Qualys, Inc. (QLYS) Q4 2022 Earnings Report, Transcript and Summary

Good day, and thank you for standing by. Welcome to the Qualys Fourth Quarter and Full year 2022 Earnings Call. At this time, all participants are in a listen-only mode. After the speakers' presentation, there will be a question-and-answer session. [Operator Instructions] Please be advised that today's conference is being recorded. I would now like to hand the conference over to your speakers today, Mr. Blair King. Please go ahead.

Good afternoon, and welcome to Qualys' fourth quarter 2022 earnings call. Joining me today to discuss our results are Sumedh Thakar, our President and CEO; and Joo Mi Kim, our CFO. Before we get started, I would like to remind you that our remarks today will include forward-looking statements that generally relate to future events or our future financial or operating performance. Actual results may differ materially from these statements. Factors that could cause results to differ materially are set forth in today's press release and our filings with the SEC, including our latest Form 10-Q and 10-K. Any forward-looking statements that we make on this call are based on assumptions as of today, and we undertake no obligation to update these statements as a result of new information or future events. During this call, we will present both GAAP and non-GAAP financial measures. A reconciliation of GAAP to non-GAAP measures is included in today's earnings press release. And as a reminder, the press release, prepared remarks and investor presentation are all available on the Investor Relations section of our website. So with that, I'd like to now turn the call over to Sumedh.

