Rapid7, Inc. (RPD) Q3 2020 Earnings Report, Transcript and Summary

Ladies and gentlemen, thank you for standing by and welcome to the Third Quarter 2020 Rapid7 Earnings Conference Call. At this time, all participants are in a listen-only mode. After the speaker presentation, there will be a question-and-answer session. [Operator Instructions] Please be advised, that today's conference is being recorded. [Operator Instructions] I would now like to hand the conference over to your speaker today, Sunil Shah, VP of Investor Relations. Please go ahead, sir.

Thank you, operator and good afternoon, everyone. We appreciate you joining us today to discuss Rapid7's third quarter 2020 financial and operating results in addition to our financial outlook for the fourth quarter and full fiscal year 2020. With me on the call today are Corey Thomas, our CEO; and Jeff Kalowski, our CFO. We've distributed our earnings press release over the wire and it is now posted on our website at investors.rapid7.com, along with the updated company presentation and financial metrics file. This call is being broadcast live by a webcast and following the call, an audio replay will be available at investors.rapid7.com until November 11, 2020. During this call, we may make statements related to our business that are forward-looking under Federal Securities laws. These statements are made pursuant to the Safe Harbor provisions of the Private Securities Litigation Reform Act Of 1995 and include statements related to the company's positioning or future goals and financial guidance for the fourth quarter and full year 2020. The assumptions underlying such goals and guidance, including the anticipated impact of COVID-19 on our financial guidance, business, financial condition, results of operations and renewals, and our assumptions on the pace of economic recovery in the global economy on our future results of operations and product strategy. These forward-looking statements are based on our current expectations and beliefs and on information currently available to us. Actual outcomes and results may differ materially from the expectations contained in these statements due to a number of risks and uncertainties including those contained in our most recent quarterly report on Form 10-Q and in the subsequent reports that we filed with the SEC. The information provided on this conference call should be considered in light of such risks. Actual results and the timing of certain events may differ materially from the results or timing predicted or implied by such forward-looking statements, and reported results should not be considered as an indication of future performance. Rapid7 does not assume any obligation to update the information presented on this conference call, except to the extent required by applicable law. Our commentary today will be primarily in non-GAAP terms and reconciliations between our historical GAAP and non-GAAP results and guidance can be found in today's earnings press release. At times in our prepared remarks or in response to your questions we may offer incremental metrics to provide greater insight into the dynamics of our business or our quarterly results. Please be advised that this is additional detail maybe one-time in nature, and we may or may not provide an update in the future on these metrics. With that, I'd like to turn the call over to our CEO, Corey Thomas. Corey?

