that's been published by them, they're trying to move more into analytics as a company, so that's the direction they take. And so ultimately, I think this is their goal competing against Splunk. Of course, this is not the direction that we've taken. Regarding you mentioned Tanium. Tanium is trying to enter the security market.
So Tanium is not really a security play. Tanium had done it was a replacement of BigFix where instead of having to build this enterprise, if you prefer infrastructure to deliver the BigFix agent, they went with a peer to peer architecture, which makes it much easier to deploy patches and also to query these agents to identify what they are what are the so we compete extremely well now with Tanium with our asset view capabilities. So we can give enterprises 2 second visibility of their global IT assets. So we're entering their market essentially. And on the policy on the vulnerability management and policy compliance side, we have a far better solution than Tanium, but they are trying to enter our market.
But I think we do not see them ultimately as a long time as a long term competitor there. And we have essentially another competitor which is Tenable, which is not public and like which is trying to move into the cloud, but that's a huge undertaking for them. They are not also very present of the large enterprise, which is a marketplace that we dominate and we compete with them much more on the consulting side and as well as the federal side, which for us is a very new market that we are entering. As we indicated earlier, we are not counting on much revenues from the federal side in 20 16, but we are very now focused at essentially getting our share of the federal market.
Alright. What about the deal sizes?
The deal sizes, so deals have increased significantly. So we start to really do deals which from the get go are $500,000 an app, which is something relatively new with Qualys. And as far as the selling cycle, I think it's about the same. I think I don't see the selling cycle having changed much. It varies, of course, depending on a large enterprise.
It's typically a 1 year selling cycle. And on the mid market, it's about less than 6 months and on the SME market, it's less than 3 months.
Thank you very much for the detailed explanation.
Thank you. And our next question comes from the line of Jack Andrews of D. A. Davidson. Your line is now open.
Please go ahead.
Good afternoon. Thanks for taking the question. You announced the addition of a new Chief Marketing Officer during the quarter. I was just wondering if you could talk a little bit about what his priorities and strategic initiatives are going to be focused on?
So today, as I mentioned earlier, we have embarked into the positioning of Qualys as much as a platform. The philosophy of Qualys has been always that we don't advertise things until we have reached a point where we can really claim it. But today, as you will see essentially a new positioning of Qualys as the strategic as the disruptive cloud security and compliance platform, which essentially consolidates today about 6 Security and Compliance Enterprise solution and of course more to come. So that's the new positioning that we're taking, which you're going to see starting at the Gartner Conference and that's where we're focusing essentially on the position of Qualys. Then all that will be followed by a reach out to the CIOs.
As today, we can essentially answer the question that any CIO has, which are these three questions. We can give them the global view of their asset inventory. 2nd, we can provide them with a continuous view of the security compliance posture of those assets. And third, we can essentially help them in their vendor consolidation efforts and save them 1,000,000 of dollars because we eliminate a lot of these enterprise security solutions, security and compliance solutions, which have their own infrastructure that you need to companies have to deploy and to maintain. So I think we're extremely well positioned here as we mentioned earlier.
Thank you. And then just as a quick follow-up, you mentioned that foreign exchange was a modest headwind in the quarter. Are you able to quantify that at all?
No. We didn't say it was a modest effect. In fact, we had look at last year, because we have a very strong presence in Europe today. So we had a big foreign exchange start headwind last year and it continues essentially in Q1 and in Q2 and will gradually disappear by the end of the year. That's where we are and we're talking here about the little bit less now than couple.
Thank you. And our next question comes from the line of Matt Hedberg of RBC Capital Markets. Your line is now open. Please go ahead.
Thanks. This is actually Matt Swanson on for Matt. You talked a lot about the strong customer reaction to Threat Protect. Could you maybe go over some of the key features that are making that such an attractive solution? And then with that large pipeline, maybe how you see that materializing throughout the year?
So, yes. So, one of the channels that went before, if you look at our customers, the number one challenge that especially large customers, it's a bit less true or a bit still there for the smaller customers. But large customers, you're now dealing with millions of vulnerabilities in some cases 100 of 1000 and you need to prioritize. You cannot do everything at once. So anything which can help customers prioritizing the remediation of the vulnerabilities is something which is absolutely needed.
So in the past because we didn't have Elasticsearch, sifting through large volumes of vulnerabilities and matching that correlating that with threats which are known out there. Like for example, we know there's an exploit kit in there is an exploit leveraging vulnerability XYZ. So for us to do that natively into Qualys was very difficult because we didn't have built into our platform Elasticsearch capabilities. Now what our customers were doing, they were essentially going they had 2 solutions either to go to solutions like we're providing these capabilities by extracting the data from Qualys, correlating the data from threat sources and then providing them that ability then to sort through that was one way which of course added dollars, significant dollars to the subscription plus of the fact that having to maintain another application, another database etcetera. The other way they could do it was to go to Splunk and take the data of Qualys, put that into Splunk and then bring into Splunk the threat information and then themselves doing the correlation of that information.