Thanks, Blair, and welcome, everyone, to our fourth quarter earnings call. We delivered another quarter of strong financial performance; reflecting a year of accelerated revenue growth and industry-leading profitability. In terms of innovation, 2022 was a strong year for Qualys as we expanded our platform and our market opportunity. We introduced Context XDR to enable high-fidelity detection and response capabilities for our customers. We released VMDR 2.0 with TruRisk to enable comprehensive risk scoring and ITSM integrations. We brought External Attack Surface Management into our CyberSecurity Asset Management application. We unified multiple context vectors around asset criticality, vulnerabilities and system misconfigurations with asset telemetry in a single agent and brought a unique EDR application to market. Further flexing the power of our platform, we introduced our cloud-native TotalCloud with FlexScan, which pairs agent and agentless zero-touch assessment options with comprehensive cloud posture management and container security. These innovations allow our customers to reduce complexity as they standardize on a trusted platform that delivers an immediate ROI and lower total cost of ownership relative to siloed and traditional detection only technologies. With CISOs increasingly focused on comprehensive risk management, we have upgraded our TruRisk platform capability to ingest third-party scans into the Qualys Cloud Platform, which we call Enterprise TruRisk Management and is now in preview with customers. Regardless of which vendor scans an organization’s environment, with this enhancement to our TruRisk application, Qualys is now providing enterprise customers with a holistic, enterprise-wide risk score based on asset criticality and our Cloud Threat database, which is a unified threat intelligence platform of over 25 threat feeds. What makes this capability so special is our ability to then reduce an organization’s enterprise risk score by leveraging Qualys' remediation applications with automated workflows through a unified dashboard. Additionally, TotalCloud, which is our cloud-native risk management solution for public clouds, is now GA, and since our acquisition of Blue Hexagon in October, we’ve already added a new Cloud Detection and Response module to our TotalCloud solution. As organizations increasingly prioritize moving workloads to hybrid and multi-cloud environments, we view this new ML/AI-based technology for zero-day threat hunting and response as another strong competitive differentiator in a rapidly evolving market. Looking forward, we will continue to seek out opportunistic acquisitions to further enhance our platform, accelerate our time to market and further expand our market opportunity. Now turning to our sales and marketing execution, in Q4, we continued to witness organizations broadly responding to the evolving macro by applying additional layers of scrutiny to spend and delaying project start dates. We believe that with this increased scrutiny comes increased opportunity as organizations standardize on trusted platforms to consolidate security stacks, leverage automation, and achieve expedient remediation of risk. Qualys has a unique, organically built platform to address this need. Nevertheless, to fully capitalize on this opportunity requires crisp go-to-market execution. Over the last year, while we’ve made some meaningful progress on several fronts in this regard, including successfully growing the sales and marketing team and investing in our sales enablement and operations functions, we still have work to do in our sales execution. This is particularly evident within the context of today’s market dynamics and persistent macro headwinds, which resulted in lower-than-expected bookings growth in Q4. Accordingly, I’d like to share a couple of planned personnel and alignment changes within our sales and marketing organization, which position us for forward success. Earlier today, we announced the upcoming departure of our Chief Revenue Officer, Allan Peters. We thank Allan for his contributions during his tenure at Qualys as we continued to grow and scale our sales organization. In the interim, I will be overseeing the sales team as we focus on product-led growth, inherent in Qualys. We’re fortunate to have a talented next-level team of regional sales leaders who are energized by our competitive position in the market, and I’m confident in our ability to effectively drive our business forward as we search for Allan’s successor. Additionally, I’m pleased to announce Pinkesh Shah, who joined Qualys in November of last year, was recently promoted to serve as our new Chief Product Officer, overseeing both Product as well as Marketing. Given Pinkesh’s strong background in product-led growth, we believe having both product and marketing under the same leadership will help increase return on our investments and drive operational efficiencies in our go-to-market motion. It’s great to have Pinkesh on the team, and we’re looking forward to his leadership in helping execute our long-term growth agenda. As we diligently address the challenges brought on by today’s market uncertainty, we remain confident in our long-term strategy and trajectory. I’ve met with over a hundred CISOs over the past few months, and their message is clear; they are looking to pivot to a platform-based solution to solve their complex security problems. In the face of an evolving macro, escalated threat environment and cyber security skills gap, organizations need to reduce complexity and costs while presenting measurable risk reduction initiatives to Boards and C-level executives. This was