Varonis Systems Inc Q1 FY2026 Earnings Call

Greetings, and welcome to the Varonis Systems, Inc. First Quarter 2026 Earnings Conference Call. Please note, this conference is being recorded. I will now turn the conference over to your host, Tim Perz. Please go ahead.

Thank you, operator. Good afternoon. Thank you for joining us today to review Varonis' first quarter 2026 financial results. With me on the call today are Yaki Faitelson, Chief Executive Officer; and Guy Melamed, Chief Financial Officer and Chief Operating Officer of Varonis. After preliminary remarks, we will open the call to a question-and-answer session. During this call, we may make statements related to our business that would be considered forward-looking statements under federal securities laws, including projections of future operating results for our second quarter and full year ending December 31, 2026. Due to a number of factors, actual results may differ materially from those set forth in such statements. These factors are set forth in the earnings press release that we issued today under the section captioned Forward-Looking Statements, and these and other important risk factors are described more fully in our reports filed with the Securities and Exchange Commission. We encourage all investors to read our SEC filings. These statements reflect our views only as of today and should not be relied upon as representing our views as of any subsequent date. Varonis expressly disclaims any application or undertaking to release publicly any updates or revisions to any forward-looking statements made herein. Additionally, non-GAAP financial measures will be discussed on this conference call. A reconciliation for the most directly comparable GAAP financial measures is also available in our first quarter 2026 earnings press release and our investor presentation, which can be found at varonis.com in the Investor Relations section. Lastly, please note that a webcast of today's call is available on our website in the Investor Relations section. With that, I'd like to turn the call over to our Chief Executive Officer, Yaki Faitelson. Yaki?

