Good morning, everyone. Thank you for joining us. My name is Brian Essex. I cover mid-cap and large-cap software for JP Morgan, and I'm excited to have Rapid7 with me today. To my right, we have Corey Thomas, the CEO of the company, and then to his right, we have Rafe Brown, the company's new CFO. Corey, Rafe, thank you so much for joining us. Appreciate it.
Thank you for having us.
Thank you for having us.
Yeah. Maybe to start, Corey, if you can help me maybe frame out your perspective on the shift in the environment, the threat environment that we've seen over the past six months or so, and how that's impacting your business just overall?
Yeah, look, I think that, if you go back, attackers have been adopting AI technology. You've seen attacks move from low and slow to much faster. That's having customers in the detection and response space do, frankly, fast cycle upgrades of their capabilities. It's the bottom line is that they're looking for how do they get more coverage, faster response, faster detection, and better scale. Lots of them are starting to actually move beyond just traditional SIEM. It's been a bit of a tailwind for the MDR players, but it's also been a bit of a pressure point to actually cover more of the environment at lower cost.
One of the entrances actually come in is what we call the AI SOC players, where they're really focused on using AI to actually detect and monitor the environment. We acquired an AI SOC player in the past couple of months to actually deliver the capability, because it really does matter, the speed and scale matters. That's a big change in the environment overall. That's how it's impacting the market. The other one that you can't miss is sort of like Mythos and the impact on the exposure management market, where it's essentially vulnerability discovery on steroids. The pace of vulnerability discovery is actually now happening at a, maybe exponential is not the right way, but a very accelerated rate.
Probably exponential.
It's probably exponential. We don't know yet. The government's holding lots of the stuff back.
Yeah.
It's somewhere between hyper-accelerated to exponential overall. It also has lots of noise. It's catalyzed a reinvigorated interest in exposure management and how you actually separate out vulnerability possibility from vulnerabilities that are exploitable in the overall environment. How do you actually have active remediation in the environment? How do you have active containment in the environment? Which is nice because that's been a re-categorization of customer interest for something that was trending down in priority on exposure management to actually really accelerating it back towards the must-have critical focus areas necessarily. Those are the two bigger dynamics that are happening right now.
I thought it was really interesting, one of my takeaways from this week, as well as recent earnings in general, is just maybe a vulnerability renaissance, if you will.
Yeah. Absolutely.
I mean, Cognizant calling it out, Check Point this morning calling out, well, exposure management.
Yep
in part vulnerability management.
Exactly.
Tenable certainly flagging that. Your commentary as well. Maybe to add to that, it seems as though, based on industry conversations I've had over the past month or so, CIOs are freaking out a little bit about-
CIOs are definitely freaking out.
current environment.
That's why I said like the inbound and interest has been amazing, at the same time as people are trying to figure it out. Remember, the model, well, OpenAI was a bit more liberal. We're part of their disclosure, we're part of their trusted access program.
Right.
To be fair, Anthropic tends to be more open. They have some restrictions on how broadly they can actually make it available.
Yeah.
Lots of CSOs are trying to figure out, like, "All right, what's the extent?" CSOs are having their own freak out money about they're preparing for the tsunami.
We're spending lots of time talking about how they'll deal with and manage the significant influx that's expected of vulnerabilities. Again, it's made the vulnerability discussion a much more strategic discussion than it was two months ago, even.
Yeah. How does that convert to an impact on your business? I mean.
Yeah
Recently you've split things up into core and non-core, I guess.
Exposure and core, I mean, it's a hit when the core. It's still, it's in core. Core is a growing business overall. The top thing we know how to actually grow and accelerate and have great growth in the DNR space. Like, that's not a mystery.
We know how to do it. The only mystery that we were solving was how to do it at the right profit margins that we actually wanted. We think that our internal investments with our acquisition have actually tackled that profit margin challenge. We're very excited about the growth potential there. We had exposure, which was a headwind, which was two pieces to the headwind. As part of it, our historical mid-market customer base was not sort of like a growth-oriented customer base for that. The other one was that exposure management just had been dwindling in the priority stack.
Yeah.
This escalates up the priority stack. It creates new demand drivers for people to actually look beyond what's good enough. Now they're looking at things that frankly fall down what we consider our sweet spot is understanding exploitability, managing remediation at scale, and some things we have to invest in, which our team's doing organically, is how do we actually make it faster for people to respond?
Yeah.
