Good day, everyone, and welcome to the Qualys First Quarter 2015 Investor Conference Call. This call is being At this time, all participants are in a listen only mode. Later, we will conduct a question and answer session and instructions for asking a question will be given at that time. I would now like to turn the call over to Don McAuley, CFO of Qualys. Please go ahead, sir.
Welcome to the Qualys Q1 2015 investor conference Call. I'm Don McAuley, CFO. I'm here with Philippe Courteau, our Chairman, President and CEO. We would like to remind you that during this call, management expects to make forward looking statements within the meaning of the federal securities laws. Forward looking statements generally relate to our future events or to future financial or operating performance.
Forward looking statements in this presentation include, but are not limited to the following: statements related to our business and financial performance and expectations for future periods, including the rate of growth of our business our expectations regarding capital expenditures, including investments in our cloud infrastructure and the intended uses and benefits of those expenditures trends related to the diversification of our revenue base our ability to sell additional solutions to our customer base our plans regarding the development of our technology and the expected timing thereof our expectations regarding the capabilities of our platform and solutions the anticipated needs of our customers the strength of demand for our solutions including our private cloud platform our strategy the scalability of our strategy our ability to execute our strategy and our expectations regarding our market positions the expansion of our platform the expansion of our development operations and support teams in India the expansion of our partnerships and the related benefits of such partnerships our ability to effectively manage our costs our plans to expand our sales force our plans to explore strategic alternatives excuse me, acquisitions our expectations for the number of weighted average diluted shares outstanding and the effective GAAP and non GAAP income tax rates for the Q2 and full year 2015 and our delivery of new solutions.
Our expectations and beliefs regarding these matters may not materialize and actual results in future periods are subject to risks and uncertainties that could have caused actual results to differ materially from those projected. These risks include those set forth in the press release that we issued earlier today as well as those more fully described in our filings with the Securities and Exchange Commission, including our annual report on Form 10 ks that we filed on March 6, 2015. The forward looking statements in this presentation are based on information available to us as of today, and we disclaim any obligation to update any forward looking statements except as required by law. We also remind you that this call will include a discussion of GAAP and non GAAP financial measures. The non GAAP financial measures are not intended to be considered in isolation or as a substitute for results prepared in accordance with GAAP.
A discussion of why we present non GAAP financial measures and a reconciliation of the non GAAP financial measures discussed in this call to the most directly comparable GAAP financial measures are included in our earnings press release that is available on our website. Now to begin the discussion, Philippe will provide an overview of the company's performance for the Q1 2015. Then I will cover our financial results and factors that drove the quarter in more detail, as well as our outlook for the Q2 and full year 2015. Then we will open up the call for your questions. And with that, I will now turn the call over to Philippe.
Thanks, Don, and welcome to all of you. The Q1 of 2015 was a good quarter, which included a number of important product releases and continued growth and success across our business. Don will cover the financial details of our performance for the quarter. These are exciting times at Qualys with the introduction of our cloud agents. As I'm sure you all have seen already, our Q1 revenue came in just below our expectations and this has a modest impact on our full year revenue guidance.
This was due to slightly lower vulnerability management revenues in Q1 than we had expected due to the timing of a few large enterprise deals in the quarter. Although our Q1 revenues came in somewhat less than we expected, we met EPS expectation for Q1 and our EPS guidance for 2015 is unchanged. Dan will provide additional details on this. So let me start off with an overview of key highlights that are driving the momentum in our business and discuss in more details our new product releases. During the quarter, we laid the groundwork for 3 major new services that we launched at the RSA Conference last month.
Together, these new services doubled our addressable market with 1st and foremost our disruptive Cloud Agent platform second, the seamless integration of our web application scanning with our web application firewall services, an industry first and third, the extension of our very successful continuous monitoring of parameters positioned to internal networks. We believe that these technological innovation and enhancements provide Qualys with significant competitive advantages and make our solution more strategic to our customers and partners as we have now built a highly scalable cloud platform that provides enterprises of all sizes with a unified and continuous view of the security and compliance posture across legacy networks, virtual environments, web applications and endpoints. Let me give you more explanation on these 3 new services. The Qualys Cloud Agent platform is disruptive technology that brings a new approach to continuously assessing IT assets for the security and compliance posture and better align IT with security. It extends our cloud platform by allowing the creation and distribution of 1 megabyte lightweight agents that scales to millions of devices including endpoint, servers or virtual machines in elastic cloud environments.