Thanks, Tim, and good afternoon, everyone. We appreciate you joining us to discuss our first quarter 2026 results. Our Q1 results reflect our strong performance as we execute on the growing need to secure data and safely enable the usage of AI. In Q1, SaaS ARR, excluding conversions, increased 29% year-over-year to $522.6 million and total SaaS ARR, including conversions was $683.2 million. Guy will review our results and our guidance in more detail shortly. We continue to see strong demand from both accelerating new logos and existing customers because companies understand that they must secure their data and their AI stack. Varonis helps them to do that with minimal effort because of the automation built into our platform. In Q1, we saw continued adoption of MDDR and AI-related products as well as traction in securing cloud environments. Early feedback on our newer products driven by acquisitions over the last year, including database activity monitoring, Interceptor and Atlas reinforces our belief that these offerings are a strong fit to our platform and can help drive ARR growth over time. Now I would like to take a step back from our near-term results and discuss why we believe we are best positioned to help companies safely adopt AI and prevent data breaches. Varonis was founded on the belief that managing and protecting data would be impossible without automation. That belief is even more important today as customers work to adopt AI securely. The security model of the last 30 years was not built with AI in mind. Many organizations want to capitalize on the productivity gains from AI, but only connect a small portion of their data to AI because of security concerns. Companies want to connect more of their data to take advantage of the productivity gains, but need the right guardrails in place to confidently move faster. When we look at what's standing in the way of broader AI adoption, we see three barriers: securing the data itself, securing the AI systems and agents that touch that data, and fighting AI-powered adversaries. The first barrier is securing the data and making sure only the right data is accessed by the right agents and systems. AI pushes existing access controls to their limits because many systems and agents inherit user access that is far too broad. One classic example of this is an employee asking an AI chatbot a basic question and getting confidential information that they should not have access to, such as salary data, financial records or intellectual property in a response. This is content a human mistakenly had access to, but was less likely to find without AI. Previously, a human employee had to log in, navigate, download and take action. There was friction because it took time and effort that reduced risk. In the agentic world, an agent can access a huge amount of your data estate in seconds. Agents can move fast, behave unpredictably and maximize privileges by design. And if an agent doesn't have permissions, it will try to get them. Connecting agents and models to data is what's blocking organizations from safely adopting AI faster. They need remediation at scale and to understand abnormal behavior; visibility alone is not enough. The second barrier is securing the AI systems themselves. In Q1, Varonis found a vulnerability called Reprompt, which allowed attackers to bypass safety controls in Microsoft Copilot Personal. The vulnerability, if exploited, would give the attacker access to everything the Copilot Personal session itself could access, including prompts, conversation history and all of the data the Copilot assistant could access. The third barrier is fighting the AI-powered adversary. We have already seen examples of this, including last year when attackers used cloud code to breach a major organization with minimal human involvement, or earlier this year, when a lone unskilled attacker used AI to scale an attack across 600-plus firewalls in 55 countries, an attack that would have previously required a team of experts to execute. AI-powered phishing doesn't just target humans. It targets agents too. Agents can read e-mail, Slack and key messages. One human clicking maliciously is one compromised identity. An army of agents can multiply the attack surface. The three barriers together—overexposed data, unsecured AI systems, AI-powered adversaries—create a dangerous environment and companies must build foundational controls that operate at the speed and scale of AI starting from the inside out. Varonis does just that by securing the data itself using the automated find, fix and alert approach. The first piece is find. Know what you have across the entire data store, structured, unstructured, semi-structured and application data, classified for sensitivity, context and staleness, so you know what should and should not be connected to AI. The second is fix: rightsized permissions, label data and masking. Manual processes can't work anymore. The remediation must be automated and AI-driven. And finally, alert: monitoring who and what is accessing your data and detecting abnormal behavior quickly to stop a breach before it happens. This is the basis for AI detection and response. AI security and data security are intertwined with one another. You need an inventory of every model, agent and pipeline running in your environment and you need access posture to know what data they can touch, what permissions they have and where they are vulnerable. You need runtime guardrails to block malicious inputs before they reach the model, preventing sensitive data from leaking in outputs and restricting tool use. Finally, you must fight AI-powered adversaries; the volume and speed these attacks demand automation. These layers only work if they are connected. AI inventory and runtime protection is significantly more meaningful when you know what sensitive data they access and what data they are trained on. Guardrails that leverage the same accurate classification and labeling applied to enterprise data stores reduce friction and increase control. We knew it would be impossible for humans to control data risk without tremendous automation. Only AI can defend AI risk. When you trust your brakes, you feel safe driving faster. When you have the right guardrails, data and AI become a force multiplier, not a breach waiting to happen. With that, I would like to briefly discuss a couple of key customer wins from Q1. This quarter, a global technology company with over 50,000 employees became a Varonis customer. They needed to quickly and safely roll out AI tools and also wanted to better protect customers' and company proprietary intellectual property data to meet compliance requirements and perform forensic analysis in the event of a breach. During the risk assessment, our MDDR team detected multiple active threats. We also identified risks in Salesforce and Microsoft 365 and provided an operational plan to fix these risks with intelligent automation. Our ability to provide these outcomes and safely enable the usage of AI were the key reasons why we were selected over several DSPM point solutions. They ultimately purchased Varonis for AWS, Salesforce, Google Cloud Platform and Google Drive as well as Varonis SaaS for hybrid with MDDR and Varonis for Copilot. We also continue to see existing customers expand into new use cases as they consolidate point tools and utilize the breadth of our platform. In Q1, ServiceNow, a global leader of workflow automation, expanded its Varonis investments to cover internal AI systems and e-mail security, including protection against advanced phishing and social engineering attacks used by AI-powered adversaries. In summary, AI is forcing companies to prioritize data and AI security, and Varonis is uniquely positioned to help with our unified platform that allows customers to put the right guardrails in place in order to accelerate their AI deployment plans. With that, let me turn the call over to Guy. Guy?

