Rapid7, Inc. Q2 FY2025 Earnings Call
Rapid7, Inc. (RPD)
Call artefacts
Call audio is not captured yet.
A slide deck is not captured yet.
Transcript
Auto-generated speakersGood day, everyone. My name is Leila, and I will be your conference operator today. I would like to welcome you to the Q2 2025 Rapid7 Earnings Call. Now, I will turn the call over to Elizabeth Chwalk, Vice President of Investor Relations.
Thank you, operator, and good afternoon, everyone. We appreciate you joining us today to discuss Rapid7's second quarter 2025 financial and operating results in addition to our financial outlook for the third quarter and full fiscal year 2025. With me on the call today are Corey Thomas, our CEO; and Tim Adams, our CFO. We have distributed our earnings press release over the wire, and it is now posted on our website at investors.rapid7.com, along with the updated company presentation and financial metrics file. This call is being broadcast live via webcast, and following the call, an audio replay will be available at investors.rapid7.com. During this call, we may make statements related to our business that are considered forward-looking under federal securities laws. These statements are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995 and include statements related to the company's financial guidance for the third quarter and full year 2025 and the assumptions underlying such goals and guidance. These forward-looking statements are based on our current expectations and beliefs and on information currently available to us. Actual outcomes and results may differ materially from the future results expressed or implied in these statements due to a number of risks and uncertainties, including those contained in our most recent quarterly report on Form 10-Q filed on May 12, 2025, and in the subsequent reports that we file with the SEC. The information provided on this conference call should be considered in light of such risks. Actual results and the timing of certain events may differ materially from the results or timing predicted or implied by such forward-looking statements, and reported results should not be considered as an indication of future performance. Rapid7 does not assume any obligation to update the information presented on this conference call, except to the extent required by applicable law. Our commentary today will primarily be in non-GAAP terms and reconciliations between our historical GAAP and non-GAAP results can be found in today's earnings press release and on our website at investors.rapid7.com. At times in our prepared remarks or in responses to your questions, we may offer incremental metrics to provide greater insight into the dynamics of our business or our quarterly results. Please be advised that this additional detail may be one-time in nature, and we may or may not update these metrics in the future. With that, I'd like to turn the call over to our CEO, Corey Thomas. Corey?
Thank you, Elizabeth, and welcome to everyone joining us on the call today. Rapid7 ended the second quarter with $841 million in ARR, in line with our expectations and growing 3% year-over-year. Revenue and profitability were ahead of our outlook, and our business generated strong free cash flow of $42 million. While customer spending scrutiny persists, our detection and response business continues to be a core growth driver, which now represents over half of our ARR and continues to grow in the mid-teens year-over-year. We also saw encouraging pipeline growth in exposure management in response to product investments we have made in our command platform strategy. The key message I want to leave you with today is that we are uniquely positioned to capitalize on the escalating customer demand to bring AI tools and capabilities into the SOC. We have years of experience operating in security operations centers with our scaled software and services MDR business, and this gives us a tremendous head start with proprietary data and experience. We're taking focused action to enhance our go-to-market capabilities, including today's announcement of our new Chief Commercial Officer. As we will discuss, we today have the products and the capabilities to win, accelerating our organizational focus to capitalize on this and match our product capabilities with faster revenue growth is our top organizational priority. First, let's recap the most recent quarter. We experienced a solid second quarter that reflects strong performance globally, particularly in our larger deal segments. We won a number of meaningful consolidation opportunities at higher ASPs. This validates our strategic position in the market. Deal cycles remain extended, but we're seeing strong adoption among enterprises willing to make larger investments in comprehensive security solutions. And we have a number of signature 7-figure wins this quarter that are highly validating both of our product capabilities and the value of our integrated offerings. While these higher-value consolidation deals naturally have longer cycle times, the quality and scale of opportunities we're pursuing, and in particular, the ones that we have won demonstrate clear market validation of our approach. We're optimistic about our strategy while maintaining realistic expectations around the extended deal cycles that naturally accompany these substantial commitments. I'm