These agents continuously collect and consolidate vulnerability and compliance data in real time and update this data within the Qualys Cloud Platform for further analysis and correlation. We believe that this is an innovative game changer for both vulnerability management and policy compliance as it eliminates the need for scanning windows and authenticated scans, while making security assessments continuous instead of monthly or weekly as it is currently done. It also expands our VM and policy compliance offerings to endpoints, which could not be reached with traditional scanning technology. 2nd, the Web Application for our World Version 2.2 release provides tight integration with our web application scanning and delivers virtual patching and event response capabilities, enabling organizations to fine tune security policies, remove false positive and customized rules leveraging vulnerability data from the Qualys web application scanning solution. This brings web application security to a new level as it now allows organizations to efficiently address web application security threats end to end.
Finally, the Qualys Continuous Monitoring Service for internal network is an extension of our very successful Continuous Monitoring solution for parameters to include IT assets inside the enterprise, allowing businesses to proactively monitor both perimeter and internal IT assets and obtain real time alerts to accelerate incident response. Let me now give you key highlights on the state of our business. In the Q1, we added a number of important new accounts including ACI Worldwide, Airbnb, Alcatel Lucente, Altisource Business Solutions, CGI India, Cosmobility of Las Vegas, Deligenta, HealthNow New York, Integris Energy Group, the International Monetary Fund, Jaguar and Rubber Lagquinsa Indian Street, MTN Group, Right Side, La Quinta, Indian Street, MTN Group, Right Side and Tampa General Hospital. We continue to see greater than 50% growth from our new services, which include the web application scanning, policy compliance, continuous monitoring, web application firewall and our private cloud platform. We saw approximately 19 percent growth from our industry leading vulnerability management solution, which was a slight decrease from its 20% growth rate in 2014.
An indication of our success in diversifying our cloud platform offerings is that 58% of our customers have now purchased more than one solution. This is another data point on a promising trend line as these metrics stood at 30% at the end of 2013 and 54% at the end of 2014. We continue to see strong demand for our private cloud platform, Demand is strong outside the United States due to data sovereignty requirements from our partners and customers. And next quarter, we will deliver our private platform fully disconnected from Qualys' stock in terms of receiving updates and monitoring. We expect that these, along with FedRAMP's certification of our platform, will further our Confederate and Defense sectors for us and other highly classified environments.
We're also making good progress with our new solutions currently under development, including our real time data analytics backend as well as our malware detection and prevention service, both of which will be released later this year. We expanded our strategic alliances with the majority of the Indian outsourcers Cognizant, Infosys, HCL, TCS, Tech Mahindra and Wipro as a result of their new focus on delivering security services to their clients worldwide. We're honored by Frost and Sullivan with the 2014 Company of the Year Award for Product Excellence, Continued Innovation and Unique Approach for Delivering Customers Continuous Security. We also won Best Regulatory Compliance Solution at the SC Magazine Award 2015 in the U. S.
And the Sands Best of Awards for Application Security in 2014. Now for a review of our financial performances and our guidance, I will turn the call over to Dan.
Our Q1 2015 financial results were good. As Philippe already indicated, however, our Q1 revenue came in just below our expectations due to a couple of factors that I will review in more detail. These factors modestly adjust our full year revenue guidance, but importantly they did not change our full year EPS guidance. First, our core vulnerability management business growth declined slightly from 20% year over year growth in Q4 to 19% in Q1. And since the solution still represents nearly 80% of our revenues, it did have a noticeable effect on revenue growth this quarter.
2nd, you may recall from last year that we benefited in the Q1 of 2014 from several of our larger deals coming in earlier in the quarter than was our historical pattern. However, in the Q1 of 2015, several of our larger deals came in later in the quarter than we expected. As a result, our recognized revenues in the Q1 this year were a bit lower than we had expected. This timing difference also had an impact on our cash flow metric comparisons. In 2014, many of the earlier book deals were collected before the end of the quarter.
