Welcome to Rapid7's Q3 2017 Earnings Conference Call. [Operator Instructions] As a reminder, this conference is being recorded, Tuesday, November 7, 2017. I would now like to turn the conference over to Jeff Bray, Vice President of Investor Relations of Rapid7. Please go ahead, sir.

Thank you, Operator and good afternoon, everyone. We appreciate you joining us to discuss Rapid7's Q3 2017 Financial and Operating Results in addition to our financial outlook for the fourth quarter and full fiscal year 2017. I'm Jeff Bray, VP of Investor Relations, and I'm here today with Corey Thomas, our President and CEO; and Jeff Kalowski, our CFO. We distributed our Q3 2017 earnings press release over the wire and is now posted on our website at investors.rapid7.com. We have also posted our updated company presentation and financial metrics file on our Investor Relations website. This call is being webcast and can be accessed at investors.rapid7.com. The webcast of this call will be archived, and a telephone replay will be available on our website until November 11, 2017. We would like to bring the following to your attention. The date of this call is November 7, 2017. Our discussion today contains forward-looking statements about events and circumstances that have not yet occurred, including, without limitations, statements regarding our objectives for future operations and future financial and business performance. These forward-looking statements are based on our current expectations and beliefs, and on information currently available to us. Statements containing words such anticipate, believe, continue, estimate, expect, intend, may, will and other similar statements are intended to identify such forward-looking statements. Actual outcomes and results may differ materially from the expectations contained in these statements due to a number of risks and uncertainties including those contained in the risk factors sections of our most recently quarterly report on Form 10-Q filed with the Securities and Exchange Commission and subsequent reports that we file with the Securities and Exchange Commission. The information provided on this conference call should be considered in light of such risks. Actual results and the timing of certain…

Thanks Jeff, and good afternoon, everyone. Thank you all for joining us today on our third quarter 2017 earnings call. We had another strong quarter and we continue to see broad-based demand and are executing well against our plan, resulting in strong financial performance. We delivered revenue growth of 25%. We continue to grow our recurring revenue by over 30% and we grew our billings by 31%, with strength across products and go-to-market teams. We are on track to improve our annual operating margin and to generate positive cash flow from operations for the year and in line with last year. And as we see our business mix shifting towards subscription, a growing percentage of our billings are for recurring revenue. And as a result, our ARR grew by over 30% this quarter. Our Threat Exposure Management, or TEM, business has grown consistently throughout the year and we are clearly still gaining share in the vulnerability management market. Our Incident Detection and Response, or IDR, business continue to grow comfortably by over 100%. And in 3Q, IDR contributed over 20% of our billings. Our strong performance has been driven by a differentiated set of products that leverage the power of the Rapid7 Insight platform. 5 years ago we made a bet that data consolidation, advanced analytics and UBA will be critical to effectively respond to modern cyber attacks. We committed to move our data and analytics architecture into the cloud to provide customers cost-effective access to speed and power not available in an on-premise solution. In 2015, we launched the Rapid7 Insight platform. In 2016 we launched our SIEM, InsightIDR. With our product launches earlier this year, Rapid7 is the first to offer vulnerability management, Web Application Security Testing, IT log-in analytics and a UBA-powered SIEM, all operating on a…

Thanks, Corey. We're pleased with our strong performance in the third quarter. Total Q3 revenue was $50.5 million, an increase of 25% year-over-year and above the high-end of our guidance. Product revenue was $29.6 million, increasing 28% year-over-year, driven by strength in both TEM and IDR with expanding recurring revenue. Maintenance and support revenue was $11.7 million, increasing 20%, and our professional services revenue was $9.2 million, an increase of 23% year-over-year. We continue to have a very high visibility into our revenue forecast with 86% of Q3's revenue having been on the balance sheet as of the first day of the quarter. We have made adjustments to the calculation of the contribution of deferred revenue to each quarter's revenue, and we updated the historical data on our website. And over the last 4 quarters, the average difference was small, approximately 200 basis points. This adjustment had no impact on recorded revenues. 70.5% of our revenue was subscription-based recurring revenue, versus 67.7% in Q3 of last year and our recurring revenue grew 30% year-over-year. In Q3 2017, 81% of our product revenue was recurring, up from 76% last year. Our ARR increased by over 30% year-over-year. We define ARR as the annualized value of all recurring revenue related contracts in place at the end of the quarter. Total deferred revenue grew 26% year-over-year to $188.6 million at the end of Q3. Calculated billings for the third quarter were $58.7 million, or up 31% year-over-year, with broad-based strength highlighted by another strong quarter from IDR and ongoing strength in the TEM market. Average contract lengths were 23 months for total billings, which compares to 21 months in Q3 of last year. In Q3, we're pleased to see the customers for InsightVM as well as our other SaaS offerings committed to more…