Thanks, Yaki. Good afternoon, everyone. Thank you for joining us today. Our first quarter performance represents a strong start to 2026, and we are excited by the momentum we are seeing in the business. Demand was healthy across both new logos and existing customers, and we are excited to raise our full year guidance after our strong start to the year. As a reminder, we are focusing on SaaS ARR growth, excluding conversions, which reflects our ability to add new SaaS customers and also expand with existing ones as this is the primary growth driver of our business in the years ahead. In the first quarter, SaaS ARR, excluding conversions, increased 29% year-over-year to $522.6 million, and total SaaS ARR was $683.2 million. In Q1, we had $11.3 million of conversion ARR, and we finished the quarter with approximately $83.7 million of non-SaaS ARR remaining. This quarter, we generated $49 million of free cash flow, down from $65.3 million in the same period last year, which reflects the previously communicated headwind from the end-of-life announcement of our on-prem platform and also includes approximately $12.6 million of acquisition-related costs related to the accounting treatment of our acquisitions. Adjusting for the acquisition-related costs, free cash flow would have been approximately $61.6 million in Q1. We remain on track to achieve our full year free cash flow guidance. Now I'd like to recap our Q1 results in more detail. In the first quarter, total revenues were $173.1 million, up 27% year-over-year. SaaS revenues were $161.1 million. Term license subscription revenues were $6.9 million, and maintenance and services revenues were $5.2 million. Our SaaS renewal rate was over 90%. Moving down to the income statement. I'd be discussing non-GAAP results going forward. Gross profit for the first quarter was $134.9 million, representing a gross margin of 77.9% compared to 80.2% in the first quarter of 2025. Our gross margin continues to be healthy and in line with our long-term target set at our Investor Day. Operating expenses in the first quarter totaled $136.3 million. As a result, first quarter operating loss was $1.4 million or an operating margin of negative 0.8%. This compares to an operating loss of $6.5 million or an operating margin of negative 4.7% in the same period last year. First quarter ARR contribution margin was 14.1%, down from 16.7% last year. This is in line with our expectations and as a reminder, is impacted in 2026 due to the end of life for our self-hosted platform. During the quarter, we had financial income of approximately $5.7 million, driven primarily by interest income on our cash, deposits and investments in marketable securities. Net income for the first quarter of 2026 was $7.5 million or net income of $0.06 per diluted share compared to net income of $0.7 million or $0.00 per diluted share for the first quarter of 2025. This is based on 132.8 million and 136.7 million diluted shares outstanding for Q1 2026 and Q1 2025, respectively. As of March 31, 2026, we had $900 million in cash, cash equivalents, short-term deposits and marketable securities. For the three months ended March 31, 2026, we generated $55 million of cash from operations compared to $68 million generated in the same period last year, and CapEx was $5 million compared to $2.3 million in the same period last year. During the first quarter, we repurchased 5,355,445 shares at an average purchase price of $24.67 for a net total of $132.1 million. As a reminder, we will provide quarterly SaaS ARR, excluding conversion guidance for this year only. We are doing this because of the difficulty in modeling the year-over-year growth rates due to the impact of conversions in 2025 and 2026. We are also providing a bridge to quarterly total SaaS ARR in our investor deck, which again assumes zero conversions from a guidance perspective for the upcoming quarter. For the full year 2026, we will provide annual guidance for both SaaS ARR, excluding conversions and total SaaS ARR. For more information, please see our earnings deck in our Investor Relations website, which includes a more detailed breakdown of our financial guidance. For the second quarter of 2026, we expect SaaS ARR growth of 24% to 25%, excluding conversions, total revenues of $175 million to $178 million, representing growth of 15% to 17% non-GAAP operating loss of negative $1 million to breakeven and non-GAAP net income per diluted share in the range of $0.00 to $0.01. This assumes 131.1 million diluted shares outstanding. For the full year 2026, we now expect total SaaS ARR of $814 million to $845 million, representing growth of 27% to 32%. This represents SaaS ARR growth of 20% to 21%, excluding conversions. Free cash flow of $100 million to $105 million, total revenues of $731 million to $737 million, representing growth of 17% to 18%; non-GAAP operating income of $7 million to $9 million, non-GAAP net income per diluted share in the range of $0.11 to $0.12. This assumes 132.1 million diluted shares outstanding. In summary, we are excited by the strong start to the year and continue to see healthy momentum from both accelerating new customer wins and expansion within our installed base. Our Q1 results, coupled with the underlying drivers of our business, give us the confidence to raise our full year guidance for total SaaS ARR growth to 27% to 32%. In addition, we increased our guidance for SaaS ARR growth, excluding conversions, to 20% to 21%, and we believe we can sustain this level of growth as a fully SaaS company. With that, we will be happy to take questions. Operator?

Our first question comes from Saket Kalia with Barclays.

Nice start to the year. Maybe a question for both of you. I think one of the thoughts this year has been that Varonis sales teams could spend more time now on new business rather than on both new business and conversions as they did last year. Guy, maybe for you, can you expand on how that's looking the first quarter into that new model? And Yaki, for you, where are you having that success in driving new business?

Saket, you're right. We talked a lot about the fact that the conversions from on-prem subscription to SaaS were cannibalizing the time of the reps. And that in 2026, the way we've structured the commission plan and the way we've focused our reps is to go back and focus on upselling SaaS customers with additional products and going into new TAMs and selling new products and selling our SaaS offering to new customers. And we saw an acceleration in the new customer contribution, which we're extremely happy with, and it very much fits with what we were trying to achieve and the strength of the platform. So our sales force is able to go and with the simplicity of the SaaS offering, sell to customers that we wouldn't be able to sell before, and that's worked really well in Q1, and we expect that to continue in the year ahead.

