Earnings Call: Q4 2020

Feb 9, 2021

And gentlemen, thank you for standing by, and welcome to the 4th Quarter 2020 Rapid7 Earnings Conference Call. At this time, all participants are in a listen only mode. After the speakers' presentation, there will be a question and answer session. Please be advised that today's conference is being recorded. I will now hand the conference over to your speaker today, Sunil Shah, Vice President of Investor Relations. Thank you, operator, and good afternoon, everyone. We appreciate you joining us today to discuss Rapid7's 7's 4th quarter and full year 2020 financial and operating results in addition to our financial outlook for the Q1 and full fiscal year 2021. With me on the call today are Corey Thomas, our CEO and Jeff Kalowski, our CFO. We have distributed our earnings press release over the wire, and it is now posted on our website at investors. Rapid7.com, along with the updated company presentation and financial metrics filed. This call is being broadcast live via webcast. And following the call, an audio replay will be available at investors. Rapid7.com until February 16, 2021. During this call, we may make statements related to our business that are forward looking under federal securities laws. These statements are made pursuant to the Safe Harbor provisions of the Private Securities Litigation Reform Act of 1995 and include statements related to the company's positioning, Our future goals and financial guidance for the Q1 and full year 2021, the assumptions underlying such goals and guidance, including the anticipated impact of COVID-nineteen On our financial guidance, business, financial condition, results of operations and renewals and our assumptions on the pace of economic recovery in the global economy on our future results of operations and product strategy. These forward looking statements are based on our current expectations and beliefs and on information currently available to us. Actual outcomes and results may differ materially from the expectations contained in these statements due to a number of risks and uncertainties, including those contained in our most recent quarterly report on Form 10Q and in the subsequent report that will be filed with the SEC. The information provided on this conference call should be considered in light of such risks. Actual results and the timing of certain events may differ materially from the results or timing predicted or implied by such forward looking statements, and reported results should not be considered as an indication of future performance. Rapid7 does not assume any obligation to update the information presented on this conference call, Our commentary today will primarily be in non GAAP terms and reconciliations between our historical GAAP and non GAAP results and guidance can be found in today's earnings press release. At times, in our prepared remarks or in response to your questions, we may offer incremental metrics to provide greater insights into the dynamics Our business or our quarterly results. Please be advised that this additional detail may be one time in nature and we may or may not With that, I'd like to turn the call over to our CEO, Corey Thomas. Corey? Thank you, Sunil, and good afternoon, everyone. Thank you all for joining us today for our Q4 and full year 2020 earnings call. I am pleased to report that Rapid7 team delivered a strong finish to 2020 that exceeded our expectations across both Security Transformation Solutions and vulnerability management. Full year ARR growth of 28% to $433,000,000 demonstrates our ability to capture the large and growing opportunity as organizations transform their security operations for the cloud. Rapid7 remains steadfast in our effort to help customers advance securely into the cloud. To further this goal, we began 2021 by expanding and strengthening our cloud security offering with the recently announced acquisition of Allstate, which I will touch on in a moment. Looking back on 2020, I am proud of our team's resilience and commitment to serving our customers amidst a challenging year for many. I will begin today by sharing some insights on recent customer engagements that provide clarity and confidence to Rapid7's long term position and prospects. I will then touch briefly on our innovation focus and enduring goals before turning it to Jeff to detail our financial results and guidance. Over the last 10 months, we have seen organizations respond to unprecedented global disruption by accelerating digital transformation to cope with a more distributed cloud centric world. Enterprises and mid market businesses alike are overhauling their systems to build new cloud native applications to digitally engage with customers, Employees and partners, these investments are happening across industry lines in retail, manufacturing, education and healthcare to name a few. But in the midst of this massive increase in digital investment, Recent events in the cybersecurity landscape are a sobering reminder that digital risk has never been greater. These events put security squarely back in focus for Boards and management teams, solidifying security as a critical component of ongoing transformation investments. Even prior to these events, we saw an escalated security focus amongst our customers and prospects throughout 2020 as security was reprioritized alongside digital initiatives. During the Q4, we saw strong demand for our Insight platform products As customers look beyond investing to work from home enablement to an enduring set of initiatives tied to securing cloud and digital investments. One initiative is that customers expand their technology footprint. They are engaging with Rapid7 to upgrade their SOC with modern detection response to better monitor expanding threat vectors. This was the case for the existing Fortune 500 Retail customer was actively transforming their customer experience. They were challenged to consolidate risk visibility across an expanding footprint with an assortment of disconnected security technologies and services. Having a single trusted security partner that they could scale with spoke volumes to them. So this customer centralized their security architecture on the Insight platform by adding IDR alongside their existing InsightVM deployment. Because our cloud native offering and unified Insight Agent, this customer was actively monitoring within 2 weeks of purchase. This time to value is critical to our customer success in today's dynamic threat environment. During 2020, We saw IDR resonate with international customers in part for this reason. For example, in the Q4, we engaged with the international healthcare customer We're