Earnings Call Transcript
Varonis Systems Inc (VRNS)
Earnings Call Transcript - VRNS Q1 2024
Operator, Operator
Greetings, and welcome to Varonis Systems, Inc. First Quarter 2024 Earnings Conference Call. As a reminder, this conference is being recorded.
Tim Perz, Investor Relations
Thank you, operator. Good afternoon. Thank you for joining us today to review Varonis' first quarter financial results. With me on the call today are Yaki Faitelson, Chief Executive Officer; Guy Melamed, Chief Financial Officer and Chief Operating Officer of Varonis. After preliminary remarks, we will open the call to a question-and-answer session. During this call, we may make statements related to our business that will be considered forward-looking statements under federal securities laws, including projections of future operating results for our second quarter and full year ending December 31, 2024. Due to a number of factors, actual results may differ materially from those set forth in such statements. These factors are set forth in the earnings press release that we issued today under the section captioned forward-looking statements, and these and other important risk factors are described more fully in our reports filed with the Securities and Exchange Commission. We encourage all investors to read our SEC filings. These statements reflect our views only as of today and should not be relied upon as representing our views as of any subsequent date. Varonis expressly disclaims any application or undertaking to release publicly any updates or revisions to any forward-looking statements made herein. Additionally, non-GAAP financial measures will be discussed on this conference call. A reconciliation for the most directly comparable GAAP financial measures is also available on our first quarter 2024 earnings press release and investor presentation, which can be found at www.varonis.com in the Investor Relations section. Lastly, please note that a webcast of today's call is available on our website in the Investor Relations section. With that, I'd like to turn the call over to our Chief Executive Officer, Yaki Faitelson.
Yakov Faitelson, CEO
Thanks, Tim, and good afternoon, everyone. Thank you for joining us to discuss our first quarter results, which represented a strong start to the year. In addition to discussing the results, I would like to review our SaaS transition progress and the key drivers of our business for this year. But first, let me remind you why Varonis exists and the problems we solve. Data is valuable, which is why bad actors want to steal it. Companies invest in security to protect the data, but securing it is very difficult. Varonis solves the problem by helping companies locate their sensitive data, visualize who has access to it, lock down and detect and respond to threats on it. And because of the sophisticated automation that we have built into our Varonis SaaS platform, customers spend very little time and effort to protect their data, and now with Managed Data Detection and Response (MDDR), will reduce this even more. This allows companies to collaborate safely and get the most value from their data while managing risk. Our first quarter results reflect the sustained momentum of our SaaS transition and the positive reception of our managed data detection and response service or what we refer to as MDDR. ARR grew 17% to $560.3 million, and we generated $56.4 million free cash flow this quarter versus $35.7 million last year. SaaS ARR now represents approximately 30% of total ARR. Guy will review our Q1 results and our updated guidance in more detail. I want to express how proud I am of the Varonis team. While the selling environment has stabilized, it remains challenging, and the Varonis team executed well during the first quarter, and I believe that we are only scratching the surface of what lies ahead for us. The transition to a SaaS delivery model continues to show momentum because of the many benefits that our customers realize, and I will quickly remind you of a few. Customers can achieve automated outcomes, which means they can ensure the data is protected with very little effort. SaaS is quicker to deploy and operationalize because of significantly lower infrastructure and personnel investments. SaaS is easier to maintain and upgrade. Additionally, there are three key benefits that we realize. They are shorter sales cycles, larger initial contracts, and margin benefits over time. In addition to our SaaS transition, I would like to discuss the three additional drivers of the business that I've mentioned last quarter, which are our MDDR service, the adoption of enterprise-generated AI, and increasing compliance requirements. Today, I would like to focus on MDDR and Gen AI. Last quarter, we introduced our MDDR service, which is the first managed service for monitoring and protecting critical data. It is a paid service that builds upon our proactive incident response offering by providing a service level agreement and round-the-clock coverage. It is important to note that this service is only possible for our SaaS customers because of the visibility and automation built into our SaaS platform. We just began selling this offering in the first quarter, and we have already started to see great momentum with it. So let me explain why this is already happening and why we view this as a game changer for our company. MDDR is a natural evolution of our platform and still a significant unmet need in the market. One of the challenges people face is that they don't have the personnel to monitor and investigate alerts fast enough. Now with MDDR, we take this burden from customers and put it on us. If we see a threat anywhere within our MDDR customer base, we can stop it and simply notify the customer after the problem has been solved. We can do this because we pioneered the use of machine learning for data security and user behavior analysis, giving us years of experience building highly accurate threat models. Our team leverages significant automation along with our unique metadata telemetry, such as data