Tenable Holdings, Inc. Q4 FY2020 Earnings Call

Greetings and welcome to Tenable's Fourth Quarter 2020 Earnings Conference Call. At this time, all participants are in a listen-only mode. A question-and-answer session will follow the formal presentation. As a reminder, this conference is being recorded. I would now like to turn the conference over to your host, Andrea DiMarco.

Thank you, operator, and thank you all for joining us on today's conference call to discuss Tenable's fourth quarter and full-year 2020 financial results. With me on the call today are Amit Yoran, Tenable's Chief Executive Officer, and Steve Vintz, Chief Financial Officer. Prior to this call, we issued a press release announcing our financial results for the quarter and full-year. You can find the press release on the IR website at tenable.com. Before we begin, let me remind you that we will make forward-looking statements during the course of this call, including statements relating to Tenable's guidance and expectations for the first quarter and full-year 2021, growth and drivers in Tenable's business, changes in the threat landscape in the security industry, and our competitive position in the market, growth in our customer demand and adoption for our solutions, Tenable's expectations regarding long-term profitability, the impact of COVID-19 on our business and on the global economy, and planned innovation and new products and services. These forward-looking statements involve risks and uncertainties, some of which are beyond our control, which could cause actual results to differ materially from those anticipated by these statements. You should not rely upon forward-looking statements as a prediction of future events. Forward-looking statements represent our management's belief and assumptions only as of today and should not be considered representative of our views as of any subsequent date. We disclaim any obligation to update any forward-looking statements or outlook. For a further discussion of the material risks and other important factors that could affect our actual results, please refer to those contained in our most recent quarterly report on Form 10-Q and subsequent reports that we filed with the SEC, which are available on the SEC website at sec.gov. In addition, during today's call, we will discuss non-GAAP financial measures. These non-GAAP financial measures are in addition to and not a substitute for or superior to measures of financial performance prepared in accordance with GAAP. There's a number of limitations related to the use of these non-GAAP financial measures versus their closest GAAP equivalent. Our earnings release that we issued today includes GAAP to non-GAAP reconciliations for these measures and is also available on the Investor Relations section of our website. I'll now turn the call over to Amit.

