Earnings Call Transcript
Tenable Holdings, Inc. (TENB)
Earnings Call Transcript - TENB Q4 2021
Operator, Operator
Greetings, welcome to the Tenable Q4 2021 Earnings Conference Call. At this time, all participants are in a listen-only mode. A question-and-answer session will follow the formal presentation. Please note this conference is being recorded. I will now turn the conference over to your host Erin Karney, Head of Investor Relations. Thank you. You may begin.
Erin Karney, Head of Investor Relations
Thank you, operator, and thank you all for joining us on today's conference call to discuss Tenable's fourth quarter and full year 2021 financial results. With me on the call today are Amit Yoran, Tenable's Chief Executive Officer; and Steve Vintz, Chief Financial Officer. Prior to this call, we issued a press release announcing our financial results for the quarter. You can find the press release on the IR website at tenable.com. Before we begin, let me remind you that we will be making forward-looking statements during the course of this call, including statements relating to Tenable's guidance and expectations for the first quarter and full year 2022, growth and drivers in Tenable's business, changes in the threat landscape in the security industry and our competitive position in the market, growth in our customer demand for and adoption of our solutions, the potential benefits of our acquisition, innovation, and new products and services, Tenable's expectations regarding long-term profitability and the impact of COVID-19 on our business and on the global economy. These forward-looking statements involve risks and uncertainties, some of which are beyond our control, which could cause actual results to differ materially from those anticipated by these statements. You should not rely upon forward-looking statements as a prediction of future events. Forward-looking statements represent our management's beliefs and assumptions only as of today and should not be considered representative of our views as of any subsequent date. We disclaim any obligation to update any forward-looking statements or outlook. For further discussion of the material risks and other important factors that could affect our actual results, please refer to those contained in our most recent quarterly report on Form 10-Q and subsequent reports that we file with the SEC, which are available on the SEC website at sec.gov. In addition, during today's call, we will discuss non-GAAP financial measures. These non-GAAP financial measures are in addition to and not a substitute for or superior to, measures of financial performance prepared in accordance with GAAP. There are a number of limitations related to the use of these non-GAAP financial measures versus their closest GAAP equivalents. Our earnings release that we issued today includes GAAP to non-GAAP reconciliations for these measures and is also available on the Investor Relations section of our website. I'll now turn the call over to Amit.
Amit Yoran, CEO
Thank you, Erin, and thank you all for joining us today. Today, I'll discuss our financial performance in Q4, strengthen core VM, our traction with our individual exposure solutions, and the expansion in differentiation of our unified platform. With that, let me first touch on our Q4 results. We saw tremendous strength in the fourth quarter, driven by contributions from all products and theaters. Our CCB growth for the quarter was 29%, capping the year where we saw accelerated growth at scale balanced with profitability, including strong unlevered free cash flow. During Q4, we added 562 new enterprise platform customers and added 100 net new six-figure customers, both record adds for us in a single quarter. As the leader in VM, our expertise is finding assets, identifying how those assets are configured, and how and where they're vulnerable and prioritizing those vulnerabilities and exposures guiding our customers in how best to manage risk. Nessus has been and continues to be the standard for assessing system security and vulnerabilities. Over the last few years, we've seen an acceleration of downloads of Nessus and in Q4, we saw continued strength with Nessus customers ramping to our enterprise platforms. Our drive to lead the market in terms of vulnerability coverage, the accuracy of our assessments, and the time to market for developing new checks as critical new vulnerabilities emerge are highly appreciated and recognized by our customers. In Q4, Log4j highlighted and continues to highlight the strategic importance of discovering and managing vulnerabilities. Regardless of marketing claims, no next-generation firewall, no EDR, no XDR, nor any other product is able to assess, identify and prevent the growing breadth of Log4j. Tenable already covers over a hundred Log4j vulnerability detections, including direct checks and checks over HTTP, HTTPS, SNTP, POP3, IMAP, TELNET, SSH, SMTP, NTP, FTP, NetBIOS, and other protocols. And we've only begun to pull on the long tail of Log4j-related issues. If it's your mission within the enterprise to answer the question, how secure am I? How at risk am I? Tenable has differentiated itself as the market leader and platform to use. Enterprise and attack surfaces keep expanding, creating opportunities for Tenable's exposure solutions. We saw another quarter of tremendous traction in our solutions for operational technology and active directory as we bring our expertise to these underserved markets. We believe we're the only provider that provides complete understanding of IT and OT converged environments, coupled with a deep understanding of exposure and risk. This unique understanding of both of these environments enables us to provide a differentiated and compelling solution in the market. We also see strong traction in Tenable.ad, our active directory security product, and expect that to continue to be a very attractive market for us. Eighty-six percent of enterprises are expecting to increase their spending on active directory security in 2022. We believe we're solving a great pain point in this largely greenfield market, where we have the leading technology. In addition to our traction in these markets, we're seeing strength in our cloud products and excitement around cloud expansion. We've long focused on helping our customers secure their cloud environments. Cloud-based capabilities require assessing the security of web applications and a deep understanding of containers. We've had cloud-native connectors for years, and more recently we've introduced Frictionless Assessment. With continued demand from our customers to help them secure their cloud environments, we've extended our investment into Infrastructure as Code, into