Ladies and gentlemen, welcome to the Radware Conference Call discussing First Quarter 2023 Results and thank you all for holding. Today's conference is being recorded, and all lines have been placed on mute to prevent any background noise. After the speaker's remarks, there will be a question-and-answer session. [Operator Instructions] Thank you. And I would now like to turn the call over to Yisca Erez, Director of Investor Relations at Radware. Please go ahead.

Thank you, Avi. Good morning, everyone, and welcome to Radware's first quarter 2023 earnings conference call. Joining me today are Roy Zisapel, President and Chief Executive Officer; and Guy Avidan, Chief Financial Officer. A copy of today's press release and financial statements, as well as the investor kit for the first quarter, are available in the Investor Relations section of our website. During today's call, we may make projections or other forward-looking statements regarding future events or the future financial performance of the company. These forward-looking statements are subject to various risks and uncertainties, and actual results could differ materially from Radware's current forecast and estimates. Factors that could cause or contribute to such differences include but are not limited to impact from the changing or severe global economic conditions, the COVID-19 pandemic, general business conditions and our ability to address changes in our industry, changes in demand for products, the timing in the amount of orders and other risks, differences from time to time in Radware's filings. We refer you to the documents the company files and furnishes from time to time with the SEC, specifically the company's last annual report on Form 20-F as on March 30, 2023. We undertake no commitment to revise or update any forward-looking statements in order to reflect events or circumstances after the date of such statement is made. I will now turn the call to Roy Zisapel.

Thank you, Yisca, and thank you all for joining us today. We ended the first quarter of 2023 with revenue of $69 million and earnings per share of $0.14. The macro challenges that we experienced in the first quarter were stronger and broader than in previous quarters. These challenges translated into longer sales cycles, more cautious spending and closing delays across all regions. Despite that, we saw strong cloud security bookings, and our cloud ARR grew 21% year-over-year, in line with Q4 2022 growth rate, highlighting the strength of our offering and the critical nature of our solutions. While the macro environment is creating business challenges, organizations remain under pressure as they face more frequent and more complex cyber-attacks. Attacks accelerated during the first four months of the year. There were significant attack campaigns against the U.S. healthcare sector, the Canadian government, Australian ports and government websites, Israeli government and banks, as well as airlines and airports in Scandinavia, to name a few. Russia's invasion of Ukraine has ushered in a whole new wave of activism that is generally bolder and more determined than ever before. Any organization, independent of size and industry, can become a target for activists who desire to advance their cause. According to our recent Threat Intelligence Report, three activist groups claimed responsibility for more than 60% of DDoS attacks between February and April. As a result of the escalation in attacks and downtime in enterprise networks, we saw multiple emergency onboarding to our cloud platform by organizations under attack. We estimate that many of the companies that were onboarded under attack during the first quarter will convert into longer term customer contracts. It's clear that so-called good enough security is not good at all. You need best-of-breed security, and Radware by any technical and analyst…

Thank you, Roy, and good day, everyone. I'm pleased to provide the analysis of our financial results and business performance for the first quarter of 2023 as well as our outlook for the second quarter of 2023. Before beginning the financial overview, I would like to remind you that unless otherwise indicated, all financial results are non-GAAP. A full reconciliation of our results on a GAAP and non-GAAP basis is available in the earnings press release issued earlier today and on the Investors section of our website. First quarter 2023 revenues declined 6% year-over-year to $69 million compared to $73.7 million in the same period of last year. The decline of revenue was on the back of the ongoing and increased macroeconomic environment that we have experienced since the second quarter of last year and which intensified in the first quarter of this year. The impact of the macro environment is still evident in an elongated cell cycle as well as budget scrutiny and extended multiphase deployments. As Roy said, and as we are witnessing for some time, levels of attacks are growing consistently in the last few years. However, these attacks are not fully expressed yet in the demand of organizations for our cyber solution due to budget cuts as a result of macro uncertainties. Despite the macro headwind, our cloud business was strong in the first quarter. Cloud ARR in the first quarter of 2023 grew 21% year-over-year, similar to the growth in the fourth quarter of 2022, and accounted for 27% of total ARR compared to 24% last year. The growth of our cloud business is also reflected in our recurring revenues and increased from 68% in Q1 2022 to 73% in Q1 2023. As we highlighted in our Investor Day in February this year, we are…

Thank you. [Operator Instructions] We will take our first question from Alex Henderson with Needham. Your line is open.

Great. Thanks so much. Just looking at the guide for a second. Can you give us some sense of what you think your interest rate tax rate will do just to round out the numbers a little bit? Obviously, those have been moving around a little bit.

Yeah. So as mentioned before, we expect the interest rate to continue -- financial income to continue to grow based on current interest rates. [Multiple Speakers]

So do you have any guide for that -- for the interest income for the 2Q?

No, we haven't guided. The only thing we said is that we expect to continue to grow at more or less the same pace as we did in the last quarter. And the tax rate same as before.

Okay. And then, if you could just remind us how you're positioned against the FX. Obviously, the shekel is quite weak as a result of the political turmoil there. So how are you positioned on that?