excited to share that ahead of Black Hat this week, we announced a significant milestone in our journey to deliver truly integrated security operations that give customers command of their end-to-end attack surface. We built the Command platform to unify all customer data, not just the data that we collect, so that organizations get the facts from the beginning and reduce their time to action. Our new next-gen SIEM Incident Command has the power to scale detection and response operations with expertise from our decades of SOC expertise and Agentic AI integrated directly within the workflows that customers use every day. We launched the first phase of the Command platform last year with Surface Command and Exposure Command. And now with Incident Command, we have delivered a fully integrated platform for security operations and management. This enables our partners and our MDR team to fully leverage a unified AI-driven platform that provides complete visibility into customers' environments with the ability to leverage data on demand to minimize the attack surface and respond to threats in real time. Rapid7 is the only cybersecurity vendor with years of learnings from operating a managed SOC offering, including the past year activating and developing our own proprietary AI agents, and our unique capabilities and experience give us a huge advantage in this growing market. Incident Command now provides customers with the easy packaging and platform integration to activate this. Coming out of the second quarter, one theme is clear. Customers are increasingly focused on collecting more of their security data and leveraging AI in the SOC to drive measurable outcomes. Security teams need platforms that provide a more comprehensive view of their risk surface while delivering more efficient, transparent, and accelerated decision-making and response. We see growing demand for unified attack surface visibility to simplify risk management, and the mounting regulatory pressure is reinforcing the need for integrated compliance and reporting. These priorities align directly with our platform strategy, which continues to be focused on expert-guided AI, automation, and providing strong ROI for customers. We benefit from the head start we have given the years of operating our own security operations center and all the learnings that accompany making us uniquely positioned in this market. Our long-term strategy continues to focus on scaling our leading AI-driven security operations platform. At the center of this strategy is the Command platform, which integrates native telemetry, open data ingestion, curated intelligence, and automation into a single system of record for risk and response. It's built on 3 core differentiators. First, our open platform with over 500 integrations, it solves a fundamental challenge for security teams: fragmented and conflicting views of the attack surface. The Command platform brings together diverse data sources into a single, deconflicted, and contextualized view, giving customers a holistic understanding of the environment and the risk it represents. Second, our expert-trained Agentic AI workflows are built on years of SOC expertise, trained on live playbooks and refined through real-world analyst feedback. These are not generic models. They are proprietary and purpose-built engines that improve outcomes in real-time. And these Agentic AI workflows are fully embedded in our MDR offering. Third, customers are looking for automated measurable progress. And we don't just surface alerts; we drive outcomes, whether that's reducing noise through AI-informed active response, prioritizing toxic misconfigurations to maximize remediation, or coordinating faster incident response. Our platform helps security teams reduce mean time to detect, respond, and remediate. These innovations continue to drive our leadership position in the growing detection and response market, our largest product segment, led by our managed offerings. During the second quarter, we advanced our enterprise MDR rollout with the addition of co-managed detection, expanded support for operational cloud environments, and new SOC capacity in India. These investments strengthen our ability to support larger enterprise use cases that demand hybrid visibility, AI-powered automation, and human expertise. We're starting to see our enterprise MDR investments begin to pay off, and we think we're just getting started. For example, during the second quarter, we signed a multiyear, multimillion-dollar agreement with a major U.K.-based retailer that consolidated its security operations stack on Rapid7's command platform. After years of managing fragmented tools across multiple vendors with limited visibility, this customer selected our MDR-led solution to unify detection response and exposure management. Our ability to deliver deep coverage, asset-level context, and expert-tested AI resonated throughout a highly competitive process. The decision to replace multiple incumbent vendors at a large enterprise with our Command platform underscores the growing demand for Rapid7's integrated AI-driven security operations. Shifting to our exposure management business. As we've discussed, a key pillar of our platform strategy is helping customers move from siloed stand-alone tools to an integrated outcome-driven security operations model. In