seeking improved threat visibility after experiencing a security event. This customer love the ease of getting IDR up and running along with the visibility it provided across their external attack surface. They also realized the platform value of a unified agent that both detects threats and monitors for vulnerabilities and as a result, purchase InsightVM at the same time. Another enduring security initiative is that as customers accelerate cloud investments, they are grappling with limited insights and are trying to Rapid7 for improved visibility and control in their cloud environment. During the Q4, we continue to see growing interest for our cloud security technology across both new and existing customers. A great example of this was a cloud security deal in the quarter with an existing Rapid7 technology customer. Upon evaluating DiviCloud, this customer recognized the power of its automation capabilities and adaptability for their environment, driving them to consolidate onto Rapid7 by replacing their existing cloud security offering. This deal resulted in a greater than tenfold increase in this customer's ARR. These deals clearly validate Rapid7's success and expanded beyond our vulnerability management roots to become a leading cloud native security operations company today. They demonstrate the increasingly strategic nature of Rapid7's best in suite approach to solving the full scope of our customer security operations challenges from VM to detection response, to cloud security and automation. The result is that once again we experienced Strong demand for our security transformation solutions in the quarter, which grew over 40% exiting the year. We expect continued momentum as we look ahead to 2021 and are excited about the opportunity to build upon this success. We remain focused on delivering an insight platform experience that combines market leading technology and platform value for differentiated customer experience. One great proof point is the early validation we saw in the Q4 with our attach motion. Specifically, we saw strong early customer demand for our capability to attach automation as an add on to other Incyte products purchases, driving a record quarter for InsightConnect. Coupled with the ongoing success of our network traffic analysis and enhanced endpoint telemetry modules, We see a compelling opportunity to drive deeper customer engagement on our Insight platform. A great example of this was a new manufacturing customer we signed in the quarter. This customer was looking to scale security operations and improve visibility in response to a breach. But managing desperate tools was a major pain point for them. They recognized that a single insight platform experience could improve coverage and make management significantly easier. They purchased InsightVM to remediate risk, Insight IVR with NTA to detect and respond to threats, and InsightConnect for automation across the platform. We remain early in our platform journey, We see tremendous opportunity ahead and we'll continue to evolve our bundling and packaging opportunities throughout 2021. We expect this will support durable growth in our ARR per customer, which ended the year at $44,500 Growth of 18% over the prior year. Turning now to innovation, Starting with the cloud, as companies migrate to the cloud, the influence of DevOps is critical to the process. Rapid7 is focused on delivering cloud security that sits at the intersection of dev and sec ops. So I'm excited to share more about our recently announced As developers rapidly adopt Kubernetes for freedom and flexibility in cloud native development, security must keep pace. Iosene's leading cloud workload protection platform is designed to enable organizations to innovate in the cloud without sacrificing security by providing Real time visibility, container runtime monitoring and threat detection. Adding Alfie's cloud workload protection To Rapid7's existing cloud posture management and cloud identity capabilities at DiviCloud positions us to deliver a market leading Cloud native security platform that delivers continuous security to our customers across multi cloud environments. The acquisition of IoT puts us another step forward in solving the security stakeholders' need to manage risk and compliance while meeting the DevOps teams where they are in the cloud. Shifting to vulnerability management. It is important to note that the cloud is not the only place today where customers lack visibility. As organizations asset footprint expand With OT and IoT connected devices, so too is the threat footprint. Security teams are increasingly responsible for protecting and managing risk in these environments, but often lack the visibility and controls to do so. Rapid7's recent strategic partnership with Kate Defense, a market leader in industrial cybersecurity And Medigate, a leading medical device security provider, provide our respective joint customers with a more holistic risk visibility and management across the digitally connected environments. These integrations will enable visibility to OT, IoT And medical device information directly in InsightVM, so the security teams can perform active scans to gain improved visibility into those environments. Wrapping up with a brief update on our goals. Last year, I shared 3 enduring goals for our business that remain core to our focus today as we look ahead. Our first goal is to be a leader in enabling customers to transform their security operations around the cloud. Over the past year, we have invested in our product capabilities and built a meaningful position in cloud security. We recognize that customer challenges in the cloud are multifaceted and during 2021, we will continue to innovate as our customers leverage our security transformation solutions to secure their digital experience. Our second goal is to accelerate our platform distribution engine. The early success we have seen with our evolving expand motion in 2020 validates our long term opportunity to expand ARR per customer. Over the coming year, we will continue to focus on lowering the barriers for our customers to more easily adopt a broader set of our best in class Insight Platform products and solutions. Finally, our third goal is to drive long term operating leverage while investing for growth. We're proud to have demonstrated strong execution and operational discipline this past year by maintaining profitability, while absorbing our largest ever acquisition and navigating a volatile macro environment. Moreover, We have done so while continuing to invest aggressively behind a large and compelling market opportunity, which positions us to continue driving