Radware Ltd. (RDWR) Q2 2024 Earnings Report, Transcript and Summary

Hello, and welcome to the Radware Conference Call discussing Second Quarter 2024 Results. Thank you all for holding. You will have the opportunity to ask questions to our speakers later on in the Q&A session. [Operator Instructions] As a reminder, this conference is being recorded July 31, 2024. I would now like to turn this call over to Yisca Erez, Director, Investor Relations at Radware. Please go ahead.

Thank you, operator. Good morning, everyone, and welcome to Radware’s second quarter 2024 earnings conference call. Joining me today are Roy Zisapel, President and Chief Executive Officer; and Guy Avidan, Chief Financial Officer. A copy of today’s press release and financial statements, as well as the investor kit for the second quarter are available in the Investor Relations section of our website. During today’s call, we may make projections or other forward-looking statements regarding future events or the future financial performance of the company. These forward-looking statements are subject to various risks and uncertainties, and actual results could differ materially from Radware’s current forecast and estimate. Factors that could cause or contribute to such differences include, but are not limited to, impact from changing or severe global economic conditions, the COVID-19 pandemic, general business conditions and our ability to address changes in our industry, changes in demand for products, the timing in the amount of orders and other risks detailed from time to time in Radware’s filing. We refer you to the documents the company files and furnishes from time to time with the SEC, specifically, the company’s last Annual Report on Form 20-F as filed on March 18, 2024. We undertake no commitment to revise or update any forward-looking statements in order to reflect events or circumstances after the date of such statement is made. I will now turn the call to Roy Zisapel.

Thank you, Yisca, and thank you all for joining us today. We ended the second quarter of 2024 with revenues of $67 million and non-GAAP earnings per share of $0.20, all succeeding the high end of our guidance. These results were driven by our cloud security business with cloud ARR growing 19% year-over-year. Strong acceptance of our DefensePro X DDoS protection and continued OpEx cost control also contributed to our performance. We generated $23 million of cash flow from operations in the second quarter and $44 million in the first half of 2024. During the first six months of this year, cyber attacks continue to rise in number, scale, and complexity. Network layer DDoS attacks per customer increased double digits, and web DDoS attacks in particular continued to climb quadrupling over the second half of 2023. This surge was influenced by geopolitical conflicts and international events like the EU Parliament elections, Euro 2024, and the Paris Olympic Games. With more attackers using generative AI and AI-enabled attack tools to accelerate time-to-attack and attack progression, organizations worldwide face significantly greater risks to the business operations. To address these challenges, customers need AI-powered protection, in other words, to fight AI with AI. With that, we are proud to introduce our new Radware EPIC-AI which powers our security solutions and infuses AI-powered intelligence and capabilities to all layers of our platform. Leveraging state-of-the-art AI and generative AI algorithms, EPIC-AI is designed to significantly improve attack detection and mitigation capabilities, and reducing time to resolution. EPIC-AI introduces new AI algorithms such as cross-module attack correlation both behavioral algorithms and automated false-positive autocorrection. It also includes a new API business logic protection algorithm. Unlike competitive solutions that rely on past attacks’ log analysis for detection and remediation recommendations, our AI-powered API protection works automatically, continuously and in real-time to identify bad actors and block their attacks. For our customers, this translates into optimized protection and significantly faster time to resolve. We are pleased to announce that analysts recognize the strength of our AI capabilities. In May, GigaOm evaluated the AI protection capabilities of 13 security providers in our space in the 2024 Radar for Application and API Security Report. In the report, GigaOm stated Radware is the only vendor in this analysis to earn a top score on the AI-enhanced vulnerability detection criterion. Radware includes everything that we currently look for in the future. In addition, Gartner’s 2024 Peer Insights Voice of the Customer Report for Cloud Web Application and API Protection named us a strong performer, noting that 99% of customers are willing to recommend Radware. To continue to meet our customers’ evolving security and infrastructure needs, we accelerated our pace of innovation. During the second quarter, we added numerous new capabilities to our cloud security platform. We expanded our cloud platform with DNS-as-a-Service capability and with our NoKey solution for privacy protection, storage and management. We also introduced a new compliance solution to help organizations easily navigate and streamline the process of meeting PCI DSS 4.0 requirements. This new pillar for our cloud application protection service offers customers dedicated controls, extensive visibility and easy-to-access reports. The PCI DSS regulation went into effect on March 31, 2024, and will become mandatory starting March 31, 2025. To support our growing cloud customer base, we launched a new cloud security service center in Paris. The facility will help customers’ increased resiliency and comply with local data privacy requirements. The launch extends our DDoS and web application attack mitigation capacity to 15 terabyte across more than 50 cloud security service centers worldwide. We plan to open three to four additional centers by the end of 2024. We believe that EPIC-AI and the additional modules in our cloud security platform increased the business value our customers extract from our solutions. Going forward, we expect these benefits will generate more traction for our offerings, increase our ARR and enhance platform stickiness. In our on-prem security business, we also see encouraging momentum. DefensePro X with its superior DNS and web DDoS mitigation capabilities is gaining strong market traction. For example, we closed a multimillion-dollar deal with one of the largest stock exchanges in Europe. The customer recognized the need to protect the network and applications from both volumetric and web DDoS attacks. The combination of our new AI-powered DNS protection with DefensePro X performance convinced them of the necessity to upgrade their current infrastructure. Our ability to mitigate the sophisticated Layer 7 DDoS attacks without the need to hand over certificates was another key motivating factor in their purchasing decision. DefensePro X also earned us new logos and a good example is the European insurance institution. The customer was interested in enhancing protection for their services and infrastructure, and DefensePro X provided crucial protection that the incumbent could not offer. This deal was part of a broader Cisco project. In summary, although customer spending patterns have not yet returned to previous levels, we delivered solid results for the second quarter. We are excited about the momentum in our on-prem security business as well as the advancements in our cloud security strategy, particularly with the launch of our new EPIC-AI. Looking out into the second half of 2024, we remain focused on accelerating our cloud business and believe we are well positioned for future growth and increased profitability. With that, I will turn the call over to Guy.