This year due to the later booking pattern, those deals are still in quarter end accounts receivable and not reflected in cash flow from operations or free cash flow in the Q1. That being said, while we came in just under our Q1 2015 revenue guidance range, we effectively managed costs and leveraged the strength of our platform to beat our GAAP and non GAAP EPS targets for the Q1. Now let's review the quarter in more detail. Revenues in the Q1 grew to $37,500,000 which represented 24% growth over the Q1 of 2014. The timing difference in bookings that we just reviewed was a factor that led to our lower Q1 revenue growth.
Now a quick review of some related revenue metrics. For the Q1, U. S. Represented 70% of revenues, which is the same percentage as a year ago. Our current deferred revenue balance as of March 31, 2015 was 23% greater than its balance as of March 31, 2014.
And finally, we drive 79% of 1st quarter revenues from subscriptions to our core vulnerability management solution compared to 83% in the Q1 of last year. GAAP gross profit increased by 26 percent to $29,500,000 in the Q1 of 2015 compared to $23,500,000 for the Q1 of 2014. GAAP gross margin was 79% for the percent for the Q1 of 2015 compared to 78% in the Q1 of 2014. Adjusted EBITDA for the Q1 of 2015 increased by 150 6% to $12,000,000 compared to $4,700,000 in the Q1 of 2014. Adjusted EBITDA as a percentage of revenues increased to 32% in the Q1 of 2015 compared with 15% in the same quarter last year.
Net cash flow from operations decreased by 34 percent to $10,000,000 compared to $15,100,000 in the Q1 of 2014. Free cash flow decreased 67% to $3,000,000 compared to $11,300,000 in the Q1 of 2014. As I discussed earlier, the late timing of 1st quarter deals resulted in fewer dollars collected in Q1 compared to last year and so the cash flow effect of the deals still in accounts receivable had not flowed into cash flow from operations and free cash flow as of March 31, 2015. This effect in the Q1 cash flows can be seen in our statement of cash flows. In last year's Q1, there was a positive $6,700,000 effect on cash flows from the change In this year's Q1, there's a negative $5,900,000 effect on cash flows from the change in accounts receivable.
We believe these effects are caused solely by timing differences and are not indicative of any change in our ability to generate cash flows from operations in 2015. In the Q1 of 2015, capital expenditures were $6,100,000 compared to $3,800,000 in the Q1 last year. In the Q2, we expect capital expenditures to be in the range of $4,500,000 to $5,500,000 as we expand our cloud infrastructure to support more customers and add more solutions and functionality to our shared platforms as well as to prepare for the increasing demand for our private cloud platforms. Now moving on to earnings per share. For the Q1 of 20 15, GAAP EPS was 0 point of 0 point 1 $1 per diluted share in the Q1 of 2014.
Non GAAP EPS was $0.15 per diluted share in the Q1 of 2015 compared to $0.05 per diluted share in the Q1 of 2014. Now turning to our guidance for the Q2 of 2015 and the remainder of the year. Since our core vulnerability management growth rate has moved from 20% to 19%, we believe it's prudent to revise guidance for our revenue expectations for the balance of 2015. Our growth expectations for our other products are unchanged. For the Q2, we expect revenues to be in the range of $39,500,000 to $40,000,000 At the midpoint, this represents 23% growth over Q2 For the full year 2015, we now expect revenues to be in the range of $165,000,000 to $166,500,000 At the midpoint, this represents 24% growth over 20 14 revenues compared to a midpoint of 26% growth of our previous 2015 revenue guidance range.