durable growth as we focus on scaling free cash flow over the long term. In closing, I'm excited about the opportunity that lies ahead And we'd like to thank our entire Rapid17 for their ongoing efforts to make the best in security operations accessible to all. Before I turn the call over to our CFO, Jeff, I would like to take a moment to invite all of you to our upcoming virtual Investor Day to be held on the afternoon of March 10, 2021. If you have not yet received an invite, please reach out to our IR team. We hope you can attend. Thank you all. Jeff? Thanks, Corey, and good afternoon, everyone. Before I begin, a brief reminder Except for revenue, all financial results we will discuss today are non GAAP financial measures, unless otherwise stated. And reconciliations between our GAAP and non GAAP results can be found in today's earnings press release. We're pleased to report solid execution as Rapid7 delivered a strong finish to the Q4 and full year 2020. Total ending ARR of $432,900,000 grew 28% over the prior year as customers turned to Rapid7 to help solve their security And vulnerability management challenges. The strong reaction we see across our business fuels our confidence in continuing to invest for durable growth and margin expansion ahead. Full year revenue of $411,500,000 exceeded the high end of our guidance, growing 26% over the prior year. We experienced strong demand for our Insight platform products during the year, resulting in better than expected products revenue growth of 29% over the prior year to $382,900,000 As Corey shared earlier, we see the early stages of an enduring way for organizations to secure their growing cloud and digital investments. This is reflected in the success of our security transformation solutions, which once again grew over 40%, led by strong demand for our detection and response, cloud And automation offerings. Rapid7 is well positioned to help customers advance securely into the cloud with our Insight platform And we're investing to capture this high growth market opportunity. This is evident in our operating results as we reinvested top line over Back into the business, while still delivering operating profit at the top end of our guidance range of $2,000,000 for the full year. Our success in 2020 was once again driven by balanced contribution of business from both new and existing customers throughout the year, With our security transformation solutions representing over 50% of new ARR for the full year. We saw continued healthy growth in our customer base As we ended the year serving over 9,700 customers globally, a year over year increase of 8%. We also experienced great success expanding relationships with existing customers throughout the year as they leverage more of our VM and security transformation products to secure the growing digital footprint. As a result, we ended 2020 with ARR per customer of approximately $44,500 growth of 18% over the prior year. Turning to 4th quarter results. 4th quarter total revenue of $113,200,000 was above the high end of our guidance and grew 23% year over year, while products revenue 26% year over year to $104,400,000 Looking at the business geographically, North America revenue grew by 23% year over year and comprised 83% of total revenue for the 4th quarter, while rest of world grew by 26%, representing 17% of total revenue. Total gross margin for the 4th quarter was 73%, down slightly from the prior quarter Down from 75% a year ago, driven by a growing mix of our cloud based offerings. Sales and marketing expenses grew 22% year over year, reflecting continued investment in growth and improved to 44% of revenue in the quarter compared to 45% in the year ago period. R and D expenses grew 34% over the prior year and represented 20% of revenue, up slightly from 19% in Q4 2019 as we continue to invest in innovation. G and A expenses grew 12% and improved to 9% of revenue compared to 10% a year ago. 4th quarter operating loss of $700,000 was slightly better than the high end of our guidance range of $800,000 reflecting strong execution coupled with our focus on reinvesting top line outperformance to support durable growth and profit expansion ahead. Adjusted EBITDA for the Q4 was approximately $3,000,000 and net income per share was a loss of $0.07 Moving to our balance sheet and cash flows. We ended Q4 with cash, cash equivalents and investments of $322,600,000 compared to $331,400,000 at the end of Q3 2020. 4th quarter operating cash flow of $600,000 was better than expected driven by strong billings and collections activity in the quarter. As a result, full year operating cash flow of $4,900,000 exceeded our prior expectation of approximately breakeven. During 2020, we completed a significant portion of our facilities expansion projects, resulting in full year capital expenditures of $13,800,000 We also incurred $6,100,000 in capitalized software spend, resulting in full year 2020 free cash Well, of a loss of $15,000,000 a notable improvement for the prior year loss of $36,900,000 Shifting now to guidance for 2021. The strong demand we experienced during the second half of twenty twenty validates our thesis that organizations Of all sizes are undergoing digital transformation, driving the need to modernize their security architectures. As Customers lean into the cloud, they are leveraging Rapid7's best in suite insight platform to extend their security operations in the cloud. Looking ahead, we plan to continue investing behind our best in class security transformation and vulnerability management offerings in 2021 to provide enhanced monitoring, automation and cloud security capabilities to our customers. Given these trends, We see a compelling opportunity to drive durable growth in 2021, but recognize that some magnitude of pandemic induced economic risk remains due to an uncertain resolution timeframe. As a result, in framing our initial expectations for 2021, we are balancing long term optimism for our business with ongoing near term global health challenges. With that framework in mind, let me start by sharing our Full year expectations. For the full year 2021, we expect to deliver total ARR growth of approximately 20%. We will aim to share relevant updates to this expectation as we gain increased visibility to a more broad based resolution of the pandemic likely during the second half of the year. We anticipate total revenue for the year to be in the range of $488,000,000 to $496,000,000 representing approximately 20% growth at the midpoint. We expect non GAAP operating income to be in the range of $12,000,000 to $16,000,000 for the full year. This reflects ongoing investments in growth and