Thank you, Roy, and good day, everyone. I’m pleased to provide the analysis of our financial results and this performance for the second quarter of 2024 as well as our outlook for the third quarter of 2024. Before beginning the financial overview, I’d like to remind you that unless otherwise indicated, all financial results are non-GAAP. A full reconciliation of our results on a GAAP and non-GAAP basis is available in the earnings press release issued earlier today and on the Investors section of our website. Revenue for the second quarter of 2024 was $67.3 million compared to $65.6 million in the same period of last year. This growth was mainly driven by cloud security business expansion and DefensePro X success with our carriers and large enterprise customers. The cloud security business expansion is reflected in the 19% year-over-year increase in cloud ARR, which reached approximately $70 million and accounted for 32% of total ARR in the second quarter of 2024, up from 28% in the same period of 2023. Our total ARR reached approximately $217 million, representing 7% adjusted growth over the same period of last year. Over the past few quarters, we witnessed signs of recovery in customer spending, although it has not yet returned to previous levels. On a regional breakdown, revenue in the Americas in the second quarter of 2024 grew 12% year-over-year to $30.1 million and accounted for 45% of total revenue. On a 12-month trailing basis, America revenue decreased 10% year-over-year. EMEA revenue in the second quarter of 2024 was $22.8 million, representing 1% year-over-year increase and accounted for 34% of total revenue. On a 12-month trailing basis, EMEA revenue decreased 9% year-over-year. APAC revenue in the second quarter of 2024 was $14.4 million, which represented a decrease of 11% year-over-year and accounted for 21% of total revenue. On a 12-month trailing basis, APAC revenue increased 1% year-over-year. I’ll now discuss profits and expenses. Gross margin in Q2 2024 was 82.2%, approximately similar to 82.3% in the same period of 2023. Operating expenses decreased 6% year-over-year from $52 million to $49 million for the second consecutive quarter, at the lower end of our guidance. Operating income reached $6.3 million compared to $1.9 million in the same period of last year. We are selectively adding investments to accelerate cloud security growth in R&D to increase our technology moat, go-to-market and infrastructure. Yet, we remain dedicated to driving efficiency and EPS growth and diligently managing our expenses. Radware’s adjusted EBITDA for the second quarter has doubled to $8.3 million or $11 million excluding the Hawks business compared to $4.1 million or $6.8 million, excluding the Hawks business in the same period of last year. Financial income was $4.1 million in the second quarter. The tax rate for the second quarter in 2024 was 15.4% compared to 14.8% in the same period of last year. We expect the tax rate to remain approximately the same next quarter. Net income in the second quarter nearly doubled to $8.8 million as compared to $4.5 million in the same period last year. Diluted earnings per share for Q2 2024 doubled to $0.20 versus $0.10 we had in Q2 2023. Turning to the cash flow statement and the balance sheet. Cash flow from operation in Q2 2024 was $23 million compared to cash flow from operation of $4.9 million in the same period of last year. This brings cash flow from operation year-to-date to $44.2 million. The improvement in the cash flow from operation is mainly attributed to the increase in net income, along with strong billing performance in the second quarter of 2024. As of June 30, 2024, approximately $66 million remained in our share repurchase plan. We ended the second quarter with approximately $397 million in cash, cash equivalent, bank deposits and marketable securities. I’ll conclude my remarks with guidance. We expect total revenue for the third quarter of 2024 to be in the range of $67.5 million to $69 million. We expect Q3 2024 non-GAAP operating expenses to be between $49.5 million to $50.5 million. We expect Q3 2024 non-GAAP diluted net earnings per share to be between $0.19 and $0.21. I’ll now turn the call over to the operator for questions. Operator, please.