Thank you, Andrea, and thank you all for joining us today. I'd like to start off by saying I am incredibly proud of how our employees continue to respond as we navigate today's dynamic environment. Today, I'll highlight our strong Q4 results, our cloud security advancements, and some exciting channel expansions. But before I get into Q4, I'd like to comment on the current vulnerability management market and the cybersecurity environment we find ourselves in. Through our dialog with customers and partners, we see the strategic importance of vulnerability management rising rapidly. Enterprises continue to prioritize VM as the critical building block to understanding their cyber security risk. This is underpinning the strong adoption and demand we saw from our customers throughout the year. We added one of our highest numbers of new platform customers during this quarter, 460, and one of our highest numbers of new six-figure additions at 66. We also continue to see a healthy number of competitive displacements and continued optimism about the large greenfield opportunity in VM. About a third of our larger new platform adds came to us from greenfield accounts where they had no in-house organic VM capability. The SolarWinds breach further highlights the importance of VM and visibility across the entire environment. For many of our customers, Tenable's VM solution played a critical role in helping them discover, understand, and respond to emerging threats identified in the SolarWinds breach. Very quickly, they were able to identify exactly where they were running the SolarWinds Orion Platform. Within hours, our customers and our entire Tenable community could also identify where specific versions of SolarWinds were installed. In short, our customers could rapidly shift from the fear and doubt of high-profile headlines to clarity and confidence. Knowing the security of your systems and the state of user account base are foundational. At Tenable, we believe that a continuous and complete understanding of assets, exposures, and risk are critical to good decision making. Being prepared with accurate data and insights to help manage risk helps our customers confidently respond in times of crisis. Our spaced approach prioritizes vulnerabilities so customers know where to focus first. While we play a critical role in reducing risk for a vast majority of breaches caused by known vulnerabilities, we also provide critical agility for new and emerging threats, including new zero-days. In both situations, our commitment to Best of Breed VM enables us to deliver value as a key differentiator and a key response mechanism for organizations. Being able to answer the fundamental questions such as, how secure am I, how exposed am I, and what can I do to most efficiently reduce risk, has never been more critical for executive leadership. The right vulnerability management solution, strategically implemented, provides continuous understanding for enterprises to effectively measure and manage cyber risk and respond with confidence during times of crisis. In times of uncertainty, enterprises know they can rely on Tenable's focus and Best of Breed capabilities. Now, with all that said, we're very pleased with our results for the fourth quarter. Our revenue grew 22% year-over-year. In addition to strong topline growth, our profitability continues to expand as we saw improvements in the operating margin and generated attractive levels of free cash flow. These results reflect favorable demand dynamics, the strength of our product portfolio, and the compelling nature of our business model. With our enhanced product portfolio, we believe we're just getting started on the value that we can deliver to customers. A great example of this is the new six-figure cross-sell win in OT with a global manufacturing company. This is an existing Tenable IO and web application security customer that was looking for a converged IT/OT system to reduce costs, improve visibility, and enhance security. By running Tenable.io along with the web app security product and now OT, this customer is able to reduce cyber risk and protect their brand with a unified understanding of risk. In the fourth quarter, we saw momentum starting to build in platform adoption across product lines. With increasing demand for multiple products, we're exploring other more natural cross-sell motions to make it easier for our customers to benefit from the full suite of capabilities. We continue to see strong demand among hybrid and cloud-first customers increasingly turning to us to help them secure their cloud environments. An excellent example of this is another six-figure win from a global pharmaceutical company that purchased our entire cloud-security suite, Tenable.io, web-application security, container security, and Lumin. This existing Tenable.io customer completed an acquisition and needed visibility across the entire organization. The customer was originally a competitive displacement over a year ago, and now, with this new acquisition, became a competitive replacement for a second time. This is a tribute to our long-standing relationship with customers and the superior capabilities and customer experience that we can deliver. In the end, our commitment to product innovation and focus on cloud and matured prioritization capabilities drove the win. We also officially launched frictionless assessment globally for the Tenable.io in the AWS marketplace in the fourth quarter. Frictionless assessment continuously provides accurate visibility across all cloud-based assets via an easy to use, low-risk approach that delivers quick time to value. While it's very early, we believe there is significant opportunity for the adoption of frictionless assessment. Many of our customers want increased visibility into the state of their assets in the cloud due to the velocity of changes in these environments. We're seeing customers starting to use frictionless and we've already discussed opportunities for significant growth. These early indications are very positive, and we view this as an exciting opportunity to expand asset coverage and continue to deliver more value to customers using Tenable to secure their cloud deployments. In addition to our relentless focus on innovation, and our commitment to our product portfolio, we continue to make significant investments in our go-to-market strategy. While we are early in our development of the MSSP relationships, we've laid the groundwork in our MSSP program, which we believe will continue to fuel growth for years to come. We're already seeing early returns on these investments. Last year, we added over 150 new MSSP partnerships and increased our MSSP partner accounts to over 350 globally. More importantly, we're including many of the top global MSSPs in these numbers. We're excited about the momentum in this particular program and the broader progress we're making with our channel partners. We believe our Best of Breed strategy in VM and strong presence and capabilities to secure cloud environments, coupled with our go-to-market investments will continue to fuel attractive growth and profitability. Heading into 2021, we plan to continue to invest, particularly in R&D and quota bearing resources to drive innovation, increase our market leadership, and position Tenable for continued growth.