Those are the areas that we actually think are catalysts. As far as timeframe is, I think people are still in the stage where they're trying to understand the significance and the impact.
We're not looking at this as sort of like a next quarter timeframe, because right now customers are just trying to come in and say, like, "All right, how big is the impact? What can you do for me?" They're planning for it. This has flipped around to a potential upside to the exposure management business, and then we're just trying to figure out, all right, how sustainable is the catalyst?
Yeah. Any visibility in terms of how they're shifting priorities within the budgets? I know it's always been, I don't know, I've done surveys in the past and others have as well, and it's always been endpoint network identity have been the top three. Maybe you put data security up there.
Yeah. Monitoring's been up there.
Yeah.
I think the monitoring's been top, because people have to monitor the environments, I think that exposure's not been top three or four or five.
How has the most recent environment maybe shifted how they're thinking about changing the prioritization within their budgets?
We'll see if it ends up being true or not. Look, in some perverse ways, CISO love public things because it gives them an excuse to ask for extra money without having to make the trade-off things.
Yeah.
A number of them are planning to actually go out and harass people like Rafe and be like.
Yeah.
You know what? This is a global crisis. I need to actually do it. We'll see whether that actually works or not.
Yeah.
or what it deprioritizes along the way. A number of the CISOs are trying to scope it to actually figure out, like, okay, when the White House is involved and other people, it's framed as a global crisis.
Right
I can get extra money for this.
Right.
That's what we're seeing in a number of people. We'll see whether that lands or not.
That brings me to maybe an adjacent point, where it seems like in the spending environment you've had IT budgets where security might be a subset of that. You've had AI budgets where your chief marketing officer may be pursuing an agentic coding project for an application to help him penetrate his markets, and he has to secure that. In some cases, I think CISOs are saying, "Well, I'll run it for you, but you pay for it.
Yep.
You've got incident budget.
Yeah
which is a little bit extra. What are you seeing in terms of access to each of those segments of spend within your customers, and is there maybe an acceleration point if you get incident budget spend across your platforms?
It's clear that customers are looking to get incremental budget across. I actually think that that's where. Look, security budgets have been tightening, and just to be clear, tightening is it's not declining. It's that what we hear across is they have to do more with less incremental spend. It would be unfair to say that these security budgets have been shrinking. They haven't been shrinking. They've not been expanding.
Yeah.
Security teams, we're used to expanding budgets because a lot of their mandate is uncovered. They were trying to figure out how to tackle the uncovered mandate. Now they've been asked to actually do more with less.
In this environment, the incident budget, I think people are hoping that it can be more incremental spend.
Right. Maybe to kind of pivot on that, too, I think, Corey, you explained three primary modes of the business. Cost efficiency at scale, exploitability context, trusted autonomous response.
Yeah.
How do we think about, maybe two things. One, how does Rapid7 win head-to-head against larger platform players? Second is how durable is the moat around your business? I think a lot of investors looking at vulnerability management and seeing that those.
can not only identify vulnerabilities but engineer exploits and patch vulnerabilities. They're extrapolating the speed of innovation that we're seeing on those platforms to some kind of a terminal impact to particularly vulnerability management exposed vendors. How would you explain, one, the moats you currently have around your business, and then two, the durability of those moats longer term?
Yeah. I'll invert it a little bit because I'll answer the question around.
Sure.
Me, because it's important to understand exactly what it is, and then this will go to the durability and how we actually think about it. One, it is vulnerability discovery at scale. It's incredibly powerful. It's incredibly cost-effective, overall. Just to be clear about what it would mean to actually do vulnerability management at scale, it would mean running Mythos or some version of Claude across your whole environment.
Typically, when you run things generically across your environment, you want them to be self-contained and tightly controlled.
The idea of having a general AI run rampant across your environment is not actually practical for most organizations.
Right.
It's not wise for almost any organization. By the way, Anthropic would say that, I mean, I don't know how many have it, but if you go log into Claude Coworker right now, they say explicitly, "You can autorun all the instructions. You should not do this." That's not going to change anytime soon. Even minor errors can cause catastrophic damage. They don't recommend it either. They're not suggesting it's an extrapolation without mirror is what I would just say.
It is something that would be both dangerous and something that neither OpenAI or Anthropic suggest that you should actually do. That vector about running it rampantly across the environment and having it do the operational things, you want things that are operational to be tightly controlled and well-managed. That's just to be clear about that. Let's actually get to what the actual core modes are. Let's just zoom out. The simplest mode in the world is that customers want people that are just going to take the tassel off of security. Our goal is to actually be the number one security AI outsourcer. We want to actually use technology to actually allow people to run and scale their security operations program. People are hungry for that.