We are now opening the floor for question-and-answer session. [Operator Instructions] Our first question comes from Alex Henderson from Needham. Your line is now open.

Great, thanks. And let me just express my hope that everybody is safe and healthy at Radware and your families. I wanted to just hit the first question around the signs of recovery that you indicated. Can you dive into a little bit more what signs you’re seeing? Is it improved closure rates? Is it larger deal sizes? Is it stronger pipeline? What are those signs of recovery that you mentioned?

Thanks a lot, Alex. So I would distinguish between the types of offerings we have. At the cloud security platform, we’ve seen all along strong momentum, strong growth and it’s evident also this quarter. Where we saw weakness in the past, and it’s still not back to normal, as we’ve noted, is mainly on the large CapEx deals, the on-prem ones. We’re starting to see what we think is a bit of acceleration in the momentum of those deals. Obviously, some closures. I talked on some of them, especially on the DefensePro X, we are seeing, given the heightened security challenges as well as this new platform and refresh cycle, we are starting to see faster closure rates, very strong pipeline, much more activity. We still need to monitor how quickly we translate that to revenues. But definitely, we see a pickup also on the on-prem side of our business.

If you could address the partnership revenue streams and specifically, what you’re seeing in terms of visibility there, that would be very helpful. Thanks.

Yes. Our OEM partners continued, if I look at them together, to execute well for the quarter. It’s still in the very high level of our performance. We see strong opportunities and actually better partnership with both. So I think also here, we’re seeing them, for example, adding more of our cloud security solutions to their customer base. We’re seeing them adopting our new DefensePro X, et cetera. So they are aligned with all the innovation and new capabilities we’re bringing, they’re exposing all of that in their price list, spot numbers, sales training, webinars and so on. So definitely, I think that’s at least for now in a record level and we believe there’s obviously much more potential. The potential with those two partners is immense for us, and we’re starting to get more traction.