Earnings per share, we expect GAAP EPS for the Q2 of 2015 to be in the range of $0.02 to 0.4 dollars and non GAAP EPS is expected to be in the range of $0.09 to 0 point 1 $1 Our 2nd quarter EPS estimates are based on approximately 38 point 5,000,000 weighted average diluted shares outstanding. For the full year, our GAAP excuse me, our EPS expectations are unchanged. For the full year 2015, we continue to expect GAAP EPS to be in the range of $0.22 to 0 point be in the range of $0.50 to $0.55 Our full year EPS estimates are based on approximately 38,400,000 weighted average diluted shares outstanding. In summary, despite the 1% reduction in our vulnerability management growth rate and the later booking pattern of Q1 deals, the company continues to perform strongly at the introductions in 2015, we believe that we are well positioned to continue benefiting from our expanding product line and our land and expand strategy. So with that, Philippe and I would be happy to answer any of your questions.
Operator?
Our first question comes from Sterling Auty with JPMorgan. Your line is now open.
Yes, thanks. Wanted to start with the vulnerability management. And in terms of the deals that slipped, were these new customers or expansion deals with existing customers?
Really both Sterling. We do a lot of business with our existing customers constantly upselling throughout the periods. So it was included upsells from customers as well as new business.
And then the follow-up, I think the big question I'm already getting from people is, okay, you saw a very nice acceleration in vulnerability management through the height of all these data breaches. Even though the rest of the business is growing as it has been and as you're expecting, should we now think that vulnerability management will settle back into let's say maybe that mid teen growth as an industry? No. I think no, in
opposite specifically because of the announcement that we make with our Cloud Agent technology, which greatly simplifies vulnerability management. As I mentioned in my talk by eliminating the windows, eliminating the need for authenticated scans and also moving our application to the endpoints, which has significantly more devices than servers or desktop. So I think we're extremely well positioned for these reasons.
And Philippe maybe one last one if I can squeeze it in. The agent approach is very different than the history of the architecture of Qualys. Are there any other implementation challenges or technological challenges that customers will have to overcome to adopt?
Not at all. In fact, it's not a major difference. In fact, it's a huge simplification. The power of Qualys is still the back end that we have, which is capable of handling significant number of billions of transaction analysis, correlation, etcetera, where in fact even further continuing to expand the analytics capabilities of our back end. But the fact here is that all of our customers have been asking us for years to be capable of scanning the endpoints and both on vulnerability management and on policy compliance.
As you may recall, we had more than 15 companies which were better users. There's the way we were doing VM and policy compliance in the reports and the data that we gather. So, there's absolutely no change in the application that they currently have. The only difference is that now they can, if they want, to have agents on their servers, on their desktop and as well on the endpoint, which they could not have. So that's it's a major change with a significant operational efficiency.
Got it. Thank you.
Our next question comes from Philip Winslow with Credit Suisse. Your line is now open.
Hi. Thanks guys. Just wanted to dig back in on the building ability management side. I mean you mentioned both new and existing customers. Wondering if you're seeing sort of change in just the competitive landscape there or pricing or just if that's a factor at all weighing in?
Or is it just something changing as far as just the buyers' mentality here and kind of to Sterling's point to sort of the growth rate of this market?
No. The competitive landscape has not really changed except for the fact that some of our competitors are now moving into the cloud and as well as trying to move into web application scanning as well, which is a recognition of, of course, of Qualys. We're obviously, we have a significant advance here. What we see today is more again if you look at the timing of things, we are more sensitive today than we were in the past because we do very big upsells. And so if they sometimes if they come later or earlier in the quarter, it does make a difference in our revenue recognition because of the size.
In the past, our business was much more a business of smaller deals if you prefer. When today we have essentially the opportunity to do and we are doing very, very big upsells, which change the kind of the dynamic of the business a little bit.
Got it. All right. Thanks guys.
Our next question comes from Owens with Pacific Crest Securities. Your line is now open.
Great. Thank you. So I want to focus in on just the billings mix. And I know you give us revenue percentage for VM. But if we look at the billings and the fact that some of these deals were back end weighted, is the growth in billings relative to vulnerability management slowing as well?
And so that's the reason for the caution and the taking down of a couple of points of growth?
Yes. That's correct, Rob.
Okay. And then second, Don on the sales and marketing line, it was actually down year over year. Was that your realization that quarter is coming in back end weighted, so there's some discretionary costs held off? Or is this a new level? Can you help me understand why number went down?