In terms of what's in the market, the reality is that for organizations to realize the value from AI for models and agents, they need to connect their organization and information into it. The AI is as good as the data. And this is the biggest problem that we see for organizations. We call it the 3% paradox. It's very hard for them to securely connect the data. So the MDDR becoming this AI detection and response, automated remediation of excessive permissions is the holy grail. If not, these agents will create and read a massive amount of information that they should never touch. And you also see a lot of attacks that are AI based, and this is hitting on all cylinders with the value proposition of the platform. You need foundational security that is automated, but it needs to be security. It cannot be just partial discovery at scale and AI just hits every data type, structured, unstructured application in the cloud and on-prem. This works very well for us, and we see that it's driving the business.

Our next question comes from Rob Owens with Piper Sandler.

I want to build on Saket's question a little bit and just drill down into the selling efforts. And I know in the prepared remarks, you talked about accelerating new logos and expansion. Anything you can do to quantify that for us or give us a sense of how and where that's trending?

Just in terms of the conversion, we see that organizations need to convert all the data stores and definitely AI creates more urgency around it because what happened essentially, and it's happened very fast, is that the tech stack, if you will, that organizations have is changing completely. Before we had a user that is accessing data through a user interface to a file system or just through a user interface to an application, and it changes completely. Starting to have an agent that is accessing in robotic speed and many times by using tools of any kind, and our customers and prospects understand that they need to understand what they have and to protect this data immediately because before, in the old model, you had a lot of friction. A user needed to be malicious or to make a gross mistake in order to get to information they shouldn't get. The agents will get to it immediately. So what happened fairly fast is that the most important security controls are moving to two places: to the agents and to the data, and this works very well for Varonis.

And Rob, just to quantify in terms of the new customer contribution, we saw, as we mentioned in the prepared remarks, an acceleration in the actual total number of new customers. It was pretty significant from our end. And what we also think and believe is when we look at the contribution from some of the new products, even though Atlas only closed in February, we saw some nice contribution there, nothing too material, but definitely something that gives us the confidence that we can continue to sell that at an accelerated pace throughout the year, and that's not baked in the guidance. So when we look at the Q1 behavior, it was definitely driven by the new customer side with a lot of opportunity throughout the year from an upsell opportunity with some of the products that we have that isn't baked in the numbers that we put out there.

Moving next to Meta Marshall with Morgan Stanley.

This is Abhishek Murli on for Meta Marshall. Congrats on the quarter. I was wondering if we could get an update on the Microsoft Copilot partnership and whether there are any channels that are driving new customers there.

So Microsoft Copilot is one of them, but what we see is that organizations need a control plane for every AI—from many models and Copilot and a lot of technology and innovation that is happening at neck-breaking speed, and we are protecting everything. With the acquisition of Atlas, we have the ultimate control plane for agents, models and pipelines. We protect every data type. And what happened is that I think it is important to understand the overall velocity. You have these agents accessing data, you need to be ahead of them in your remediation. You need to understand any abnormal behavior. If a weather forecasting agent is accessing HR records at 2 a.m., you better know about it, and you will be amazed how often things like that are happening. So Copilot is one of them, but we definitely see that in order for these AI agents and models to be useful, they need to be connected to data. And the only way that you can do it is in a secure way. And it just slowly but surely, we are becoming the foundation for organizations to adopt AI in a secure way.

Next, we have Joshua Tilton with Wolfe Research.

Congrats on a pretty solid quarter. I have one. It's more of a clarification. I think maybe you addressed it in the beginning. I'm not sure if I heard you correctly, but I was kind of under the impression that the free cash flow guidance for the year is the way it was because there was an assumption around churn because you guys are basically guiding to no conversion or some assumption that some of these remaining on-premise customers would convert. And then you have a quarter where you did convert some customers, but the free cash flow guidance for the year kind of stayed the same. So I'm just wondering why the free cash flow guide isn't moving up as you actually execute on converting customers that I'm assuming were assumed to churn originally in the guidance.

Let me clarify that. When we gave guidance on the full year numbers, we assumed the bear case scenario and a bull case scenario on the conversions, which was $50 million to $75 million. We are on track to achieve those numbers, and that's part of our free cash flow guide. It's not that the free cash flow guide assumed zero conversions. It assumed that midpoint range, that base case scenario of that $50 million to $75 million. And we're actually—when we look at the Q1 conversion numbers, they were actually on track, and we felt very good with the numbers that we were able to convert in Q1. So the actual reduction that we announced last quarter on the free cash flow side was on the delta, the expectation of churn with the announcement of the end of life. And that was the headwind that we were talking about, but it was still baking in that $50 million to $75 million, and we feel very good with that guidance for the year on the free cash flow side and still assuming to be within that base case scenario of conversions for the year.