Thank you, Sunil and good afternoon, everyone. We hope that you and your families are staying safe and healthy and appreciate you joining us today for our third quarter 2020 earnings call. We are pleased to report strong Q3 performance that exceeded growth and profit expectations, thanks to solid execution by our Rapid7 team. Security fundamentals continue to improve during the third quarters as customers modernize their security architectures for the cloud. We saw a strong demand for our Security Transformation Solutions, which again grew over 40%, coupled with healthy VM performance, Rapid7 delivered year-over-year ARR growth of approximately 29%. Current market trends in our results reinforce our expanding opportunity and bolster our confidence in raising full year 2020 ARR growth and cash flow targets, and investing for durable growth and margin expansion. I would like to start today with the perspective on what we're seeing in the market as we engage with our customers. I will then share a brief update on our product innovation before closing with our goals and turning it over to Jeff to cover our financials. Security teams faced unprecedented challenges, securing their organization today as COVID apprehends the traditional operating model for businesses. Remote engagement has been a catalyst for the company to transform the digital experience, accelerating their cloud strategies in the midst of an escalating threat landscape. As organizations lean into the cloud, they are engaging with Rapid7 to modernize and extend their security architectures in the cloud with our Insight Platform. What we are seeing today is companies focused on answering the question, how do we upgrade our core operations to be more digital? This effort drives a growing need to invest in the monitoring and securing a more distributed environment and new cloud-based applications. Our thesis for the Insight Platform was built on the view that organizations of all sizes will undergo digital transformation, driving the need to upgrade their stock with enhanced monitoring, automation and cloud security. We see this coming to fruition as more customers leverage our Security Transformation Solutions. In particular, we saw third quarter strength led by IDR, application security and cloud. Organizations are increasingly turning to best in suite approach to solve their security operations' challenges. A great example of this was our largest deal in the quarter a competitive enterprise win with a well-known consumer of this brand. This customer was struggling with a myriad of tools and service providers to manage their complex environment. They initially turned to Rapid7 for our best-in-class IDR technology. They quickly saw a differentiated value, an increased efficiency of leveraging integrated SIEM vulnerability and automation under one roof. This customer chose a unified Insight Platform experience over a piecemeal set of alternatives. We remain focus on investing behind this platform to deliver industry-leading customer experiences in the cloud. This is evidenced by our ongoing integration of DivvyCloud. COVID has forced companies to reevaluate their cloud strategy, accelerating the need for cloud enablement security that bridges the gap between Dev and SecOps. We're seeing continued success with DivvyCloud, which once again show significant competitive wins in the quarter. I'll highlight two large deals that include one, new land and one cross-sell to an existing customer. Key differentiators in these deals included our product adaptability, multi-cloud visibility and integrated automation. We're excited about the growing cloud security capabilities DivvyCloud, we're bringing to our Insight Platform as we continue the integration process. While we remain early in our SecOps platform customer journey. Our investments in an integrated cloud native offering are bearing fruit. This is driving deeper customer engagement. A great proof point is our continued strong growth in ARR per customer, which grew 19% year-over-year to approximately $42,700. A holistic approach to security visibility, automation and cloud enablement is resonating with customers, who today must focus on delivering both greater efficiency and efficacy of their security program spend. This was the case for a six-figure competitive SIEM displacement deal in the quarter with an enterprise retail customer. This customer consolidated their SIEM, network traffic analysis and vulnerability management solutions on our Insight Platform and gained improved functionality. In addition to getting more reliable Texas through IDR, their consolidation had a huge value by enabling the customer security team to spend less time bouncing from tool to tool and more time focusing on real threats. This is another great example about Rapid7's platform breadth and our ability to roll out an integrated combination of VM, IDR, cloud, AppSec and automation is becoming more prevalent in discussions with our customers. It's important to note, however, that two best-in-suite deal requires industry-leading products that don't force customers to compromise product functionality or platform value. In addition to our lifting leadership status across vulnerability management, SIEM and application security. I am pleased to announce yet another industry recognition for our team. In August, Rapid7 was named a leader in The Forrester Wave for Midsize Managed Security Services Providers. This is a great acknowledgement of our ongoing effort to make our cloud native SecOps platform accessible to all. This recognition also serves as a critical validation point as we engage with our channel partner ecosystem and manage with partners to extend the reach of our Insight Platform. The ongoing recognition Rapid7's technology leadership is a function of our core strategy and commitment to disciplined investment to innovation. Let me take a moment to highlight some of our most recent product innovations. In October we announced the availability of our Cloud Identity and Access Management Governance module for DivvyCloud. We believe this will be a key differentiator for our cloud security offering going forward. As companies move towards zero trust and least-privilege access frameworks in a cloud world, reducing cloud identity risk becomes crucial. The traditional focus on user access is insufficient for managing identity risk in the cloud. Today's access is far more complicated, extended beyond users to include applications and resources in the cloud. This trial is an order of magnitude change in the complexity of determining effective access. With Cloud IAM governance, our customers gain deeper visibility into the cloud resources to assess, prioritize and remediate unattended access, no matter how many different cloud providers, users or resources they have in play. All the reception to Cloud IAM has been positive, with a handful of customers already having licenses, and more customers and prospects beginning to trial the module. We also recently announced the availability of our Enhanced Endpoint Telemetry and offer InsightIDR. As COVID dropped a massive increase in the remote workforce. The distributed nature of endpoints creates an ever-expanding threat vector. EET enables customers to bring endpoint activity into InsightIDR, unifying it with network, user and cloud data to provide holistic visibility of their environment. The result is the security teams are able to better monitor their attack surface and drive accelerated investigations and response from a single interface. EET extends the core threat hunting capabilities of InsightIDR and since our official launch just a few weeks ago, we have seen a number of customers activate trials for EET. Turning now to a brief update on our 2020 goals as we close the year. Our first goal is to be a leader in enabling customers to transform the security operations practices around the cloud. This starts with our unified cloud native Insight Platform and continues with the recent innovations like Cloud IAM Governance and our strategic asset partnership with Snyk. As I look at our innovation pipeline, I'm excited about our opportunity to raise the bar for cloud native security operations. Our second goal is to accelerate our platform distribution agent. We remain in early days with our add-on and bundle opportunities. But with a growing set of capabilities like network traffic analysis and Enhanced Endpoint Telemetry, among others, we see lots of sites increasing our customer lifetime value by expanding ARR per customer from roughly $40,000 to over $60,000 over the near-term. Finally, our third goal is to drive long-term operating leverage, while investing for growth. We continue to focus on disciplined innovation and believe that our investments in technology and customer experience that drive increasing penetration across our Insight Platform. This should support improved efficiency and leverage in our go-to market motion over time. With that, I would like to close today by sharing my appreciation for the hard work and commitment of our entire Rapid7 team to remain focus on building and delivering the most sophisticated and accessible security operations platform on behalf of our customers. Thank you all and I will now turn the call over to our CFO, Jeff Kalowski. Jeff?