exposure management, that means upgrading customers from traditional vulnerability management products to our unified risk and exposure management solution, Exposure Command. Built directly into the Command platform, Exposure Command provides a single contextualized view of risk across both on-premise and cloud environments, enabling faster, more precise prioritization and remediation. By eliminating fragmented tools and manual integration and giving customers a more complete AI-powered understanding of their risk surface, Rapid7 is firmly positioned as a strategic consolidation platform for modern security operations. Before I turn the call over to Tim, I want to briefly address our updated outlook. We're narrowing our full-year ARR guidance range to $850 million to $865 million. As you know, budget dollars and new commitments are subject to normal seasonality and are typically Q4 concentrated. Given a number of macro factors impacting our customers and the back-end loaded nature of our new business cadence, we think it's prudent to provide this updated color. That said, we internally continue to target better pipeline conversion as we firmly believe our product offerings give us the right to win more business in the market. Accelerating our revenue growth rate to match the underlying strength of our product portfolio is a core focus. The remainder of our guidance items remains unchanged. In closing, I want to reiterate the confidence we have in our strategy and in our team's ability to execute against it. We have a clear path forward with AI-driven managed detection response as it continues to drive healthy growth and our differentiated command platform rooted in automation, integration, and expert-guided AI is more relevant than ever. We're seeing early proof points. We're doing the hard work, and we remain focused on delivering meaningful outcomes for our customers, our shareholders, and our team. Thank you for joining us on the call today. I appreciate your support, and I will now turn the call over to Tim to walk through the results in more detail.
Thank you, Corey, and good afternoon to everyone. We appreciate you taking the time to join us on today's call. Before I turn to the results, a quick reminder that except for revenue, all financial results we will discuss today are non-GAAP financial measures, unless otherwise stated. Additionally, reconciliations between our GAAP and non-GAAP results can be found in our earnings press release. Rapid7 ended the second quarter of 2025 with $840 million in ARR, representing growth of 3% over the prior year. Revenue and profitability were above our guided ranges, and we continue to see healthy growth in detection and response and early progress in Exposure Command adoption. While the customer spending environment remains mixed, particularly in North American mid-market, the operating discipline and flexibility we built into our business model continues to serve us well, and we remain focused on executing against our long-term strategy to deliver durable growth and expand free cash flow over time. Turning to our financial results for the second quarter. Year-over-year ARR growth in the second quarter was split fairly evenly between new and existing customers, ending the second quarter with 11,643 customers globally and average ARR per customer of $72,000. Second quarter revenue of $214 million grew 3% year-over-year and exceeded our guided range. Product subscription revenue grew 4% year-over-year to $208 million, supported by favorable bookings linearity in the quarter. Professional services declined year-over-year, consistent with our decision to deemphasize certain lower-margin services. International revenue represented 25% of total revenue and grew 10% over the prior year. On profitability measures, our product gross margin was 76% and total gross margin was 74%. Sales and marketing expenses were 33% of revenue, in line with the prior year. R&D and G&A expenses were 17% and 6% of revenue, respectively, compared to 15% and 7% in the prior year. Operating income for the second quarter was $36 million and above our guidance range, driven by timing of spending as we continue to focus on making targeted growth investments, as well as scaling our India innovation center during the second half. Adjusted EBITDA was $43 million in the quarter and non-GAAP net income per share was $0.58. Turning to our balance sheet and cash flow statement. We ended the second quarter with cash, cash equivalents, and investments of $600 million compared to $592 million at the end of the first quarter. In May, we fully repaid the remaining $46 million balance of our 2025 convertible notes. We generated free cash flow of $42 million in the second quarter, bringing our year-to-date free cash flow to $67 million. Additionally, we entered into a new $200 million revolving credit facility. While we have no immediate plans to draw on it, the facility adds incremental flexibility and reinforces our already strong liquidity position. This brings us to our outlook for the remainder of the year. For the full year 2025, we are narrowing our full-year ARR guidance range to $850 million to $865 million compared to our prior range of $850 million to $880 million. Additionally, we expect Q3 ending ARR of approximately $840 million, with net new ARR for the year weighted heavily to the