underscored at our recent Qualys Security Conference in Las Vegas, which brought together over 500 Qualys customers and partners. Several customers in attendance highlighted the ability to measure their organizations’ security posture by leveraging the Qualys Cloud Platform, while reducing risk and costs. One customer stated that through VMDR with Truist, they reduced risk and eliminated 60% of critical vulnerabilities in a very short amount of time without having to buy separate threat intelligence feeds. Against this backdrop, there were several positives in Q4. We continued to see the steady adoption of VMDR, which is now deployed by 48% of our customers worldwide. A few key seven-figure VMDR wins in the quarter included two Global 500 financial institutions who chose Qualys for its ability to replace traditional siloed security tools and enhance security posture on a unified platform, and a Global 50 insurance company that is leveraging VMDR to not only detect, but also remediate vulnerabilities in both on-prem environments and cloud workloads. Beyond these wins, I’ll take a moment now to share a couple of additional successes with customers, who are consolidating their security stack to optimize spend and reduce risk. First, a new logo Fortune 1000 web hosting company selected Cybersecurity Asset Management VMDR and NO Cost to risk and remediation application in a seven-figure competitive win replacing point solutions from three vendors with one platform. The ability for this customer, to significantly enhance its security program, with automating steps comprehensive internal and external risk criticality, a quick remediation CMDBs and alerting on a natively integrated platform, where all key differentiators compared to vulnerability detection only solutions in the market. In addition, in 2022, highlighting organization's strategic focus on high-quality real-time asset inventory, we expanded our engagement with an existing financial services customer, signing an over $800,000 upsell deal for Qualys Cybersecurity Asset Management solution. This customer is standardizing on our Cyber Security Asset Management solution, due to the rich asset context, end-of-life visibility and real-time inventory they are able to get out of the same agents and platform they have already deployed for VMDR This enabled them to enhance their investment in Qualys platform and consolidating solutions, which is important to customers in current macro environment. As more and more customers are beginning to perceive Qualys as a leading security platform, they have -- as a leading security platform, that they can leverage to solve their complex and difficult security problems, we are growing increasingly confident in our ability to drive growth and gain market share. This is evidenced by the continued growth in our large customer spend, with customers spending $500,000 or more with us growing to 116 in Q4 up 27%, from a year ago Turning now to our growth initiatives in SME/SMB market, where we have witnessed slower growth. We have introduced new product packaging VMDR TruRisk VMDR TruRisk FixIT with Patch Management and VMDR TruRisk protected with both Patch Management and multi-vector EDR. These new packages offer simple, easy to deploy all includes cybersecurity solutions to manage remediate and protect against continuously emerging cyber threats and reduce for the small customers. We believe that the convenient packaging and pricing of this offering, will help streamline the sales process for our partners reducing time to value, and further advance our value proposition in the SME/SMB market. In addition, we are pleased to share that in Q4, we expanded our partnership with Oracle. Oracle Cloud Infrastructure OCI began offering, a fully managed vulnerability scanning service that enables Qualys customers to leverage their vulnerability, management licenses to scan their OCI, compute virtual machines. I'm also pleased to note, that OCI has selected Qualys' vulnerability management solution to help scan their internal environment for vulnerability. This is a testament to the effectiveness of quality and security cloud infrastructure and advancing our partner ecosystem. Finally, I'm pleased to announce that Qualys recently received FedRAMP Ready status, at the high impact level on our newly introduced GovCloud platform. Currently this is the only FedRAMP high ready platform offering inventory, vulnerability management and patch management in a single unified workflow. With government agencies increasingly moving workloads from on-prem environments to the cloud, this marks the achievement of a key milestone and makes Qualys the only modern alternative, to legacy scanners for federal, local and state government agencies. Given the certification, our consolidated platform and our investment to establish a public sector presence, we believe we are now well positioned to address a new vertical that will help drive growth in the long term. In summary, the cybersecurity market is a mission-critical technology. We believe our natively integrated platform, that is quantifying, remediating and reducing risk, brings a highly differentiated value proposition to our customers as they get more security using less resources out of a single Qualys Cloud Platform. In 2023, we’ll continue our disruptive innovation and further enhance and advance our go-to-market investments to crisply execute our long-term strategic vision with an already proven approach to balanced growth and profitability. With this, I’ll turn the call over to Joo Mi to further discuss our fourth quarter results and outlook for the first quarter and full year 2023.