Great, I’ll see the floor. Thanks.

Our next question comes from Chris Reimer from Barclays. Your line is now open.

Hi. Congratulations on the strong results and thanks for taking my questions.. First off, I wanted to ask about operating expenses. Considering the last few quarters, we’ve seen some nice decreases in the strict cost management you’ve been talking about, how should we be looking at that playing out towards the rest of the year? And might we see continued declines or is this going to level off at some point?

So we already mentioned it. We are not really planning to continue the decline. On the contrary, we may see some increase and we’re seeing a lot of opportunities in go-to-market. We think we have a great opportunity to open the gap from competition regarding the mentioned EPIC-AI, generative AI product and the like. So OpEx will probably continue to grow slightly.

Got it. Got it. And the growth in the Americas on this quarter, can you give any color around that, what kind of – what was that growth stemming from? Was that new customers? Was that specific closures that you managed on the quarter, just in terms of how that has built that growth there?

Yes. So first, we had nice growth this quarter in revenues, and it’s always nice to speak about growth, but I want to remind everyone that the way we look on a territory or a region is more on a 12-month period. We think it’s normalizes for some, I would say, ups and downs we might have because of CapEx projects, et cetera. So on a 12 months, it’s clearly we still have work to do on the Americas. In general, we saw very good business from actually existing customers there with long commits to our solutions. And we do see Americas as a significant place. We can improve our results. So we believe there’s a significant upside in the Americas. Some of the investments that Guy alluded to are obviously focused on that region. As we mentioned, it’s going to be a first growth in revenues and then expenses. But definitely, we see Americas as a place we can accelerate growth in.

Got it. Thank you. That’s it for me.

Thank you.

Our next question comes from George Notter from Jefferies. Your line is now open.

Hey, thanks a lot, guys. I wanted to ask some questions about the DefensePro X refresh cycle. I think it really started in earnest, I think, earlier this year. But I’m curious about what kind of traction you guys are getting. Any metrics you can give us on pacing of the rollout, maybe the mixture of DefensePro X relative to historical DefensePro appliances? Any more sense you can give us on the progress there would be interesting. Thanks.

Yes. So I think you’re right, the real contribution started a bit in Q1 and now more in Q2. The main indicators we see are very strong growth in pipeline and strong engagement also with our very large customers. The reason for that is on several aspects. First, like every appliance refresh cycle, customers would need to move over the next two, three years from announcement that took place a year ago. So obviously, as time comes, more and more customers are pushed there. But that some, I would say, is the smaller part of the story. The bigger part is that in DefensePro X, we have a battery of new algorithms. I mentioned the DNS, I mentioned the web TLS, that are very critical to block existing attacks waves that we’re seeing now. Obviously, when we’ve developed all these algorithms, we were looking forward to what hackers might be able to do or where the market is going. And what we are seeing now, we are seeing waves of such attacks that DefensePro X is unique in its capabilities to block, for example, web layer DDoS attacks without the need to open the encrypted traffic. That’s a significant advancement that we have or all the complicated DNS attacks. So many of our large customers are starting to see or experience these attacks on their infrastructure and there’s obviously a clear need to protect. DefensePro X is the best answer for that. So the attack landscape and our ability to do that is a very strong contributor. And the third one is that in DefensePro X, we have our new own designed FPGAs that are providing 3 to 4x performance improvements across many parameters. It’s not only packet per second – sessions, [indiscernible] traffic, ability to challenge attackers. It’s basically wire speed on 800 gig in any platform that we use the FPGA for. So that capacity increases, matches what our customer experience in their networks that are scaling in session transactions. So significantly better performance, and as a result, price performance, very strong capabilities in attack protection that are critical to those large customers and refresh cycle. We think that all of that together is coming together this year. Maybe last year, we’ve seen less of that attacks, this year with more attacks, more time on the time line, bigger capacities that are needed, a bit maybe better budget environment. All of that is really driving what we see as a strong opportunity for us.