We'll take our next question from Roger Boyd with UBS.

Congrats on the quarter. For Yaki or for Guy, you mentioned enterprises prioritizing AI security. I think this has been kind of the bull case around Varonis for a while now. I'd love to get your sense of like did something change this quarter? And how did that actually manifest as you look at kind of the—on a monthly basis throughout the quarter? Would you characterize demand from enterprises as ramping throughout the quarter and guide, just any sense of what you're seeing through April and how that kind of factors into the guide for—I think it was kind of flat net new SaaS ARR ex-conversions.

I think that what you mainly see just from broader market activity is everyone investing a lot in AI tooling and understanding how they can derive real value from it. And there are obviously some use cases that are unbelievably strong, but the realization we see is that they understand they need to connect data securely and to make sure that these agents can work like employees—you need to make sure that they can connect to the full universe of knowledge the organization has. This is very hard to do because agents and models consume information in ways that remove friction and thus increase risk. Historically, if you had excessive access or exposed data, the user needed to be malicious or make a gross mistake to get to it. Agents get to it immediately. So more than anything else, what you see is a gradual but clear understanding that you need to secure the AI systems and the data that powers them. This is something that works very well for us. We see more strategic conversations and organizations understanding they need to look at everything. Even when you look at databases, historically DBAs accessed databases, and you had connection pools. But now agents can access them like a collaboration. So a lot of the ways these agents and models consume information put AI security as a top priority.

And I'd like to address the second part of your question. When we look at the Q2 guide, it really is just following the same responsible guidance philosophy. We're really excited with the start to the year and the performance that we had in Q1, and we feel very good about Q2 and the pipeline that we have for the rest of the year. So it really is just keeping the same philosophy for guidance.

Moving on to Matt Hedberg with RBC Capital Markets.

Congrats on the results. Obviously, a lot of moving parts here. I guess there's a lot of uncertainty in the market, whether it's the Iran war, maybe demand trends in the Middle East or even some of the headcount reductions that we've seen out there from customers in different verticals. I'm just kind of curious if that's starting to creep in any customer conversation? And Guy— is SaaS NRR trending up? It sounds like renewals are strong, but I'm kind of curious on the SaaS NRR side.

In terms of conversations with organizations, they were primarily about data and AI security. If you look at our pricing scheme and model, much of it is based on the volume of data and the identities that are accessing data. For us, a reduction in headcount is not something we are feeling or that is affecting our pricing in any way. Our teams are tremendous, and I want to thank them that during this conflict we're able to maintain the right productivity levels, and we were in front of customers, helping them secure the data.

And from an NRR perspective, obviously, we provide NRR on an annual basis. But in talking about the trends, we feel very good about our ability to go back to customers and sell them additional licenses. We talked a lot about finishing the transition quickly and having our sales force focus on selling additional products. It was something we saw in Q1, and we believe we can actually continue and do even better throughout the year with the platform offering that we have. So when we look at the trends and pipeline and track meetings, it's definitely trending in a positive way, and we feel very good about our platform's ability to upsell existing SaaS customers.

We'll go next to Brian Essex with JPMorgan.

Great to see a Q1 beat and raise in such an uncertain macro. I guess I wanted to poke on the non-SaaS ARR remaining, and it was great to see that you had $11.3 million of conversion business in the quarter, and you guided to 0. I wanted to understand what the composition of that outperformance was. And then of the remaining $83.7 million of non-SaaS ARR, can you help us understand what the composition of that cohort is? Have the weaker or single-threaded customers churned off? Have we seen a front-loaded churn rate and maybe it's higher quality? Or maybe just to give us a sense of your level of confidence in that portion of business that may convert over?