Thanks, Amit. As Amit mentioned earlier, we are very pleased with our results for the fourth quarter, highlighted by attractive topline growth and impressive bottom line results. I'll discuss our results for the quarter momentarily, but please note that first all financial results we will discuss today are non-GAAP financial measures with the exception of revenue. As Andrea mentioned at the start of this call, GAAP to non-GAAP reconciliations may be found in our earnings release issued earlier today and posted on our website. Now onto our results: revenue for the quarter was $118.1 million, which represents 22% year-over-year growth. Revenue in the quarter exceeded the midpoint of our guided range by approximately $4 million. Our percentage of recurring revenue remained high at 94%, a result of our annual prepay subscription model. Revenue for the full year was $440.2 million, which represents 24% growth year-over-year. Revenue in the quarter was aided by strong demand for both new and renewal business. In terms of new business, we had one of our best quarters ever; we added 460 new enterprise platform customers and 66 new net six-figure customers in the quarter. This brings the total number of customers spending in excess of $100,000 annually to 837. Our investments in product innovation and go-to-market reach have continuously helped us deliver a healthy number of greenfield opportunities and competitive takeaways throughout the year, despite the pandemic, and this quarter was no different. So we are delighted with the velocity in which we are adding new customers in the quarter. We're also very pleased to see upside in our expansion business, as customers adopted new modules and expanded asset coverage at a higher rate than what we saw earlier in the year. Of note, cross-sells for Lumin, web application security, and OT among others experienced significant growth in the quarter. We attribute our success year to an increasingly complex threat environment that highlights the relevance of our cyber exposure offering, specifically a platform that delivers broad asset coverage, accurate results, and predictive analytics to help our customers understand and address the most critical vulnerabilities within their compute environments. This also benefited renewal business, which was strong in the quarter. This is reflected in our calculated current billings (CCB), defined as the change in current deferred revenue, plus revenue recognized in the quarter, grew 20% year-over-year to $150.5 million, and overall, we are very pleased with our performance. As a reminder, CCB is a close but not perfect proxy of the underlying performance of the business and can be influenced by such factors as deal timing, early renewals, and multi-year prepaid deals, which have been impacted in the current economic environment. I'll now turn to expenses, which reflect considerable investment this year offset by operational efficiencies and to a lesser extent some pandemic-related savings. I'll start with gross margin, which was 84% this quarter, consistent with last quarter and up from 82% last year. Gross margin for the full year was 84%, consistent with 2019. Our gross margin continues to be very healthy and reflects increased investment in our public cloud infrastructure. We continue to realize economies of scale related to the growing demand for our cloud-based Tenable.io platform. In short, investments in our public cloud platform have resulted in increased spending on an absolute dollar basis but with notably lower unit costs. Given the uptake for Lumin and other cloud-based offerings, we plan to make incremental investments that are expected to lower gross margins in 2021 by approximately 520 basis points. Let's turn to operating expenses. Sales and marketing was $50.8 million compared to $57.7 million in the fourth quarter last year and $48.2 million last quarter. Sales and marketing expense as a percentage of revenue was 43%, which was consistent with last quarter and significantly improved from 59% last year. As we've discussed on prior calls, we're very pleased with the leverage we've demonstrated to date in sales and marketing, which we attribute to a maturing sales force, a higher mix of channel business from our two-tier distribution model, and better overall efficiency related to sales overhead in markets where we have critical mass. Sales and marketing expense increased sequentially due to higher commission expenses during seasonally higher sales, as well as incremental investment in expanding our go-to-market efforts in areas including the channel, most notably ramping our MSSP business, which represents a compelling long-term opportunity for us. Looking ahead in 2021, we're going to make continued investments to expand both the sales organization and our channel efforts, which we believe will position us well for continued growth and success. R&D for the quarter was $20.4 million, consistent with the same period last year and down slightly compared to $21.2 million last quarter. As a percentage of revenue, R&D expense was 17% compared to 21% in Q4 2019 and 19% last quarter. As a Best of Breed vendor, innovation remains a top priority for us, so additional investment to secure an increasingly complex attack surface via our cloud-based predictive analytics approach is anticipated in 2021 to extend our market leadership. G&A expense was $12.5 million compared to $12.6 million in the fourth quarter last year, and it was also consistent with last quarter. As a percentage of revenue, G&A expense was 11% this quarter, flat with last quarter and down from 13% in Q4 of last year, which reflects our ability to more fully absorb public company costs and achieve greater efficiency and automation in many of our back-office functions. Income from operations was $15.4 million in Q4 compared to a loss of $11.1 million in Q4 last year and an income of $12.4 million last quarter. For the full year, non-GAAP income from operations was $25.8 million compared to a loss of $42.8 million in 2019, which was a $69 million improvement. Operating margin was positive 13% for Q4 compared to negative 11% for the fourth quarter last year and positive 11% last quarter. Operating margin was positive 6% for the full year compared to negative 12% for the full year 2019. All of this translated to significant EPS upside for the fourth quarter as our earnings per share was $0.13, which was $0.07 to $0.08 better than expected. Approximately half of the beat was due to better-than-expected topline results and half was attributed to better cost management. For the full year, we generated $0.19 of earnings per share versus a loss of $0.42 last year. Now, let's turn to the balance sheet. We finished the year with $291.8 million in cash, cash equivalents, and short-term investments, an increase of approximately $80 million compared to December 31, 2019. Total deferred revenue at December 31, 2020, was $434.5 million, an increase of $71 million from last year, giving us a lot of visibility into revenue headed into 2021. Turning to cash flow, we achieved $16.7 million of positive free cash flow in the quarter. This compares favorably to a free cash flow burn of $13.5 million in Q4 last year. For the full year, we generated $44 million of free cash flow versus a burn of $31 million last year, which was a very notable $75 million improvement. With high recurring revenue, high gross margins, and high renewal rates, we are confident in our ability to generate attractive long-term margins. And despite the investment in the business and an anticipated return to a more normal travel-and-spend environment, we expect continued expansion in free cash flow margin in 2021. With the results of the quarter behind us, I'd like to discuss our outlook for the first quarter and the full year 2021. Our assumption is that the healthcare crisis will continue to create uncertainty and macro headwinds as many geographies are experiencing further restrictions and lockdowns. Although, we have a very balanced and diversified customer base, approximately 10% of our business comes from industries that have been highly impacted by the pandemic, such as transportation, hospitality, and retail. As a result, our guidance assumes the crisis will continue to abate over the summer with modestly improving demand in the second half of the year. With this uncertainty in mind, we believe our business will remain resilient, giving us the confidence to provide an initial full-year outlook for calculated current billings today, which is something we have not provided since our call in February of last year. Recent security events, including the SolarWinds breach, have the potential to create a more favorable spending environment for us this year, but the overall impact, if any, and timing are uncertain. With that as a backdrop for the first quarter 2021, we currently expect revenue to be in the range of $118 million to $120 million, non-GAAP operating income to be in the range of $7 million to $9 million, non-GAAP net income to be in the range of $5 million to $7 million, assuming a provision for income taxes of $1.5 million, and non-GAAP diluted earnings per share to be in the range of $0.04 to $0.06 per share, assuming 115 million fully diluted weighted average shares outstanding. And for the full year 2021, we currently expect calculated current billings to be in the range of $565 million to $575 million, revenue to be in the range of $510 million to $515 million, non-GAAP operating income to be in the range of $40 million to $45 million, non-GAAP net income to be in the range of $30 million to $35 million, assuming a provision for income taxes of $6 million. Non-GAAP diluted earnings per share to be in the range of $0.26 to $0.30 per share, assuming a 116 million fully diluted weighted average shares outstanding. In summary, we're very pleased with the results of the quarter, which gives us increasing confidence that we remain well-positioned to deliver compelling growth and profitability over the long term. And now, I'll turn the call back to Amit for some closing comments.

