Check Point Software Technologies Ltd Q2 FY2025 Earnings Call

Second quarter financial results video conference. I'm Kip Meintzer, Global Head of Investor Relations. And joining me today are Chief Executive Officer, Nadav Zafrir; and our Chief Financial Officer, Roei Golan. Before we begin, I'd like to remind everyone that this conference is being recorded and will be available for replay on our website at checkpoint.com. During the formal presentation, all participants are in a listen-only mode that will be followed by a Q&A session. During this presentation, Check Point's representatives may make forward-looking statements. Forward-looking statements generally relate to future events or our future financial or operating performance. These statements involve risks and uncertainties that could cause actual results to differ materially from those projected in the forward-looking statements. Any forward-looking statements made speak only as of the date hereof, and Check Point Software undertakes no obligation to update publicly any forward-looking statements. In our press release, which has been posted on our website, we present GAAP and non-GAAP results, along with reconciliation of such results as well as the reasons for our presentation of non-GAAP information. If you have any questions after the call, please feel free to contact Investor Relations by e-mail at kip@checkpoint.com. Now I'd like to turn the call over to Nadav.

Hey, everyone. Good morning to you, and thanks for joining us today. As you already know, our industry is undergoing a generational transformation. It's marked by unprecedented change. And I think more importantly, the unprecedented pace of change. We're still in the very early innings of this revolution. And I believe that at Check Point, we're well positioned to lead it. And in today's call, I want to take some time to talk a little bit about our guiding principles and our vision. Obviously, before elaborating, I'd like to share that we had a solid quarter, both revenue and EPS in line with our outlook. It was relatively back-end loaded and resulted in several slip deals that have already closed in the last few weeks. The third quarter is shaping up well with strong indicators so far in July. Beyond that, we see a very healthy pipeline for the remainder of the year. And so we're reiterating our 2025 guidance. Of course, Roei will elaborate on the financials and the outlook shortly. To lead the future, we are focused on four guiding principles: number one, securing the connectivity fabric; number two, a prevention-first ethos; three, an open platform philosophy; and finally, AI-first security. The modern connectivity fabric is hybrid; it's hyper-connected. It's not only a critical infrastructure for every digital transaction but has also become a potential source of knowledge that can provide the ability to read between the nodes, revealing patterns, anomalies, and emerging threats. And I think that's an opportunity we must embrace. I can tell you that in Q2, our Quantum Force AI-powered firewalls posted another robust quarter, growing 12% year-over-year. It was driven by the refresh momentum and growing demand altogether for AI-powered inspection. We continue to accelerate our investment in SASE, as we have opened a new R&D center in India that's coming up nicely. We've doubled the size of our SASE R&D team. We're only seeing the momentum that comes with that, with sort of steady growth across all regions. Recently, this progress was also acknowledged with our inclusion in the 2025 Gartner Magic Quadrant for SASE and recognition as a leader in the Forrester Wave for Zero Trust Platforms. On the Workspace front, as I shared in our previous call, we continue to make progress under Gil Friedrich's leadership. The Workspace platform now brings together endpoint, email, and SaaS security, ultimately helping our customers' operations and improving protections. Also under Gil, we're expanding our MSP and pay-as-you-go offerings to support onboarding and more flexible consumption models, contributing to steady customer growth. Tens of thousands of new customers and millions of users are joining annually through this program. To summarize the first principle, our vision is to securely connect and optimize security across devices, networks, users, and clouds. To do that, we need to look at it as a holistic solution that ultimately delivers consistent, unifying security across what we call the modern Hybrid Mesh Network. The second principle out of four is prevention first. It's been foundational for Check Point forever that we must strive to stop attacks before they cause damage. Now preventing attacks may not be glamorous; it's difficult to receive acknowledgments for things that did not happen. At the end of the day, it's a constant behind-the-scenes effort that requires discipline, smart design, and a proactive mindset. True prevention is about acting in real time. You need to stop the zero-day phishing site before a user engages so that you can also block Log4j exploit before it runs. The secret sauce is to deliver this in real-time so users receive prevention without a negative impact on their experience, and that's the hard part. It takes intelligent engines that are working silently across data streams and are now driven by AI to make those split-second decisions without disruption. It may not be flashy, but it's foundational. I see a renaissance of the importance of prevention, especially when you look at the AI-driven threat landscape. Just last week, the SharePoint ToolShell zero-day vulnerability was exposed. It allows unauthenticated attackers to gain full access. Our customers at Check Point were protected. We also enhanced our prevention stack with the Veriti acquisition, which we announced recently. This now provides automated threat intelligence and real-time remediation, positioning us at the forefront of preemptive prevention and threat exposure management, strengthening our leadership in proactive cybersecurity. Moving on to our next principle, it's all about an open platform. We believe an open platform is the right approach. It allows us to create the core networking fabric that pulls everything together, fostering collaboration and creating an extensible environment. An open platform makes you more resilient, while an all-in-one catalog option can make you more brittle and fragile. Our recent acquisition of Veriti gives us another capability to partner with approximately 70 other vendors, aligning with our open platform strategy. Finally, we're embracing AI as a new tool, which is a shift in mindset. If AI is going to make decisions for us, we must trust it to make those predictions going forward. At Check Point, we now have an AI engine that allows our customers to use AI on a personal level, and we're embedding it in each of our products. This puts us at the forefront of AI utilization to simplify and provide unified management that genuinely makes our customers' lives easier. So, long story short, our four principles are important for our vision going forward, and I believe we are well positioned to lead the future of cybersecurity based on those principles and our open platform vision. With that, I'll turn it over to Roei.