Brian, there's a lot to unpack. I'll try and tackle them one by one. I'll start with the conversion guidance. We said at the beginning of the year that we're giving a base case scenario—a bull and a bear case range—basically that $50 million to $75 million. We stand with that number and feel good about our ability to get to the conversions. We saw very healthy conversions in Q1. The reason we didn't guide for any numbers on a quarterly basis is not that we don't expect conversions to happen; we just didn't guide for them. There are two reasons. Reason number one is we want to focus investors on what matters most, which is SaaS ARR, excluding conversion, a KPI that puts emphasis on how this business would grow post transition. We don't want to put too many numbers out there that would confuse everyone. We know there are a lot of moving parts during this transition. Keep in mind at the end of this year, SaaS ARR would be ARR. With the announcement of end of life, we're condensing everything, and this will be very, very simple. There are only three quarters left with the moving parts. So that was reason number one for not putting a number on the guidance from a conversion perspective. Reason number two is that many customers fluctuate on their conversion period. Some customers in Q1 whose renewal was up for renewal on the on-prem subscription side will convert later in the year. So we're seeing those numbers move and we didn't want to put a number out there that would confuse investors and analysts. That's why we're just giving that full year range of $50 million to $75 million, and we feel very good with that number. In terms of the single-threaded breakdown, we saw the same trends as in the past. If you remember, the cohort of on-prem subscription customers that would not convert was mostly federal, state and local government customers. That remains the case. But when we look at the numbers of that single-threaded cohort that converted, they continue to convert at the same rate we've seen in the past. So we feel very good about that as well. I hope I answered all components of your question. The highlight is we felt good with the conversions in Q1 and we feel good with what's yet to be converted for the rest of the year.

And Richard Poland with Wells Fargo has our next question.

On the cash flow, I just wanted to clarify one point. I think you called out $12 million to $13 million of acquisition-related costs that seem to affect the cash flow side of things, but obviously not the non-GAAP operating income. I just wanted to see if there's anything for the remainder of the year with respect to some of those acquisition-related costs. And is it a scenario where we should try to back that out for a cleaner year-over-year compare?

So the biggest impact was in the Q1 numbers, and that's why we broke it out. We remain on track to achieve the full year free cash flow guidance, and we wanted to emphasize that. For visibility perspective, we wanted to highlight that $12.5 million headwind coming from the accounting treatment of the acquisitions, and that's mostly the AllTrue transaction that took place in February. We wanted to put that out there so investors can understand the apple-to-apple comparison, and that's why we highlighted it.

We'll go next to Mike Cikos with Needham & Company.

Congrats on the quarter here. I just wanted to come back to the commentary, whether it's the press release or the prepared remarks here, but it seems like the company is being more assertive as far as what the sustainable growth is for this company ex conversion, citing that 20% to 21% growth. If I'm just looking at the trend rate here, last quarter was 32%, this quarter 29%. We're guiding to 24% to 25% this coming quarter. Can you just give us a better indication of what gives you the confidence to be putting that bogey out there today, just to help draw the lines for some of the longer-term investors who are looking at this asset post conversion?

So first of all, you're right. When you look at the full year guidance, we went from the mid-teens to having the low end in the twenties, and we feel very good about that. We believe we can continue that growth rate. We talked for a long time about our ability to continue to grow 20-plus percent with the platform we have and our ability to sell to new customers and go to the base and upsell existing SaaS customers. When you look at the trends in Q1, they give us the confidence. Being able to accelerate with new customers is definitely something that gives us conviction and confidence. And when we see how our existing SaaS customers are receptive to additional licenses and the platform offering, we definitely believe there's a lot of opportunity from a customer lifetime value perspective to go back and sell more. We've seen how many customers consume more and more, and that's part of the reason we feel very good about the guidance and noted it in our Q1.

Moving next to Joseph Gallo with Jefferies.

Can you just talk a little bit more about Atlas initial traction, feedback and who you're competing with? Is it against pure plays? Or are people trying to do this themselves using a platform? And then if at all, did the AllTrue.ai acquisition contribute to ARR this quarter?

We see a lot of momentum around Atlas in terms of overall interest. In terms of the AI lifecycle, we strongly believe it's the most comprehensive product out there, but it also has a massive force multiplier with the Varonis platform. The key is how you connect everything to data. Atlas is the best way to manage agents, models and pipelines and then connect it to Varonis to give you the ability to use AI in a secure way. There is a lot of noise in the market, but at this point no one has something as comprehensive for pipelines, tools and models. The sales motion is with the full platform.

I want to clarify that when we acquired AllTrue, there was no ARR that was added as part of the acquisition in Q1. The transaction closed in February, and we didn't expect it to have a significant ARR impact in Q1, and it didn't. However, there were early signs that were encouraging in terms of conversations, evals and several POs that we were able to get. Nothing significant impacted the quarter from an ARR perspective. The conversations and pipeline we're seeing give us encouragement that AllTrue can contribute more throughout the remainder of the year. As I mentioned before, that is not baked into our guidance; it's upside.

The initial conversations and more so the results from the POCs are very encouraging.

Our next question comes from Shaul Eyal with TD Cowen.