No.
It's actually really simple. They moved RSA from Q1 to Q2.
Okay. Perfect. Thanks guys.
Our next question comes from Steve Ashley with Robert W. Baird. Your line is now open.
Terrific. I'd just like to start by asking about the Express Light product and how that might perform within the volume vulnerability management world this period?
Both our Express product line and Express Lite are performing extremely well. So it's it has been very significant in term of acceleration of our growth in these markets. So the Web Express slide is more transaction oriented. So we're putting even more automation into that product line, so we could essentially take orders online. It's a very successful product line.
And then I'd just like to ask about the go to market. Your sales force is now going to have a complete portfolio of other products to sell. Do you expect them to lead more with web app scanning, web app firewall in the future?
Yes. In fact, what is happening here is that we have in fact the opportunity especially with partners. The web application solution that we have done is becoming a platform and we see significant interest in our web application platform or web application security platform from the Indian resources, which really see the opportunities to really build very powerful services, if you prefer. So that's it's kind of another new market for us, another new entrance. Our sales force today is essentially focusing on setting the platform and in some cases start with the web application security if this is what the customer wants.
The endpoint now is a totally new game because it's opened up the policy compliance marketplace, which as you may know, most of the big dollars were essentially at the endpoints because of the huge volume of endpoints compared to the servers. So this is where McAfee and CCS and Symantec CCS were doing bigger deals, very big deals. And today, of course, these are markets that happened for us now that we have a solution for the endpoint, which again is significantly easier to deploy. It's only a 1 megabyte agent does exactly the same things and of course reduce significantly the cost that these solutions needs to manage these endpoints as they need to have many, many servers inside of the enterprise just to collect the data from these endpoints where, of course, we bring all that data into our cloud platform whether it is in private cloud, an on-site or whether it is in the cloud.
Great. Thank you.
Our next question comes from Erik Suppiger with JMP Securities. Your line is now open.
Yes. Thank you for taking the question. Philippe, I'm still trying to get my hands around the billings. The billings were pretty strong in the quarter. I understand VM slowed a little bit more than anticipated, but clearly you must have had some pretty robust billings for the other services.
So if that's a scenario and you have better growth out of the other services, why are you lowering your why are you lowering the revenue outlook? And well, answer that please.
So I think I don't know if Don I think Don probably will give you a more
specific answer. Well, the basic reason Eric is vulnerability management, our core business is still 80% of our business and seeing a turn in that growth rate. And of course, we don't know what the future growth rate is. I mean, Philippe gave some reasons it could actually go back up. I mean, we don't know the next point on the graph, but we certainly think it's prudent to bring our revenue guidance down since it represents the lion's share of our business.
We have a lot of exciting new products coming out, but as you know those take a while to hit and to have a positive effect and that could be later this year early next year. So we think it's prudent when 80% of our business is showing a sign of slowing that we take that into account and do the right thing.
Yes. And is there anything reason in the quarter why the non vulnerability management billings seem to be pretty strong?
Well, those products continue to do really well. Yeah. Fleek went through some of them. I mean, probably could do policy compliance. We're seeing a lot of interest in that, especially that's an uptick.
We expanded that web application security platform now to include the WAF 2.0. So there's a lot of good stuff going on with our new products. We've touched on our Express product lines as well, which includes some of that stuff.
The reason for our prudence is also the fact that as you know, even if we do a very big deal, it depends when these big deals. And today, we are doing significant deals. It depends when they arrive because it's much obviously, as we only take the revenues when we deliver the service. So that's also the underlying reason of the prudence here.
Okay. Two other quick questions. 1 on the hiring. Can you give us the headcount? And how was retention in the quarter in the sales organization in particular?
Yes. So I think we started the year at about 135 and I think we added 4 net new folks principally on the new business side of the house. So hopefully that will pay dividends in the future. So we're from $135,000,000 to $139,000,000 Our expectations are our plan is still to see if we can add a total 20 to 25 by the
end of the year. So we hope to end up at maybe 155 possibly 160. Yes. We have also increased our account in the strategic alliance group, which are managing our partners, essentially our big partners. We today have a team of 5 major accounts, if you prefer, or strategic accounts, dealer managers.