Kubernetes, and into Cloud Security Posture Management with the acquisition of Accurics. As we continue to build out and integrate our full portfolio of cloud capabilities, our reach expands all the way from the far left from building and assessing vulnerabilities in code and fixing them pre-production, all the way through the far right where we're discovering assets, evaluating risk and exposures, and run time. We identify misconfigurations and fixed assets across their entire life cycle. Tenable becomes the definitive place to go to for assessing and understanding risk across the entire cloud deployment, not just the development piece and not just the cloud and Kubernetes infrastructure configuration and not just the containers or the virtual machines themselves. If it's your job to assess cyber risk for the audit and risk committee for the CSO, for the CEO, for the Boards of Directors, Tenable.ep, our exposure platform can help you understand cyber risk in the broader context of your business. Our market leadership in VM, in assessing and addressing cyber risk, puts us in a position of strength to evolve naturally with our customers into new environments. Security teams cannot properly assess risk in their IT environment without understanding and integrating risk from their AD environment, their cloud environment, and others. They demand this unified integrated approach, and we're seeing this play out in the market. Tenable.ep had another strong quarter, and we expect that traction to continue as we're now expanding Tenable.ep to incorporate more of our exposure solutions, including Tenable.ad and Tenable.cs, which includes Infrastructure as Code, Kubernetes, CSPM, containers, and other cloud security capabilities. With these integrations, Tenable.cs, as part of EP, will deliver a cloud-native application security platform as an integrated end-to-end security solution and a complete picture of cyber risk across the modern attack surface with unified visibility into code, configurations, assets, and workloads. Earlier today, we announced that we've reached an agreement on a tuck-in acquisition of an attack path analysis company in Israel called Cymptom, which we expect to close this quarter. Cymptom's technology maps vulnerabilities and exposures across asset types into attack paths and prioritizes how to address likely paths of exploitation. After the closing, this technology, when integrated into EP, will run alongside enhancements to Lumin, another market-leading analytics, enabling security teams to preemptively focus response efforts ahead of, and during breaches. Serving our customers' need to understand their cyber risk is what drives our vision and our expansion across VM, active directory, public clouds and OT environments into an integrated unified workspace. We believe augmenting EP's unified data sets and analytics with attack path analysis will enable Tenable to continue to extend our leadership in cyber risk management. The world of the CISO is managing many risks across many interconnected and interdependent systems. Assessing risk means understanding discreet elements of exposure, but also their interdependency; weaknesses in identity in IT can affect OT and shut down a pipeline; ransomware; nation-state breaches; breach IT and target active directory. At Tenable, we're focused on delivering best-of-breed technologies in exciting markets, and we're pursuing a platform vision for understanding and managing cyber risk that we believe is unlike anything else available. And this brings me to the key conclusion I want to leave you with. Yes, we see strong performance in VM. Yes, we see strong growth and potential in our individual exposure solutions across active directory, operational technologies, and cloud security. But if there's one single thought, one sole conclusion, it's this: that it's nearly impossible to accurately assess the risk associated with any one piece of technology in isolation. Our unified platform not only brings together market recognized, leading exposure solutions, we're bringing more of these data sets together in the unique cyber exposure platform with differentiated and compelling analytics. I'd like to turn the call over to Steve now.
Steve Vintz, CFO
Thanks Amit. As Amit mentioned earlier, we are delighted with the results for the fourth quarter highlighted by significant acceleration in CCB growth, a notable beat in earnings per share, and attractive levels of unlevered free cash flow. I will provide more commentary on each of these points momentarily, but first please note that all financial results we discuss today are non-GAAP financial measures, with the exception of revenue. As Erin mentioned at the start of this call, GAAP to non-GAAP reconciliations may be found in our earnings release issued earlier today, which is posted on our website. Now onto our results for the quarter. Revenue for the quarter was $149 million, which represents 26% year-over-year growth. Revenue in the quarter exceeded the midpoint of our guided range by $5 million. Visibility remains high as our percentage of recurring revenue was 95%, which is primarily a result of our annual prepaid subscription model. Revenue for the full year was $541.1 million, which represents 23% growth year-over-year. The outperformance in revenue is a result of accelerating growth in calculated current billings. CCB, defined as the change in current deferred revenue plus revenue recognized in the quarter, grew 29% year-over-year to $194 million. Q4 forecast a very successful year for us in which we saw CCB growth accelerate throughout the year from 20% in Q1, to 23% in Q2, to 25% in Q3, and now to 29% in Q4. We attribute this inflection in growth to our differentiated VM capabilities, expanding product portfolio, and increased investment in sales capacity and go-to-market activities. During Q4, we saw strength across the board in both new and renewal business and in all geographies. It's important to note that we experienced very good linearity entering December, and we're on our way to one of our best growth quarters of the year. However, after the discovery of Log4j in December, we saw a significant uptick in our expansion rates as customers increased coverage of both assets and applications. Our expansion rate also benefited from exceptional renewals, including winbacks and limited customer churn, all of which lifted our net dollar expansion rate. Likewise, we also saw outperformance in new logos, particularly in the mid-market through our inside sales efforts and from no touch Nessus sales channels given the relatively short sales cycles. New logo sales from large market customers with longer sales cycles also saw strong close rates for