Thanks, Corey and good afternoon, everyone. Before I begin a brief reminder that except for revenue, all financial results we'll discuss today are non-GAAP financial measures, unless otherwise stated and reconciliations between our GAAP and non-GAAP results can be found in today's earnings press release. We're pleased to report that Rapid7 delivered milestone results during the third quarter with revenue exceeding $100 million on a quarterly basis for the first time, and strong cash flow from operations in the quarter. Total revenue of $105.1 million came in above the high end of our guidance range, reflecting year-over-year growth of 26%. This result was driven by better than expected products' revenue of $98.6 million, which grew 29% over the prior year period. Revenue outperformance was a function of solid execution by our team as we ended the third quarter with total ARR of $398.7 million, up 29% year-over-year, but by strong demand for our Security Transformation Solutions and continued healthy growth in VM. Looking at the business geographically during our third quarter, North America revenue grew by 25% year-over-year and comprised 83% of total revenue, while rest of world grew by 32% year-over-year and represented 17% of total revenue. We experienced healthy engagement with new customers in the quarter, ending the period with over 9,300 customers globally, growth of 8% over the prior year. New customers contributed over 50% of our new ARR in the quarter, reflecting a continued pace of demand improvement as the year has progressed. The differentiated value of our Insight Platform is resonating with customers and as a result, we saw continued expansion in customer relationships, ending the third quarter with ARR per customer of approximately $42,700, a growth of 19% year-over-year. We continue to see runway for sustained long-term growth in this metric. Turning now to margins and operating results. Total gross margin for the third quarter was 74% consistent with Q2 as well as the year ago period. Sales and marketing expenses grew 19% year-over-year, reflecting growth in headcount and improved to 42% of revenue compared to 44% in Q3 2019, driven in part by lower T&E spend. R&D expenses grew 34% over the prior year, and represented 21% of revenue, up compared to 19% of revenue last year, reflecting full quarter of DivvyCloud contribution and continued investments in product development. G&A expenses grew 15% and were 9% of revenue down from 10% in Q3 2019. Third quarter operating profit of $2.4 million was ahead of our guidance range driven primarily by overachievement on revenues. Adjusted EBITDA the third quarter was $5.8 million, and net income per share $0.00, also ahead of our guidance. Moving to our balance sheet and cash flows. We ended Q3 with cash, cash equivalents and investments of $331.4 million, compared to $321 million at the end of Q2 2020. The sequential increase was driven predominantly by our positive cash generation in the quarter. Operating cash flow of $11.1 million was driven by strong billings and collections activity in the quarter and improved from $1.8 million in the year ago period. Shifting now to guidance. Amidst an uncertain backdrop, our third quarter results demonstrate that companies are investing in SoC modernization to keep up with the rapid pace of digital and cloud transformation. Customers are engaging with us as part of a best-in-suite security strategy, leveraging our combination of market leading technology and platform value. Looking ahead, Rapid7 is positioned to capture the fast-growing cloud SecOps opportunity with best-in-class VM and Security Transformation Solutions on our inside platform. Our strong Q3 execution reinforces confidence in driving durable growth and margin expansion. As we raise full year 2020 targets for ARR growth and cash flow, while reinvesting outperformance to pursue our expanding market opportunity. We are conscious however, that we must balance healthy customer demand for transformational security with an uneven macroeconomic recovery as we look to the rest of the year. With that in mind, let me start by sharing our guidance for the full year. Building off our solid third quarter performance, we are raising and tightening our ARR guidance range and now anticipate full year ARR to be in the range of $418 million to $422 million, an $8 million increase at the midpoint of growth of 23% to 25% year-over-year. This range assumes a continuation of the gradual demand recovery we have experienced to-date through the second and third quarters. We continue to see our Security Transformation Solutions' ARR growing over 40% this year, with VM sustaining double-digit ARR growth. Given our increased ARR expectations, we are raising full year revenue guidance. I now anticipate 2020 revenue to be in the range of $406.2 million to $407.8 million or growth of 24% to 25% year-over-year. We're raising full year non-GAAP operating profit to be upper half of our prior range are approximately $1 million to $2 million. This guidance reflects investments for sustained future growth and margin expansion. And as a reminder, we expect that we will return to our profitability framework for 2021, assuming a continued recovery trajectory. We are tightening our full year non-GAAP loss per share toward the upper end of our prior range and now anticipate a range of a loss of 0.12 cents to a loss of 0.10. This is based on $51 million weighted average shares outstanding for the full year. Given our strong cash flow performance in Q3, we now anticipate a notable improvement in cash flow from operations for the full year to approximately breakeven compared to our prior expectation for a loss of $15 million. Turning to quarterly guidance. We anticipate total revenue for the fourth quarter of 2020 to be in the range of $107.9 million to $109.5 million growth of 18% to 20% year-over-year. We anticipate non-GAAP operating loss for the fourth quarter to be in the range of negative $1.8 million to negative $0.8 million reflecting reinvestment of some of our outperformance to-date. Non-GAAP net loss per share is anticipated to be in the range of a loss of $0.09 to a loss of $0.07 cents, which is based on an anticipated $52.1 million basic weighted average shares outstanding. In conclusion, we continue to execute against our vision to provide a leading cloud native SecOps platform to our customers that they transform their digital experiences in the cloud. With that, we appreciate your time and support, and we'll now open the call for any questions. Operator?