sensitivity, access events, and permissions that allow us to detect if data is under attack and to catch threats missed by others. I've also been asked to clarify the value our MDDR service provides to customers that already have an endpoint detection and response service or managed detection and response service. The answer is actually very simple. On the perimeter phase, we believe that we are best positioned to save companies because we have been monitoring the data inside that perimeter ever since we started. Companies sometimes pay in the millions for other threat detection and response services, but when an incident happens with services that don't focus on data, they can always show you when the attack began. We started to answer the most important question: Was any data stolen? MDRs and EDRs can reveal how a bad actor gained access and what tactics they used to get in but cannot tell a customer if any data was taken. The situation is that it's like discovering the bank was robbed but having no certainty about the most important elements—was any money stolen or is the vault secure? This blindness is where organizations with sophisticated security stocks can still fall victim to data breaches from insider threats or attacks that bypass the perimeter. Without Varonis, data is usually partially accessible by anyone or anything inside the perimeter, and even if closely monitored, it means more data is likely to be breached and companies have a harder time quantifying what was taken during the breach, raising liabilities significantly. Varonis customers automatically shrink their blast radius, which reduces the potential damage that an insider can do and forces bad actors to work harder to access sensitive data, giving us more opportunities to catch them. With MDDR, we often catch bad actors before they reach the data. Because we watch the data, we can quickly quantify the damage. This means we can stop the breach and limit their exposure and potential liability. This is why no matter what platform a customer has, they will still need MDDR. To finish our bank robbery example, MDDR watches the money around the clock and can tell the bank manager that their money is safe and the vault is secure. Now I would like to touch on our generative AI opportunity. This technology presents tremendous productivity opportunities. However, to reap the benefits, strong data security is necessary. For example, AI can reveal critical data to their own machines and people because most generative AI tools utilize existing access controls, which many organizations have locked down, leaving them overexposed. Companies also need to prevent sensitive data from being used in large language models and hackers have been known to leverage these tools to steal important data more easily. Bottom line, generative AI is causing organizations to take a hard look at their data security strategies. This is why we continue to see generative AI coming up in many customer conversations as organizations try to understand how they can safely realize the productivity benefits. So far, companies are taking a very careful approach and are thoughtfully considering potential risks before expanding from the pilot phase into organization-wide rollouts. As a result, we expect the near-term adoption of wide-scale Gen AI to be measured as companies gain comfort around how they can secure their data. Overall, the feedback we are hearing from customers only serves to strengthen our conviction in our ability to benefit from this enormous secular tailwind. Our partnership with Microsoft is progressing well. One month ago, we announced the industry-first cybersecurity solution for Microsoft 365 Copilot. This will be sold as an add-on to our existing Microsoft 365 staff package and allows organizations to monitor Copilot data access in real-time, detect abnormal Copilot interactions, and automatically remove sensitive data accessible by both humans and AI engines. In addition to the enhancement to our platform, we are seeing Gen AI act as a catalyst for conversations with prospects. While we are seeing material ARR from Gen AI-related deals, we are also seeing a healthy pipeline build with respect to this opportunity. With that, I would like to briefly discuss a couple of key customer wins in Q1. A large university and affiliated hospital system with 6,000 employees became a Varonis SaaS MDDR customer this quarter, a broad mandate to secure sensitive data led to a risk assessment, which resulted in the discovery of 4 million sensitive records and 2 million instances of student and patient PII exposed to everyone in the organization. This university evaluated several CSPM and DSPM and legacy data security solutions but ultimately purchased Varonis SaaS package with MDDR protection for their UNIX and hybrid Windows environment with our automation and metadata-centric telemetry, Varonis MDDR to supplement their existing MDDR and MSSP vendors by providing protection that is focused on securing their most valuable asset: data. We're also seeing strong engagement from existing customers. A broadband provider initially became a customer in 2014 with the goal of identifying and remediating overexposed sensitive data and enhancing their threat detection capabilities. With our self-hosted offering, this required significant customer effort and meaningful infrastructure investments. This customer converted to Varonis SaaS with MDDR protection for their hybrid Windows environment. They will benefit from our automated remediation and will realize infrastructure savings while freeing their security team since we monitor and respond to alerts. In summary, our results signal a strong start driven by the automated outcomes that customers receive from our SaaS platform and our recently introduced MDDR offering, which we believe is a game changer for our company. We are excited to capitalize on the tailwinds of MDDR, Gen AI, and increasing data-centric compliance regulation as we capture our significant market opportunity. With that, let me turn the call over to Guy Melamed.