Congrats on the solid performance and guidance. Yaki, supply chain attacks remain a major threat, especially when sensitive data moves beyond your original provider. As you look at your platform today, do you believe your supply chain security capabilities are sufficient? Or is this an area where you plan to invest and expand? And maybe a second one, who are you displacing given some of those big logos that you just announced one of them earlier on the call?

In terms of supply chain attacks, this is how bad actors are getting in, and with AI, it's much, much easier for them to get in. Interceptor is doing an unbelievable job. We believe what we have in terms of phishing sandbox, browser extension and mobile device protections puts us in a very strong position in the market. As attacks become more sophisticated, we continue investing in this area. Typically we're displacing point solutions such as database activity monitoring incumbents and DSPM point tools. What we started to see this quarter is that AI security and overall AI budgets are starting to move slowly towards our platform.

Our next question comes from Rudy Kessinger with D.A. Davidson.

I'm curious, I want to dive in on the makeup of the SaaS net new ARR ex conversions, up 31% year-over-year. Was that primarily driven by higher new logo contribution or similar expansion rates on a larger renewal pool? And then also, how did the composition of that net new ARR look relative to recent quarters in terms of the workloads that you're protecting, specifically maybe in Microsoft for the Azure ecosystem versus everything else?

I'll start, and then Yaki can provide some color. When we look at the contribution in Q1, it was definitely driven by new customer acquisitions, and that's why we highlighted the acceleration on the new logo side. But as I mentioned before, we saw encouraging signs in terms of upsell opportunity throughout the year and our ability to go back to SaaS customers and sell additional licenses, both for the SaaS offering and some of the additional tuck-in acquisitions we've made. So holistically, new customer acquisition was the encouraging part and upsell was definitely there, and we think it can do better throughout the year.

In terms of the Microsoft ecosystem, it's a portion of the data estate but overall a small part of the entire information estate organizations have. We are doing very well with all SaaS applications, AWS, GCP, Azure, on-prem data, databases everywhere. AI consumes data wherever it lives, and we protect it.

And moving next to Jason Ader with William Blair.

You guys talk a little bit more about the kind of the broader competitive landscape? I know that some of the cyber guys have some overlap with what you're doing and you have some of these start-ups. Maybe just talk through if you're seeing different players than you normally have seen? Are you seeing more people at the table during bake-offs? I mean you had a strong new customer acquisition quarter. Were those competitive deals versus what you've seen in the past? Just some more specifics on the competitive landscape would be great.

Now the platform is much broader. The DSPM market often presents partial solutions, but those are not full data security. We have a comprehensive data security platform that provides automated outcomes. In the market there are data discovery tools that do sampling and partial classification. We see them at times, but when customers evaluate comprehensive data security and AI is pushing the need for automated remediation and abnormal behavior detection, we typically outperform them. For Interceptor we sometimes see companies like Abnormal or Proofpoint; in database activity monitoring we're replacing incumbents like Imperva and Guardium. The dynamics are that the platform addresses more use cases, allowing us to take budgets from point solutions and increasingly capture AI-related budgets.

Moving next to Jonathan Ruykhaver with Cantor Fitzgerald.

I'm curious, Yaki, to hear your thoughts on where you see the boundary between Varonis and identity vendors, particularly given the convergence we're seeing between identity and data security strategies. There does seem to be a question related to who ultimately owns that control and governance layer around AI agents. So any color on how that strategy might be resonating? Any customer feedback or color on adoption of identity—of your identity solutions would be helpful.

Thanks for the question. Early on organizations thought identity solutions could solve the full problem, but they fell short. Identity is critical—you need to provision an identity and understand how it's used. But identity alone is limited. If you can see what data an identity is touching and whether there is abnormal behavior, and you know exactly which AI tools are used, you gain far more control. You can provision identities correctly, but an agent can still use the wrong tools and access the wrong data and cause a catastrophe. So the benefit we saw in Q1 was organizations recognizing identity provisioning is important but limited. You need to manage everything from the inside out: on one side the data and on the other the pipeline and tools. Organizations need both identity and data security, but to get the value and avoid downside you must connect identity to data and manage it securely. You need very good brakes to drive fast in this AI era.

And next, we have Erik Suppiger with B. Riley. Hearing no response, we'll go next to Todd Weller with Stephens.

Just a question on the expansion opportunity. Could you talk about the relative opportunity between data workload expansion versus cross-selling the new products you have? And then from a workload type perspective, what do you see driving kind of the strongest growth?