Thanks, Sumedh, and good afternoon. Before I start, I’d like to note that, except for revenue, all financial figures are non-GAAP and growth rates are based on comparisons to the prior year period, unless stated otherwise. 2022 was another notable year of product innovation for Qualys as we continued our product leadership while growing revenues by 19%, maintaining our gross margin at 81% despite inflationary pressures, and generating EBITDA margin of 45%. While our profit margin was well-above our industry peers, 2022 was a year of investment for Qualys with both R&D and sales and marketing growing faster than revenues. In R&D, we invested in our security research and product management teams to further strengthen the value proposition of our products and assist in executing our go-to-market strategy. In sales and marketing, it was a mix of investments in headcount as well as trade shows and marketing campaigns. Having executed against our 2022 investment plan with over a 20% increase in sales and marketing headcount, we look forward to optimizing our investments in 2023 as we remain committed to driving long-term profitable growth. Now, let’s turn to fourth quarter results. Revenues in the fourth quarter grew 19% to $130.8 million, up from 16% in the year ago period. This includes a de minimis add from the Blue Hexagon acquisition, which contributed a few hundred thousand dollars to Q4 revenues. Revenues from channel partners grew 22%, outpacing direct, which grew 17%. Our revenue contribution mix has shifted slightly over the last year with direct making up 58% of total revenues versus 59% a year ago. We expect a similar trend to continue in 2023. By geo, growth in the US of 19% was in-line with our international business, which grew 20%. Looking ahead to 2023, we expect our US and international revenue mix to remain at roughly 60% and 40%, respectively. In Q4, we saw continued strength in customer dollar retention but lower performance in up-sell with our net dollar expansion rate on a constant currency basis at 109%, down from 111% last quarter but up from 108% last year. Where we saw room for improvement was primarily in smaller customers who spent less than $25,000 with us during the last year. We expect this segment to gain momentum with the launch of the new product packages that Sumedh just mentioned. In comparison, customers who spent $25,000 or more with us increased by approximately 20% both in count and revenue. In terms of new product contribution to bookings, we continued to see healthy demand for Patch Management and CyberSecurity Asset Management with the two combined making up 9% of LTM bookings and 15% of LTM new bookings in Q4. The increased adoption for these products resulted in 50% growth in Q4 on a combined basis. Adjusted EBITDA for the fourth quarter of 2022 was $55.1 million, representing a 42% margin compared to a 45% margin a year ago. Operating expenses in Q4 increased by 25% to $58.4 million, primarily driven by the growth in sales and marketing investments including higher headcount and related costs as well as spend on trade shows. EPS for the fourth quarter of 2022 was $1.01 and our free cash flow for the quarter – of fourth quarter of 2022 was $40.9 million representing a 31% margin compared to a 32% margin a year ago. In Q4, we continued to invest the cash we generated from operations back into Qualys including $3 million on capital expenditures and $104.5 million to repurchase $848,000 of our outstanding shares. At the end of the quarter, we had $154.5 million remaining in our share repurchase program. We are pleased to announce that our Board has authorized an additional $100 million share repurchase program bring the total available amount for share repurchases to $254.5 million. Now let us turn to our 2023 guidance. Starting with revenues for the full year 2023, our revenue guidance is $553 million to $557 million, which represents a growth rate of 13% to 14%. For the first quarter 2023, we expect revenues to be in the range of $130.2 million to $131 million representing a growth rate of 15% to 16%. This guidance is assuming no material revenue contribution from our newer products such as Context XDR and total cloud and continued unfavorable market dynamics throughout 2023 similar to what we witnessed in the fourth quarter of 2022. Given the growth opportunities ahead of us, we will continue to invest in operations, people and systems while recognizing the importance of optimization. As a result, we expect full year 2023 EBITDA margin to be in the low 40s roughly in line with the fourth quarter 2022 margins. We expect full year EPS to be in the range of 4.10 and 4.18 and for the first quarter of 2023 in the range of 0.95 and 0.97. Our planned capital expenditures in 2023 is expected to be in the range of $18 million to $25 million and for the first quarter of 2023 in the range of $4 million to $5 million. In 2023, we plan to align our product and marketing investments to focus on specific initiatives to drive more pipeline and support sales and respond to the current macro conditions, while at the same time maintaining a disciplined approach to unit economics. Throughout 2022, we accelerated the pace of hiring and broadened great talent across all functions of the company increasing the total employee base by 18%, while growing sales and marketing headcount by 22%. While we plan to continue to invest in 2023 given the environment we are in, we're planning to prioritize increase in investment in sales and marketing as well as related support functions and systems while largely maintaining our level of investment in engineering. As we [indiscernible] to sharpen our execution by focusing on sales and marketing enablement and productivity, we believe we will be able to drive Qualys share and long-term returns, while balancing growth and profitability. In conclusion in 2022, we delivered strong top-line growth and industry-leading profitability. We continue to lead with product innovation introducing Context XCR and Total cloud and adding true risk to VMDR. With these achievements, we remain confident in our ability to deliver on our growth opportunity long-term and we will continue to prioritize investments critical to advancing our platform and go-to-market scale, with a commitment to further elevate the areas of our business within our control and maximize shareholder value. With that Sumedh and I would be happy to answer any of your questions.