Guy Melamed, CFO and COO
Thanks, Yaki. Good afternoon, everyone. Thank you for joining us today. We are pleased with how our team performed in the first quarter and the continued momentum of Varonis SaaS furthers our confidence in completing the transition in 2026, one year earlier than our initial timeline. At the end of Q1, SaaS represented approximately 30% of our total company ARR, driven by strong contributions from new logos and existing customer conversions. As Yaki mentioned, the other key driver of our business this quarter was MDDR. This paid offering is an evolution of proactive incident response that comes with an SLA and assurance that Varonis will respond to ransomware attacks within 30 minutes. MDDR has been extremely well received in the first quarter, driving new business, increasing deal sizes, and simplifying the conversation with customers. In addition to MDDR, nearly every customer conversation we have touches on generative AI, which reinforces our view of this secular tailwind. We're seeing healthy leading indicators concerning the opportunity. However, as we've discussed previously, we continue to expect the adoption of Gen AI will be measured. As we look ahead to the rest of this year, we're excited to begin Phase 2 in earnest in the second half of 2024, which will be focused on converting our installed base of on-prem subscription customers to our SaaS platform. As a reminder, we expect that the ramp-up of this phase will not be linear and momentum should grow in each quarter and further accelerate in 2025 and 2026. In the first quarter, ARR grew 17% year-over-year to $560.3 million, and we generated $56.4 million of free cash flow, which was up from $35.7 million over the same period last year. These metrics demonstrate our commitment to balancing top-line growth with improving cash flow generation during the transition. Turning now to our first quarter results in more detail. As a reminder, the leading indicators of our transition are ARR, free cash flow, and ARR contribution margin. As we have said many times, the faster we progress through the transition, the more headwinds we will experience in our traditional income statement metrics, but we view this in a positive light. In the first quarter, we continue to see stabilization of the macro environment. Heightened deal scrutiny persisted, but we are seeing positive momentum, especially with regard to the adoption of SaaS and MDDR. Q1 total revenues were $114 million, up 6% year-over-year. During the quarter, as compared to the same quarter last year, we had approximately a 9% headwind to our year-over-year revenue growth rate due to having increased SaaS sales in our booking mix, which are recognized ratably versus the upfront recognition of our on-prem subscription products. As we have done in the past, we are committed to being as transparent as possible throughout the transition, which includes providing key metrics that track our progress during the next phase. This quarter, we're providing SaaS revenue for the first time, a metric that we will provide going forward. We will continue to provide SaaS as a percentage of total ARR each quarter until we successfully complete the transition. In the first quarter, SaaS revenues were $34 million, term license subscription revenues were $56 million, and maintenance and services revenues totaled $24.1 million as our renewal rates were again over 90%. Moving down the income statement, I'll be discussing non-GAAP results going forward. Gross profit for the first quarter was $95 million, representing a gross margin of 83.3% compared to 86.5% in the first quarter of 2023. Gross margin continues to track ahead of our expectations and the change is primarily due to the much higher mix of SaaS revenues versus last year, which caused a revenue headwind due to the ratable recognition of SaaS versus the upfront recognition of on-prem subscription licenses. The recognition of compute costs associated with our increased SaaS revenues and increased hiring in certain departments within COGS to service the anticipated strong ramp in MDDR drove the remainder of the change. Operating expenses in the first quarter totaled $105.6 million. As a result, the first-quarter operating loss was negative $10.6 million or an operating margin of negative 9.3%. This compares to an operating loss of $4.3 million or an operating margin of negative 4% in the same period last year. During the first quarter, as compared to the same quarter last year, we had approximately an 8% headwind to our operating margin due to having increased SaaS sales in our booking mix, which are recognized fully ratably versus the upfront recognition of our on-prem subscription products. First quarter ARR contribution margin was 13.7%, up from 5.6% last year. The significant leverage improvement, even during the early stages of the transition, reflects our ability to drive strong incremental margins while growing ARR and transitioning to SaaS. During the quarter, we