fourth quarter. As Corey said, we will continue to target stronger pipeline conversion rates in the back half. We believe it's prudent to provide this additional context given ongoing macro uncertainty and the seasonal weighting of Q4. We are maintaining our full-year revenue guidance range of $853 million to $863 million, representing revenue growth of 1% to 2%. Recurring product revenue growth will continue to outpace total revenue growth, partially offset by year-over-year declines in professional services. We are also reiterating our full-year operating income range of $125 million to $135 million as well as our full-year free cash flow range of $125 million to $135 million. We now expect non-GAAP net income per share of $1.90 to $2.03 based on approximately 75.8 million diluted weighted average shares outstanding. For the third quarter, we expect revenue in the range of $215 million to $217 million, up roughly 1% from the prior year. We expect non-GAAP operating income between $29 million to $31 million and non-GAAP net income per share of $0.44 to $0.47 based on approximately 75.8 million diluted weighted average shares outstanding. To close, we remain focused on disciplined execution as we manage through a dynamic environment. We continue to see a resilient detection and response business, growing customer interest in our platform strategy, and a durable model that supports both innovation and strong free cash flow generation. We believe these fundamentals position us well for long-term value creation.
Thank you, Tim. Before we open up the call for questions, I want to address 2 important organizational updates that position Rapid7 for continued success as we execute our strategy. First, I want to share that Tim Adams intends to retire from his role as Chief Financial Officer. Tim has been an exceptional partner over the past 3 years, got us through significant transformation while maintaining strong financial discipline and operational excellence. His leadership has been instrumental in navigating both growth investments and strategic realignments, including our previous restructuring efforts that helped position us for profitable growth. Tim has committed to remaining at Rapid7 until we identify and onboard his successor to ensure a seamless transition. We've engaged a leading executive search firm to conduct a comprehensive search process. I want to thank Tim for his continued dedication to Rapid7 and his commitment to seeing us through this important transition. His contributions have been invaluable, and we wish him all the best as he approaches his next chapter. Second, I'm thrilled to announce that we've appointed Alan as our new Chief Commercial Officer. This newly created role underscores our commitment to driving our go-to-market capabilities to accelerate revenue growth. We have spent the past year significantly investing in our product capabilities, particularly MDR and in Exposure Command. We believe that our product offerings today are industry-leading with highly differentiated capabilities. Alan joins us as we enter the next critical phase of delivering on this, driving the acceleration of our go-to-market efforts to capitalize on our unique product offerings. With detection response now representing over half of our business and demonstrating strong growth opportunities, we have both an expanding product portfolio and significant upgrade opportunity ahead of us. Our Command platform provides a straightforward upsell motion across our entire portfolio from VM to cloud to exposure management, SIEM, and MDR. Recent customer validation, combined with the now complete integration of our technologies on our Command platform, creates significant opportunities. Our focus is now on growth and market adoption and how we operationalize our go-to-market engine, which is what matters most at this time. Alan brings the exact expertise we need. He has deep expertise in our core markets and importantly, is an exceptional operator who knows how to scale commercial organizations through periods of transformation. With over 25 years of experience, Alan has a proven track record of scaling go-to-market motions, accelerating revenue growth in software, and specifically in cybersecurity businesses. Throughout his career, Alan has consistently delivered revenue growth and operational excellence, successfully leading companies through periods of significant transformation. His expertise in building high-performing sales organizations and executing complex go-to-market strategies makes him the ideal leader to help us operationalize our platform strategy. Alan will oversee our global sales organization, partner ecosystem, and revenue operations, ensuring we execute with precision as we capture the significant opportunities in front of us. His operational rigor and deep understanding of our markets make him an ideal leader to help us maximize our commercial potential. As we continue to drive innovation and capture market share, having world-class operational leadership will be critical to delivering value to our customers and driving sustainable profitable growth for our shareholders. We remain confident in our strategy, our team, and our ability to be the platform of choice for the modern SOC. Thank you for joining us on the call today. And with that, we will now open up the call for questions.