It requires both technology, it requires the use of AI and technology, and it also requires deep services expertise. We are one of the few players who have, at scale, established service expertise, leveraging technology, increasingly leveraging AI, and people want to actually get a great outcome of security management at lower cost. Just to be clear, our whole mission and ambition is a moat in and of itself. It's that most organizations are not actually marrying the best of services with the best of AI in a technology infrastructure that lowers people's costs over time. That's one. Now, when you actually get to, and I think your question as it regards to the moat around the general frontier models, because I think there's a different moat in security versus the frontier models.
On the frontier models, the reason that we think that it's a misunderstanding of it is that there's a couple of things. One is that we're deciding to actually run and allow people to have an outsourced centric AI security program at scale, cost-effectively. The frontier models aren't designed to actually do that cost-effective. In fact, we use lots of the frontier models, and half of what we're actually doing is adding deep knowledge and context and actually making things cheaper and more efficiently where it doesn't make sense to use a model for something because it's inefficient from a cost perspective. The second thing is our technology runs rampant in customers' environments, we have to actually do that safely and securely.
The second piece of the equation that we actually heavily focus on is, how do you actually use AI at scale across customers' environments safely and securely? The third thing which ties into it is that increasingly, people have to respond in machine time to both exposures and to incidents. We're building a framework that allows sort of like, yes, it leverages AI, but it's not just AI, safe response. The third thing, it's an incredibly complicated, complex world, is there's not a world where we can just trust just technology for cybersecurity. We're building the people and the expertise to actually, and we already have it today, we're doing this at scale today, to actually augment the technology. They're providing knowledge, insight, and depth, but they're also hand-holding customers through incidents.
They're dealing with the politics in our customers' environments about where to prioritize their security, defense, and spending. They're helping people with their remediation. They're actually talking to management teams. When people are outsourcing a business, because security has issues along the way, you can't just be like, "Oh, I'm the CISO. I outsourced it to a company that's just AI, and I have a crisis, is I can go through a chatbot." People actually want to actually, and they actually do need to actually do it because it's complex. You have to engage with incident responders. You have to engage with lawyers. You have different compliance regimes across the world. People do matter there. We're scaling the people in an order of magnitude better than we've actually ever done before, but that matters.
Great. That's helpful. Maybe to switch gears a little bit. Rafe, we knew each other at Mimecast, and you did a great job there. What brought you back to Rapid7? What was that process like, and what do you see as the opportunity with the company?
Thanks, Brian. First, I'm coming up on my 6-month anniversary, right? Now I've gotten onboarded and cranking away. To be honest, I try to look at these things not so differently than our investors that come to an organization. I think it stems from first, at the highest level, are we happy with the markets we're in? Not just cyber, but the MDR market, the exposure management market, both are very large, both are growing, and both we have a right to win and compete and play in. Also, I felt like one of the things that was really important to me, there was obviously a lot of changes going on in the business, which have only accelerated over the last few months with everything Corey was just saying.
At that earliest stage of evaluation, I really wanted to dig in and see, is this a management team, a leadership team that's ready to dig in, make changes, and not fight yesterday's battle, but to dig in and see what's coming next and how to get ahead of that, right? I feel very comfortable with that. Under Corey's leadership, we've got also a number of new leaders on the team or people in new positions. Alan leading the sales organization, Julian leading the customer success organizations. It's people who are passionate about the opportunity, and frankly, in some cases, frustrated about some of the things they needed to knock down and take out to accelerate our business. That's the environment I'm looking for.
This is the team that I think it's a great company to work for, but it's also a team that's just determined to win and to grow, and if you're in a context with great products, great history, great market, you can figure that out. It may take a few quarters, right? That's what we're living out. That's where I started, and I think it's only just played out. People often ask what surprised me. What surprised me is just how much things are changing, how quickly things are changing with the developments coming from the platform providers. If anything, I think that could be an opportunity for us, right? In areas where we might have ordinarily been playing catch up, we can say, "Well, that's not the fight anymore.
Look, we're going to just try and accelerate what we're doing and get out there and serve our customers and make sure we're helping answer tomorrow's problems. All of that, I think, sets us up for, first of all, a lot of work that we need to do to deliver on that, but there's tremendous opportunity for us.