innovation, while still delivering on our growth and profitability framework. As is our typical approach, we expect to reinvest any upside back into the business to support our long term objectives. Before I provide non GAAP EPS guidance, a brief aside on the updated accounting standard, ASU 2020-six issued in mid-twenty 20 and related to the accounting for convertible debt instruments. The updated standard changes the way that convertible debt is accounted for, among other things requiring the use of the if converted method for diluted EPS calculations. We intend to early adopt this standard on a modified retrospective basis as of the start of our new fiscal year beginning January 1, 2021. The updated standard will have the effect of reducing our GAAP net interest expense on our income statement. It will have no impact on our reported non GAAP net income. Based on our current expectations, the if converted method is not dilutive to non GAAP EPS for the full year 2021. So at this time, we do not expect adoption of this standard to impact our non GAAP diluted EPS calculation for the full year 2021. The updated standard will also result in an increase to the carrying value of our convertible debt on our balance sheet to the principal value less any unamortized debt issuance Costs with an offsetting decrease to stockholders' equity. The standard will have no impact on our cash flow from operations. With that, turning back to guidance, we anticipate non GAAP net income per share for the full year to be in the range of a loss of $0.03 to a positive $0.04 per share, which is based on an estimated 53,500,000 basic $56,400,000 diluted weighted average shares outstanding. With our major facilities expansion investments now behind us, our focus turns to scaling positive free cash flow over the long term as we invest for durable growth in our business. For the full year 2021, we expect to generate free cash flow of approximately $10,000,000 As a reminder, we define free cash flow as cash flow from operations plus capital expenditures and capitalized internal use software costs. Moving to quarterly guidance. For the Q1 of 2021, We anticipate total revenue to be in the range of $113,200,000 to $114,800,000 growth of 20% to 22%. We anticipate non GAAP operating income for the Q1 to be in the range of a loss of $700,000 to positive $300,000 And non GAAP net income per share to be in the range of a loss of $0.08 to a loss of $0.06 which is based on an anticipated 52,500,000 basic weighted average shares outstanding. Note that our Q1 and full year 2021 guidance includes In conclusion, as we enter 2021, we remain excited about our opportunity to drive durable growth, While scaling profitability and cash flow over long term as we work to make the best in security operations accessible to all. With that, we appreciate your Time and support, and we'll now open the call for any questions. Operator? Thank you. Please standby while we compile the Q and A roster. Our first question comes from Saket Kalia with Barclays. Your question please. Hey guys, thanks for taking my questions here. How are you? Doing well. Good to hear with you. Yes, same here. Hey, Corey, maybe first for you. You touched on this a little bit in the prepared remarks, But can you just talk about what customers that you speak with are saying post SolarWinds breach On the importance of vulnerability management? And maybe relatedly, talk about how this impacts other parts Of Rapid7's portfolio like SIEM and application security? No, it's a great question. So we've been spending a lot of time, as you can imagine, trying to understand how our customers see the world post the breaches that happened at the end of last year. I think there's a couple of key observations. The first and probably the most important is that security is back in the forefront of Board's and management teams' Which I actually think bodes well for sort of long term demand and long term focus. The second thing, as you can imagine, directly to your question Around vulnerability management is that most of the people that we're talking to see vulnerability management and the visibility around it as Strategic. The thing that they're also very aware of though is that it's not just identifying having the visibility into the vulnerabilities, you also have to remediate them. That's a long term task. And so they're focused on that and they're looking at how they do that. In relation to the other part of your question, what we're seeing very, very clearly is just as people see visibility and vulnerability They're seeing detection and response as a hot urgent need right now. So the question is, do I actually have attackers in my environment right now? And so what we see is an acceleration and a sense of urgency around detection and response. So when you think about our broader portfolio Is digital transformation is clearly driving both cloud and frankly all of SecOps. The recent attacks is driving high urgency, especially in The time period that we're in now around do I have attackers in my environment and detection and response. And then people are thinking about the fundamentals of how they manage their cybersecurity, Which bodes well for the long term health of vulnerability management overall. Got it. Got it. That's helpful. Jeff, maybe for my follow-up for you, maybe just on the cost and margin side, can you just talk about how you're thinking about travel and Office related costs coming back in 2021. You talked about sort of balancing some views including kind of the pandemic through the year. And maybe as part of that, just broadly remind us how you think about that growth and margin formula long term. Does that all make sense? Sure, sure. It's a good question. So look, in the first half, we're not expecting any significant increase In our travel, it's very much a wait and see attitude just to see how the pandemic plays out. We would expect that in the second half, Those costs would gradually increase. But look, we're really dependent on what we see with COVID. So To the extent that it's very favorable, then we'll increase travel and increase those expenses. And I would expect most companies are looking at it the same way. With respect to our growth and profitability framework, I want to reiterate our framework that we've been talking about. So In our growth ranges, we do expect modest leverage. If we're in 20% to 25%, we would expect that we would Increased leverage in the 2% to 3% range. If it's 25% to 30%, 1% to 2%, and it's over 30%, would be less. I will point out that as Corey mentioned, we are planning an Analyst Day on March 10 and we'll do a much deeper dive into our long term