Thanks, Steve. As I stated earlier in the call, recent security events have raised the profile of vulnerability management. SolarWinds shows that we can't rely on strong perimeter defenses and has highlighted the need for assessing devices across the entire enterprise. Our message has been very consistent. For Tenable, our core strength in VM has driven our success and aided in our natural expansion across the attack surface into improving the security posture of cloud and OT deployments. Our strengthening platform of capabilities positions us for long-term success as our customers shift to hybrid and cloud environments. We hope to see many of you virtually at the Goldman Sachs, Morgan Stanley and Truist tech conferences in the coming weeks. We'd now like to open the call up for questions.

And our first question comes from Brian Essex with Goldman Sachs. Brian, please go ahead with your question.

Great, thank you. Good afternoon, and thank you for taking the question. Guys, nice set of results. Amit, nice progress in the service provider market, and appreciate the color there. Maybe could you provide a little bit of incremental color in terms of the types of customers that you're attracting in that market? The dynamics of those deals and how meaningful you expect that segment of business to be from a mix perspective?

Yes, I'll provide maybe some color context. I think the service provider market is incredibly strategic. We see that market really going after a diverse set of customers. So the natural one, which comes to mind is certainly the mid-market where a lot of organizations that don't have the in-house expertise gravitate toward managed security providers. And then, we've also seen a noteworthy number of large enterprise customers choose to use managed service providers and managed security providers as part of their ongoing security operations. So, we really see it as a pretty important and strategic route to market for us along both tracks and we're early in those relationships but seeing some early results and are really excited about the opportunities that both of them represent for us.

Got it, that's helpful. Can you discuss the OT market and the recent significant six-figure win? Considering the increasing concerns about state-sponsored attacks and their potential impact operationally, how is your progress in that market looking, and how significant do you think it might be over the next year?

I think that is a market that we believe has very strong potential. There is no doubt that some of the most critical business operations occur in and rely on OT environments, and OT is an increasingly critical part of business efficiency and fueling economic growth. So the awareness for OT security has grown rapidly in the last two to three years, and we've seen IT security programs and IT security leadership play an increasingly critical role in product selection and solution selection and providing security into corporate OT environments, which historically have been managed by different teams. So we feel like we have a real position of strength in understanding risk across IT and OT and the convergence of security regimes across both of those platforms. In terms of the potential for that market, I think Steve can do some analysis on asset numbers and industries and the breadth of industries that rely on OT. But I think there's a pretty substantial opportunity that we're going after there.

Hey, guys. Thanks for taking my questions. Can you hear me?

We can.

Hi, Josh.

Yes.