Right. How would you describe, I don't know, either both for Corey or for you, the magnitude of changes or the breadth of changes that you've had across both sales and operations over the past year or so? It seems as though it's pretty significant, and I think investors here are starting to kind of feeling for a floor.
Yeah. Absolutely.
Where are we at this stage of change, when can we expect kind of like a baseline where, all right, well, now the organization is in place, we're seeing the productivity, we see the opportunity in front of us, we're just executing on a bigger pipeline now?
Yeah.
Yeah, we'll tag team it. One, I've been heavily focused on, for lack of a better term, I hate to use the term upgrading, but is getting the right management team for the moment that we're actually in. That's been a heavy focus over the course of last year. By and large, I think we actually have done that, and I feel very good about where we are there. The second thing is we've had to do some work to actually just be clear about our target model, which the team is coming in, Rafe, Alan, Julien, and others have come in and been clear about like, "All right, what's the target model? What does it take to get there?" The execution velocity to actually move to that target model, and we've acclimated the company to actually the pace of change now.
That's happening fairly quickly. The nice thing that I feel good about, and Rafe commented about this earlier, is that we're already seeing some yield and benefits of that overall. I would say from an operational perspective, we know where we're going, we know what needs to be done. We're in the process of executing on that, and driving the change on that. I actually think that's all going to be net positive for the business. I think if the question is, where is the floor on the growth dynamic, I think that part of why we actually broke out [Asha] is that we have positive growth on the core, a lot of visibility, and we're very comfortable with that growth dynamic. We're addressing how we actually manage the non-core, which, while smaller, it actually impacts total growth.
We just wanted to be transparent about that, and we'll talk more about that later.
Yeah. Brian, what I would add, there's some of the changes, especially for investors who would see it on the financial statements, right? That started before I joined the company. There was some prioritization of headcount additions that happened in 2025, and those costs obviously carry over to this year.
Right
There are things like improving our coverage in the SOC. Corey was just talking about how we're going to automate a lot of that work to be able to maintain and improve margins over time. We had to make some additions there just to deliver great customer experience. Likewise, we've built out a low-cost center for engineering and for some of the other functions. Some of those come with costs that came on board in 2025 and obviously carry into 2026.
Right.
We're now getting to the point where we can start seeing some efficiencies from that work paying off for us. There's that part of the transition that I would say we're several innings into, but then there's some things that are much newer, like for example, the Kenso acquisition, that's frankly accelerating our AI SOC development journey that we were already on. That's fairly new. There is a bit of a combination, but I think what we're really prioritizing around is making sure we're providing great value to our customers, that we're meeting today's challenges, and that we've set ourselves up to have that balanced growth. I think that's really key for us as we think about our financials over the years. We want to see our core products growing, period.
We're working to make that happen by good investments in products and good prioritization of resources across that. We want to see margins improve over time. You can see it a little bit just in our guidance between our current quarter guidance and non-GAAP operating margins and the full year. What we've talked about is we're just very relentless in all of our internal planning of looking not just at 2026 deliverables, but 2027 margins and how do we manage margins as we go across a longer timeframe, managing that run rate, if you will.
Right. Maybe Corey, what have Alan, Julien done within their organizations in terms of the magnitude of change, and are all those changes complete at this point?
I'll break it down in each case. Alan's brought in a primarily new management team. He did that fast. He did most of that in Q4. He had the structure, the team, the comp plans in place, the ICP clarified, and the focus and alignment done as we entered Q1. I would say that is Never want to say complete a CEO, so I'm never going to say that because he might be listening. I would say that is substantially done in lots of ways, and now it's about the execution and yielding the results on that. Julien's is a bit different because Julien had two mandates when he actually came in. One, he had, well, three in a way. One, he had to scale the service so that we can actually be a best-in-class partner, and he's still working through that.
Our brand is going to be, people are differentiated to technology as they actually rely on technology to do more and more of their workflows, and they outsource more and more of their workflows. Best-in-class team, best-in-class customer experience, but to really make the customer experience sing. He's still in the process of that.
The second thing is he has to actually do more of that at lower cost. It's a challenge, but we have to deliver extraordinary customer service and experience, and we have to do that while improving our margin profile over time. He's still in the middle, and he does need some technology to do that, so that people do the things that they can do uniquely.