Our first question will come from Matt Hedberg with RBC.
I wanted to mention that D&R continues to do well. I'm curious about MDR specifically, as it represents a significant part of that business and has shown strong demand trends. Could you provide us with an update on MDR?
We continue to see strong demand trends. I want to remind you that we began the MDR expansion a few years ago, and it has been a key growth driver for the business. Detection and Response accounts for more than half of our overall business. However, despite our success, we were only addressing part of the total customer market. Earlier this year, we introduced our customization and expansion offering that we refer to as enterprise and D&R. Essentially, it involves accepting all data and workloads from customers and managing them at quality and scale. This progress was made possible through the investments we have been making in our AI technology, which we have been gradually rolling out and will continue to invest in. We view detection and response as a significant growth area. Looking at the fundamentals, every organization faces increasing pressure to manage their entire data set and security operations around the clock. Regulatory pressures are rising, and the complexity of their environments is growing, especially with the addition of numerous custom AI-driven applications. To monitor this complexity, organizations need experts who can do more than just deploy technology; they need to possess the ability to differentiate meaningful insights from irrelevant data. That has been our focus, and our objective is to ensure we can achieve that at a high standard. This is a continued area of expansion for us, and we are investing in our team, services, and AI to support these efforts, marking it as a significant investment area for our future.
Got it. And then maybe you mentioned, Corey, net new ARR is weighted towards Q4, recognizing it was a good quarter relative to expectations and you did temper full year. Just can you just underscore the confidence that you see kind of specifically in 4Q which seemingly could set a good foundation for '26?
Yes. In Q2, we noticed a higher concentration of larger, more strategic deals. We're excited about the strong mix of strategic deals we're securing and converting. The deal cycles are longer due to the larger, more strategic focus. We're cautious about estimating timing too precisely. However, looking ahead to Q3 and Q4, we see several avenues to achieve our targets, which is why we narrowed our forecast range. In Q3, we prefer to avoid precise timing estimates since we experienced challenges with that earlier in the year, even though many deals did close. We maintained healthy momentum in Q2, and we believe our pipeline supports achieving our guidance. We typically see a bit of an increase in activity later in the year. Last year, we had a strong Q4, and we're optimistic about Q4 this year as well. We focus primarily on pipeline fundamentals, our conversion rates, and our overall preparedness. Our aim is to ensure we set a realistic range that we are confident we can meet, which is why we adjusted our forecast to be more focused.
Matt, based on the numbers, the midpoint of our guidance indicates that Q4 of this year is expected to be quite similar to what we experienced in Q4 last year. We have achieved this before.
Corey, could you comment on the progress of some of the various sales and channel enablement initiatives you've undertaken to drive adoption of your Exposure Command platform and how they're tracking?
Yes, absolutely. I think what you're alluding to is the fact that we actually shifted last year to take more investment in our partner channel ecosystem. And we watch that's going well. We're getting good feedback from our partners. We're starting to scale that business. As I talked about earlier in the year is that, that was going to be a ramp overall. One thing that we're finding that is, I would say, good in the midterm, but was somewhat different than what we expected originally is when we originally launched Exposure Command, we expected it to be a smaller dollar, 10% to 20% uplift upgrade cycle. And we've continued to develop a robust pipeline around that. What we're actually finding is that it is actually a more strategic choice, and we're finding that we're winning larger deals, but the deal cycles are longer, but also the ASPs are significantly higher than we estimated, which is, I think, positive in the midterm, but we're not necessarily getting the 10% to 20% upgrades that we originally expected between us and our partners. But our partners are excited by the ability to actually win larger workloads for customers. So we have readjusted in our guidance our expectation. Again, having customers consolidate, I gave one case study, but we have several different case studies where customers with the full attack surface management view have larger assets under management than they have with vulnerability management. It has been a great entree and starting to upgrade the cloud workloads. But again, those are much, much larger deals, much larger ASPs.