Thanks Jeff. This quarter, we continue to see broad-based demand and are executing well against our plan. We believe our results validate that Rapid7 has the right strategy across our markets. Our approach of providing multiple, high-impact analytics solutions based on the Rapid7 Insight platform is resonating with customers and driving consolidation of some spending with Rapid7, as lean IT and security teams strive to leverage their security resources and improve their effectiveness. We continue to evolve our product set. Our recurring revenue is showing strong growth. We also look forward to seeing you at our First Investor and Analyst Day on December 12. With that, I will turn the call over to the operator for Q&A.

[Operator Instructions] And we have a question from the line of Gregg Moskowitz with Cowen and Company.

Corey, you've mentioned that InsightVM is now the majority of your total VM pipeline. And I know it's still early innings, but I'm wondering if you're seeing any change in the sales cycles or in the pipeline conversions of InsightVM as compared with Nexpose?

Thanks Gregg. And before I jump into the answer, I just want to apologize for the delay. Our newswire service had technical difficulties, resulting in the delay of our press release. And we delayed the start of the call to make sure that everyone had the opportunity to read and review the release. To answer your question, is that we're seeing very, very good traction on the InsightVM pipe build and in our opportunities. It's too early now to actually know if there's going to be a change in either the deal sizes that result from that. Or what I would say is that we're quite comfortable and we're encouraged by the volume of pipeline build that we're seeing, both in aggregate and also on a program basis.

And then one thing that we've been hearing more often from customers is that the amount of coverage of their environment from a VM scanning standpoint is growing significantly. Can you expand a bit on what you're seeing in that regard? And also, how does cloud impact this?

Yes. It's a great question. We are seeing expansion in both in terms of more coverage for new customers, so that's resulted in higher ASPs for net new customers that come in, as well as existing customers expanding their coverage of their environment, frankly, with all of our products but that includes InsightVM.

And then one last one, if I could. One of your competitors recently stated that GDPR was helping them in Europe. Do you think this has translated into more business for Rapid7 as well? Or is it a bit too soon?

I think it's too soon. We expect this to have major positive impact to the business over time. What we see is that our business today is driven by core set of fundamentals. And we expect that GDPR to be accretive to the business in the coming years.

Our next question is from the line of Rob Owens with KeyBanc.

Corey, you mentioned some of the enterprise success that you are seeing this quarter. Maybe you can drill down a little bit more in terms of these larger deals that you're seeing, your ability to execute on them and move them through the pipeline to fruition?

Yes. I mean, we're seeing 2 things. As you know, in 2016, we identified that we needed to work on our process and pipeline management, and we're reaping the benefits of that today. And so what we're seeing is that: one, we actually have much better understanding and clarity into our overall pipeline including our enterprise pipeline; two, we're seeing better productivity out of our enterprise sales reps, and that's resulted at us starting to see larger deals and larger ASPs. I think one of the things that's actually helping us significantly is our platform leverage. While there's a set of competitive deals that we see in every segment as we actually acquire more customers that are leveraging our platform, we're starting to see the early stages of increased usage of customers taking a first look at us. And in some cases, only a look at us because they're using other of our products and technologies.

And I guess along those lines, pretty strong customer addition. Can you say kind of where the -- I understand the platform play and the multiple products look good, but where's the beachhead with new customer acquisition? Is it around SIEM? Is it around VM? Kind of where are you coming in competitively displacing and expanding from there?