Hey, guys. How are you? Just two quick ones from me. First, I believe last quarter you mentioned that the renewal rate was 110%. I was just curious if you guys could comment on what it was in this quarter? I think the commentary in your prepared remarks kind of suggested it was positive. And then also, what numbers are baked into the guidance that you gave for 2021?

Hi Josh, this is Steve. Well, first, we did comment in the quarter that upsell was notably strong this quarter, really on the backs of higher asset coverage as well as higher cross-sells; it's one of the best quarters ever for us in terms of cross-sell. So we're very pleased with the level of upsell this quarter; this is a positive development after several quarters of moderation earlier in the year. We don't manage the business to a single metric; we know that in terms of opportunities, pipeline can vary between opportunities from new customers as well as upsell opportunities from existing customers. And the number that we disclose in the filing is on an LTM basis. So the good news is we saw notable uptick in upsell this year, well on the backs of high renewal rates, strong cross-sell, and we think that bodes well heading into 2021. I think in terms of 2021, more broadly, we're assuming that the demand environment is largely the same and with no notable changes from what we saw this year. The takeaway here is, look, we're very pleased with our results in the fourth quarter. We saw our performance in both the top line and the bottom line. CCB growth was 20%, revenue growth was 22%, better than expected both the top line and the bottom line. Customer demand underpinning all this was strong as Amit mentioned earlier, and to my comments earlier, we added 460 new enterprise platform customers and it's one of our best quarters ever for landing new large deals. That said, looking ahead in 2021, there's still a lot of uncertainty out there with the macro. As we head into the year, many geographies and countries are imposing further lockdowns and restrictions. Our guidance assumes just more broadly, notwithstanding the rental rates and expansion rates that the crisis will continue but abate over time, sometime in the summer with modestly improving demand in the second half of the year. Overall, we're pleased with the results of the quarter, which gives us confidence as we head into 2021.

Yes, that was very helpful. And then I guess, kind of just to confirm a little bit on what you said for 2021, you're baking in no change to the demand environment. But you also mentioned that the recent attacks kind of bring the importance of VM into light. So should we view the billings guidance as conservative, so is it not baking in any incremental demand from the recent attack, or is it just too early to see any meaningful change, if any?

It's more of the latter. Specifically, in relation to CCB, it's important to note that first, we haven't provided a full-year guide to CCB in over a year since February of our last call. We feel like today's guidance is appropriate. It certainly reflects the uncertainty of the macro, but the fact that we're providing this guide now is certainly a clear indication of our increasing confidence in the business. We're not factoring any V-shaped recovery or any changes here in broader market dynamics that would change the business short term. In terms of the fourth quarter, particularly, that is something that played out late in the quarter; a lot of the opportunities in the pipeline were dialed in, deals were slated to close. So, we're actually having conversations with our customers and our partners to determine what the opportunity is, if any, and what the potential impact is here in terms of timing. Overall, all this is really factored into our calculus when we give the guidance, again reinstating CCB guidance, something that we haven't done in a year. We feel this is a good early guide for us and a good starting point, and we look forward to updating you throughout the year.

Thank you for taking my question. I have a couple of inquiries. First, regarding the impact of SolarWinds, you mentioned that VM is becoming increasingly prioritized. Can you discuss how this might be influencing the pipeline or coming up in discussions with customers? I also have a follow-up.

Yes, it has certainly become a key topic in our discussions with customers. We noticed this right away when news broke about high-profile breaches like FireEye and SolarWinds. As each incident emerged, corporate leaders were primarily concerned about their exposure, risk, and security measures. This led to the IT security team providing near real-time assessments, checking for the attack tools that were compromised in the FireEye breach, and reporting on our exposure levels. Similarly, when the SolarWinds breach occurred, we were able to quickly identify our use of SolarWinds Orion, the specific version in use, and assess our exposure and response capabilities. This proactive approach to risk management is crucial, particularly during a crisis, as it allows incident responders to act with more certainty and speed. Consequently, this topic became part of our immediate discussions. As Steve mentioned, we are still in the early stages of quantifying the impact on pipeline development and our expectations for this year, but customer interest has been significant.

Got it. And just to follow up with Steve, you managed the business well during the toughest times of the pandemic, correct? Current billings have been growing at over 20% for the past few quarters. You noted a record number of new enterprise customer additions and an accelerated pace for market share gains. I'm curious how this aligns with the slower growth indicated in the 2021 outlook. I understand there is still some cautiousness regarding the pandemic, but those challenges have been present, and based on your comments, things should be improving in the latter half of this year. Is there anything else you're being cautious about, such as sales productivity or other areas? That's all from me.