opportunities that were already advanced in the Q4 pipeline. New pipeline built in the quarter for the large market was also very healthy. Now in terms of metrics underpinning our strong financial performance, we added 562 new enterprise platform customers in the quarter, which is a record for us and up from the 460 we added in Q4 last year. We also had success with large deals as we added 100 net new six-figure customers in the quarter, which is up from 66 in the same period last year. Similar to new enterprise platform customers, the number of net new six-figure customers we added in Q4 is our largest ever in a single quarter and brings the total number of new enterprise platform customers spending over $100,000 per annum to almost 1,100. From a product mix perspective, our exposure solutions, which include Tenable.io, Tenable.ep, and its modules, active directory security and operational technology security, continue to gain traction and solve our customers' growth. We attribute this strong demand to our customers' need to assess risk holistically across IP assets, identities, and OT assets. While we saw strength in cloud use cases, it should be noted that Accurics' contribution to CCB in the quarter was nominal since the acquisition closed in Q4 and Accurics' infrastructure-as-code capabilities were not integrated into our go-to-market motion in the quarter. We believe Accurics' ability to assess and secure critical cloud infrastructure prior to deployment will significantly enhance our existing cloud capabilities and augment our strength in one-time environments. Accordingly, we plan to soon announce the availability of our more expansive cloud security offering and the integration of these capabilities with EP shortly, and given sales cycles we expect CCB to begin to benefit in the second half of the year. In summary, we are delighted with the trend in the top line this year. Now, I'll turn to expenses, which include incremental investments in growth and the operating expenses related to Accurics. I'll start with gross margin, which was 82% this quarter, down 70 basis points from last quarter. Gross margin for the full year was also 82%. Cost to sales increased sequentially due to higher public cloud and related costs associated with the increased customer usage of our products and costs related to scaling Accurics' infrastructure in support of a more expansive cloud security offering. We are also investing in a broader set of advanced analytics across the attack surface to help customers better predict attack paths and assess risk holistically. Looking ahead, we expect these investments to continue into 2022, which could modestly impact gross margin. Long-term, we still expect gross margins to be in the high 70% to low 80% range. Sales and marketing expense for the quarter was $69.5 million, which is up from $60.7 million last quarter. Sales and marketing expenses reflect higher wages and benefits related to hiring more sales reps and other headcount, as well as accrued payroll taxes. Further, it reflects higher commissions and variable compensation attributed to our strong sales performance in the quarter, and increased investment in marketing for demand generation and brand-building activities for our exposure solutions. Adding sales capacity and investing in our go-to-market efforts will continue to be an area of focus for us, given the acceleration in growth in 2021, our expanded product portfolio, and the high level of sales productivity, as well as our ability to generate an attractive ROI on new dollars invested. Sales and marketing expense as a percentage of revenue was 47% in Q4 compared to 44% last quarter. For the full year, sales and marketing expense as a percentage of revenue was 44% and is expected to remain at or near this percentage in 2022, which will give us ample investment dollars to keep pace with strong demand. R&D expense for the quarter was $24.9 million, which was consistent with $25.1 million last quarter. Although there was little change in R&D expense during the quarter, it should be noted that we added a sizable team of engineers in cloud security attributed to Accurics and made other hires, which was more than offset by the amount of capitalized software development costs related to expanding our exposure platform and in R&D tax credit we received. R&D expense as a percentage of revenue was 17% in Q4 compared to 18% last quarter. For the full year, R&D expense as a percentage of revenue was 18% and is expected to increase modestly in 2022, given the increased investment in cloud security, attack path analysis attributed to the Cymptom acquisition, and a broader set of predictive analytics and platform capabilities. G&A expense was $15.8 million compared to $15 million last quarter. As a percentage of revenue, G&A expense was 11% this quarter and last quarter, as well as for the full year. We continue to make investments in G&A to support growth and scale of our business. We expect G&A expense as a percentage of revenue to remain flat in 2022. Income from operations was $11.9 million compared to $13.7 million last quarter, which reflects the items I just highlighted. For the full year, non-GAAP income from operations was $51 million compared to $25.8 million in 2020, which was a $25 million improvement despite the additional operating expenses attributed to the Alsid and Accurics acquisitions. Operating margin was 8% for Q4 compared to 10% last quarter. Operating margin was 9% for the full year compared to 6% for the full year 2020. EPS in the fourth quarter was $0.05, which was $0.02 better than the high end of our guided range. For the full year, we generated $0.34 of earnings per share versus $0.19 last year. Now, let's turn to the balance sheet. We finished the quarter with $512 million in cash and short-term investments. Given our strong Q4 results, we saw a notable sequential increase in both accounts receivable and total deferred revenue. At year-end, accounts receivable was $137 million and total deferred revenue was $531 million, including $407 million of current deferred revenue, which gives us a lot of visibility headed into 2022. Now I would like to discuss cash flow. We used $160 million of cash to acquire Accurics and paid $3.2 million of interest on our credit facility in October. In Q4, we generated $22.4 million of unleveraged free cash flow and for the year we generated $95.2 million, which is a $50.9 million increase over 2020 levels. With 95% recurring revenue, high gross margins, and high renewal rates, we feel confident that we can continue to generate attractive levels of cash while continuing to invest in the business. Striking the right balance between growth and profitability has always