[Operator Instructions] Our first question comes from the line of Rob Owens with Piper Sandler. Your line is open.

Yeah, good afternoon guys. Corey, building on some of your comments about the unprecedented challenges [technical difficulty] are facing nowadays? And you talked about SoC modernization as well? Where do you think folks are in terms of kind of tactical response to digital transformation work-from-home versus getting more strategic? And as those conversations are playing out, where do you see kind of not asking the guide to next year, but I would think that's, you know, as we get into 2021, we should see really a tailwind because of all this modernization and how it translated to opportunities like yours. So if you can comment that'd be great.

Absolutely, Rob and I'll just repeat it since you came in a little bit muffled, is that, sounds like the core question is, where are we in the face of people sort of like really thinking about work-from-home versus the more strategic aspects of digital transformation? And how does that play out over the course of this year, but also in the four years and that their tailwind? And I would say, yes, we actually do see a positive tailwind into the future. In our discussions with most customers, you know, there was a big crisis early on, that was really fundamentally around, can we even be functional in this COVID work-from-home world. I think many - we're quite surprised about how functional they could get quickly. And while there's still some work to be done in some aspects of maturing those work-from-home security programs, lots of the organizations that we're talking to are really addressing the imperative of how do they really replace and upgrade their digital systems so that they can actually support their customer and engage with their customers, sell to new customers in a world where digital is just much more critical and much more strategic. And so we see customers that are actually moving at a very fast pace, which has given us some of the confidence that we've actually seen reflected over the course of this year. We see a lot of customers that are in planning. And we actually think that provides some upside, what I would say in the mid to longer-term, you know. The feedback that we're getting from a lot of our customers is that they're making the moves, they just trying to figure out their ordering in the steps around the budgeting. And so they don't know whether they're going to actually be aggressive in the first half or the second half of next year. But they do know that they are moving and they're doing their planning now and then working through budgeting with their finance departments and teams.