Corey, great to hear the focus on accelerating growth. I guess what are some of the near-term and medium-term priorities to execute on that? And maybe some of the internal metrics you're measuring to understand how you're tracking towards those goals?
That's an excellent question. Our team is actively investing in both our products and services. Ultimately, making strong investments in these areas is crucial, and it has been a significant priority for us. Our sellers and customers are focused on serving clients and sharing our story, particularly given the numerous changes and investments in our technology over the past few years. As we aim to operationalize our platform, it's vital to have our entire technology stack integrated, along with proof points in the MDR and DNR sectors, while we expand our exposure offerings. A key part of our efforts involves operationalizing our growth strategy. We have two major areas where we need to improve, and we are collaborating with our customer teams and new Chief Commercial Officer on these. First, we need to raise awareness about the traction and momentum we’ve achieved in detection and response. We are one of the larger, more successful companies in this space, and we have received excellent feedback from our customers. Following our recent release of Incident Command, we must effectively communicate that we’ve successfully moved beyond traditional vulnerability management and are capable of handling data and workloads of all sizes. Educating the market on this is a key focus for us, and we aim to accomplish this cost-effectively. Secondly, we need to enhance our operational engine for expansion. Currently, our dedicated team members are executing this manually, and we need to establish a more systematic and rigorous process to drive our expansion efforts. It's essential that we can leverage our fully integrated, upgraded platform that processes data across the environment on the Command platform, which has been a significant milestone and a primary focus for me and the company over the past year.
Yes, that's great. I just want to understand a little better what is new with the Incident Command platform compared to the previous version. Is this just a more comprehensive way to capture data on a single unified interface? Also, will customers need to do any migration to transition to that platform?
The upgrade is going to be very straightforward and easy, and it's a lot that's actually incremental. So like if you look at the core fundamentals is we've actually made it easy to actually consume both more raw data and more alert data and telemetry into the platform. So it's just like the rest of the Command platform, it's about both the data that we collect, but it's also is actually rationalizing the master system record data. The second thing that it actually has its core is it has a fully built-in threat intelligence platform that actually takes a lot of the noise that you get in and helps make sense, but also helps correlate your data about real-world threats and attacks that we're seeing in the environment. And probably the biggest single piece of the upgrade is we've been training and working with Incident Command as part of our MDR offering and training and optimizing it. And so customers out of the box get a full authentic experience, where it actually dispenses alerts, organizes it, puts it directly into the incident response framework and allows customers to actually not have to actually go through and do their own research. It provides a clear point of view about what's deduplicated, what's not, what's likely a threat, what's not a threat. And it actually starts to do the work for all of our customers in the SOC. Again, this was trained on the data that's actually helped our own MDR team scale and our customers and our partners' MDR team scale in their environment. Keep in mind, our managed detection response is both us, but we have a lot of partners that do that, and we've been making these technologies available steadily to those partners.
Awesome. Congrats on the results. I have 2. The first one, you guys kind of sort of addressed it, but I guess I'm still a little unsure as to why you guys are lowering the high end of the ARR guide. I think you said that the ARR this quarter was in line with your expectations. There was better bookings linearity. It sounds like there's still deal scrutiny, but it hasn't gotten worse than last quarter. So I'm just trying to understand why exactly is the high end of the guide coming down? That's my first one.
Yes, that's a great question. The main point is that, from a fundamentals perspective, we are continuing to build our total pipeline. We're experiencing a greater number of more strategic deals that are foreign exchange related. This is actually a new development for us, and we believe it's wise to be cautious. We have strong confidence in our guidance range. While it's possible we could exceed it, we're focused on providing investors with a reliable range that we feel good about, especially given that this year is back-end loaded and we are seeing a higher concentration of larger, more strategic deals. Overall, we feel reasonably optimistic about the economy. We are noticing a shift in the types of deals, but we want to be careful in this volatile environment. We have provided a range that we believe is sound, particularly as we look to the rest of the year. Our pipeline looks robust, and it’s important for us to ensure that investors have a clear understanding of where we stand, where we have confidence, and what we are observing.