margins at that Look forward to it. Thanks guys. Thanks. Thank you. Thank you. Our next question comes from Matt Hedberg with RBC Capital Markets. Your question please. Sure. Hey, thanks for taking my question guys. Jeff, 2020, in your deck, you talked about 28% ARR growth was really a combination of 8% growth in customers And 18% ARR expansion. As you look to the 2021 guide at a starting point of 20%. How do you think of the components of those, I guess, both on the new customer side, And maybe a little bit more on the churn aspect of the story as well. Yes. So With respect to the ARR per customer, we have multiple levers. I mean, it's really, as you know, growth in customers Growth in the ARR per customer. So we have ARR from brand new customers. We have upsells and cross sells. And this year, all three elements grew and contributed to that both new, upsell and cross sell. It is a healthy balance. Historically, it's been sort of a fifty-fifty mix from ARR for brand new customers And from the base, with the pandemic, it's probably leaned a little bit more towards the base. This year, it was 18% I'm sorry, 8% customer growth and 18% ARR per customer. Those two levers drove about a 28% Overall ARR growth. So with respect to 2021, we would expect the same healthy mix. It's difficult to predict exactly those percentages, Well, I think you can look at on the customer growth, you can look at sort of those levels to continue. With respect to churn, I think our churn rates are healthy. Our retention rates are healthy. So we don't see Any trend there that would alter that, right now all the trends are positive. Yes. And just to follow-up on, Jeff, we expect to see balance. What I would say is that with the momentum that we're seeing overall on the platform side, I would expect a slight Shift potentially in the ARR per customer on the balance side of the equation just because we're really building our customer brand and we're seeing good response from customers. Well, that's great, Corey. And actually, it does tell to my second question. It was great to hear you talk about DiviCloud this quarter. Obviously, that's It could be a material driver of ARR per customer. How do you think about where are we at right now in sort of the messaging? Obviously, you called out the nice win, but just is there other things that you guys can do to draw Because it seems like that's obviously a material driver that could represent some upside here at some point. Yes. So just for where we are, as you think about as we exited last year, we have really started the process of having DiviCloud accessible to the broader This year, you can expect it to be more fully into especially our enterprise sales force. I think you think about a larger team selling DiviCloud And also reflected in our partner organizations, because we have a growing business that actually is very healthy, one of the partners. And so that's a big focus area. So, One way to think about it is that DiviCloud has gotten great customer feedback, great adoption, and we're steadily increasing the distribution, But in a way and in a pace to make sure that we're onboarding customers in a successful way. Thanks a lot. Congrats on a strong close to the year. Thank you very much. Thank you. And our next question comes from Ryan Essex with Goldman Sachs. Your line is open. Great. Thank you very much and thank you for taking the question. Maybe Corey, you mentioned in your prepared remarks, You talked about enterprises looking beyond work from home and toward cloud security. And then in response to Saket's question, you mentioned I think that VM was becoming strategic. Where do you feel as though VM is with regard to spending priorities within your customers' budgets? And can you put some context around How this kind of shift in mindset would affect the priorities? Yes. So you mean specifically VM? Yes. Well, VM and then the VMs has a broader platform as well. Yes, no, absolutely. So I think one way to think about it is VM is strategic, But the benefits of it are long term oriented. And so what you're seeing is that people planning around VM, you see some uptake, But it doesn't have the same urgency as we actually see in areas like detection and response and cloud and even some of the automation stuff where we saw higher urgency as people are building out their stocks. That said, we expect continued healthy growth in the vulnerability management We're continuing to see growth and expansion in probability management. But in general, it does not have the same level of urgency And some other parts of our security operations solutions. Understood. That's helpful. Maybe to follow-up, you also referenced New manufacturing customer looking to scale their security operations and the management disparate tools is a pain point for them. Could you provide a little bit more Tayo around what they were using and what the opportunity was that you addressed and who you might have displaced there? Yes. So we don't typically comment on competitors. It's not our style. But I would say what they were trying to really do was to think about how they upscale their entire security operations infrastructure. And what we're finding more broadly is more and more both our customers and even new customers, which is a little bit of a surprise to me, are starting to think more holistically About how they build out a more robust security program and practice. Got it. And maybe was this win because you had a broader Or was it the quality of the technology? How would you kind of frame that? All of the above. I mean, 1st and foremost, We believe deeply that the only way for us to win is to actually be best in class in what we do. So we have a strategy of best in class technologies and solutions On a common platform that provides accessibility and ease of use. And we find that's the winning solution. If you give customers a best in class technology That's one of the top 2 in its field. And you actually say you have our common platform that focuses on your productivity and ease of use, That's a consistent winner, and we're seeing that message resonate more and more. Super helpful. Thank you so much, and congrats on the results. Thank you. Our next question comes from Jonathan Ho with William Blair. Your question please. Hi, good afternoon. I just wanted to maybe start out with what you're seeing in the DevOps environment and also particularly around cloud container. Yes. What can, I guess, the Alcida acquisition add to your portfolio? And how quickly is that market growing now? Like have you seen some sort of inflection or Some sort of increased investment over the past year. Thanks. It's a great question because