had financial income of approximately $8.2 million, driven primarily by interest income on our cash deposits and investments in marketable securities. Net loss for the first quarter of 2024 was negative $3.7 million or negative $0.03 per basic and diluted share compared to a net loss of $0.1 million or a net loss of $0.00 per basic and diluted share for the first quarter of 2023. This is based on 110 million and 108.4 million basic and diluted shares outstanding for Q1 2024 and Q1 2023, respectively. As of March 31, 2024, we had $774.4 million in cash, cash equivalents, short-term deposits, and marketable securities. For the three months ended March 31, 2024, we generated $56.7 million of cash from operations compared to $36.8 million generated in the same period last year and CapEx was $0.3 million compared to $1.1 million last year. Turning now to our updated 2024 guidance in more detail. For the second quarter of 2024, we expect total revenues of $123 million to $126 million, representing growth of 7% to 9%. Non-GAAP operating loss of negative $6 million to negative $5 million and non-GAAP net loss per basic and diluted share in the range of negative $0.03 to negative $0.02. This assumes 111.7 million basic and diluted shares outstanding. For the full year 2024, we now expect ARR of $622 million to $628 million, representing growth of 15% to 16%. Free cash flow of $70 million to $75 million, total revenues of $536 million to $546 million, representing growth of 7% to 9%. Non-GAAP operating income of $9 million to $14 million, non-GAAP net income per diluted share in the range of $0.13 to $0.16. This assumes 128.4 million diluted shares outstanding. In summary, we are encouraged by the continued momentum of Varonis SaaS and the initial reception of MDDR. The growing demand for these offerings is strengthening our ARR performance and cash flow generation as we move through the second phase of our transition, which we believe will unlock meaningful value for both our customers and our company. With that, we would be happy to take questions.
Operator, Operator
The first question comes from the line of Saket Kalia with Barclays.
Saket Kalia, Analyst
A nice start to the year here on ARR. I'd love to start with MDDR. And maybe the question is, what's been the initial feedback that you're getting from customers on the offering? It seems like it's off to a good start. And Guy, just related to that, can you just talk about to what extent MDDR is pulling through more interest in SaaS since it's only available to SaaS customers? Does that make sense?
Yakov Faitelson, CEO
In terms of MDDR, the customer feedback and the fact that behind it are basically exceeding our expectations. Effectively, attacks can come from anywhere on any device, but only go in one direction, which is toward the data. Perimeter security is great, and there are many amazing companies, but if you think in terms of probability, there is a high chance that your perimeter will fail. Once you have an identity, there is no perimeter anymore; you are getting into the data. We dramatically understand how people need to use data and can stop these attacks, ensuring that you will not have a data breach. In our opinion, it's the best way to avoid a data breach, and you are doing it completely automatically. So it just works extremely well as you have more platforms and a lot of our bundling, whether it's Edge or other products, Active Directory, works extremely well. Customers love it, and we are saving them and stopping them from breaches daily. We truly believe that the data security platform is MDDR; it's the first thing an organization needs to do and the last thing that will save you when everything else fails.
Guy Melamed, CFO and COO
Saket, you're correct that it's only offered with the SaaS offering. It was definitely a key driver for our business this quarter. The MDDR has been an evolution of the proactive incident response that comes with an SLA assuring Varonis will respond to ransomware attacks within 30 minutes. So it's very compelling. When you look at how it was received this quarter, it has been extremely well received, both in driving new business, increasing deal sizes, and simplifying the conversations for our customers.
Yakov Faitelson, CEO
To add a bit to what Guy said, when we built our SaaS solution, it was critical for us as a software solution to build a lot of automation to ensure that we have a tremendous force multiplier for our analysts. We have incorporated a lot of robotics and AI to make sure that our people are extremely productive. This is almost completely service-oriented software offerings.
Operator, Operator
Next question comes from the line of Hamza Fodderwala with Morgan Stanley.
Unknown Analyst, Analyst
This is John on for Hamza. For Yaki, just a question for you. How often is Microsoft Copilot coming up in your customer conversations versus 3 months ago? And is the expanded partnership with Microsoft Copilot driving more pipeline?