Okay. Makes sense. And maybe just my follow-up. You announced a new Chief Commercial Officer. I believe that's the title of the role. Corey, I think the words you used were drive go-to-market capabilities and accelerate revenue growth. Clearly, half the business is still doing pretty well. The other half of the business is obviously kind of lagging. Day 1, new Chief Commercial Officer, like what are his expectations? Like when would Corey like to see him start to really make an improvement to the half of the business that's been kind of overshadowing the strong growth in D&R?
Yes. So one, I think that steady wins the race. So we have a high sense of urgency, but we want to focus on fundamentals. I expect to actually see continued success in D&R, and we don't want to sacrifice that because that's a robust market that's healthy, that has healthy trends overall. The biggest thing that we actually are going to focus on when it comes to the other parts of the business is really operationalizing the customer go-to-market and expansion engine. I think we have some efficiency gains to do. I think there are some things that actually make it easier for our sellers to actually get momentum. There are some market things that we have to do to actually make sure people actually are aware of where we are and that we're actually selling in a platform motion. And so I'm really expecting the leader to actually work with our teams on making things easier for our sellers to actually go not just tell the story, but be able to cross-sell and upsell more efficiently and effectively. If we do that, everything will actually follow and actually growth will follow. My expectation is to see improvements as we actually move into next year. And we'll continue to actually talk about that and educate you about where we are along the way. But I think we're doing off of a stronger base of a more integrated platform, but we don't want to lose the momentum that we actually have in D&R. What we really want to do is make the selling motion easier for our sellers.
Can you hear me?
Yes.
This is Aidan on for Rob Owens. It was great to see the recent FedRAMP achievement. And I understand it might still be early, but how are you thinking about the federal opportunity in the longer term and your right to win in this area versus other competitive solutions?
We are very excited about it. We have some early customers who see potential for exception-based solutions. There is a significant opportunity for us because we haven't had these certifications before, and this is an area where we need to catch up. We observe strong demand for our services that can enhance the efficiency and effectiveness of these workloads while fostering competition in the market. This represents a considerable upside for us. The federal government is involved, and we anticipate that deal cycles will be longer, with the impact expected to become evident in 2026. We have obtained the necessary certification, and our teams are currently in the market. We are scaling our teams to address federal government workloads effectively. The federal government is among the largest and most stable spenders on security, and until now, we haven't been a player in that market. I am excited that we are moving into this space, but we need to enhance our capacity to deliver well in a broader manner, not just in the limited ways we have previously. This gives us a valuable opportunity ahead.
Okay, great. Can you guys hear me okay?
We can hear you.
All right. Awesome. I was a little slow on the trigger there. Great. So yes, look, I know that the MDR space is pretty fragmented. But I guess I'd be curious, like how does Zscaler's acquisition of Red Canary change the competitive landscape there, if at all? Do you see any potential discussions resulting from that acquisition or any potential tailwinds?
There could be some positive developments. Zscaler is a highly skilled company, and I have great respect for Jay and the team. However, I don't believe the situation has fundamentally changed because the MDR market is quite fragmented. Our focus remains on delivering what we do best, which is providing a valuable solution for managing all customer security data with high service quality. We have made significant progress in that area, but we are also ambitious and aim to achieve even greater progress. Our goal is to establish a strong presence in security, supported by our experience at Rapid7, and we want to be the premier destination for security practitioners. Additionally, we aim to integrate the latest advancements in artificial intelligence to offer customers reliable security solutions. If we succeed in this, we'll achieve great success. The market will continue to be fragmented, so this doesn't alter the overall dynamics; it's a challenging market. I believe we haven't been as effective as we could be in communicating our story and showcasing our impact and service quality. We need to improve our storytelling, as it's more critical than any developments in the competitive landscape. This is a large market, and my estimate is that over 90% of organizations globally will lack the capacity to effectively manage security operations, monitoring their data around the clock in a complex and regulatory environment. This presents a huge opportunity, not just for us or Zscaler, but for the industry as a whole. We need to compete effectively, leveraging our scale, innovation, and ability to attract top cybersecurity talent.