We're hedged for the rest of the year. So new Israeli shekel versus U.S. dollar, FX should not impact our P&L. That's it. For next year, we're not hedged yet.

All right. And then going back to the numbers, it looks to me like the U.S. was the particular problem, but it also looks like the problem was heavily skewed to service providers in the quarter. So could you talk a little bit about what's going on with that vertical? Because obviously, it was a big part of the overall decline here and significantly worse than the corporate averages. Is that a function of the shift in the business mix away from what you've traditionally done for them, and therefore, we should expect that to continue and when does that flatten out?

So I think there are several factors. First, we saw overall weakness across the globe. Yes, America was weak, but I can tell you that was our feeling also on the rest of the theaters. Second, we're definitely now more geared, especially with the focus on cloud security towards enterprises. And I think that you see that over the last several years and also now. And third, I believe that the major weakness was in large CapEx projects. That's where the biggest headwind is. And obviously, carrier deals tend to be larger, tend to be CapEx. And therefore, I think we saw it also there in large magnitude. I think also large enterprise CapEx deals suffered, but this is masked by our cloud performance. So I think in the interior, there's nothing to cover the reduction in the CapEx deals.

Just to clarify, when you said weak globally on demand, that was not company-wide, that was a comment about service providers, specifically, right?

So I think company-wide, we...

So company-wide means globally and also in service provider?

Yes.

Okay. I see. If I could -- just one more question here. So as I'm looking at the mechanics of the U.S. business being down, you've got a reorg going on in your go-to-market there, I believe, that should stabilize things at some point. How do you expect that to progress over the course of the year? When does the realignment there start to improve things?

From a number point of view, we didn't see that in Q1, but from other measures and other KPIs, we do see improvement in the execution in the U.S. We have many KPIs we track before revenues from proof-of-concept to engagements to pipeline and so on. So, all in all, we feel better about the U.S. organization. We feel better about pipeline penetration. I mentioned also the RSA and the customer activity. So while Q1 was difficult, we're actually feeling way better going now into Q2 and beyond.

All right. I’ll see the floor and get back in queue. Thanks.

Thank you, Alex.

And we will take our next question from George Notter with Jefferies. Your line is open.

Hi, guys. Thanks very much. Yeah. I guess I wanted to expand on that. You guys have made a lot of changes, I think, in the sales organization. I know you've changed the compensation plan. You're reorienting folks around more medium-sized enterprise deals, obviously, the cloud products. Could you talk a little bit about what the early returns are there in terms of the new comp plan and the changes you're making? Any more you can tell us would be great.

Okay. So first, obviously, it's early to say, but if I need already to ask to look at one figure, the booking of subscriptions in Q1, for the first time, crossed 50% of our total bookings. So we definitely saw some of our sellers in growing quantity, focusing on everything that is subscription more than a regular product. So that we are already seeing. I think also very strong pipeline and activity in cloud as a result of that because we're highlighting not only subscription but cloud security in specific. So all in all, I think we are moving in the right direction. It's aligned with the focus areas we covered in the Analyst Day. We'll see how it's progressing. But so far, I think it's going in the right direction.

Got it. And then I know you made some changes to the Cisco OEM relationship also. I know that they included Radware and their enterprise-wide license agreements. Can you talk about what you're seeing through that channel?

Yes. It was a very good quarter with Cisco. We actually -- beyond revenues, which I think were a record level, we're seeing a lot of activity in the field. So there's really a big pickup in activity in deals, in engagements, in events. As you've mentioned, we're now part of the enterprise agreement of Cisco. So we're seeing the Cisco security team engaging in discussions with their customers under those frame agreements to include the other portfolio in. We have also the Turbo accounts that we are working to get the large accounts of Cisco that we're working together with them. So all in all, it was a very good quarter, very good momentum there and we have good expectations also for the coming quarters.

Got it. At what point do you think that would be a relationship that you might break out for investors, give us a sense for how big that is? Is that on the horizon?

I hope so. We are progressing. We are progressing well. Let's say, as it grows more, what is the right time.

Okay. Great. Thank you very much, guys.

Thank you, George.

We will take our next question from Chris Reimer with Barclays. Your line is open.

Hi. Thanks for taking my questions. I wonder, if you could touch on the process for onboarding the emergency customers. You said there was an uptick this quarter and a few more of those. Can you just walk us through the process of how they get onboarded, how long can they remain customers until they do become an actual customer and what kind of traction do you see in them converting as a permanent customer?