Got it. And then what’s the mix of DefensePro X in terms of your appliance shipments this quarter relative to the historical products?

We’re not really disclosing this metric.

Okay. Fair enough. And then the other one I had was just on the EPIC-AI capability. Can you just remind me how you guys are monetizing that? Is that now in your cloud scrubbing services? Is that now embedded in DefensePro X? I’d love to hear more about the monetization there and how you’re going to market with it.

Okay. So this framework of AI capabilities is going to span all our solutions, the on-prem and the cloud, the initial instances of that is taking place in the cloud security modules for API, both WAF and DDoS as well as in the DefensePro X application protection. Additional modules like the cross-correlation AI and the AI SOC agents, the predictive SOC will be across all our solutions, and you’re going to see announcements in the coming years. So we see that is impacting all our solutions. Obviously, initially, will benefit that in DPX and cloud. But going forward, it’s going to be a significant improvement to all our security benefit as an add-on layer for all our existing revenues.

Got it. Are you guys charging for that on an a la carte basis or is that rolled into the existing API bot, DDoS software capabilities?

Yes. It depends on the capability. So first, it only appears in our highest bundle. So it drives bundle adoption to what we call complete to start with. Second, the predictive SOC, the AI SOC is going to be charged separately as well. So it’s both on moving customers to the higher end of the packages plus add-on modules for everything that is across multi-module or cross-correlation or management or AI SOC and so on.

Great. Okay. Thank you very much. Appreciate it.

Thank you.

Our next question comes from Alex Henderson from Needham. Your line is now open.

Great. I was hoping you could talk a little bit about the expansion of your cloud data center CapEx plans and where we are in terms of that rollout and how much further you think you need to go? What’s the cash use or CapEx expenditures look like?

So we mentioned earlier that we expect to increase number of locations between 3 to 4 throughout the year. CapEx will grow a little bit more than it was this quarter, which was close to $1 million. So we think it’s going to be closer to $2 million for quarter. That’s going to be the impact. Based on demand, based on new locations, this number can grow in 2025.

And as you’re looking at the coverage, how much – where are you relative to the coverage that you think you need given your current scale? Is this a three, four, five-year process to continue to build out geographies?

I think overall, for the global market, we are well covered. What we are doing now, we’re adding in, I would say, specific countries, additional capabilities based on partnership or local regulation. So I think the scale of the platform is 15 terabyte, I think it’s doing very well. As we’ve mentioned, we’re 50 locations worldwide. So let’s assume we’re covering already all the G20 countries pretty well. But we do see opportunities, especially with partnership or remote countries, et cetera, to extend the cloud business through those local pops, and then we do that. As Guy mentioned, I think our ROI overall on those pops as we scale the customers is very, very good. So it’s a very good business decision. But we do that obviously with partners and when we have that business, the global network, I think it builds well.

If I look at the cloud growth, it actually decelerated a couple of percentage points. Can you talk a little bit about why that’s the case? And do you expect it to reaccelerate?

Yes. I think we definitely wanted to reaccelerate. And as you see, we’re investing both in locations that you alluded to, but also in capabilities and modules. I’ve mentioned the DNS-as-a-Service, I mentioned NoKey, I mentioned the PCI DSS compliance as well as strengthening the platform. And so obviously, we have programs in the company. I think we can accelerate it. We’re investing more in that. It’s a strong growth opportunity. We want to go back first to where we were in, and let’s see how we end the year. But that’s definitely where we are heading.

So should we think about it as a 20% to 25% type growth business longer-term?

That’s how we think about it, and we need to get back there.

Okay. Thanks.

Thank you. We are now concluding our question-and-answer session. I’d now like to hand back over to Roy Zisapel, for final remarks.

Thank you, everyone, and have a great day.

Thank you for attending today’s call. You may now disconnect. Have a wonderful day.