been an area of focus for us. A good indication of this is our achievement of rule of 40 for the fourth quarter and full year. Achieving this was years in the making and a long-term goal since our IPO in 2018. So, we're very pleased to have achieved this important milestone. As a reminder, we define rule of 40 as revenue growth plus unlevered free cash flow margin. With the results of the quarter behind us, I'd like to outline our outlook for the first quarter and full year 2022. For the first quarter, we currently expect revenue to be in the range of $152 million to $154 million; non-GAAP income from operations to be in the range of $10 million to $11 million; non-GAAP net income to be in the range of $5.2 million to $6.2 million, assuming interest expense of $3.5 million and a provision for income tax of $1.3 million; non-GAAP diluted earnings per share to be in the range of $0.04 to $0.05, assuming $117.5 million fully diluted weighted average shares outstanding. And for the full year, we currently expect calculated current billings to be in the range of $750 million to $760 million; revenue to be in the range of $662 million to $670 million; non-GAAP income from operations to be in the range of $40 million to $45 million; non-GAAP net income to be in the range of $18.2 million to $23.2 million, assuming interest expense of $14 million and a provision for income taxes of $8 million; non-GAAP diluted earnings per share to be in the range of $0.15 to $0.19, assuming $119.5 million fully diluted weighted average shares outstanding. Our strong performance in Q4 and the full year 2021 give us a lot of confidence in the business and our outlook for 2022. In that regard, there are a few comments I want to make that will provide important context to our guidance today. Our CCB guidance for the full year reflects 22% to 23% growth, which includes some continued tailwinds from Log4j in Q1 with more modest contributions expected throughout the remainder of the year. Overall, we're very pleased to be providing CCB and revenue guidance today that is notably above the 20% bar we discussed during our Investor Day in December. In terms of profitability, we exit the year with an 8% operating margin in Q4 and are guiding to 6% to 7% for the full year 2022, which includes $4 million to $5 million per quarter of operating expenses related to Accurics and to a lesser degree Cymptom. The incremental investments in R&D attributed to recent acquisitions expand our product suites strategically important markets and strengthen our ability to deliver our cyber exposure vision. In terms of the quarterly flow of these investments, we expect to follow our historical seasonal patterns with higher investments in the first half of the year, resulting in higher operating margins in the second half of the year. As discussed earlier, we achieved rule of 40 in Q4 and the full year 2021. So, we believe making investments in the face of strong demand will position us well for continued growth and success. Long-term, we are confident in our ability to continue to balance growth with profitability and become a rule of 50 company. In summary, we're delighted with the results of the quarter and feel really good about the outlook we are providing today. I'll now turn the call back to Amit for some closing comments.
Amit Yoran, CEO
Thanks, Steve. We continue to see increasing levels of differentiation in our core VM capability. This is particularly exciting given the strategic role that many organizations are increasingly placing on VM. Our exposure solutions in OT and AD are seeing great traction. We're thrilled about the momentum we have in our cloud business, augmented by Accurics forming an integrated comprehensive cloud offering. And we believe that bringing these solutions and data sets into a unified cyber risk management platform with differentiated analytics, such as Lumin and attack path analysis positions us incredibly well for the long-term. We delivered strong results in Q4 and are excited about the road ahead. We now like to open the call up for questions.
Operator, Operator
Thank you. At this time, we will be conducting a question-and-answer session. Our first question is from Hamza Fodderwala of Morgan Stanley. Please proceed with your question.
Hamza Fodderwala, Analyst
Hey, guys. Thank you for taking my question and strong finish to the year here. Steve, maybe just first question for you. You mentioned the tailwind from Log4j. I was wondering if you could help us quantify what that actual tailwind was in Q4 and what the expectation is for 2022 from A, growth contribution standpoint you mentioned NRR was up so what was the net retention rate in Q4 relative to what you saw in the quarter prior?
Steve Vintz, CFO
Hi. Thanks for your question and good question. As we've commented earlier, we saw some upside in the quarter related to Log4j. I think the timing's important to note here Log4j didn't surface until December. And we were well on our way to having our best growth quarter of the year, which is notable given the acceleration in the business we've demonstrated throughout the year. So, as a result, the impact of Log4j in the quarter was more apparent in areas that had shorter sales cycles, such as renewals, expansion sales, and in terms of new business, more specifically in the mid-market and our no-touch Nessus sales channels given the relatively short sales cycles. But we are also very pleased to see pipeline and activity levels for larger deals inflect higher in the quarter, so we don't just see this as a pull forward of demand. I think the important point to note here is that Q4 capped a very successful year for us in which we saw accelerating CCB growth that benefited from our expanded product portfolio and the investments we started making in the first half of the year. And as Amit commented earlier, what’s really different about Log4j versus perhaps other vulnerabilities or even high-profile data breaches is the pervasiveness and the complexity of it, which is really a testament to our leadership in the market and the strategic nature of our products. And with regard to 2022, our CCB guidance for the full year does reflect some continued tailwinds from Log4j in Q1, given our level of visibility, as well as some contributions, more modest contributions throughout the year, but overall, we feel really good about the momentum in our business and our outlook for the year. We talked about the net dollar expansion rates. It was strong in the quarter and it lifted our net dollar expansion rate on an LTM basis back to close to pre-pandemic levels. So, overall, really solid quarter for us caps a very successful year and gives us a lot of confidence heading into 2022.