And this is also again because of the significant the strategic alliance that we have expanded with the Indian Armed Forces what is interesting here is that they all have essentially focused a lot of the energy in cybersecurity. They have essentially all created a division focused on cybersecurity, which happens to be in the $200,000,000 to $300,000,000 range already. And they see that as very strategic for them. And of course, Qualys, we have a relationship with them. So and we have the platform.
So this is something we're really expecting to see the significant differentiation partnering with them in the future.
Okay. And then lastly, I think you had mentioned that you're seeing some of the competitors coming into the cloud. What were you referring to when you mentioned? Yes.
I'll make the 2 comments specifically Tenable have announced essentially the fact that they want to move into the cloud. And in fact, they're looking for, from what we heard, from additional investment in capital so they could build their cloud solution. And we saw recently, in fact today, the announcement of Rapid7 acquiring NT Objective on the web application scanning. It's very clear that the marketplace wants a consolidation, which Qualys has essentially already done and the market is very now much more open to cloud delivery solution than the old enterprise software solution, which are becoming extremely costly even to maintain.
Very good. Thank you.
Our next question comes from Michael Kim with Imperial Capital. Your line is now open.
Hi, good afternoon guys. Going back to the guidance, can you clarify the assumptions around the continued monitoring for the internal networks and the potential for contribution as we exit the year and bringing the VM business above kind of the 20% range? And then I have a follow-up question.
Yes. So, hi Michael. We don't get we're not going to get more granular about the calculations of our guidance. We just released continuous monitoring for the inside network, which I think you're alluding to, which goes on top of continuous monitoring for the perimeter that we did a year ago. We have a lot of customers interested in those products and hopefully they'll give us an uplift later.
But I can't comment on any the specific metric we would have used for that product in particular.
Okay. Fair enough. And then switching gears on the fully disconnected private cloud platform. Can you talk a little about the sales cycle or anticipated sales cycle? Presumably the federal and defense markets may be a little bit longer, but do you have some opportunities that might have somewhat shorter sales cycle especially internationally?
No. That will be a longer long sales cycle this one because really what we need to do now we have by the way we're very close to have our first totally disconnected solution accepted. In other words, we have now trained this entity, which is a large very large German corporation, which I think I mentioned last time in the call. So after that, of course, we are going to look for partners, specifically in the federal space and we have, of course, to discuss with them, selected them and then trained them and then it takes some time to get the delivery. So this will have a big impact next year.
I don't anticipate much this year. Conversely, if you look at our agent technology, the way we have priced it and I think we're expecting a significantly shorter selling cycle because we have already, for example, the contract with many of the large banks. And then for us to essentially provide endpoint security is becoming we don't have to negotiate the contract. It's just about deploying this agent, which are by the way extremely easy to deploy. And essentially for a dollar that we had, let's say on VM, we essentially are expecting to collect about $1.25 to $1.30 as a comparison.
So as you can see these agents have bring significantly more value. And as a result of that, we have been able to price them at a slightly higher value than our traditional scanning technology for both VM and Policy Compliance.
Got it. Great. And then, Don, one more real quick question for you. Did Polycomplyence and web app scanning see similar growth rates north of 50%?
Yes, they did.
Okay. Great. Thank you very much.
Our next question comes from Aaron Schwartz with Macquarie. Your line is now open.
Good afternoon. Thank you. I was wondering if you could talk to sales productivity in particular with the existing customer base. That's always been a big part of the revenue here. I'm just trying to better understand if this was just a couple of larger deals that maybe the timing was a little uncertain on and that's why you're prudent with the guidance?
Or do you need to start to see productivity from some of the sales hires with new customer additions? So, is there a degree of difficulty in expanding VM within your installed base getting a little bit harder?
No, not really. In fact, we expect to we anticipate to expand VM significantly in our user base with the capabilities of addressing the endpoints with our agent technology. If you look at typically the pattern for one device on the perimeter, you have about 10 device on the inside on the service side and you have at least 100 on the endpoint. So we anticipate in fact that we're expanding the VM addressable marketplace for us big time. So and the selling cycle we believe should be shorter.