cloud is moving fast as you can well imagine. And so if you think about our platform, we're focused on holistic cloud security. We want to be hands down the same thing that we do for security operations, about helping people have visibility, Helping people analyze their risk infrastructure and helping people automate the containment and the security of their infrastructure is our goal for the cloud environment. Now cloud has a slightly higher focus on both automation, because that fits more with the dev op approach to doing things And I think there's slightly higher approach to protection, because that's more consistent with what you actually need in a cloud environment. And so that's our focus as we actually think about the evolution. The big change in the last year, you think about why Owl Seed was so relevant, is we have seen a shift in containers where you see a bigger pickup Around and momentum around Kubernetes specifically. And so we believe that general container security is absolutely essential and important, But we are seeing lots of people, as they really think about scaling into the cloud and frankly scaling their cloud and container investments, take a Kubernetes centric approach, We're seeing that both in our customers and in the broader overall market. As far as what Alsea specifically does, it actually gives us a couple of different capabilities. It's one, it gives us both enhanced visibility. You can think about that aligning tightly around Our overall cloud security posture management, but think about doing that for Kubernetes, but it also provides both great analytics capabilities And protection capabilities that really helps us think about how do we secure the Kubernetes environment in the cloud. Got it. And then you talked about making it easier for customers to buy multiple products. What are the some of the initiatives that you're targeting that can maybe reduce Yes, it's a great question. So it's a big area of focus for us. So there's a couple of different ways that we're actually approaching sort of reducing friction overall. The first thing is, as you can imagine, just making the packaging and pricing simpler About how you actually remove a barrier that you can for pricing and packaging. And you saw some of my commentary in some of the prepared remarks about how some of those approaches, Even though they're early or paying early dividends. And so we're quite optimistic about going along that path. But the second aspect, which is frankly more important is how do we actually instantiate that in product And so we're really making heavy investments in the platform team that allow people to actually pivot from one solution to another solution in context What they're doing and then be able to select the ability to be able to build for that appropriately over time. That is an investment not just in the technology itself, but also in the infrastructure That supports the dynamic usage and the billing of that over time. Those are two things that we're really focused on heavily that allows our customers to get the value that they need when they need it without having to make lots of decisions upfront about what Solutions they're going to face in the future. If you think about security, it's a problem that you don't necessarily know when you start a year, what your problem is going to be. And so what we want customers to be able is to as they actually either have changed their priorities or have to tackle different problems, we want to be fast and dynamic to actually deploy Rapid7 Our next question comes from Adam Tindle with Raymond James. Your question please. Okay, thanks. Good afternoon. I just wanted to ask, I think you mentioned that Security Transformation Solutions were 50% of new ARR. I'm wondering if I'm wondering, are they hitting S curves and driving the profitability that's implied in 2021 because you're going to add a Similar amount of new ARR next year, but much healthier profitability profile. So wondering if they're hitting some S curves on profitability. Yes. So I'll take the initial one, but I may tag team with Jeff about sort of like the total. So one way to think about security transformation So we see it as providing durable growth. And so our expectation internally is that it's going to provide our focus Is sustained growth of over 40%. We saw that last year. Our hope and our expectation is to see that continue over the course of this year. And of course, we actually expect the margins to improve on that as it continues to scale. We tend to manage things in a pretty, as you would expect, Operationally, such a way, as things we're happy to make investments early on for high dividends in the future. But as things scale, we expect the margins to improve. Now I know it's a little bit trickier because we have different things at different stages of evolution. But what I would say in general is Security Transformation Solutions It has a good growth profile. It's a reasonable share of both new and total ARR and it actually continues the high growth pile that we actually laid out And over 40% last year, 40% this year, and the margins on that continue to improve as we scale, which probably is reflected in our broader margins continuing with actually scaling over time. Ed, I think your question was what percent of the total ARR is security transformation products. It's over a third and growing rapidly, still over a third, becoming a greater percentage of the mix each quarter. Okay. That's helpful. Maybe just a quick clarification on the back of it. Jeff, you had mentioned just mechanically that Jason, on the back of it, Jeff, you had mentioned just mechanically that in the back half of twenty twenty one that costs are going to increase because T and E comes back, which is Understandable. But if I look at the income from operations guidance, it looks second half weighted or at least Q2, Q3, Q4 based on Q1 guidance, what am I missing there? The costs are coming back, but the EBIT is going to expand. What are the offsets for When costs come back? Well, excuse me, we have higher revenues Over the course of the remainder of the year, higher margin that's offsetting the OpEx increase over the course of the year. So Q1, we have some front loaded marketing expenses and then we get more profitable as the year progresses. That's pretty much consistent with prior years. Got it. That's helpful. Congrats on 2020. Thank you. Thank you. Our next question comes from Rob Owens with Piper Sandler. Your line is open. Great. Thanks for taking my question. Corey, you mentioned, I think, in the Q and A around strategic prioritization of VM And how it's taken a backseat historically. But