And then second, you mentioned your largest deal in the quarter with a well-known consumer brand with consolidation of SIEM vulnerability automation. Are you seeing more of these consolidation opportunities as you bring a more holistic suite? And, is this customer somewhat uncharacteristic relative to, I guess the perception of what you've articulated as resource constrained midmarket customers historically?

It's a great question. I would say, no the customer is not atypical because they are resource constrained. One of the things that we continue to find is resource constrained cuts across segments and we've always treated as that, you know, over half of the Fortune-500 is resource constrained. You talk to the large, you know, some of our largest customers, you talked to the, you know, one of the largest manufacturing organizations in the world, they feel very resource constrained. You talk to some of our large retail customers that are Fortune-500, they feel resource constrained. And so what I would say is that, no, it's not off in terms of the resource constrained nature. And in fact, we expect to see lots more of that over time. And we actually are seeing customers have a bias towards it. And again, I'll reemphasize it. what - when we just did a new study this quarter, customers are not interested in buying a suite for the purpose of buying a suite. But what they're very interested in, if they can get best-in-class performance and quality, and they can actually get a highly productive, cost effective platform that actually allows them to have best attack capability. They're absolutely 100% interested. Now to your question about what's the traction progress? Well, I'd say that is steadily increasing. I think that we still have more upside in front of us. I think we're just starting to tap the edge of that surface and we see the building momentum over the next several years.

Great. Thank you.

Thank you so much.

Thank you. And our next question comes from the line of Saket Kalia with Barclays. Your line is open.

Okay. Hey, guys. Thanks for taking my questions here. Can you hear me okay?

Saket, you're just fine. Thank you.

Okay, excellent, excellent. Hey Corey maybe first for you, I kind of want to build off that last line of questioning. But maybe we then something you talked about last quarter, which is some of the experiments the team has done with bundling. You know, can you just dig into that you know, what bundling means for Rapid7? You know what the opportunity could be? And maybe as part of that, maybe touch on how that sort of factors into but sounds like a higher ARR target per customer. Does that make sense?

Yeah, it's a great framing. And I'll start with your last framing about the ARR target, because that's one of our big goals is to drive up the ARR from customer. You know, we moved, you know, from the, you know, high-teens to the 30s, to now the 40s. And we actually see very clear line of sight to 60 K plus ARR per customer. And where we think a lot of that actually comes from is a combination of customers adopting more of their environment, and also customers adopting multiple products, and we're well in the past there. The bundle experiments that we, I would say about the research and the experiments that we actually did really fall into a couple of categories. One is, that we now have the capability to do add-ons, and you can think about sort of the add-ons, whether that's the NTA add-on for the network factoring analysis in IDR, or the EET, for the input Endpoint Telemetry add on Friday our or the SOAR has been add on to our products, in addition to sort of a landing fill, that is a capability that we're actually have been doing lots of holiday and lots of exploring, and customers really like that model to actually provide the flexibility. And our goal is to have the simplest possible pricing and packaging, but we also want customers to have the flexibility to actually get something economical for where they are in their journey. And that's really what we we're trying to do in most of our research is that, we have customers that are looking at a single solution, we have customers that are looking at a single solution, but I think they want to move very fast. So they may want to have some extensions to it. And then we have customers that want to tackle multiple problems at once. And so when you think about our focus of these things, is that, we want to make sure it's easy and as cost effective as possible customers that say, listen, I want to build out my entire security program quickly. And I want to actually look at multiple packages together. That's a simple value proposition. Customers say, Listen, I want to start here. But I actually want to actually build up my sort of like solutions to my second platform over time, we want to make it as easy as possible to start and then to expand over time. And so that's why we actually did the research. What I would say is that, the research is absolutely validated customer interest. We're in the process right now of consolidating that honing a few more of the traffic experiments. And we will start running that out over the course of 2021. What I would say that from my benefits perspective, we expect the largest benefit of that to hit 2022 forward, but we will see some positive benefits in '21 primarily because we're just seeing positive interest from customers in our Best-of-Breed platform.