Hamza Fodderwala, Analyst
Steve, if I could just follow up on that. Just on the net retention so like, you mentioned it was back to pre-pandemic levels. I think our last few quarters, the net retention, if I'm not mistaken, was trending between like 112, 113, is it fair to say, in Q4, it was back to that, let's say 115 to like 118 level even.
Steve Vintz, CFO
Yeah. So, the distinction I'll make is LTM. What we talk about is on an LTM basis last 12 months. So, if you have a really strong quarter renewal rate and expansion rates, it's going to drive a meaningful uplift on our LTM number. And we saw a meaningful uplift in our LTM number because of the strength in the quarter. So absolutely delighted with the result in the quarter. Obviously, expansion rate did benefit from Log4j, but notwithstanding that as I commented earlier, we were on our way to having a good quarter in areas that were really strong. And the last few weeks of the quarter, because of Log4j were particularly strong and renewals and expansion benefited.
Operator, Operator
Our next question is from Sterling Auty of JP Morgan. Please proceed with your question.
Sterling Auty, Analyst
Yeah. Thanks. Hi, guys. So, first one is, you gave us the impact on operating expenses from Accurics and from Cymptom, but can you give us a sense of what impact that had on the revenue line for guidance for 2022?
Steve Vintz, CFO
Accurics closed in the fourth quarter, and as I mentioned, we have full year expenses. We're following through with the guidance, which also includes additional operating expenses related to the Cymptom acquisition that we just announced. It's important to highlight that Cymptom will not be a separate SKU; it will be integrated with EP and other areas of our product to enhance our analytics. Amit can provide more details on that. Regarding Accurics, we announced today the expansion of our cloud security offering. This product will be available for sale as we enter the sales cycles, and we anticipate a larger contribution from CCB in the second half of the year, which is reflected in our guidance today.
Sterling Auty, Analyst
And then maybe just one follow-up on the gross margin side, just to clarify a comment that you made. You mentioned that continual investments could have a modest impact on gross margins. Is that relative to the gross margin level in the fourth quarter? So, we could see some additional pressure from that level or from the level for the full year 2021?
Steve Vintz, CFO
It would be from Q4 based off of what we experienced in the fourth quarter.
Sterling Auty, Analyst
Okay. And just modest impact and kind of stable through the year, or is there kind of a pattern where it kind of bottoms and starts to improve at some point?
Steve Vintz, CFO
I believe we previously indicated that we expect strong sales in the cloud segment, and we are pleased with the growth of the product. We anticipate that cloud will increasingly account for a larger portion of our sales. Consequently, we expect gross margins to align closely with this trend, modestly decreasing by around 100 basis points. This is an assumption for earlier in the year, and it should be considered for the entire year going forward. If we exceed the current top line guidance, margins could improve further, as some costs are semi-fixed and incurred up front this year, which may enhance margin leverage in the future.
Operator, Operator
Our next question is from Saket Kalia of Barclays. Please proceed with your question.
Saket Kalia, Analyst
Okay. Great. Hey, guys. Thanks for taking my questions here. Amit, maybe first for you, a lot of talk about EP in the call. I was just wondering, can you just expand a little bit on the success of the overall bundling strategy and how you're kind of thinking about that strategy in 2022 with bundling.
Amit Yoran, CEO
When we launched EP around the middle of last year, both our sales team and customers quickly embraced it due to the integration of web app scanning capabilities, some container security products, and other features that made sense. The addition of Lumin also enhances the analytics on top of it. We experienced rapid adoption from both the sales team and our customer base. There are two main points to highlight. First, there is a natural evolution for EP to incorporate active directory capabilities along with a complete suite of cloud features. This allows customers to evaluate their risk through a unified reporting dashboard, providing a more comprehensive risk assessment. Second, it's important to note that this isn't merely a bundling exercise like how EP was initially packaged. There are genuine analytics capabilities that now span multiple asset types, facilitating the integration of these assets into Lumin. Additionally, the introduction of new analytic techniques such as attack path analysis enhances its appeal as a platform.
Saket Kalia, Analyst
Got it. That makes a lot of sense. Steve, for my follow-up, nice start to the year with the CCB guide. I know the question about inorganic contribution to revenue was just asked, but to ensure it's addressed, could you share any insights on the CCB guide for 2022? I believe you have Alsid, Accurics, and Cymptom involved; could you provide a rough sense of how that 22% to 23% growth looks from an organic perspective?
Steve Vintz, CFO
Sure. As a reminder, the companies we've acquired are all in the early stages with minimal sales or market presence. Therefore, our current sales largely indicate the success of our go-to-market initiatives and our ability to develop new pipeline opportunities after the sale. It's also important to note the timing of some of the acquisitions. We completed the acquisition of Alsid in 2019, so we have been offering an OT product for two years, which you might not consider as inorganic growth. We recently closed the Accurics acquisition in the fourth quarter, which is leading to a more comprehensive cloud offering for us. We anticipate contribution from this acquisition, and it is somewhat reflected in our guidance, but we expect to see more impact in the latter half of the year. This leaves us with Alsid, our active directory product, which we finalized in April. Both our active directory and OT offerings performed well for us this quarter and for the full year. We discussed the year-long contributions of these products during our Investor Day. It's fair to say we did slightly better than the $20 million figure we mentioned in December, and we expect ongoing growth and contributions from these products, along with our broader exposure solutions. It's crucial to highlight our go-to-market strategy, which focuses on integrating new features and capabilities into our unified exposure platform, EP. As Amit mentioned earlier, it’s nearly impossible to accurately evaluate the risk associated with a single piece of technology or type of asset in isolation. Our products strengthen one another and enhance our overall value proposition, allowing customers to assess risk comprehensively across the attack surface. Therefore, isolating sales of individual products in the future, especially those whose capabilities are included or will be included in EP, will become less relevant given how we price and package our solutions, helping our customers address the larger issue.