Technology actually provides some of the scale behind the people overall. The third thing that he'll do, which is not a this year thing, but just a go forward thing, is that we're going to be offering AI security services across more workloads over time. Primarily, it's detection and response today, but we will be taking that very successful MDR strategy and doing it on exposure, vulnerability, and risk management. We'll be doing it on compliance. Those are the two next big workloads that we've gotten massive amounts of feedback that customers want to be able to outsource to our AI center services. He's got that mission mandate too.
Got it. How much of the growth that you anticipate is from existing customers versus new logos?
Oh, that's a great question. This year we're looking at primarily, I think, centered on new logo growth. Although it's always been a balance, just to be clear, it's a tilt like this, not a tilt like this.
Yeah.
Is there a better way to say it like that? Although I did it backwards for you all. As we go forward, though, as we deliver more of the AI services workloads, we do think there's a big opportunity to sell more to existing clients. We've gotten lots of interest in how people can actually, especially in Mythos account. Some of this is like, "Okay, I can't hire more people." Some people in our cabinet are like, "Hey, you're looking to actually allow us to outsource more of the exposure management services. When can I do that? What's the readiness for that?" Likewise with the compliance services. Again, it's early there, but I think, over the next year in 2027, I think that starts to change a little bit.
Got it. For both of you, I think you mentioned the Kenzo acquisition. I think you're clear that it's more of an IP acquisition than a revenue acquisition.
Yeah, not lots of revenue. Great technology, they had a couple of nice, really marquee customers that proved out scale.
It wasn't a substantial revenue deal.
Yeah, how would you describe what it brings to the table, and then when can we expect impact to financials from that effort?
Yeah, so what it is, it's an AI technology base that allows people to actually monitor environments at scale using AI with incredible efficacy rates and accuracy rates. That's what it does. It actually monitors for attacks at scale, processing all of the security alerts and telemetry, and it does that incredibly accurately. We were so impressed with the accuracy and efficacy of that. What are the benefits of it? The first is a ICP TAM benefit. It's an Ideal Customer Profile in TAM. One of our biggest drawbacks on growth in the MDR space was that customers wanted us to actually monitor more and more of their environment-
They had to have full coverage of scale. Doing that with just technology and just people would pressure gross margins. We actually contained ourselves to the parts of the environment that we could actually do that fit our gross margin profile. We essentially capped our TAM in MDR to things that the TAM that fit within our gross margin profile. This removes that cap, so it actually opens up the full TAM, and it opened up Salesforce. Not just you, but our Salesforce is just like, "All right, when can I actually start being uncapped on it?" We're doing the integration work, but that's a big deal because that's actually a tailwind of growth. That's why we feel good about the growth potential there, because it's not like I have to go something new.
We just have to stop saying no to actually the types of deals that we can actually do. That's a big one. That's a tailwind of growth. The reason we love this acquisition, because we look at it, and we're just like, "All right, where do we want to spend money?" Is it was a double whammy. The other side of it is it allows Julian and the team to run the SOC more efficiently, and it allows our people to do more strategic work for customers. It actually improves our gross margin profile on the MDR business. When you can improve TAM and improve your gross margin profile over time, that's a big deal. That's why we're doing rapid scale. Again, because it was early stage, we're making sure it scales and meets all of our needs.
We had proof points on it, but we're integrating it right now, modifying it, merging it with some of our technology. As we exit this year, those are the two big things that actually impacts. We love things that actually have that dual impact on both profitability and growth.
Got it. Super helpful. Maybe for Rafe, I think a lot of people focused on the dynamics of core versus non-core.
Sure.
Thank you for breaking that out.
Yeah.
I think it's very helpful. I think we get the core business and what's happening there. With respect to the deterioration in non-core, how should investors think about that? What are the drivers, and at what point does that become maybe an immaterial factor to overall growth of the company?
Yeah. No, that's great. Just for everybody's benefit, we talked about on the call that over 80% of our business is core, right, which is the DNR and the exposure management side of the house. This non-core, which by default is less than 20%, that's a piece of the business where there's actually several different products within that. We wanted to separate that out because as some of these good things that Corey's talking about continue to play out, we wanted to make sure everybody has good clarity-
Sure
on that and what we're doing there. When we look at the non-core side, we do see it's driving, based on our guidance, the sequential decline in ARR is really centered in this non-core piece. What we're actively doing right now is going through and looking at each one of those products. I think once you fall into a non-core or other bucket, you have to have a stated strategy for each product.