Awesome. Can you hear me okay?
Just go ahead, Adam.
Maybe just for Corey. As we consider the Command platform and the various components coming together with Incident Command, how should we approach overall pricing and packaging? You mentioned earlier about simplifying the selling process for sellers. Additionally, when Alan joins, what potential do we have regarding pricing and packaging based on what you just discussed?
Yes, there's work to be done. We've gone through several iterations over the years with consolidation packages, which have been beneficial for initial sales. However, we haven't fully optimized the pricing and packaging for our expansion efforts. Even considering our success with Exposure Command, it's mainly a strategic victory involving either substantial upgrades or new client acquisitions. We need to simplify the adoption process for our customers and allow them to engage with smaller increments. Additionally, we need to enable our sales team to sell these smaller increments effectively. This is an area that requires attention. If we examine our growth in relation to our platform, it's evident that we're tackling large, complex projects, and our growth is hindered by the lack of a continuous expansion mechanism. We are responsible for improving this, and doing it well is crucial. This focus will yield more predictable outcomes over time. While I'm pleased with our successes in larger deals, I desire greater transaction volume. Enhancing this aspect will not only increase predictability but will also significantly contribute to our revenue growth, as we have 11,000 customers and a compelling narrative to share with them. We need to present the right bite-sized offers for them to consider, which will benefit both our growth and the overall customer experience. We are performing well in attracting strategic customers. While we have some older customers, our focus is on overall quality rather than simply the number of customers. I want to concentrate on how many customers fully utilize the platform, the coverage our AI-managed SOC provides, and the workloads we manage through AI, as these aspects signify substantial growth. We will indeed grow our customer base, but experiencing losses in transactional customers while gaining strategic ones might create some temporary noise. This situation isn't a significant issue at the moment; it’s just a bit noisy. We will work on providing clearer measures to demonstrate this quality.
Can you guys hear me okay?
Yes.
Yes, Rudy.
Okay. Great. So I want to kind of go back to Josh's question about lowering the ARR guide by $15 million on the top end. I think last quarter, you guys said the outlook kind of relied on some stabilization declines you're seeing in your VM business. I'm curious how that trended in the quarter. And because when I look at your ARR, if D&R has continued to grow in the mid-teens and make up an increase in mix, while your overall ARR growth has slowed, obviously, that math suggests that the declines in the rest of the business are actually worsening. So I'm curious if you could just give any color on that dynamic.
Yes, that's a great question. We're experiencing a very strong pipeline and conversion this year, with larger and more strategic deals. We're improving our forecasting capabilities, but we remain cautious. We observed the outcomes we hoped for in Q2, which gives us confidence about the overall dynamics of that quarter. However, we prefer to have a range where we feel highly confident. To address your main question in two parts: we have a significant opportunity in D&R, and we're optimistic about the growth potential from both product and sales investments. This is a larger and more strategic market, and we are focused on it. Additionally, we're investing in technology related to vulnerability management and core exposure, viewing it as an upgrade for our existing business. We're satisfied with our current direction, even though we expected to see more smaller transactions that would have provided clearer growth predictions. Instead, we're seeing a robust pipeline with customers making strategic platform choices, often choosing us, although we are experiencing longer sales cycles with larger deal sizes. We’re moving away from the predictable smaller transactions we were accustomed to. While we're pleased with the larger strategic deals and upgrade opportunities, forecasting their timing is trickier. Consequently, we've adjusted our guidance based on the concentration of larger deals in the pipeline. Overall, Q2 met our expectations. However, we're looking for more smaller dollar upgrades, which we need to refine. In the grand scheme, we are comfortable because of our larger deals and the path forward we have. I hope this clarifies things. Thank you for your questions. I also want to express my deep gratitude to Tim for his dedication and contributions to the company as we continue to evolve and prepare for future opportunities. Thank you all for joining the call today.