Operator, Operator
Our next question is from Andrew Nowinski of Wells Fargo. Please proceed with your question.
Andrew Nowinski, Analyst
Thank you and congratulations on a strong quarter. I’d like to ask about EP again. You've added several components, as you mentioned, and it seems like CS will be included as well. Can you provide any insight into how much this will increase the price and whether we should anticipate accelerated growth in your $100,000 customers in 2022 as a result?
Amit Yoran, CEO
I will pass that question to Steve shortly. The way EP is structured is as a premium solution, offering advanced analytics in addition to individual solutions. For instance, if you're using VM, you might want to consider purchasing through EP since it provides all the capabilities, including Lumin and other functionalities. This also applies if you're utilizing the cloud security product or active directory. We plan to monetize the new features and products added to EP through premium pricing, but you'll still need to pay the asset price for AD or for your cloud assets. Thus, monetization occurs through both an increase in asset count and a higher price per asset, as we provide valuable analytics on top of those assets.
Andrew Nowinski, Analyst
Got it. That makes sense. I have a question regarding your expectations for Log4j. You mentioned it will certainly impact Q1, but that it will moderate afterward. However, based on comments from CISA and the White House, there are concerns that this could lead to problems over the next two years. I'm curious why you believe the impact will decrease after Q1 instead of continuing to be a significant issue or potentially worsening throughout the year.
Steve Vintz, CFO
Well, I think what's reflected in our guidance, as I mentioned earlier, indicates more tailwinds in the first quarter. The degree to which we benefit beyond that, above and beyond the guidance we're providing today, is still to be determined. Our current guidance reflects continued contribution in the first quarter, showcasing the overall strength of the business—not just for this quarter, but for the entire year. We believe we are positioned for success in 2022, which gives us confidence in the guidance we are presenting today. We have more visibility heading into the first quarter than we do for the remainder of the year. However, the extent to which it continues to benefit us at the level we expect in the first quarter is still uncertain. We look forward to providing an update on our call in April.
Andrew Nowinski, Analyst
That makes sense. Thanks guys. Keep the good work.
Operator, Operator
Our next question is from Gray Powell of BTIG. Please proceed with your question.
Gray Powell, Analyst
Alright. Thanks for taking my questions and congratulations on a great quarter.
Amit Yoran, CEO
Thank you.
Gray Powell, Analyst
Yeah, absolutely. So yeah, you highlighted that billings growth accelerated in each of the last four quarters. You just exited the year at 29% growth. And Steve, I know you want to keep people conservative, but do you see a scenario where things could further improve and maybe start growing in excess of 30%? And then if so, I'd just be curious like, what do you think are the most likely levers or things that could go right to get you there?
Steve Vintz, CFO
The guidance we are providing today is between 22% and 23%. However, we are pursuing a significant market opportunity. We have expanded our product portfolio and entered new, rapidly growing markets. We are making investments, and it is important to note that we began making these investments more aggressively in the first half of the year. This is positively impacting our top line by increasing sales capacity and achieving higher productivity levels. We are also evolving our product suite, which is significant given the current environment of high-profile data breaches and relevant threats that we are addressing. This gives us confidence in our outlook for 2022. We are not limiting our growth at this stage; the opportunity is substantial. We are encouraged by the acceleration and will gain more insights as the year progresses.
Gray Powell, Analyst
Okay, that's really helpful. I have one more quick question. You mentioned that several customers returned and increased their asset coverage in December following Log4j. Could you provide details on what that looked like specifically, such as the percentage of assets those customers were covering before Log4j? And then, what did the coverage look like afterward? Are we talking about a doubling in coverage, or something else? I'm trying to get a better sense of how that changed.
Amit Yoran, CEO
Each customer situation is different. Many enterprise customers may have some substantial coverage of their environment, but they also realize that they haven't covered certain other assets. For example, Log4j is an exploit that can affect any system running Java. Even if there is strong coverage of desktop servers and workstations, there are still many other computing devices that might run Java and could be vulnerable to Log4j issues. So, it's really dependent on each customer, and I wouldn't assume it leads to a simple doubling of coverage or anything like that.
Gray Powell, Analyst
Got it. Yeah. No, I was just making that up. I was just trying to figure out a rough ballpark increase.
Amit Yoran, CEO
Thanks, Gray.
Operator, Operator
Our next question is from Brian Essex of Goldman Sachs. Please proceed with your question.
Brian Essex, Analyst
Thank you for taking the question and congratulations on a strong set of results for the quarter. Amit, in the previous quarters, we discussed the penetration of the MSSP channel. How did the contribution from managed service providers perform this quarter, especially considering the current threat environment? How is that traction developing as we move into 2022?