Yes. So we are seeing across the -- so we're seeing it in both -- from a product side of both the SIEM and the VM side of the equation. In the mid-market, we're seeing lots of companies that were not doing anything, they're using consulting services. Ad-hoc consulting services actually deploy programs, which is adding net new customers to the overall market. We still see in the enterprise companies that were having a very compliant-centric program for vulnerability management, look to actually deploy an operational and strategic vulnerability management program, and we feel that we are really winning and gaining substantial share there. As for who we actually see it from, I would say it's both the - I would say the legacy players that have installed the equity over time, as well as some of the current entrenched players. The SIEM opportunity has been just much better than we could have ever hoped for. We are definitely seeing a refresh cycle in SIEM and that's contributing not just to good cross-selling opportunity, but SIEMs are also landing a healthy amount of new beachheads for us and we're very encouraged by that.

Our next question is from the line of Michael Turits with Raymond James.

Solid quarter all around. So two questions for Corey, and then we'll move to Jeff. So Corey, strong quarter, some of the network security guys did not have as good a quarter as this time around. Do you sense if there's any shifting demand away from network security and toward some of the things that you're doing? And is there any positive impact, you think, from Ransomware and [indiscernible] this summer?

I would say I'll speak to ours - and I think you are familiar with the refreshed cycle and everything around the network, but what I was saying is that we actually have a couple of what I think is doable, positive things going on in our business. The first is the SIEM refreshed cycle that I just talked about, which is creating a substantial amount of opportunity for us, and I think we're actually taking advantage of that opportunity fully. The second thing that I would say is that IT environments have gotten very, very complex and customers are prioritizing visibility, analytics of their complex IT environments and they're trying to figure out how they actually manage those complex environment with few resources. And because of that, I do think they're investing in feasibility solutions, in general, whether that's log, whether that's SIEM, whether it's vulnerability management, whether that's asset solutions. They are interested in how they can actually leverage their limited resources to really manage their environment better, and that's definitely a positive for us.

And then for Jeff, I understand the impacts of the shift to subscription on cash flow this year. As we get closer to '18 here, can you talk about what some of the puts and takes on cash flow will be as we go into '18 and whether it's not -- it would be reasonable to start to see that impact start to moderate a bit?

Yes. So for this year, it's still sort of a bit of a mixed model in that we do have the perpetual deals and the SaaS deals. I would say that as we go into the next year, it's very difficult to predict the contract lengths. We were surprised in Q3 that the contract lengths came in as high as they were. We were pleased to see that our SaaS customers committed to more multiyear deals. But the way to look at it is the recurring revenue was going to grow faster than the revenue and the revenue is going to grow faster than the billings next year, so we think it will be better than next year. But at this point, it's difficult to predict the number and maybe we'll give you some insight on Analyst Day.

Our next question is from line of Saket Kalia with Barclays.

First maybe for you, Jeff Kalowski, just off that last comment. So again, nice upside in billings. Now you mentioned more customers for InsightVM are committing to multiyear contracts than maybe you expected. Can you talk about the duration for some of the other SaaS products and whether you're seeing a similar trend? Just as, to your point, we start to think about average duration in future years.

Yes. Saket, there was really not much of a difference. We were pleasantly surprised by both InsightVM and the IDR product line. They both committed to longer contract lengths than we had forecast. So right now, and looking at going forward, based on what we saw in Q3, we don't foresee much of a decline in Q4 based on one full quarters of experience of InsightVM and of course the good bookings in InsightIDR.

And maybe that's a good segue, it's my follow-up for you, Corey. Today, you give some helpful stats on IDR just in terms of other products that these customers use. But can you maybe talk a little about how the mix looks qualitatively in terms of enterprise customers versus mid-market? And maybe just as correlator to that, correct me if I'm wrong, I think we're a little bit more than a year of that product in the market. So can you also talk about expire and renewal rates for IDR specifically?

So on the -- when you think about the customer segments, we are seeing traction across both the mid-market and the enterprise segment of IDR. I would say what we see in the mid-market is we see lots of net new customer adoption of people that really did not have any type of meaningful programs before. In the enterprise segment, this is where we're seeing the benefits of that refresh cycle, and I think we're doing a very effective job of targeting that resource-constrained buyer in the enterprise segment who had previously purchased and spent a lot of money on the SIEM, but they never really got to work or got full value out of it. And so we're seeing traction across both of those different segments. As for the renewal rates, you're absolutely right, we're sort of like crossing that earmark. It's too early to tell, but I would say is that we're very pleasantly surprised with the overall renewal rates that we're seeing in the IDR business. It's just not enough at-bats to actually to have a statistical model.