when you do see opportunities on that side of the business, is this a function of the formalization The programs, replacement opportunities, expansions of existing, kind of all of the above. Maybe you can walk us through where you're seeing traction on that front. I'd say it's a great question. I'd say it's a great question. I think it's been pretty consistent. So we still see the maturing of the international market. We still see opportunities there. And that's also true, I'd argue, of the mid market where we see return. When you think about the larger enterprises, I would think about that as upgrading the program and the capabilities, by and large. You'll see this in Greenfield, but it's a heavy focus on upgrading the capabilities And maturing what they actually have in place from a vulnerability management side of the equation. And you still run into much Open source, is your upgrading those capabilities? Or is it kind of the vendors we all know that you'd be competing against? I would say it's primarily the business that we all know. In some cases, you do see things like Nessus out there And people are thinking about sort of like how to upgrade and sort of provide a more enterprise wide vulnerability management solution. But there's still lots of the leg. Secondly, I would say, There's still some legacy vulnerability management solutions out there, to stop traction in enterprise. It's changed steadily, but that still exists. Sure. And then, Jeff, on the retention rates, as we've seen that trend down, when should that start to move the other way, Rob, your question is on the 103%. Is that what you're asking about? The 103 and when we should start to see that move the other way, if at all? And I know there's a lot of different puts and takes to that number. Yes. So a couple of points on that. First off, as you know, we don't manage to that metric, the 103%. When our mix shift towards more security transformation products versus VM, there's less upsell, but we get higher ARR because they're Buying more of their environment upfront. If things change with the cloud and there's more Upsells over the course of the year, that number could tick up. But right now, we're not managing it to it. We're not managing to it. Our key metric is ARR and ARR per customer. That's really what we're managing to. Great. Thank you, guys. Thank you, Rob. Thank you. Our next question comes from Greg Moskowitz with Mizuho. Your question please. Okay. Thank you. Thanks for taking the question. So Corey, it doesn't sound as though you're embedding anything in your guidance. Just curious how you're thinking about the potential of the Solar Yes. So I'm going to repeat the question because I think the question is, do I anticipate the SolarWinds reach changing our product strategy In 2021. And I would say no, because we were heavily focused on maybe some of the areas that are most relevant to the SolarWinds Breach, if you think about some of the big priorities that I talked about before is detection response, vulnerability management, automation helps people actually get more done faster. We happen to have been in a good spot where lots of the strategy and the solutions that we deliver are highly resonant with what people need to mature their solutions Okay. Thanks, Corey. And then just as a follow-up, so you've announced 2 cloud security acquisitions over the past 9 months Covering CSPN and workload protection, you've also introduced an infrastructure entitlement solution. So how would you now assess your cloud Security product portfolio and then also are you still looking to add cloud security capabilities via M and A? So one is the backdrop is cloud security is both a rapidly evolving And it's also a market that is actually getting lots of attention, and it's a big priority for customers as they think about their digital That's it. I think we have one of the most complete robust cloud solutions in the market Non stop. And we're continuing to invest in that organically in house, as the market changes and evolves. So typical to anything else, we don't have Plans or needs to actually go out and acquire stuff. But that said, we have a very robust cloud security roadmap to tackle all the challenges that we see customers Happy in cloud security. And what's wonderful is our customers keep giving us feedback about the challenges they're facing, which is an opportunity for us to extend what I think There's a growing leadership position there. Now there's occasions where we'll see something as strategic, and it's a reasonable acceleration, And it has a reasonable return and a reasonable time frame, and we may make a strategic acquisition similar to what we did with Divvy or with Alcide. But right now, I think we have one of the leading overall cloud security solutions in the market. Very helpful. Thank you. Thank you. Thank you. Our next question comes from Hamzah Fodderwala with Morgan Stanley. Your question please. Hey guys, thank you for taking my questions and nice job on the results. So just A question around sort of guidance. I know you're focused on selling the broader portfolio of solutions. But To the extent that you could maybe give any color around what's embedded in terms of VM versus Security transformation growth, I mean this year we saw the security transformation bundle grow twice the growth rate of VM, right? Should we expect that sort of mix to continue in 2021? Yes. I would say based on current again, We are planning a very we're taking a very long term approach. So we think our entire portfolio is relevant and we think VM is relevant. That's it. Based on current market demand is that we expect higher growth in security transformation solutions, and we will still be growing vulnerability management. I think the good position that we're in is that because we have multiple offerings and solutions On a common platform, we get to move where the customers' needs are highest at any moment in time. And sometimes it's going to be cloud, sometimes it's going to be text and response, Right now, you see a higher urgency around both incident detection and response And cloud security. And so relatively, you'll see higher growth in security transformation solutions versus VM, but we still expect healthy growth in VM this year, And we expect that to move forward. And then just on the Alcine acquisition, any color you can give us on sort of what the Revenue run rate on that was prior to acquisition. I know it's not there's no material assumption better in your guidance, but any color you can give us there? It wasn't material, as we said overall. And so it allows us to actually accelerate our cloud security initiative, But the