I'll start from the end: the workload is everything. If you think about what applications and users access to do their job, that's what an agent needs to access to be useful. Most data in organizations, including historical data, becomes important to build a comprehensive knowledge estate. AI drives the need to protect all data. With that, any data you want to connect to AI is an expansion opportunity. Some use cases that were more compliance-driven, like database activity monitoring, are becoming top security priorities because consumption patterns have changed with AI usage. So really, everything is in scope; AI drives protecting all data and that creates expansion opportunities across workloads.

And we'll go back to Erik Suppiger with B. Riley.

I apologize for that. Congratulations on a nice quarter. Say, in your conversations with customers, how much of your new ARR is driven by the traditional threat of outsiders exfiltrating data versus how much of your discussion is focused on AI and securing agents? And then on the former, has the news that came out of Anthropic about enhanced capabilities for vulnerability identifying vulnerabilities made a difference in terms of some of the discussions with customers? Are they more looking at securing data in a more urgent manner in terms of some of these vulnerabilities coming out?

The security concerns we had with human threats are similar, but in the agentic world the probability that something will happen increases by orders of magnitude—it's much easier for attacks to scale. Organizations also see how models can find vulnerabilities, which makes it easier for adversaries to find and exploit them. When attackers get in, their target is often data; if a breach occurs but no data is taken, the damage is limited. If data is exfiltrated, you have lasting damage. Everything works together, and it amplifies the need to secure data automatically.

Moving next to Shrenik Kothari with Robert W. Baird.

Congrats on the solid quarter. You sounded especially encouraged by the acceleration in the new customer contribution in the quarter driven by new logos with a lot of upsell expansion opportunities still in front of you. So just as the field is spending more time on true new and upsell rather than conversion, how should we think about the current mix between the new and expansion? And over time, supporting your durable 20% plus organic growth, what does the steady-state balance of those new versus expansion look like?

The ability to go to new customers with our SaaS offering is clear and we've seen it throughout the transition. Where reps had to focus on conversion, that cannibalized time. As we move past the transition they can go back to new customer selling. We've definitely seen that. Longer term, the expectation is that the majority of ACV should come from the existing base. We see significant opportunity to go back and sell additional products to thousands of customers. When you have such a large base and expect to finish the year just under $850 million ARR, that's a big base to upsell. So longer term, contribution from existing SaaS customers should drive growth, with continued new customer acquisition as an important complement. We set comp plans to ensure reps focus on both new customers and existing SaaS customers.

And moving next to Junaid Siddiqui with Truist Securities.

I just wanted to ask, what are you seeing from customers that are adopting Athena AI? Specifically, how quickly is adoption ramping up post deployment? And what's distinguishing customers who embed Athena into their daily workflows versus those where usage stalls after initial enablement? And are you seeing any change in deal sizes or close rates or post-sale expansion versus customers that are not using it?

Athena is part of the product and a key enabler. You can use it in natural language without heavy enablement, and it works very well for customers. A big part of the platform and automated outcome is what we call no-touch value: a lot of value comes from remediation, threat detection and automated classification happening automatically. When customers need to act, they can do so by talking to the platform. It's part of day-to-day usage of the platform and helps adoption and value realization.

We'll go next to Fatima Boolani with Citi.

Guy, I wanted to ask you about ARR contribution margin and how we should think about the linearity of that over the course of the year, understanding the ebbs and flows of how conversions are trending. But maybe if you can help us map it back to the bull and bear case as you framed it for conversions and the relationship to ARR contributions against what appear to be very responsible organic OpEx investments.

Absolutely. We talked about the conversion behavior throughout 2026. The expectation is that a big part of the churn on the on-prem side will be related to Q3 because that's the quarter with the largest federal, state and local government renewals. The expectation was that many conversions would happen in Q4 toward the end of the year. We'll try to convert many before then and are focused on that. From a profile perspective, ARR contribution margin should even out throughout the year with the contribution from conversions. Also consider the seasonality of SaaS sales: a significant portion of sales take place in Q4. From a cost perspective, our operating costs are relatively flat, and therefore the margin profile will show the biggest contribution in Q4, which I expect in 2026 as well.

And this now concludes our question-and-answer session. I would like to turn the floor back over to Tim Perz for closing comments.

Thanks again for the interest in Varonis. Please reach out if you'd like a call back. We look forward to seeing everybody at the investor conferences this quarter.

Ladies and gentlemen, thank you for your participation. This does conclude today's teleconference. You may disconnect your lines, and have a wonderful day.