Yakov Faitelson, CEO
It's front and center in every conversation. Microsoft is still not pushing its full force to the customer base. You see a lot of customers experimenting with it. I think I broke my record of seeing customers in Q1, and there is a very consistent theme. They're starting the Copilot evaluation and stopping because it's exposing a lot of critical data. Protecting these copilots, which connect to many sources, is coming up in each conversation. I think this is exposing problems, and organizations are understanding that they need to take data security seriously to benefit from the automation Copilot, which is based on LLM. It's starting to build a good pipeline in the places we engage with Microsoft. It's also starting to go in the right direction. Remember, Microsoft is still not pushing it full force; once they do, it can have a big impact on the business. If the world wants to benefit from Copilot and all these LLM tools to gain productivity, they must address the data security problem.
Guy Melamed, CFO and COO
John, just to re-emphasize what Yaki was saying, in terms of the reported numbers for Q1, we didn't see Copilot reflected in those numbers. But when we look at all the leading indicators, they appear there, and we're seeing an increase in the pipeline for them.
Yakov Faitelson, CEO
There is still not a revenue impact, but we're starting to see pipeline impact and a lot of conversions, with people in the initial stages to figure out how to proceed.
Operator, Operator
Next question comes from the line of Matt Hedberg with RBC.
Matthew Swanson, Analyst
Yes. This is actually Matt Swanson for Matt. It's great to hear some stabilization in the macro. It feels like it's been a long time coming for all of us. But you've done a really successful SaaS transition during a really uneven macro. Yaki, you mentioned some of the advantages of SaaS: lower infrastructure, personnel costs, easier to maintain. Can you talk specifically about the SaaS transition—what headwinds and tailwinds exist in the challenging macro? Are there parts that actually helped the transition when things are a little tougher?
Yakov Faitelson, CEO
What happens is this: data breaches are almost always due to cyber threats. The security industry needs to reconsider how we allocate resources; we should not focus solely on perimeter security because it often fails, leading to significant vulnerabilities. Think of it like doing business with a bank that cannot provide you with an account ledger—an unacceptable risk. The success of our SaaS solution comes from automatic outcomes, which provide immense scalability. We translated everything we learned from our on-prem systems into a highly automated solution that delivers monumental value with minimal effort from clients. Organizations slowly but surely realize that adopting our technology is not only necessary but urgent. Particularly with the prevalence of AI and threats directed at data, organizations are increasingly aware that they must adapt their security measures.
Operator, Operator
Next question comes from the line of Fatima Boolani with Citi.
Fatima Boolani, Analyst
Guy, I had a question for you about the ARR look. I just wanted to dissect that a little bit. So a double start to the year considering we're not totally out of the woods in the macro. But I wanted to better understand why some of this momentum you're not expecting to improve through the year, given this was a seasonally strong quarter and you have many more demand and growth driver options as we head into the back half. So I would love some clarification on your outlook in terms of not sort of rolling forward the upside in this quarter?
Guy Melamed, CFO and COO
That's a great question. I want to be very clear: we're raising our full-year ARR guidance because we feel really good about the rest of the year. When you look at the numbers, the ARR guidance reflects a mathematical framework. If anything, I would say we feel more confident about Q1 than we did 90 days ago. The $4 million increase in net new ARR in Q1 2024, compared to last year, aligns perfectly with our midpoint ARR guidance for the full year. Remember, Q1 is traditionally the smallest quarter of the year. We have multiple drivers working in our favor—environmental factors, MDDR, Copilot—but we must maintain caution. Q1 is not an anomaly; it’s one-quarter insight into what that progress could look like for the future. We prefer to observe how things evolve before adjusting our guidance accordingly.
Operator, Operator
Next question comes from the line of Brian Essex with JPMorgan.
Brian Essex, Analyst
Yaki, I was wondering if you could give us a little bit of an update. I think you discussed this last quarter, but you've got a lot of irons in the fire or incremental opportunities as we approach the back end of the year. How do you think about incentivizing the sales force regarding: number one, new logo growth; number two, more proactive conversion of your installed base as you kick off Phase 2; and then number three, expansion into new adjacent markets with MDDR and Copilot? How do you categorize the magnitude of each of those levers and how do you expect that to play out through the rest of the year?
Yakov Faitelson, CEO
MDDR and the Copilot are very relevant to every existing customer and prospect and truly help us gain market share as we expand the offering across our customer base. There are many ways to add value to customers with everything we are doing in the cloud, on the SaaS side, and in various incidents. Our customers are realizing faster access to automated outcomes.