Yeah. So generally -- thanks for the question. So generally, when we're talking about an emergency onboarding, we mean that the customer is under attack. When they're under attack, they are probably are down, meaning their applications are down, their network is down. And there's -- especially indeed, there's heavy traffic towards their data centers and applications. The onboarding process can be very quick when it can be done in an hour. And definitely can be achieved in several hours. The critical factor there is receiving a letter of authorization from the customer to its ISPs that Radware can act on the network as behalf of the customers. So we can behave as if we are the customer network. Once this is done, it's quite immediate to onboard the customer to our network. As we are onboarding and protecting them, we are providing around a week to 10 days for them to experience the service. Following that, there is an expectation to conclude the contract. Now some enterprises, especially the large ones, the processes are longer in some government entities, the requirements for RFPs. But definitely, the fact that, A, they onboarded our network; B, the service was proven in real-time, in production is a major benefit. So we are seeing anywhere between several days of turnover time or conversion time to several months. And it's a very delicate matter. If we're seeing that it's not progressing and budget is not there. Do you take them off the service? Do you give another great experience? How do you manage that? But overall, customers that are coming in to attack are converting with very high probability, especially that we are very, very good in what we do, and we're really saving them. So I think the latest activity that was predominantly started mid-February and accelerated in terms of cyber-attacks in March and more so in April is definitely generating, I would say, a pipeline with high probability to close, which I think it's a good outcome for us, obviously.

Got it. Thanks. That’s really helpful. And just following on your comments around the reorganization in the U.S. and getting to the point where you feel execution is optimal. Looking at the other regions, do you see that execution there is also optimal or might there be a need for reorganization in the other geographical areas as well?

We're not looking to have further sales reorganization in the field. We are focused also through, for example, the compensation plan and other corporate initiatives, the alignment with the OEMs, the midsized enterprise, we are looking to improve our go-to-market. But it's not going -- at least it's not on our plans currently to do any restructuring of sales reorganization.

Got it. Thanks. That’s all for me.

Thank you.

We will take a follow-up question from Alex Henderson with Needham. Your line is open.

Yeah. If I could go back to that service provider question for a second. So are you, in fact, delivering stuff to -- in the security space to the service providers or is that more your traditional business that's going over there? Can you talk a little bit about what you're selling and how you define those service provider categories?

Yeah. So I think the three buckets there. So first, we're selling the application delivery controller to the carriers, predominantly to their IT and network services organization to load balance and do traffic management for key applications. So that's the first bucket. The second bucket we sell our high end mitigation devices, secure the DDoS mitigation devices when they are generally using them on their network to clean DDoS attacks. Those are generally large projects, large CapEx. The third is, we are delivering our mitigation devices and our web application firewalls to their MSSP businesses to those carriers that are engaged in an MSSP business, although there obviously, it depends about the traction with their customers. If they grow, if they scale it, they will probably purchase more. If not, they would not need more capacity and more solutions. So those are the three buckets that we are engaged with the terriers. I would say that the major I would say, headwind, is on the first two buckets, the ADC and the large security mitigators. Those are the large CapEx equipment purchased by the carriers.

Could you give us any sense of what the scaling of these three are? Are these similar sizes or is the ADC business actually the largest piece? How do we think about this scaling?

I think actually, the DDoS mitigation is the largest piece of the network. Also there, I believe they cannot hold those purchases for long because attacks are growing, and the asset that they need is growing. And we do see increases in the pipeline in this segment. We just didn't see a lot of purchases that were actually done in the first quarter. But I don't believe they can carry on with this approach for long because it's against the dynamics we see in the market, more capacity, and more attacks.

I see. Okay. I get the gist of it. Going back to the pipeline comments you made earlier. It sounds like you felt the pipeline was improving, at least in the Cisco piece and somewhat in the U.S. piece. Could you comment on the company-wide pipeline has? Is the linearity during the quarter an issue, i.e., the late March time frame with all the financial debacle cause a perturbation in the closure rates but your pipelines are healthy. What's the flavoring there?

The pipeline is improving. So we feel better about that. I think also the velocity of the pipeline, especially those that I've mentioned that are triggered by attacks, those deals generally are accelerating faster to close. So all in all, I think the quality of the pipeline and the velocity is better. As you pointed out, both America, Cisco, those are key areas. Cloud, obviously, is a key area and so on.

Okay. And so again, was there any impact because of the banking issues that happened in March? Did that perturbate the linearity or cause anything to slide out of the quarter that would have stopped what closed normally. Any thoughts on…

I don't know. I don't know, how to say. I don't think so, though.

None of our -- or let's say, none of the banks that were impacted for actually our customers. So nothing direct, that being said. There is some kind of uncertainty in that segment. Therefore, we see the longer sales cycle.

Okay. A lot of companies doing risks. Any thought about maybe doing something more aggressive on the cost side to mitigate some of the pressure on margins? Thanks.

At this point, we don't plan one. We think we are positioned well. We think we can -- with cloud security and the subscriptions growing, we think we need to keep the investment as we have. We want to continue to create a competitive advantage on the product side to provide good service to customers. As we said, we think this halt is temporary. We think the attacks are creating a real need, and we want to be there for the customers. So we are mindful of the expenses, but we believe profitability would grow as we will grow the business and scale back our results -- scale up again our results.

Great. Thank you so much.

And there are no further questions at this time. I will now turn the call back to Mr. Roy Zisapel for closing remarks.

Thank you very much for joining us today, and have a great day.

Ladies and gentlemen, this concludes today's conference call and we thank you for your participation. You may now disconnect.