[Operator Instructions] Our first question will come from the line of Dan Bergstrom from RBC Capital Markets. Your line is open.

Yes. Thanks for taking our question. So, could you talk a little bit more about the buildup to guidance for calendar year 2023? What are you assuming from a macro perspective relative to what you saw in the fourth quarter? You said similar, but maybe more on -- is it the same getting worse, close rates? Just trying to better understand the level of conservatism in everyone's numbers here.

Yes. I think, we really think that we saw the macro and -- from our perspective deteriorate in Q4 and that thing -- that was reflected in our softer than expected bookings, both on new and upsell. And, I think, we see opportunity for us to continue to work with our sales team, improve their execution. And I think those are some of the things that -- changes that we have put in place, that we are looking forward to. As we get into Q1 and for FY 2023, we've sort of not assumed any change in that macro or productivity or anything like that when we looked at the guidance.

Great. Thanks. And then, looking through the PowerPoint, it looks like the penetration of Fortune 50 G2K customers increase versus previously and you called out an example in the prepared remarks there. Just curious about what's securing that business, what products did they adopt? And then, just to verify, is this the first real change in penetration there in some time?

I think, the larger customers, what's really interesting is that, they have complex security problems that they need to solve and the combination of Cybersecurity Asset Management capability the vulnerability management and detection response and patch management, together are really helping them solve that. And what is happening is that, everybody is talking about security budgets and the layers being added and the scrutiny, but really it's a question of the spend that you're putting in security is that giving you meaningful outcomes from a risk reduction perspective and that's really the question that's being asked. If we're going to spend this money, are we getting a risk reduction. And that's where the TruRisk that we introduced last year and the enhancement that we have done now, it has resonated well with the CISOs, because now we're able to give them risk score and they're able to actually tie the spend that they're doing to bring that risk score down and really able to quantify how that investment is making sense. And I think that conversation has been quite exciting and that is where we see larger enterprises, like I gave that example of this company, that essentially bought just over $800,000 worth of just asset inventory product to add on to the VMDR in Q4 -- Q3, Q4 so that they could actually enhance their security program and get that outcome and reduce the speed at which they're able to address this threat. So it's not just the projects in security you're executing, but what is the outcome that you are bringing. And I think that's kind of what's resonating with our customers.

Great. Thank you.

One moment for our next question. And our next question comes from the line of Joshua Tilton from Wolfe Research. Your line is open.

Hey, guys. Thanks for taking my question. Just one for me. The growth outlook range for next year is kind of ahead of the growth that you guys did in your current billings in the back half of 2022. So can you just help us understand that ramp or maybe that acceleration in new billings that you guys need in order to I wouldn't say meet, but maybe come in slightly ahead of the guidance that you laid out for 2023? Thanks.

Yeah. If you take a look at the current billings growth for 2022 the 15%, I think that what we would need to beat our revenue guidance is probably do something around that range. And if you take a look at the guidance that we gave for 2023, the assumptions that we made are -- we thought that it would be prudent to take into consideration the current macroeconomic conditions as well as the trend that we're seeing right now. Q4 was a tough quarter for us. As Sumedh mentioned, it was lower-than-expected bookings performance. And what we've assumed in the 2023 guidance is that that condition continues. We will be actively looking to improve our sales execution as well as look at different opportunities both large and small across all our customer base in order to drive bookings growth. But with that said, we feel that the guidance is probably derisked at this point.

Thank you very much.

Thank you. One moment for our next question. Our next question is come from the line of Joel Fishbein from Truist. Your line is open.

Hi. Good afternoon. This is [indiscernible] for Joel Fishbein. I just had a question. I think you had mentioned -- I saw that your gross margin ticked down around 60 basis points quarter-over-quarter. And I think you might have mentioned some inflationary pressures. Could you talk about discounting? And did you see any pricing pressure additionally in Q4, especially as some of your existing customers were renewing your contracts?

Yeah. I think as we went into Q4, we certainly saw more discounting pressure coming in from competition. And we review with case-by-case basis, but we have a lot of different capabilities that we can offer to bring more value to the customer for the same dollar they spend with us. And so yes, we do see the discounting pressure and we're essentially going back to them with the metal value prop with additional capabilities. And you see some of that in the packages that we have built for 2023, where we are adding patch management and EDR et cetera together in simple packages, which offer them a little discount, but actually make it much easy to reduce the friction of the buying process.

Great. Thank you.

One moment for our next question. Our next question will come from the line of Rob Owens from Piper Sandler. Your line is open.

Great. Thanks for taking my question. As you guys look at your sales and marketing investment from a direct and channel standpoint. Are you leaning either direction as we look at that metric moving forward, might it skew one way or the other given it's been relatively static over the last couple of years? Thanks.

Yeah. I would say at a high level that we've started the program for partners in May of last year. So I think we are excited to see some of the early traction that we are seeing in terms of the registration and the engagement that we are seeing with a number of partners, but I think we're -- it's so early days. And so as we progress through this year or so, we'll get a better idea of how the demand is coming from partners versus direct. And I think as that evolves we will have a better picture and some are not necessarily driving towards one way or the other.

Thank you. One moment for next question. Our next question will come from the line of Brian Essex from JPMorgan. Your line is open.

Hi. Good afternoon. Thanks for taking my question. I guess maybe for Sumedh. I think, Joo Mi mentioned that there was no real material contribution in the guidance from Contact XDR and total cloud, but maybe some early indications of what you're seeing there and maybe outside of those products other emerging products that might be showing signs for early contribution? And how might that drive levers for upside in 2023?