Thank you, Nadav. Let me just open the presentation. Okay. One moment, I have some issues here. I will be with you in a moment. Okay, so can you see my screen?

Yes.

Great, okay. Sorry for the delay. So as Nadav indicated, we had a great quarter. I think our revenues exceeded our projection, achieving $665 million, which was $3 million above the midpoint of our guidance. Our non-GAAP EPS was $2.37 in the midpoint of our projection, representing 9% growth year-over-year. Moving to the results, our revenues grew by 6%. This was mainly driven by another strong quarter for product revenues, which were buoyed by strong customer demand for our new appliances and a higher volume of product refreshes. I must say this refresh cycle reflects continuous investment in our platform and broader adoption of our latest technologies, especially our Quantum Force technology released a year ago. Due to these refreshes, a larger portion of our deals was bundled, including subscription and support, which were offered at higher discount levels compared to standalone renewals. This dynamic led to a slight de-acceleration in our subscription revenues and a slight decline in support revenues for the quarter. However, we view this as a positive trend for the long term, as it's strengthening the customer relationship, expanding our installed base, and positioning us for increased renewal, install revenues, and upsell opportunities in the future. Regarding the billing, calculated billing grew by 4% to $642 million this quarter. Our RPO grew by 6% and reached $2.4 billion this quarter. As noted, this quarter was heavily back-end loaded, with several deals pushed from late June to early July. These deals alone, we're talking about huge 7-digit transactions that affect our billing by approximately 3 points, benefitting us in the third quarter. In the same quarter last year, we had 3 multi-year deals totaling $130 million, which had a significant impact on our RPO last year. Moving to our revenues by geography, our Americas and EMEA grew by 5% this quarter, while APAC had a strong quarter with double-digit growth of 15% year-over-year. Moving into our P&L, our gross profit increased from $557 million to $585 million, representing a gross margin of 88%. Our operating expenses increased by 7%, primarily due to our continued investment in our workforce and the impacts related to the Cyberint and Veriti acquisitions. Our non-GAAP operating income remains strong at $271 million, equating to a 41% margin. I think it's important to discuss the FX impact, as the U.S. dollar is weakening against most currencies, especially the Israeli shekel. Approximately 50% of our operating expenses are denominated in non-USD currencies, particularly the shekel, and we're not hedging 100% of these expenses. This currency movement resulted in an estimated 0.5 point headwind to our margin this quarter. For the second half of the year, although a significant portion of our foreign exchange exposure is evident, we will still experience an impact because we aren't hedging 100% of our foreign currency. We expect a headwind of approximately 0.5 to 1 point if the U.S. dollar remains at these levels. This could increase our operating expenses next year by $50 million to $60 million if these FX rates remain. Moving into our cash flow, we had a strong operating cash flow this quarter, achieving $262 million, a 31% growth year-over-year. This includes a $50 million benefit from hedging transactions, offset by $6 million related to our Veriti acquisition. Our cash balance was $2.9 billion, and we continue our buyback, purchasing 1.5 million shares at an average price of $220. We also acquired Veriti during the quarter, which was a net cash outflow of around $90 million. We need to mention two items relevant for the next quarter concerning cash flow. First, we recently announced the acquisition of land for building our new Check Point campus in Tel Aviv, which cost a total of $160 million. We do not expect any significant additional investments in CapEx in connection with this campus until early 2027. Secondly, as part of a tax settlement signed last week for previous years, we'll pay approximately $66 million during the third quarter to settle this tax dispute, which may show a significant positive impact on our third-quarter P&L and EPS. This potential impact is not reflected in the guidance I will share in the next few slides. To summarize, our second-quarter revenues and EPS were in line with projections, showing continued strong demand for Quantum Force appliances, with another quarter of double-digit growth, and solid demand for email, SASE, and ERM. We also had another profitable quarter with robust operating margins and strong operating cash flow. Before moving to Q&A, I'll now share guidance for the next quarter. As Nadav indicated, we started July strong. We have internal indicators showing a positive outlook, and the deals pushed from Q2, along with those already closed in July, prompt optimism for Q3 and the rest of the year. Our guidance for the third quarter is between $657 million to $687 million, with the midpoint at $672 million. Our non-GAAP EPS is projected between $2.40 to $2.50, while GAAP EPS is expected to be approximately $0.68 less. We are not changing the full-year guidance; it remains the same as provided at the start of the year. We feel positive about finishing at the high end of the guidance, but the range stays the same for both EPS and revenues, with GAAP EPS expected to be around $2.30 less. Thank you. Kip?