Guy Melamed, CFO and COO
MDDR certainly aids in acquiring new logos. The conversation becomes much more straightforward when we present an SLA that guarantees Varonis will respond to a ransomware attack within 30 minutes, grabbing customer interest. MDDR not only simplifies the message but also supports customers in their operational efficiency by minimizing the necessary personnel, making it an attractive offering.
Operator, Operator
Next question comes from the line of Roger Boyd with UBS.
Roger Boyd, Analyst
Great. There's a lot of talk around the momentum that's in the pipeline around Microsoft 365 Copilot. But Yaki, I'm wondering if you're starting to see interest from the installed base around securing other copilots and other G&A applications like those in Salesforce or GitHub? It's come up with a few customers. Just wondering if that's showing up in the pipeline or customer conversations with any sort of momentum.
Yakov Faitelson, CEO
Without a doubt. There is significant interest as organizations aim to secure their copilots across almost every platform they use. We see this on SaaS platforms like Salesforce, GitHub, Jira, and others. Organizations will also have connectors for platforms like Box and Google. Many customers even deploy their own private instances of OpenAI, integrating that data into SharePoint or an S3 bucket on Azure Blob, generating significant value. Our efforts with Copilot extend to examining the queries themselves and tracking risky users and other logs. This multifaceted approach is proving effective. We've observed surprising speed at which critical data can be exposed when utilizing these technologies, underlining the importance of data security in real-time.
Operator, Operator
Next question comes from the line of Shaul Eyal with TD Cowen.
Shaul Eyal, Analyst
Congrats on the ongoing SaaS transition and the overall results. Guy or Yaki, I wanted to ask about the mix between existing customers and new logos this quarter. Can you double click on this item? And maybe, Yaki, specifically for you, you're often being asked about the competitive arena. Typically, Varonis has limited competition in this sphere. However, with many security companies acquiring smaller DSPM assets, what are you observing in the market aside from the overall validation?
Guy Melamed, CFO and COO
When you examine the results from Q1, the majority of our new ACV came from new logos. SaaS is truly opening up new markets for us by reducing the two biggest pushbacks we faced previously—companies not having sufficient personnel to support the solution and reluctance to buy hardware. The adjustments made to our commission plan, along with the simplicity of the message and the benefits of our products, have contributed to this healthy new logo activity.
Yakov Faitelson, CEO
In our traditional areas, we are significantly dominating, encompassing all NAS devices, Active Directory, and more. Nothing has changed there. However, we have now shifted our focus to the IS side, particularly AWS, where we have developed what we believe is the best product on the market. We anticipate competition in these spaces, which will create budgets, but in terms of scale and automated outcomes, I’m confident we are well-positioned to capitalize on this market.
Operator, Operator
Next question comes from the line of Annick Baumann with Jefferies.
Annick Baumann, Analyst
You launched many new products last quarter, including Snowflake and Salesforce protection. Can you talk qualitatively about the traction you're seeing there?
Yakov Faitelson, CEO
In terms of everything we're doing on the IS side, we are observing a lot of traction. Importantly, services like Snowflake and other data repositories are significant. Our core technology analyzes metadata effectively, even at scale. The connectivity to the MDDR provides exciting prospects. We are pleased with the engineering team's rapid release cycle of features and products.
Operator, Operator
Next question comes from the line of Jason Ader with William Blair.
Jason Ader, Analyst
I wanted to ask about MDDR again. Specifically, can you talk about the pricing model you use and the type of uplift it could create on your SaaS business? Any early metrics on attach rate?
Guy Melamed, CFO and COO
That's a great question. The core goal at the end of the day is to protect our customers. When you consider the MDDR offering, it resonates deeply with customers, making the value clear. With that value, we aim to extract revenue and boost customer lifetime value. There are two approaches: allowing customers to buy additional licenses, resulting in reduced MDDR pricing, or if they only want MDDR, the pricing for MDDR as a standalone product is significantly higher. Customers are embracing the package and purchasing it as part of additional licenses, increasing our average selling price (ASP). It’s still early, hence I'm hesitant to disclose specific numbers, but we are witnessing healthy ASP growth and significant value from our platform.