That's very helpful. You know, maybe if my follow-up for you, Jeff. You know, I think the net revenue retention came in at about 103%. Yeah, I think we've seen this from other security companies as well, you know, whether it's a combination of sort of lower employee accounts, you know, lower upsell limits, the pandemic, et cetera. But, you know, can you just maybe touch on what drove the downtick in net revenue retention, you know, from last quarter? And just as importantly, where you think that bottoms?

Yeah, I'll make a couple of points. You know, one of the primary factors is that, you know, we've seen a mix shift, you know, in our new ARR going to IDR, customers versus VM and they tend to buy more of their environment upfront, in resulting in larger deal sizes as opposed to, you know, buying in pieces like - unlike the VM products. Also, you know, renewal rates are still healthy. And this quarter, we also had more than 50% of our new ARR coming from net new customers as opposed from base, we do have a healthy balance from doing our base as well as new customers. We, you know, we do manage to total ARR, which was solid in Q3. And to your last question as to where you know, it might go, we did forecast a decline over the course of the year and while we might see a modest decline, we would still expect ARR customer AAR for customer to continue to grow and that's a primary metric.

Got it, very helpful. Thanks, guys.

Thank you.

And our next question is from the line of Matt Hedberg with RBC Capital Markets. Your line is open.

Hey, Matt, are you there?

Sorry, guys. Yeah, thanks. Thanks for taking the question. You know, it was really good to hear of the growth in your transformational offerings. You know, I think that that, to me, it feels like there's a large, you know, correlation to your increased ARR guide for the year. But I guess my question, following up on Saket's question. You know, when we look at new customers, I think they grew 8% this quarter, and I guess what, either for Jeff or Corey. When you think about ARR growth, how do you think about just sort of new customer ads, selling more into what looks like even larger customers and larger initial deal sizes? And then on the flipside, you know, sort of through kind of your expectations on quarter rep additions into Q4, you know, as you kind of think about 2021.

Sure. I'm happy to jump in this, sorry, I think is a great question. So the first thing is, when we think about customers, our primary focus is really sort of two distinct areas. One, with courses going on for customer, but we're still actually very, very focused on growing customers overall. Now, I'll add two sort of important characteristics for that. The first is our focus in the organization is going platform customers, because we make platform customers have the highest ARR potential overall and the highest customer lifetime value. So we have a high focus on growing the platform customers, and that has actually grown at a much higher rate. And that comes at the expense of some of the transactional customers that may have just done Metasploit one on projects over time. We're happy with that tradeoff all day long. So internally, I mean, it's for the platform customer growth versus just the so like the total customer growth. That said, we still plan to grow total customer growth over time. As for your second question about sort of how we think about developments efforts. You know, clearly the market demand in the near-term, you can think about we have good visibility into this year, was higher than we expected a few quarters ago. And that's a good thing. And we actually are very confident in the market demand in the long-term. You know, in the middle about like when the people get budgets, whether it's Q1, Q2, Q3, we're not worried about that, we're looking at some of the long-term demand characteristics. And so therefore, we are making some investments this quarter to actually rightsize our sales force and we expect productivity to go up next year. But we are making some investments to rightsize the salesforce for the demand and we're also seeing in the market, even while we continue to show improved profitability this year. And as we committed before, we expect to continue to get ongoing leverage as we go into '21.

That's great. Super helpful, Corey. Congrats again guys.

Matt, one point I'll make on the platform customers, you know, our net. In terms of just platform customers, the net increase was a little over 300 customers. So you can see that it's, overall, those are growing much faster than our overall customer growth. So what we're churning are low ARR customers, non-strategic customers.

Super helpful. Thanks, guys.

And our next question is from Gur Talpaz with Stifel. Your line is open.