revenue wasn't material. Okay. Thank you. Thank you. Thank you. Our next question comes from Alex Henderson with Needham. Your question please. Thank you. Just a couple of clarifications if we could. Could you talk about whether your ARR per new customer is higher than the average of 44 Is that I mean, it sounds like you're getting more upfront and that ultimately could drive A higher number on the ARR for new customers right off the bat. Is that right? Yes. We don't disclose the specific ARR per new customer, Alex, but generally, a brand new customer, Historically, it has been lower than the overall, but with the mix shift, it is increasing. ASPs have gone up Across the board, but we don't disclose the specifics. Yes. I was just going to say more broadly, Alex, is that we don't really focus on the Timing of the customer journey. Now we may have some customers that are starting to actually cover more of their environment upfront and look for larger things. I'll say that's not a strategy. What we're really focused on is how do we actually grow the relationship and the impact that Rapid7 has with the customer over time. But we're indifferent whether they start big and sustain or whether they start small and grow over time. We're just looking at how do we become the strategic place for them to manage their security operations. It sounds like you're seeing larger deal sizes upfront and more upsell Upfront, can you talk about whether you've seen an expansion and acceleration in your pipeline? It sounds like your pipeline has accelerated. And if there's any change in the amount of time it takes to close a deal, just a couple of the key metrics around that would be really helpful. So there's several different things that are driving some of the trends that you're alluding to there. One is keep in mind is things like IDR, You have to cover your retirement environment upfront versus VM where you may have started with 20%, 30% of your environment and then you would fail at all time. So just the shift in detection and response and the growth of that Business and Security Transformation Solutions causes a higher amount of the environment to actually be covered. Of course. The second thing you also alluded to is we're in the very early stages of starting to see customers really think about buying Strategically, the entire security program. That said, I'm not quite sure that's a trend that we need to continue because it's however they get there. We want the customers to Get there at the pace that they're looking that they're looking to evolve and move their security program over And so those are 2, Alan. And then you have one more, Alex. What was the last question? Yes. Is there any change in the amount of time it takes to From start to close on the deal transaction, is your deal timeline holding study? Yes. I would say on average, it's probably holding. I would say it's a little bit tricky, because last year there was just lots of starts and stops That or more to do with COVID. So my take is I'm not extrapolating any of the sort of like 9 months of last year as Permanent trends, because there was just a huge COVID effect, and also the SolarWinds effect, that you actually had there, the underlying helper. And so I would say that it's fairly consistent, but there's no trends that I can extrapolate right now. Okay. Thank you very much for your answers. Thank you very much. Thank you. Our next question is from Joshua Tilton with Berenberg. Your question please. Yes, hi guys. Thanks for taking my questions. Just first, could you guys talk about the pace of net customer additions going Next year, maybe what's baked in today or our guide that you gave today? Do you expect that number to continue to improve in 2021? Or do you guys kind of expecting it to stay flat? Yes, I mean, so Jeff and I can tag team. I would say in general when you think about our ARR guidance, It is a mix of ARR per customer and sort of like net customer expansion. We expect both of them to actually be positive. We do think on balance this year, we'll see a slightly higher contribution in the ARR per customer. And that's just the growth of the platform and the demand and some of the That we're actually seeing. That's not necessarily a permanent thing. This is sort of the assessment today, and it's not something that we're actually managing to. Yes. I mean, we're not going to give a specific growth rate on the new customer growth, but what we said earlier is that you can look at the trends In that zip code of where we are now, and it is a balance of ARR per customer and the customer growth. If you want to know how we manage our sales force, we just right now we're just saying go where the customers demand is. We're not adding any specific restrictions on it in this environment, we're saying like go where customers need you where we can be helpful. Got it. And then I know you got a lot of questions tonight about the VM business. Just maybe one more for me. Is there any way you could just kind of ballpark what you expect that business to grow in 2021? And then maybe how does that compare to what you guys Seeing the overall VM market grow at in 2021? So I commented earlier that We are seeing VM part of strategic conversations. And we'll continue to see growth in VM, but just not at the same pace The much higher growth of Security Transformation Solutions. That said, if I had to ballpark it, I would put in the plus or minus 10% range. And the way to think about that is, Last year, we gave some estimates about what we saw, and the overall economy was better, and it performed slightly better than expected. But that's what we see right now in terms of customer prioritization urgency more than anything else. Again, our view is that right now customers are looking at VM as a strategic long term objective. We have higher urgency around some of the efforts around security transformation and specifically detection and response in cloud, but we expect that to continue to be a long term driver of growth. Thanks. And just if I could sneak one more in. I know it's early for Alcyte, but any expectations for the uplift in customer ASP would be if they went and bought this product? No, it's too early to comment on that right now. All right. Thanks guys. Thank you very much. Thank you. And I'm not showing any further questions in the queue. I would like to turn the call back to Corey Thomas for his final remarks. Well, I just want to thank all of you for joining us this evening on our earnings call. And I would like to reiterate that we would love to see you on our Ladies and gentlemen, thank you for your participation in today's program. You may now disconnect.