All right. Now we'll move to the Q&A. And first up today will be Adam Tindle, followed by Tal Liani, BofA.

I just wanted to maybe start with the elephant in the room here with the announcement that Palo Alto is acquiring CyberArk in a $25 billion deal. As it relates to your comments on Check Point, you're talking about how an open platform is the right approach. Could you expand on that area, specifically where you think it makes more sense to partner versus maybe own or acquire? And any comments you can make on the identity space given that large transaction?

Yes, thanks, Adam. Well, sure. Very interesting announcement. I think the impact on us is minimal, as we're not a player in the identity space. Our vision focuses on what we think we can do best, which is the breadth of the connectivity fabric. That encompasses the hybrid mesh on one side and workspace on the other side, creating a unified platform for everything connectivity fabric. Our philosophy is to focus on an open platform for several reasons. First, when I speak to dozens of CISOs each month, especially those at larger enterprises, I believe that between the best-of-breed and best-of-suite dilemma, an open platform is the right approach. It provides unified layers, deeply integrated, allowing for extensibility and collaboration, which is a strong preference among CISOs who want to avoid vendor lock-in. Furthermore, from a security perspective, an open platform allows for a diversified defense strategy against attackers. Monolithic approaches are less effective against the current threat landscape. It’s a real differentiator in our vision and strategy for the market.

Question. I look at your growth of 6% and your billing growth. Even if I add the deals that slipped, we're not seeing acceleration. Can you help me understand what the challenges are in accelerating growth? Are they operational, cultural, product, or go-to-market challenges? Can you discuss what prevents the company today from accelerating growth and what would it take for growth to accelerate in the future?

Great question, Tal. You're right that it's not an overnight shift. It's a vision; you have to have the principles and make the necessary investments. Number one, we need to build the right go-to-market approach and instill a sense of urgency into our culture, which is already in progress. However, as you mentioned, it's not something that will happen overnight. That said, I don't think there is a specific underlying challenge. We have the right products and vision; we just need to execute effectively in the go-to-market space, and that is our plan.

If you were to rank the focus areas you're dealing with, would you say that most of the focus is on go-to-market, or is it on improving the product portfolio? Where is the primary focus that would drive growth acceleration?

For the short term, definitely go-to-market is the primary focus. However, it's important to understand the pivotal time we’re in; I believe AI will significantly change how we operate and manage digital infrastructures. Therefore, we need to invest heavily in this area, aiming to lead the way. If you ask me about our three primary areas of focus, I would say: one, go-to-market, which we’re already working on; two, investing in AI—where we believe we’re already leading by embedding AI in our products; and three, building a culture of execution and urgency. These efforts happen in parallel, with varying impacts on short-term, medium-term, and long-term growth.

I understand the impact of the discounting, but can you discuss the confidence in why this is a positive development long-term? Is it due to upsell to SASE, or where should we see that benefit over time? Also, can you provide any quantitative metrics regarding the performance on the new logo side of the business?