Our next question is from the line of Matt Hedberg with RBC Capital Markets.

This is actually Matt Swanson, on for Matt. Corey, you mentioned IT and security teams trying to leverage their scarce resources. This is something I feel like we've seen a lot in the news about the lack of cybersecurity talent. In customer conversations, do you guys sense on how this problem is trending? It seems like it could be a long-term tailwind for your products. And then kind of along the lines of Komand, how is this affecting the way you look at the product road map?

Yes. It's a great question. I think it is a very positive long-term tailwind for us. One of our central observations is that IT is going to get more complex. And the amount of complexity and the volume of IT technology, the current resources just wouldn't be able to keep up with that, and we're seeing that continue to get worse every year. We centered our value proposition, really, on 3 simple premises. One, you actually can't manage complexity if you don't see it and understand it and know what it is. So visibility is number one. The second is everyone talks about generic analytics. Part of the reason that we're winning so much is we focus on what we look at as productivity-centric analytics. That's really how do we actually put analysts in the products that actually help IT and security teams make decisions faster but more importantly, how do we actually help them have the maximum impact with their limited time? And that's resonating very well, both at the high level and with the ground troops in IT and security organizations. The last one is how do we actually help them get the work done? And we saw very positive response to the remediation analytics that we were doing, and some of the early work we did around orchestration and automation. And that was one of the reasons that we acquired Komand is because part of what we're doing, now that we have the visibility, now that we understand the work that actually drops the highest impact in the environment, our orchestration and automation solution allow us to actually automate lots of those manual IT processes, again, driving higher productivity in the environment. We see this as one of the reasons that we can actually grow, not just in the enterprise but also in the mid-market, and gives us lots of legs from a positive tailwind.

And if I can ask one more. You guys have had a very solid year, given that there was still some questions in the enterprise space. It sounds like it's doing better. How much of an impact in 2018 can we expect from better execution for a year from the enterprise sales team?

Yes. We expect -- it's definitely doing better. We recognized it in 2016. Some of the improvements we've put in, we've seen the benefits of this year. And we expect it to be even better as we go forward in the next year. We are sort of like taking our time and really building up the team in a very disciplined way, and we still have some improvement work to do. But we're clearly seeing the benefits, and that's the track that we plan to continue on.

And we have a question from the line of Jonathan Ho with William Blair & Company.

I just wanted to build on the question around Komand. Just given the comments around productivity enhancements, do you feel Komand is a relatively easy add-on sale? Or how should we think about the time for this product to ramp?

Yes. We view Komand as strategic, and it provides sort of 2 levels of value. One, it actually helps differentiate our existing solutions because we are able to offer it to the customer, not just the visibility, not just the productivity-centric analytics, we're also able to actually include aspects of Komand into both our VM and IDR solutions that actually make those teams more productive by doing it with automation and orchestration work for them. So it differentiates our existing solutions. The second thing, it provides upside to our business and that it's an additional thing that we'll actually sell to help IT and securities teams drop automation and orchestration across their business. In some ways, you can think about this in the same way of the search acquisition Logentries that we actually did, where a core part of the search capability went into our Incident Detection and Response or SIEM offering, and allowed that solution to be differentiated, combining a UBA-powered SIEM with log analytics and great visibility. Likewise, we'll have the embedded part of it that will differentiate our existing offerings as well as the standalone offering. From what we've seen so far, and what I would tell you is that I always look at not just sort of what we think but -- or what we're hearing on the ground. We've got very, very positive reception from both our customers and our sales teams about the potential of Komand. Yes, it's something that we will be working on. It's early days here, but we're excited with the initial feedback that we received thus far.

And then just relative to the changes in sales management and sales process earlier in the year. What's been most effective in terms of driving the productivity increases that you guys have done?