Again another additional cost, significant additional cost as well as having to maintain and build more with us. Now today all of that is native on Qualys. So needless to say those customers who are already using this solution that I mentioned are very eager to switch to Qualys. So that's it's an easy sell. It's almost an ROI that we can make here and new customers are very attracted to that because again it's native into the platform.
So we have today and we know that for a fact we have a big demand. It went GA at the end of this month and we're expecting to see orders materialize. Of course, it's too early for us to give some trend. I mentioned earlier that we charge about 30% of the PM subscription of our customers. So that's not a significant upsell, but still at that pricing it's more cost effective than using Qualys than going through other solutions.
So it's safe to say
at this point it's not included in any guidance?
We never typically do in our guidance include any kind of new services. So we just try to we're cautious about that because until we have enough data points on the enough data points, it's much more difficult to predict the curve. And then of course from ASV translate that into revenues. As you know, that's one of the disadvantage of the SaaS model is that we just don't take the revenue upfront like enterprise software. We just take the revenue across.
All that makes that in terms of translating into revenues, it takes some time.
All right. Thank you for your time.
Thank you. And our next question comes from the line of Erik Suppiger of JMP. Your line is now open. Please go ahead.
Yes, thanks for taking the question. A couple of questions on this MSSP. Can you explain how the nature of that relationship changed? Did they become a much bigger MSSP customer? Or is it just that you wanted a more consistent revenue stream?
And how much was the impact well, first I'll let you answer that and then I've got a follow-up.
Yes. So the answer to this question is both. Yes, it's give us more predictability. It's a win win for both. This was at the request by the way to us.
So essentially, this equal is more strategic. So they are committed to us. So they believe they can essentially grow more business and so I think it's a win win for both of us.
Was the impact from the MSSP in terms of the deferred revenue, was the impact from the MSSP bigger or smaller than the impact from the deals that had slipped?
Smaller.
That was a smaller portion? Okay. And then can you give us a sense for what the growth was with your traditional emerging products the web app scanning and the policy compliance?
So we have been growing in the we have been essentially growing the VM in the 20% range and these other ones were around 30% growth rates.
Okay. And then
And again, it varies today because we're not as today because we do big up sales today, it varies. We're not anymore. Again, this is a business which has become which is a good thing, which has become a little bit more lumpier in the sense that we do these bigger upsells, both in WISE, both in policy compliance etcetera. So it varies from quarter to quarter now.
And our next question comes from the line of Robert Breza of Wunderlich Securities. Your line is now open. Please go ahead.
Hi. Thanks for taking my question.
Nancy, I
was wondering if you can help us reconcile the EPS beat. If we take your guidance, you beat by about $0.06 yet left the full year unchanged. So essentially, it would tell me that you're expecting those costs that you were able to avoid in the Q1 to occur throughout the remainder of the year? Can you just help us reconcile the $0.06 beat and not passing that beat on through to the full year number? Thanks.
So the beating the revenue guidance for full year hasn't changed. And we still expect to increase our expenditures in absolute dollars sequentially in the rest of the year. So really at this point, we're still relatively early in the year. We've got a new CFO on board and we just thought it'd be best better judgment to just sort of maintain our EPS guidance for full year.
Okay. And then maybe as a follow-up, I think it's given the commentary and the questions around the MSSP and the quantity, can you just quantify what the MSSP impact was to the quarter and the full year?
No, that's not something that we're going to provide in detail because we talked about it having an impact in Q1, and it is going to have an impact on the rest of the year as well. But given the momentum of the business, the uncertainty of timing in larger deals, we've left our revenue guidance as is as well. This is something like, as I said, we're still relatively early in the year, and we'll look at this as the year progresses.
Thank you.
Thank you. And I'm showing no further questions at this time. I would now like to turn the call over to Mr. Felix Portotte for closing remarks.
Okay. So thank you very much. And so again, so we are looking we have a very strong pipeline. As I mentioned in the last call, we are now seriously looking at some potential acquisition or partnerships or OEM relationships, so we could accelerate some of the engineering developments that we currently have or accelerating our entrance into new markets. We hired a VP of Corporate Development.
So I thank you for attending our Q1 earnings call and we look forward to seeing you all of you in early June and at the DA Davidson Technology Forum in New York City, at the Bank of America Technology Conference in San Francisco and the Robert Baird Conference in New York City. And with that, good afternoon. Thank you.
Ladies and gentlemen, thank you for participating in today's conference. This concludes today's program. You may all disconnect. Everyone have a great day.