Sure. When I look at our internal indicators regarding customers that are doing refreshes, we observe a consistent increase in their Annual Recurring Revenue (ARR) over time. Even if not immediately visible in the current quarter, the long-term outlook appears to be strong. So we have confidence there is a robust demand for our appliances, with some cross-selling into SASE, email, or ERM occurring in tandem. But even without that, we see growth; therefore, we remain confident it's not only this quarter but is reflected over the years. Nadav, would you like to add something?

To address your question on where we’re seeing growth, I would highlight two main areas: first, our new product lines like email, ERM, and SASE are exhibiting year-over-year growth above 40%. Secondly, the Infinity platform differentiates itself with our roadmap creating a unified platform for all connectivity fabric aspects. Given the accelerating threat landscape, maintaining an integrated approach will have a substantial impact moving forward. Coupling this with increased marketing investments should lead to observable growth over time, although it may come at the cost of slight margin reduction as we pursue that growth.

Nadav, you've discussed SASE being a key focus area. Can you provide an update on the Perimeter 81 acquisition in terms of go-to-market and technology integration? Additionally, what vision are you trying to communicate to customers that’s differentiated from the many vendors offering SASE solutions?

Certainly. Since the acquisition, we're witnessing solid growth rates around 40%. We are focusing on elevating our capabilities to the large enterprise level. By early 2026, we plan to have extensive capabilities operational in larger enterprises. This focus on SASE represents a critical aspect for both R&D and go-to-market strategies. Regarding differentiation, our strategy includes a comprehensive connectivity platform approach—balancing our hybrid mesh and workspace elements into a unified offering geared towards personas instead of disjointed technologies. SASE provides the glue to seamlessly integrate everything together. Unlike many incumbents whose architectures operate solely in the cloud, our hybrid capability allows us to deliver a superior user experience, thereby controlling costs as well. This, along with our various capabilities, puts us in an advantageous position within the market.

Can you drill down a little bit into the slipped deals? I appreciate you quantified them, but could you elaborate on the reasons for the slippage, the geographies involved, and what broader trends you’re noticing?

Certainly. This quarter, we saw an unusual amount of slippage, which is typically something we experience each quarter. However, this time there were more delays than usual, which we attribute to a combination of macro conditions and execution challenges. While we generally have slip deals, this quarter had a significant number. Still, we are confident that most of these large deals—primarily 7-digit deals—were closed in the initial weeks of July. Thus, we see this primarily as a timing issue. The back-end loading this quarter was the most pronounced I've observed at Check Point, resulting in a slight elevation in slip deals, yet we feel secure because they have all closed and we’re optimistic about Q3.

To add to that, Rob, every slipped deal is unique; there’s no commonality between them. The good news is they have all been finalized now, and July is showing a strong start for our third quarter, enhancing our optimism for the remainder of the year.

Can we dig deeper into Quantum? What are you seeing regarding the product cycle and refresh rates? How well penetrated is your installed base with Quantum, and do customers seem to be reassessing network architecture and potentially throttling spending in other areas?

On the refresh cycle, I'd like to invite Roei to weigh in. Regarding architecture, our focus is on the entire connectivity fabric where Quantum is just one aspect of it. Everything is remaining hybrid, so having on-prem capabilities is essential. Additionally, we will also have CloudGuard to extend that capability to the cloud, merging all aspects into one connectivity fabric platform. Our investment is geared toward creating unified management tools to implement policies seamlessly across environments, ensuring we can adapt to this multidimensional landscape where each node receives the same capabilities.

For the refresh cycle, I think we're right in the middle of it. The potential is significant, and when reviewing our funnel for the second half of the year, we see continuing opportunities for refreshes. While it will take time to fully materialize, we are optimistic about our prospects and believe the potential exists for competitive replacements as well.

On Harmony Email, is it still growing at similar rates compared to previous quarters? And regarding the slipped deals, are they geographically based, or are they largely across-the-board?

Yes, the email solution is indeed continuing to exhibit healthy growth rates. Regarding the slipped deals, as previously stated, there is no common thread, and they are not geographically focused. We have observed these in various regions including the Americas and EMEA. Notably, these deals have all closed within the past few weeks, giving us a solid lead into the next quarter. As for email,it continues to grow significantly, bolstered by the integration of multiple solutions collectively enhancing security and efficiency for our modern workforce.