Great question. So if you look at where in Q4, if you look at cybersecurity management, patch management, I think those continue to have good uptake. And if you see the contribution to the bookings, I think it's like 15% for the combination of those two. And so I think we are seeing more and more interest in those. I think total cloud is something that we're driving a lot of innovation in and the Blue Hexagon coming in. So as customers are looking for flexibility moving workloads from on-prem into cloud multi-cloud and back I think a combination of Qualys VMDR with total cloud licenses is something where we see initially they will look at being flexible with the licenses that they have and then adopt additional licenses as they grow into the cloud in the future. The feedback has been very positive because of the comprehensiveness of the scanning capability that we bring and sort of just focusing on a snap chart only scan or agent-only scan we're giving them the most flexible options. And so our large enterprises are excited about it instead of looking at cloud-only security solutions that only gives them a visibility near the cloud. Most companies applications have or hybrid some of it is in cloud some of it is in on-prem and they want to see the risk overall risk of a combination of everything. And so that feedback has been quite valuable and we have customers who are looking forward to starting to do evaluations of Coco Cloud. Now that it's gone and give us feedback and see how that they can adopt that in addition to the VMDR that they're using on their own brain systems. And then context SDR is still early days. We have a few customers that have started using it are giving us feedback. But the overall theme is the same that today instead of having multiple tools collecting parts of the data and then them having to build something to bring context. So while there are many tools that are just collecting logs and providing detections from those locks the context of the asset, whether it's running a database, or whether it has vulnerabilities all of those things are missing. And so on the Qualys platform, because we have so much real-time context of the asset when they're able to bring those logs in Qualys that's where they're seeing interesting use cases that they can satisfy. I think that's kind of how really customers are looking at it that the Qualys platform solves multiple use cases more than the individual product. It's the use case that they have how that is getting solved. So it's early days for these, but I think we are pretty excited about the more immediate term uptake that we're seeing in Cyber Security Asset Management and Patch Management and then we look forward to Context XDR and Total Cloud more in the future quarters.

Got it. That's helpful. Maybe just a quick follow-up. Just on managed services penetration, I think you've talked about it in the past. But in the spirit of expanding outside of large enterprise and outside of the traction that you're seeing with partners. And any incremental traction there to note?

No, I think we continue to bring MSSPs on board, as you work with them, but I think nothing to call out that is dramatically different. I think, as it was interesting to see as the macro also evolves from the partner perspective how they see the value of managing their bottom line to provide service to their customers by not having to go to 20 different tools to provide the service versus standardizing on a Qualys platform that is bringing everything from providing vulnerability management patching to EDR. And those are the congresses that we are having as partners are also looking into 2023, how they want to optimize what they provide, but like I said nothing material or very different to share right now.

Got it. That's helpful. Thank you so much.

One moment for our next question. Our next question will come from the line of Rudy Kessinger from D.A. Davidson. Your line is open.

Hey, guys. Thanks for taking my question. I guess I'm curious on the guidance it sounds like what you're saying is what's baked into the guide for 2023 and is an assumption that the conditions in Q4 continue but not necessarily get worse. I guess, I'm just curious why not go in that next step. I think most of your competitors and others in the broader cybersecurity space have gone that extra step to make an assumption that things deteriorate further and bake that into the 2023 guide. So, just curious what drove that decision there.

Yeah. I think in terms of – look I think we are taking into account that what we saw in Q4 which for us was fairly different than what we have seen earlier and it was not in terms of productivity et cetera, was lower than what we had expected. So we're assuming that that's going to continue. And again we are continuing to invest in the sales and marketing side of the house to get more quota carriers and to be able to improve with the packages that we have, et cetera, to improve how we are looking at execution. So that's why we are just assuming the continuation of the Q4 macro that we are seeing. But again, it's – there is lumpiness that we understand, but that's kind of how we are looking at it.

Yeah. And as I mentioned in Q4 what we saw was bookings came in lower than what we had anticipated, and so we felt that that macro impact in Q4 already. And so for us the way we look at it is because of the macro impact it had a it had a trickle down impact on the sales rep productivity and in the process and we're really looking into our sales execution and the momentum. And so with that said, we do see signs where like as an example we just launched a new product. There are some initiatives that are going on right now that, we feel like it's headed in the right direction. But the guidance actually is taking into consideration all these different elements including the personnel changes. So we feel that it is a cautious guidance from our perspective.