Yakov Faitelson, CEO
MDDR essentially fulfills our promise to the global market. If you have our solution, we are unlikely to experience a data breach. Our priority is to maximize coverage with MDDR for our customers, ensuring we can protect them automatically.
Jason Ader, Analyst
Do you think ultimately most of your customers will take this?
Guy Melamed, CFO and COO
We believe every customer requires it, and while it will be a gradual adoption, the initial feedback is extremely positive. Conversations concerning MDDR for the rest of the year are also encouraging.
Operator, Operator
Next question comes from the line of Shrenik Kothari with Baird.
Shrenik Kothari, Analyst
Yaki, you touched upon Gen AI. I wanted to double-click; you mentioned healthy leading indicators regarding Gen AI, but adoption expected to be measured as organizations consider potential risks. It looks like data security is at the center of this, with most copilot adoptions kind of getting started due to security concerns. It appears there should be demand for your services in the current stage of pre-Gen AI adoption. Why isn’t the pipeline starting to flow through to deals yet if you offer what they need right now?
Yakov Faitelson, CEO
Organizations are still in the early stages of using LLM-based tools. While businesses recognize that reaping productivity benefits requires solid data security, they have yet to make large-scale moves due to fear of potentially grave consequences without safeguards in place. This situation has not yet reflected positively in Q1 revenues but is starting to have pipeline implications and we expect it will evolve into a significant tailwind for the business.
Operator, Operator
Next question comes from the line of Junaid Siddiqui with Truist.
Junaid Siddiqui, Analyst
Great. Just had a question regarding opportunities in the channel. Any particular areas of emphasis you're focusing on, be it MSPs or SIs as you transition to a predominantly SaaS company?
Yakov Faitelson, CEO
We are indeed collaborating with everyone. We are a channel-focused company. Our SaaS solutions are considerably simpler, minimizing installation friction and accelerating ongoing value. This makes it easier for partners to work with us.
Operator, Operator
Next question comes from the line of Rudy Kessinger with D.A. Davidson.
Rudy Kessinger, Analyst
Guy, can you share how much of your existing ARR converted to SaaS this quarter? Directionally, did you confirm more or less in Q1 than you did in Q4?
Guy Melamed, CFO and COO
We were pleased with the conversions in Q1, which helped drive SaaS to approximately 30% of total ARR. The number is actually $165.5 million. While we haven't discussed the precise dollar value for conversions, SaaS ARR reflects our progress in completing the transition, which remains one of our overarching goals. SaaS ARR was robust in Q1, and existing customer conversions played into that strongly.
Operator, Operator
Next question comes from the line of Stephen Schwartz with Wells Fargo.
Unknown Analyst, Analyst
This is Stephen on for Andy Nowinski. Wanted to ask about your focus on new logos, maybe the role that MDDR can play into that? How much education do you need to do to make that a driver of new logos? Is it something you're actively considering?
Guy Melamed, CFO and COO
It’s clear that MDDR can assist in acquiring new logos, enabling us to simplify discussions around our offerings. Presenting an SLA guaranteeing a 30-minute response to ransomware attacks certainly attracts interest. MDDR allows us to provide significant support to our customers without requiring extensive personnel from them.
Operator, Operator
Next question comes from the line of Joshua Tilton with Wolfe Research.
Unknown Analyst, Analyst
This is Patrick on for Josh. So piggybacking off of several earlier questions around the healthy pipeline build with respect to AI: can you talk about the sales cycles you expect to see around the Copilot offering? Do you expect them to align with the rest of the business or potentially be longer if customers are hesitant to adopt AI?
Yakov Faitelson, CEO
It's still early. I can't speak definitively on how it will influence sales cycles. However, I can say that it draws attention to existing problems and heightens awareness. Organizations will likely take significant risks to employ AI tools without robust data security measures in place. That being said, we need to observe how this will manifest in the market. The reality is that customers increasingly realize that without solutions like ours, their data remains unprotected from breaches. Regardless of whether the threats come from insiders or APTs, as identity becomes paramount, the perimeter ceases to exist.
Operator, Operator
Thank you, ladies and gentlemen. We have reached the end of the question-and-answer session. I would now like to turn the floor over to Tim Perz for closing comments.
Tim Perz, Investor Relations
Thanks for the interest in Varonis. We look forward to meeting with you all at the conferences this quarter.
Operator, Operator
Thank you. This concludes today's conference. You may disconnect your lines at this time. Thank you for your participation.