I'd like to revisit the subscription growth and discounting. If I understood correctly, the impact from discounting was around 50 basis points for subscription. We have heard feedback from the channel indicating that Check Point was more flexible on pricing this quarter. How do we interpret this? Should we anticipate continuing discount impacts over the next few quarters? I'm concerned that firewalls may not represent a consistent revenue source over the next three years. Can you provide guidance on how we should project subscription growth when facing these challenges?

You're correct that I mentioned the 0.5 point impact from increased subscription discounting related to the refresh cycles. I do expect to see continued effects from the discounts in the upcoming quarters. However, we also face tailwinds; email solutions are rapidly growing and should positively influence our subscription revenues. Alongside SASE and ERM, which are also thriving, we foresee these elements contributing to subscription growth. Moreover, competitive replacements in Quantum firewalls should enhance our subscription line as well. Overall, we remain committed to driving accelerated growth on this line item.

Nadav, during Analyst Day, you emphasized the critical nature of winning the SASE market to enhance subscription growth. Identity security appears crucial for Zero Trust SASE, as confirming user identity before connecting to applications is essential. Can you elaborate on how vital identity security is to your SASE offering and its future adoption in large enterprises?

Identity management and security are indeed part of the overall cybersecurity landscape that comprises the Zero Trust approach. However, creating a Zero Trust environment with our existing competencies seems very achievable. We aim for customers to select their preferred identity service provider or broker, aligning with our open platform philosophy. Hence, I don't view identity makeup as significantly impacting our SASE solution.

Nadav, you’ve detailed a strong vision around AI-powered prevention. Could you clarify how you plan to monetize these approaches structurally? Additionally, how are you balancing AI-focused acquisitions with your internal R&D philosophy?

In pursuing AI-first security, we primarily focus on three areas. First, we are hiring the right talent to lead this initiative, with plans to onboard about 500 new individuals to drive our SASE and AI efforts. Secondly, we explore acquisition opportunities to enhance our capabilities affordably and effectively. Lastly, while we continue to leverage our existing expertise, we're also developing new products to support AI-driven prevention. In terms of monetization, there will be standalone products and a broader platform integration; we aim for a well-rounded strategy that delivers value to customers and builds on our established network and Infinity platform.

Nadav, you mentioned earlier that you would be agreeable to sacrificing some margin to pursue your goals. Should we interpret this as new information or consistent with previous messages? Considering the anticipated acceleration of tuck-in deals, do you see a change in that pace?

This isn't new information, Patrick; it's part of our ongoing vision. We've consistently communicated our desire to accelerate growth, and early signs indicate that we're headed in the right direction. Achieving this requires a solid strategy and investment in our guiding principles. The14585 are our four pillars to guide capabilities; we are focused on accelerating our growth trajectory, which may necessitate balancing in-house development with acquisitions. We're dedicated to identifying best-in-class potential acquisitions that align with our guiding principles.

Regarding the go-to-market changes implemented, what have been the most relevant adjustments, and when do you anticipate these changes will yield substantial impacts?

First and foremost, the most critical shift has been in leadership; we've expanded from two leaders to six in critical areas like the President of Americas, President of International, CMO, Customer Success, CRO, etc. This leadership network has fostered a better balance between product development and market strategies. Second, we're focusing on attracting a new talent pool inclined towards marketing. Additionally, culturally, we aim to be more assertive about our mission and values. These modifications are presently underway and will have a gradual yet meaningful impact.

Thank you, Keith. Appreciate your comments as well. Next is Saket Kalia from Barclays.

Nadav, you mentioned steady growth in SASE. Given your large customer base, can you elaborate on your SASE wins, highlighting why you win? Also, Roei, could you share any insights regarding the scale or run rate of this business as we consider Check Point's future?

We remain a relatively small player in SASE; however, we excel in the connected fabric platform within the hybrid mesh, with SASE integrated into that offering. Most of our successes come from existing customers who have our Quantum base and seek comprehensive connectivity fabric capabilities. We believe no other company can match our depth of inspection engines, AI engines, and intelligence, thanks to 32 years in the field. SASE wins are predominantly upsells to established enterprise customers. Through our new division focused on MSP and pay-as-you-go, we also anticipate opportunities for new customer acquisition, making SASE a strategic focal point for future growth.

All right. Thank you all for joining us today. We appreciate it and look forward to seeing you throughout the quarter and also next quarter.

Thanks, guys.

Thank you.