Amit Yoran, CEO
Yeah. I think, I'll start off with the second question. The progression of the threat environment, I think becomes sort of natural tailwind for us in that it increases visibility. It increases awareness among people making decisions within organizations about the importance of managing these risks appropriately. And both the high profile and very public nature of some of the incidents that we've seen have certainly made that clear. We see continued strength in our overall federal business, as well as within our MSSP channel. We have good momentum with MSSPs, and I think we have strong technology integrations that are beginning to drive a decent amount of traction. And the investment we are making in expanding our sales efforts and building stronger relationships there, plus what we're seeing from the increased awareness from executives is a continuation of those trends that we feel good about heading into 2022.
Brian Essex, Analyst
I understand. That's helpful. Could you provide insight into how Tenable is performing in the current environment in terms of new opportunities and displacing competitors? Has there been any change due to the heightened threat landscape, especially regarding Log4j, where your leading status is attracting more businesses to Tenable? Or are enterprises that lack a formal vulnerability management platform being pushed in that direction because of the vulnerability landscape? Any updates on this would be appreciated.
Amit Yoran, CEO
Steve, I'll let you comment if there's any notable change on the greenfield, but typically we highlight this on a quarter-to-quarter basis. It has been very consistently about a third of our new enterprise opportunities. Notably, there is differentiation, especially regarding high-profile vulnerabilities like Log4j, where it becomes a known issue. The CISO, CSO, or other executives are asking questions about it, and we are first to market with detections for these capabilities, offering accurate detection along with flexibility and breadth of coverage. This issue exemplifies how the breadth and complexity enable enterprises to recognize the differentiation we provide regarding coverage and accuracy. I believe this positive outlook will continue to support us competitively in the early periods. We have always maintained strong competitive differentiation and win rates. We anticipate that the awareness and high-profile nature of breaches like Log4j will keep emphasizing our strengths.
Brian Essex, Analyst
Got it. That's helpful. Thank you.
Operator, Operator
Our next question is from Rob Owens of Piper Sandler. Please proceed with your question.
Justin Roach, Analyst
Hey, guys. This is Justin Roach on for Rob. Just was wondering if you could give some more color on the demand environment in the federal vertical in 4Q given the strength you saw last quarter, and how we should think about it as you move into 2022? Should we see any differences in seasonality just given the spending intentions here seem to be pretty high?
Amit Yoran, CEO
Yeah. We're very pleased with the approach the federal government is taking in cybersecurity. It's much more aggressive than previous administrations have shown. We see continued strength in our overall federal business, as well as many large funded and unfunded opportunities. I think, we'll continue to focus on that market. And I don’t see any unanticipated changes in seasonality from previous years or previous behaviors. Steve, I don’t know if you have additional color to add on that?
Steve Vintz, CFO
No, well said.
Operator, Operator
Our next question is from Jonathan Ho of William Blair. Please proceed with your question.
Jonathan Ho, Analyst
Hi, good afternoon. I just wanted just to start out with some of your commentary around the active directory security opportunity. Can you maybe give us a sense of whether or not this could be another tip of the spear to maybe go with new customers that are maybe using an alternative platform and does that maybe open up the opportunity to dislodge those competitors I guess, longer term?
Amit Yoran, CEO
Absolutely, it is. And I think, especially in large enterprises where competitors have been entrenched for years, or they've been locked in with multiyear contracts, engagement, and they've integrated the VM product into other processes that they have, and displacing them is, and has been more challenging. In those instances, as soon as we mention, VM or some of the cloud security capabilities that we're now bringing to market, there's definitely a very strong openness to engaging with us. And so we find that in those types of entrenched accounts, active directory becomes a clear differentiator and a door opener. And then once we're engaged, the natural move would be to try and broaden the relationship.
Jonathan Ho, Analyst
Got it. And then you just a quick housekeeping question. Can you give us a sense of the percentage of customers that are maybe starting with EP at this point, or maybe some color on those that are trading up to EP as well. Thank you.
Steve Vintz, CFO
Hi, Jonathan. This is Steve. It's notable. I think one of the things we called out was we added 562 net new enterprise platform customers in the quarter, which is a record for us, our best ever as a public company, that's up from the 460 we added in Q4 last year, and we're also seeing larger deals. So, keep in mind, EP was a product that we launched in Q1. And it's gaining major traction here for us. And our mandate was always really about cyber exposure, really holistic risk assessment, more so than VM. So, we're absolutely pleased with the results in EP and the early response. Just be mindful of sales cycles, that 562 new enterprise platform customers, a good portion of those or a sizable portion of those is attributed to EP, right? This is a product that we plan to lead with really in the mid-market and the enterprise market. You're seeing the impact first really in the areas where we have shorter sales cycles, such with mid-market type deals and the pipeline to be able to associate with that is also very significant, which I commented on earlier. So, I think it's going to pave the way for team's acceleration in new business, more larger deals as we cover more areas of the attack surface.
Operator, Operator
Our next question is from Brad Reback of Stifel. Please proceed with your question.
Brad Reback, Analyst
Lucky, I only have one. Quick question, Steve. As you think about headcount growth for calendar 2022, should that be in line with revenue growth?
Steve Vintz, CFO
We don't provide specific guidance on headcount growth, but it's reasonable to assume that, considering the investments we are making, we will see an acceleration in headcount growth, likely surpassing what we experienced in 2021. The main areas of focus will be research and development, as well as sales and marketing. In R&D, given our product roadmap and planned innovations for the upcoming year, along with recent acquisitions like Accurics and Cymptom, we are making significant investments. For sales and marketing, our history shows that investments in these areas yield clear returns. We are witnessing strong momentum in the business, and our execution and performance this year reflect that. Therefore, we are definitely ramping up our investments in both sales and marketing and R&D. With the backdrop of a robust threat environment following a strong quarter and year, we are very confident in these initiatives. We will see more overall headcount growth in the coming year compared to last year, particularly in these key areas.