Okay. And then secondly on the sales execution, you've mentioned that a couple of times I guess, where do you really need improvement? Is it more so your tenured reps are not selling really the whole package as affected is that your newer reps are taking longer to ramp and obviously, the macro could be impacting that. But any more tangible items you could call out on sales execution that you're looking to improve?

Yes. I think we are overall. I think the investments we made in 2022. A lot of them have done well. I think we increased sales headcount as well. I think it's a little bit different in each segment like you saw the larger customers are doing well in terms of getting additional capabilities from Qualys, et cetera. And then of course there are some deals on the larger enterprises where because of the macro there are additional signature, additional layers of convincing the value and I think there is room for us to do better in those. We didn't quite in some of these deals actually stay ahead of ensuring that we were in front of the right people and showing the value. So I think that's a training that we are giving even our tenured reps to make sure that as we get into 2023, we're doing a better job of staying ahead of that. I think on the lower end of the customers, that's more about how do we reduce the friction in the buying process by not having to have them upsell individual modules and provide better packages and then just a matter of messaging for the SMB segment around value proposition as we call it MDR True Risk and then fix it that this is going to fix your things and this is going to protect you. So I think it's – on those two different segments I think it's right. And then overall of course we have a sales force we have been hiring last year and there is a room for us to provide better sales enablement for them. And that's why with Pinkesh now coming on board and aligning product marketing, product management, product market being and driving more product-led growth, we believe we can use our platform itself as a way to create more opportunities for our sellers to show the value prop much more quickly. And so it's a combination of those things that we are looking at.

And just to add a little bit more color to it. The way we're looking at it is we've always been a product leader. We believe that we have a very differentiated cloud platform that works very well and serves our enterprise customers that are looking to solve very complex and difficult problems. And so that's why we've been successful in the last year in terms of our ability to grow both account and the dollar amount from larger organizations. With that said, where we've seen the lack of growth and the inefficiency if you will is on the SME and SMB space, where if you take a look at as an example, customers who spent less than $20,000 with us, the count really didn't grow that much and that's been a drag on our business. That's where we're really focused on right now with the new product and packaging, we knew that there was friction. And this is where we're very happy with the new product launch. And with that I am happy to accelerate and gain the momentum in that segment where we've seen more of the macro head, we believe that that will have an incremental revenue if you will that we'll be able to deliver probably in the second half of 2023.

Thank you. One moment for our next question. Our next question will come from the line of Hamza Fodderwala from Morgan Stanley. Your line is open.

Hi, good evening. Thank you for taking my question. Joo Mi, you talked a little bit about the personnel changes and how you're thinking about that. Just curious, how are you reflecting sort of the risk of additional sales disruption on the back of the CRO departure? Is that something that you really contemplated in your 2023 outlook?

Yes. And this is why we believe our outlook is appropriately derisked from that perspective, because if you take the assumption that we made in addition to the -- assuming that the current macro continues is, no material improve or gain from the newer product. I mean we do see a huge upside to our guidance if our newer product happened to take off in the second half of this year. However, because of the personnel changes, we believe that the sales and productivity, even though it was lower in Q4, we're assuming that it continues as it is in 2023.

Got it. And just so I guess, maybe our models are level set, because it is an important metric. I'm curious how you're thinking about growth for CCB throughout the year. I think in times where -- years where things have been slowing we've seen CCB kind of south of revenue growth by a few points. Should we expect CCB to grow like maybe close to 10% this year?

Not necessarily, because if you think about revenue, it's a lag from the CCB, right? And so when I say the upside, the CCB could grow higher than the revenue and that's the uncertainty. In terms of our guidance for the revenue, however, it's more informed by what we were able to achieve in 2022. We believe we'll be achieving in the first half 2023. That will have a greater weight on the revenue for 2023.

Okay. Thank you.

Thank you. I'm not showing any further questions in the queue. With that, this concludes today's conference call. Thank you for participating. You may now disconnect. Everyone have a great day.