This also should help us to accelerate the displacement of existing solutions because now we've really provided full solution for essentially vulnerability management, for policy compliance and for web application scanning. So this is a huge displacement power and we see that already happening, which in return allows us to now bid much, much bigger deals that we're doing in the past.
Okay. And Don, did you say I just want to make sure I understood correctly. Did you say that obviously the linearity you covered, but that some of the adjustment maybe in your expectation for the VM growth rate was a couple of deals that maybe just slipped
Yes. Yes. Well, yes, hopefully, probably more closely than I do.
Yes. They're absolutely all closed. Absolutely, we didn't lose any deal.
But you still I guess I'm just trying to reconcile that within the expectation that billings is getting adjusted a little bit lower if those still did close maybe in the month of April?
Well, to be fair they closed in Q2 not Q1. Yes.
So it's just a trickle through for the year?
Correct. Correct.
Yes. And again, yes, right.
Okay. And then just any update from the questions from last quarter about some of the shorter term deals that got it and deferred in Q4. Have you started to see those annualized yet? Or are they later in the year that you'd start to expect that?
I actually didn't study the individual deals, but the median deal would close around June 30. So we fully expect all those deals as they come up to their renewals to they've locked in a new higher level and that will renew. So no real comment Q1 in particular, but I think most of those deals were probably Q2, Q3, but it won't really show up in our numbers in particular because now we've established a new higher revenue level and those will just be kind of renewing across straight across now from the level they established when they did those upsells back in December.
Okay. Thank you.
Thank you. Our next question comes from Matt Hedberg with RBC Capital Markets. Your line is now open.
Yes. Thanks guys. I'm curious on I just wanted to ask on the geographic side. Were some of these deals that slipped, were they all U. S.
Based or were they was it kind of a mixture of U. S. And international?
In fact, they were essentially more U. S. Based, probably about the percentage of
our business. We're 70% U. S. Based, Matt. So that's probably a fair breakdown.
Okay. And then I know in the past you guys have talked about looking at M and A a little bit more on the smaller tuck in size and you mentioned a competitive deal in the space recently. Could I get your updated thoughts on that with the growing cash balance?
So we're actively looking effectively for Binafore acquisition. Of course, as we discussed at the last earnings call, we are looking at companies which essentially could either accelerate some of our product development cycles or help us move into adjacent market, but we do that carefully. And it's about trying to find the right company who can do that. So it was there's a lot of enterprise software security software solution on the market, but this is something that we're not really interested in doing because we will have to essentially the solution and rewrite the code, so we could integrate the solution into our platform. And since we have already a large customer base on that we are going after looking at customer acquisition per se.
So we'll limit the opportunities doing so, but we're actively looking at. And then what we see is a lot of new start ups, which are all coming up with essentially a cloud architecture in mind. So I see we see the ability to acquire younger companies much more that will make much more sense for us.
Got it. Thanks guys.
Thank you. I'm showing no further questions. I would now like to turn the call back to Philippe Courto, CEO for closing remarks.
Okay. So thank you all for joining us today. With all of our new products and features to our existing products, Hollys has never been very strategically Qualys has never been very strategically positioned to play an important role in security and compliance market. As you all know, enterprise IT is shifting more and more to mobility and cloud architectures, our new Cloud Agent platform has the potential to disrupt this market as it will allow our customers to effectively deal with this key transition in their IT environment and we already see that we see a huge demand for that. Finally, with the expansion of our platform and the well received launch of the new services, we're expanding our sales force as we discussed and partnership as well globally accelerating the build up of our development operation and support teams in India, which is already very successful where we have passed in fact 100 people and are looking for strategic acquisition as we just discussed to further accelerate the development of existing and new services as well as to enter new adjacent markets.
Should you have any follow-up questions, Don and I are available to you and we look forward to speaking with you next quarter. Thank you very much.
Ladies and gentlemen, thank you for participating in today's conference. This does conclude today's program. You may all disconnect. Everyone have a great day.