I really think it's the -- our COO has just been disciplined around the process and consistency, which has allowed us to both do better pipeline management. But at the end of the day, if you think about what drives productivity, it's how well do we manage, how we spend our time at the organization, and I would say our teams are doing a better job of managing how they spend their time which is resulting in higher levels of productivity.

And we have a question from Robert Breza with Northland Capital Markets.

Building up that last question, Corey, can you update us on where the progress is with the worldwide head of North American sales?

Yes. Absolutely. We have made good progress in the search. We've seen a great set of candidates. We're down to a set that we find compelling. And what I would say is that we expect to have the candidate in place to impact next year.

And then, Jeff, as you think about the planning process, I know you've got high recurring revenue coming up in the balance sheet, et cetera. When you look at sales capacity within the comments you made, it didn't sound like -- maybe not you made or Corey made or somebody made, how do you feel about sales capacity from a ratio or headcount perspective as you enter into or start your planning process for next year?

I'll pick that one up a little bit because I do think this is part of what I talked about. What I would say is that we're in a good environment where we see sort of more demand than we are actively pursuing. And so we'll be expanding the sales team, but our goal is to expand it in a disciplined way that enables to continue to actually improve our profitability, not just this year but also next year and as we go forward. So a disciplined pursuit of the opportunity is the way that we think about it. That's especially prevalent if you think about the enterprise segment, where we're seeing, clearly, lots of demand, but we've been very thoughtful about how we expand and our expansion there. And again, the focus is on profitable growth there.

Yes. I would just add that we've stressed the amount of growing recurring revenues. So over time, you'll see that leverage as we gain more traction and more recurring revenue, making up a bigger component of our overall sales.

We have a question from the line of Melissa Gorham with Morgan Stanley.

I just want to drill down on InsightOps. I'm just wondering if you can frame the opportunity around that relative to, I guess, the other Insight piece of the platform? And to what extent is that solution geared towards displacing existing technology versus new use cases?

Yes. So InsightOps -- and I would say Logentries, too, they both represent our push into a new market for us, which is the IT log analytics market. And we're off to a good start there. While it's still a smaller part of our business, we're actually getting strong traction overall in that overall market and it's a contributor to our overall growth. Our viewpoint is that if we get in early with an organization, with our IT log analytics technologies that provides us as a good growth opportunity over time for all of our of different visibility solutions. And so we're seeing that benefit -- if you look at who the target customer is, we're seeing the target customer of both the IT log analytics -- I mean, the DevOps customer as well as the core IT customers that look at our performance and management in the environment.

And then I'm wondering if maybe Corey or Jeff, if could maybe just give an update on the progression of the channel? I know that's been one of the focuses for you all. I'm just wondering if the conversation has changed with the Insight platform, either more positively now that you have more results or perhaps differently now that it's more of a subscription versus a license?

We're definitely seeing much stronger demand from the channel, which I would say is a big shift in the business over the last couple of years. Right now we have, frankly, more partners coming to us than we're ready to take in. And so we're looking at expanding -- and we have expanded both our channel program and we're looking to expand the number of partners that we have engaged as we go forward. I would say, this year, has been a critical year because one of the things that we wanted to do is we wanted to actually expand that program, but with our full platform in play. And a big part of that was actually getting everything on the platform and rolling it out. And so what I would expect is, over the next several years, to actually see increasing leverage from the channel and increased partnership in the channel.

And we have a question from Ryan Flanagan with Monness, Crespi, Hardt.

Just one quick one for me guys. When you're talking about federal, I know you mentioned that you're expecting that to improve relative to last year after some slippage. Does that come in where we thought or better or worse? Or what should we think about the materiality with that going forward?

Yes. It's come in -- the way we think about federal for the years, it's come in exactly where we expect it, probably slightly above where we expect it. It was not the primary driver of our performance this quarter. It was sort of fundamental and across-the-board this quarter. But federal has been much more positive than we expected this year. But again, we did taper our expectation at the start of the year.

And there are no further questions registered at this time.

Thank you, all, very much. And I look forward to seeing as many of you as possible for our upcoming Analyst Day discussion.

Ladies and gentlemen, that does conclude the call for today. We thank you for your participation. And I say, please, disconnect your lines.