Thank you for your question. Overall, we had a strong performance in the fourth quarter, and we're very pleased with the results we've shared. However, we won't base our outlook for this year solely on one quarter's results. It's important to remember that we operate as a global company, with sales in over 160 countries and a presence in 30 of those. We strive not to view our business as a single entity, as different regions and sectors are experiencing varying phases of the pandemic. Some countries are implementing more lockdowns and restrictions, which adds uncertainty, while others are more stable. We take all this into account when setting our guidance. The positive aspect is that our business model features a high percentage of recurring revenue, strong gross margins, and high renewal rates, providing us with significant visibility as we proceed through the year. However, it's still early, and many uncertainties remain. We're not anticipating a quick recovery or any immediate shifts in broader market dynamics that could affect our business short-term. Amit mentioned possible tailwinds and their potential effects on the company, which could indeed favor us. But for the fourth quarter specifically, the favorable developments occurred late in the period, and many opportunities in the pipeline were already recognized, with deals expected to close. We're currently engaging with our customers and partners to assess the possible impact and timing of these opportunities. All these factors are considered in our guidance, including the reinstatement of CCB guidance, something we haven't done in over a year. We believe this gives us a solid foundation as we move forward, and the strength of our Q4 results certainly helps build our momentum as we head into the year.

Yes, thanks. Hi, guys. So coming into 2020 and the beginning of 2020, it was pretty clear that at least the commentary and the results, your margin performance was really good, and you said you'd focus on that and we've seen really good margin results throughout 2020. But the growth rate has decelerated through the year. Am I reading it correct? It sounds like with the commentary around investment for both R&D, quota carrying, and sales and marketing, that perhaps now with the growth rate decelerating that the focus is shifting back to invest to hopefully stabilize or maybe reaccelerate growth, but it's going to take a couple of quarters for those investments to pay off? Is that the right read, or am I missing here?

Hi Sterling, this is Steve. I believe that's an accurate interpretation of our guidance. We have strong confidence in the market and feel more certain now than we did a couple of quarters ago, especially since we were uncertain about the pandemic's impact. CCB growth exceeded 20% in Q1, followed by around 13% in Q2, influenced by some timing variations in deals. We saw over 20% in Q3 and are pleased to report 20% for the fourth quarter. We feel optimistic about our business fundamentals; we are acquiring customers at a high rate while engaging in larger deals. It's important to emphasize the investment opportunities for generating long-term top-line growth. Our investments in go-to-market and product strategies are crucial; we aim to pursue growth while navigating macro uncertainties, and we believe the investments outlined today provide us with the best chance for success. Simultaneously, our guidance suggests we will expand operating margins. We experienced significant leverage in the business this year. The market's spending as a percentage of revenue dropped from nearly 60% in 2019 to the low 40% range in the fourth quarter of 2020, indicating considerable leverage. We've also noted improvements in free cash flow and expect free cash flow margins to enhance this year, despite our investments. We are striving for the right balance; we firmly believe in the market, and these investments allow us to pursue growth while remaining efficient and enhancing our bottom line.

Okay. And then one follow-up. Amit, there's been news reports that maybe a couple of the cybersecurity vendors may have had either some sort of breach or exposure with all the happenings over the last month or so. Is that actually opening up opportunity to gain market share or an increased opportunity for you guys, or is that not part of the conversation you're seeing?

I understand that customers and potential clients are increasingly prioritizing security and the vendor and supply chain over management compared to previous times. This shift has been underscored by events like the SolarWinds incident and other significant security breaches. While I’m not suggesting that it directly translates into an opportunity for us, it does indicate a favorable situation given our position as a top-quality provider. Although no security program is flawless, we actively invest in our security efforts and will continue to do so.

Thank you for your questions and congratulations on a strong quarter. I want to revisit your comments regarding the greenfield opportunity to gain a better understanding of the current market potential. You mentioned that about a third of the 460 new additions this quarter were greenfield, which seems consistent with last quarter's remarks. Do you think this indicates that one-third of companies currently lack a VM solution, and how might this change by the end of 2021? Many believe that following the Equifax breach, most enterprises have implemented some form of VM solution. Thus, the concern is that your growth may primarily rely on displacing existing vendors. I'm curious about your perspective on how we should view this emerging opportunity.