We have to evaluate them and look at how that impacts our customers' experience overall, but also evaluate against what we need from an internal perspective. Make sure they're contributing good cash to the bottom line, make sure if they're older products or whatnot, that they're funding the new investments that are going on. That's a piece of it that we're very much in the midst of right now. Actually, what we've shared with investors came out of how we've been thinking about our business, about really having strong priorities. Now, even at less than 20% of the business, it's still a meaningful amount of the ARR.
We think there's ongoing opportunity there to make sure contribution margins are really solid, make sure we have really clear mandates about what salespeople can and can't sell. We do tend to incent our salespeople to sell core more than these other things. I think this is one of those developments over the last few months as I've come up to speed that. First, having this breakout, then diving into each one of those solutions and making sure we have a clear strategy. The reality is it's not a one-size-all-fits-all solution within them. Some of them have much more crossover to customers.
Between customers that are big platform owners also have some of these. It's going to take some work to pull this apart. We want to make sure we're really clear on how they're growing relative. Relative to each other, make sure that you can shine a light always and see how we're doing with our core, because that's what's going to drive long-term value in the organization. Then make sure we have a clear strategy for each one of these. We can add color on that over the coming quarters.
Got it. How are you thinking about balancing growth and profitability over the next few years? It's certainly great that you're showing us profitability.
Right.
I think investors would prefer growth.
Yes. Yeah, absolutely.
As long as you don't deteriorate.
Yeah
the level of profitability.
Yeah
that you have. How do you throttle the two, and how do you think about the trajectory over the next couple of years?
I think what's really important for us is to have growth in core. That's the number one priority. I mean, I'll take growth everywhere it wants to show up, but how we are thinking about that business is we need core to be growing. It was growing 2% when you take DNR and net it against exposure management, we'd love to see that accelerate. We think there's great opportunity to accelerate that business. That's priority one, plain and simple.
I think on the bottom line, we have to see margins improve over time. We want to make sure we've got good solid cash flow.
Absolutely
we've got to take care of our debt obligations. We've got to make sure we have the capacity to invest as opportunities come up. It is a balance. I think what we're going to be seeing is making darn sure core is growing, and invest accordingly, making sure overall that we have margins improving over time.
How much of an improvement over time?
Yep.
And I don't know that-
Yeah
investors really want to see 100 basis points of improvement per year, but because they know that you have the leverage to do that.
Right.
As long as you can give them a little nugget.
Yeah. Investors can see, like on our bottom line guidance, we expect margins to improve as the year goes on.
Right.
I think the overall framework is we want to make sure first and foremost that we have the cash on hand to pay off our debts.
that we have the cash on hand to run the company and make investments as we're going along, and then make sure we get return from the investments we're making.
Right.
I think, like you said, if something really is taking off, the smart thing to do is invest in that growth trajectory.
really getting in there and have that control over the dynamics of the business on a micro area, so you have that situational awareness to make those decisions. I think that's what's going to play it out. In a context where you've got margins improving over time.
Right
Almost on the micro is more important than what we're doing.
Got it. Then how do you think about, you mentioned servicing your debt?
Sure
You've got a big convert coming up next year.
Yeah.
Plenty of cash to service that debt. You have an undrawn revolver.
Yep. Absolutely.
You've got a tranche later on. How do you think about the level of flexibility that you have to service that debt versus what you have to invest in the business to grow?
Yeah. Just for everyone's benefit, we have a convertible bond that matures in March of 2027, of $600 million. This quarter, we finished the quarter with $670 million on the balance sheet.
It's all in a current position. We feel really good about this first maturity, and we have the line of credit, and our ongoing cash flow. I think puts us in a really solid position that we can pay that debt and have the cash to run the business. To make sure we're in a very comfortable space there. When you stretch it out to the next convertible maturity, that's out in 2029 of $300 million. Our ongoing annual free cash flow build, we're comfortable with our plans that we'll be able to take that and again, maintain that position of pay off the debt, make sure you've got cash on hand to run the business. Tuck-in acquisitions like the Kenzo acquisition that came up, you always have to be mindful of those and prepared to take advantage of opportunities.
I think that's important and it's why it helps to have that $200 million undrawn line of credit on top of it.
I think managing cash is the first part of the job.
Yeah
for the finance team. I think we've got a great line of sight on taking care of the debt, and then it's making sure we have the cash to run the business and make strategic investments, whether it's organic or a tuck-in acquisition or something like that.
Got it. Thank you for that. With that, we're out of time. Corey, great. Thank you so much.
Thank you.
Really appreciate it.
Thank you so much, Brian.
All right.
Thank you.
Thank you.