Operator, Operator
Our next question is from Dan Ives of Wedbush. Please proceed with your question.
Dan Ives, Analyst
Yeah. Just one question. So, with EP, I mean, how much of a door opener is that the even larger enterprises? And is there a potential that accelerates almost some of the sales cycles? Thanks.
Amit Yoran, CEO
I think it's absolutely. It's a door opener in two forms. One is it forces a more strategic conversation with large enterprises, right? I mean, large enterprises are struggling with, okay, I'm going to use this technology from a cloud-native infrastructure perspective. I've got nothing really helping me with the EP. I'm going to use that technology for VM, this other thing for my building automation and my OT infrastructure and it just becomes very complex when you're looking for whether it's a Log4j or whether you're trying to assess overall cyber risk or you're trying to figure out, okay, well, what's the state and how do I reduce that risk. So, it helps in two key areas. One is, a more strategic conversation with those large enterprises, and opening doors that way. And the second is when you're talking about EP, you're also having a conversation about all of those asset types, which can be problematic, which the CISOs are very concerned about and helping them understand, okay, well, how big of an issue is this versus other things I have in my environment and how do I compare the state of readiness from one business unit to another and for one asset type to another, and what should I prioritize fixing? So, helping them with the higher-order analytic, and so we think it's a great engagement at a more strategic level.
Operator, Operator
Our next question is from Mike Cikos of Needham and Company. Please proceed with your question.
Mike Cikos, Analyst
Hi team. Thanks for getting me on here and good to see that 22% to 23% growth bogie out there to start the year. My question really circles back to some of the commentary on the quota-carrying reps. Tenable's discussed its ramping investments in these reps, and I think the average rep takes about 10 months to ramp. So, for 4Q, the hires that we saw quarter, was that the highest carrying reps of any quarter in calendar 2021? And then on that go-to-market, is there the need for a separate overlay for specific products or these sales reps selling the entire portfolio?
Steve Vintz, CFO
Hi, Mike. This is Steve. So, I think, your first question was quota-carrying reps and just directionally was Q4 higher than at any other point in the year? The answer to that is yes. We invested in the first half of the year, but given the acceleration of the business that we saw throughout the year, gave us more confidence to do more investment in sales and marketing. And I think looking back on the year and then looking out in 2022, we expect to add more quota capacity in 2022 than in 2021. So, yes is the answer to your first question. I guess with regard to your second question, I want to make sure I understand that. Could you repeat it please?
Mike Cikos, Analyst
Absolutely. The question is really about the new products you are introducing. I know Cymptom will be integrated into EP, and there are plans to expand EP with AD and CS. Is there a need for a separate overlay for the sales team to sell these products, or can the overall sales team sell the entire portfolio effectively at this point?
Amit Yoran, CEO
There is certainly the capability for our core sales representatives to sell the entire portfolio. We are not just acquiring and launching a series of distinct technologies; rather, the core team is discussing the extended portfolio, which includes not only infrastructure operations and virtualization management but also Active Directory and cloud security, along with containers, Kubernetes, Cloud Security Posture Management, and Infrastructure as Code. This presents a more strategic message. However, as we delve deeper into these topics, conversations can quickly reach a complexity that a core representative or engineer might not yet be prepared for. Therefore, for the time being, we will continue to have specialists available who can provide in-depth discussions with teams managing domain controllers in enterprises or those interested in specific control systems or other components of the cloud environment.
Operator, Operator
Our next question is from Andrew Smith of Berenberg Capital Markets. Please proceed with your question.
Andrew Smith, Analyst
Hi guys. Thanks for taking my question. Could you just compare demand across the different solutions of core VM, AD, and OT? I know there have been several high profile attacks in the last 12 to 18 months that have been linked to operational technology and active directory, which I believe is driving awareness for those products. But just curious if you could compare demand across the different solutions of core VM, AD, and OT. That would be great. Thanks.
Amit Yoran, CEO
We're currently facing a significant threat environment, with notable breaches particularly targeting pipelines and operational technologies, raising concerns about attacks on our critical infrastructure. The situation is highlighted by incidents like the Colonial Pipeline attack, where the compromise began with IT systems and active directory, illustrating the intertwined nature of OT and IT security. It's impossible to adequately assess OT security without considering IT and active directory, as they are closely linked in operating environments. Similarly, the Log4j vulnerability is relevant in both OT and IT contexts. All of these factors enhance the visibility of our individual solutions and the overall strength of our platform.
Operator, Operator
We have reached the end of the question-and-answer session. I will now turn the call back over to Amit Yoran for closing remarks.
Amit Yoran, CEO
Great. I'd love to just thank everybody for joining us for the call. We're super excited about the results we were able to deliver in the fourth quarter in 2021. And I'm very excited, obviously about the acquisition that we announced today, and very excited about the opportunity in front of us. Look forward to future engagement.
Operator, Operator
This concludes today's conference. You may disconnect your lines at this time. Thank you for your participation and have a great evening.