Yes, I would be cautious in assuming rational behavior within the security community. When I joined Tenable around four years ago, I was surprised to learn that a significant portion of our new large enterprise transactions—often about a third, sometimes reaching as high as 40%, and occasionally dipping to 25%—were coming from companies that had no prior experience with Tenable or our main competitors. These organizations weren't even using Nessus; they lacked any in-house vulnerability management capabilities and were solely depending on annual audits or assessments from major consulting firms to gauge their cybersecurity risk, which I found astonishing at the time. As the market has grown, we continue to see this trend, with many new clients, particularly large enterprises, still entering 2021 or coming out of the fourth quarter of 2020 without their own vulnerability management practices. While we do focus on the displacement of competitors and growth through expanding our existing customer base and asset types, there remains a substantial greenfield opportunity in the market. We've been highlighting our greenfield achievements by sharing the number of new enterprise clients joining our platforms each quarter, aiming for transparency in our reporting. This quarter, we landed 460 new enterprise customers, which is among our best performances.

Thank you for that information. I have a quick clarification. Your sales and marketing expenses saw a modest increase both quarter-over-quarter and year-over-year in Q4, and you showed good operating leverage in calendar '20. I'm curious about how much the SolarWinds attack influenced your decision to increase investments for the upcoming year, or if that was part of your plans regardless of the breach.

I think that's just one of many factors that go into us running the company. We look at broader market, competitive dynamics, and we also look at some of the secular trends in the market. So I think our results more broadly in the fourth quarter gave us confidence to invest in the regular trading of new customers. Certainly, underscores that our ability to transact larger deals, so in the progress on competitive takeaways, our Best of Breed focus. We have a lot of confidence in this market, which gives us the confidence to invest more so certainly in 2021 than what we did in 2020. And we believe there's a compelling long-term opportunity here. So, yes, I think it's a combination of a lot of things, not just any one thing specifically, but just really reflects the broader enthusiasm and confidence we have now in our ability to execute, but also in the backdrop of the broader market opportunity.

Hi, good afternoon. I wanted to start by asking about your efforts regarding multi-product cross-selling and how you might be reducing barriers in that area. Can you discuss what initiatives you have in place and any notable opportunities you see for enhancing cross-selling?

Yes, Jonathan. That's a great question and an insightful observation regarding our earlier discussion. We believe there are significant opportunities for creating value for our customers through some of these products. Specifically, when we examine container security, frictionless assessment, and our cloud security initiatives, we see potential in developing packaging that makes sense and lowers barriers in web application security. Our goal is to streamline cloud security for customers and allow them to easily adopt these capabilities. Instead of focusing solely on cross-selling between products, we are exploring how we can enhance value for customers by ensuring these products work well together. For instance, if we identify an issue, can it automatically trigger a more effective method of assessment that provides detailed insights? We're also considering how to package these offerings to minimize the effort needed for customers to transition between different product lines. We are actively working on these ideas with some of our early access customers and are excited about the possibilities ahead.

Got it, got it. And just as a quick follow-up. Just given the change in administration and some early readings towards potentially interesting cybersecurity spend on the government side. Can you talk about what you're seeing there in terms of government spending? And do you expect that to be, I guess, an above-average growth vertical this year, or given 2020 was the year of the vulnerability for U.S. Fed, was some of that brought forward? I'm just trying to get a sense of what you're thinking.

Every year brings increased vulnerability, risk, and exposure, and this was certainly the case in the federal market in 2020. There was significant confusion during the final days of the last administration, leading to considerable changes and upheaval in senior leadership, particularly in the cyber domain. This situation presents an opportunity for the new administration to prioritize cybersecurity, appoint strong leaders, and enhance existing programs or even initiate new efforts to mitigate federal cybersecurity risks. The administration is aware of these issues, as evidenced by a proposal exceeding $10 billion and the emphasis on cybersecurity in early discussions. While we're in the initial stages of this transition and awaiting developments, there is promising potential for growth in the federal market, and we maintain a strong position within the federal cybersecurity sector. We expect 2020 to remain a strong year for us in this area.

Yes, good afternoon, guys. Just one relatively quick one from me, I guess. Amit, could you talk a little bit about where customer conversations are around containers and container security, and we've got the CSPM market, the cloud workload protection markets. Are they looking for these technologies from a single vendor? And with all the noise out there and obviously, it's a big land grab at this point, where are points of leverage in your mind in terms of who might win in these markets? Thanks.

I don't believe there is going to be a single winner in these markets. It really depends on the buyers, their use cases, and their goals. Enterprises are utilizing cloud services in various ways, including SaaS, cloud-based infrastructure, DevOps environments, and web applications. There is no one-size-fits-all approach; instead, there are multiple uses and methods for customer engagement in cloud adoption. We are not positioning ourselves as an all-encompassing cloud security provider that addresses every aspect of cloud security. Instead, we see a diverse ecosystem of solutions emerging, with contributions from attack detection response firms, infrastructure protection companies, and cloud infrastructure vendors themselves integrating solutions into their platforms. Our focus is on assisting our current users with the specific use cases we support, especially in assessing the security of their cloud environment. We do not provide comprehensive protection for cloud environments or handle all attack detection and configuration management. Our role is to help customers evaluate the security of their cloud workloads and the assets within those environments. We offer various methods for this, including seamless assessments through our cloud-native connectors and tools for web application and container inspection. Ultimately, the key question remains: How at risk am I? How secure am I? We strive to enhance the visibility our clients depend on in these new cloud environments. We observed an increase in adoption of cloud security products in Q4 and highlighted some of that during the call.

Yes, thanks. To follow up on earlier questions and to summarize, when we consider what we are observing on the federal side regarding the additional $9 billion to $10 billion in spending, particularly in light of the SolarWinds hack, can we say that this increase in cybersecurity expenditure is not included in your guidance? Just to clarify.

Yes, I think that's an accurate description. We definitely recognize that there is a significant opportunity in federal spending, as Amit mentioned earlier. There is clearly the potential for an improved spending climate for SolarWinds. However, it's challenging to gauge the timing of that and its potential impact at this moment. Therefore, I believe our guidance reflects a level of broader uncertainty without factoring in these possible opportunities.

Okay. And then just a follow-up to that. So just given this high that’s now there in terms of the cybersecurity side, we specifically on the federal then bell, once it gets approved, but then also post SolarWinds. Are you doing anything differently, internally to block and tackle to make sure these opportunities, especially, where you guys sit within the beltway that you could capture, or is it just the traditional sort of Tenable execution model? Thanks.

Well, we're very focused on the execution model, helping customers in times of crisis, being there for them, interacting with them, giving them the insights that we have into the challenges that we're seeing. Obviously, we help them in their environments, but what we're seeing more broadly across the community are important giving them the accuracy and the confidence so that when they are reporting issues or that there are no issues, that they're doing so from a position of strength. So I think first and foremost, that traditional execution aspect of our customer relationship remains the most important thing, and then we do engage with policymakers and others trying to educate and inform them on, hey, what are the key issues, and what are the right approaches to dealing with these issues? And so we have spoken with folks regarding the SolarWinds breach and continued ways to help the government assess the state of cybersecurity and some of the challenges in front of it. So I’d say it's a sort of a two-pronged approach: first and foremost execution, but certainly also that more strategic dialogue with key government leaders and policymakers.

Hi, can you guys hear me okay?

Yes.

We can now, Gray. Thanks.

Sure, can.

Thank you for taking my question, I really appreciate it. I have another inquiry regarding the SolarWinds breach. I know you've addressed it several times already, but I would like to follow up. How do you expect it to unfold over the next 6 to 12 months? Are customers looking to expand their asset coverage? Does it accelerate the evaluation of products like Lumin? Or is it more of a catalyst for acquiring new customers? Any insights on that dynamic would be very helpful.

Yes. I'd say first of all, I'm extremely proud of how our team responded during the question in terms of getting information out to customers on a near real-time basis and understanding of the breach and how to use the technologies to assess where they may have potential exposures and chase those down. Which are again all critical when the security program is trying to respond to corporate leadership that has visibility into a breach like this. So I think that is foundational, and from there, the natural questions are, okay, where do we have visibility, where do we have coverage, where don't we have coverage? And making sure that organizations have whether it's through increased asset coverage, coverage across the enterprise, coverage into unidentified assets as well as doing some of the prioritization activities so that high-risk vulnerabilities which are more likely to be exploited or being exploited out in the wild. Good organizations can get on top of those and be a little bit more proactive with their security. So I think the short answer is, this could be a catalyst for increased levels of sub-security risk management, and we think we're the primary platform to help enterprises do that. And so, it could translate into increased business, but it's hard; we're still in the early period, so it's harder to look at that and then translate into what it's going to be and what the impact is going to look like as we enter the year.

And this concludes today's question-and-answer session, ladies and gentlemen. I'd like to turn the call back over to management for closing remarks.

Great. I'd like to just thank everybody for joining the call and the insightful questions and look forward to seeing you at the investor conferences that we noted earlier, and thanks for your time.

Thank you all. This concludes today's conference, and you may disconnect your lines at this time. Thank you for your participation, and have a great evening.