Okay, great. Thanks for taking my questions. Corey, in terms of the threat environment, we've seen a pretty sharp rise here in ransomware attacks over the past few months. When you sort of think about your installed base and your broader engagement, has this created a broader shift in urgency for either VM or the or the broader platform?

Well it's definitely having created - you know I'll just comment about those. So one, I would say, you know, VM remains healthy. And it remains in line with some of the expectation that we set last quarter, of that sort of like, you know, mid-teens plus revenue growth, so we think the VM demand is actually better than we actually done a couple of quarters ago and we see that continuing throughout. I would say lots of the demand that we're seeing, if you want to tie it directly to ransomware, probably goes into this whole category of do I have the right monitoring solution in place to actually monitor my overall environment of security operations. And so I think that's one of the catalyst of IDR adoption in growth. I don't think it's a primary driver necessarily of our cloud growth. I think that comes from more digital initiatives. But I do think it's one of the contributors to some of the strong and healthy demand that we're seeing in our IDR practice.

That's helpful. And you talked about a midterm pathway to 60 K and ARR per customer. In the past, you talked about a potential take of around 200 K, is it still fair to think about the long-term viewpoint in that threshold? Or should we adjust our lens here?

Well that's actually gone up. We haven't updated the numbers since we actually really explained that went deep on our cloud offerings to get more visibility into some of the automation stuff. And so that something we'll update at the Analyst Day. I think, you know, Sunil is working on getting the data out, but it'll be in Q1 I expect at some point. And I think what we'll talk more about there, but the number is higher than 200 K right now, but it just didn't make sense to actually update that before you know the Analysts Day.

Okay, that's helpful. Thank you.

Thank you.

Our next question comes from the line of Jonathan Ho with William Blair. Your line is open.

Hi, good afternoon. I just wanted to first of all get a sense of how much contribution there it was from DivvyCloud. And if you can maybe give us a sense of what that ARR contribution was as well? Thanks.

Yeah. So in terms of revenue was about $2.3 million in the quarter. We're not breaking out the specific contribution of giving ARR in the quarter, it's doing well. And I'll just remind you that, you know, at the time of the acquisition, we brought on $10 million of ARR at closing.

Got it. And then you know just in terms of the digital transformation, maybe opening up some of these new opportunities. Can you give us a sense of, you know, what this means around both DivvyCloud and your cloud solutions? And you know, is this, you know, like, the number one priority that you're seeing for customers so just want to get a sense of, you know, how big of a driver digital transformation is?

We'll all of them are well. I'd say it's definitely top three, I mean, it's definitely something that most of our customers are talking about and looking at in some material way and planning around. And it will vary at different levels of maturity there. But I would say, we see lots of momentum and customers trying to sort through how they become relevant as the world moves more and more to cloud. I mean, that is something that's on lots and lots of customers' mind. As Jeff pointed out like DivvyCloud is doing great, but it's still coming up from a small base that's actually there. But I'd say it's well exceeded our expectation, and we have other cloud capabilities that we've actually added into DivvyCloud internally, and the DivvyCloud team has continued there to innovate with some really impressive technologies around identity, governance and some other areas. So I would describe it as lots of customers that I see are actively looking at how they actually think about taking their operations more digital. Security is front and center in the conversations. So we're seeing plenty of opportunity over the next several years to actually grow and expand in that direction.

Great, thank you.

Thank you so much.

Our next question comes from the line of Brian Essex with Goldman Sachs. Your line is open.

Hi this is [technical difficulty] for Brian, and thank you for taking the question. So thank you for the color on the traction that you're witnessing with DivvyCloud. And probably following up on Jonathan's question, just wanted to understand the mix of opportunities for your expansion that you are actually seeing coming from the cloud in terms of let's say, better overall platform penetration or uptick from potential module launches going forward, like Cloud IAM Governance that you announced this quarter? And also, as you highlighted with large deal wins with DivvyCloud? Is it more of a greater greenfield opportunity compared to competitive displacements? Or do you strike a balance here?

Well, I'll start with the last question. The overall cloud market is very early at its evolution. So it's mostly greenfield. And yeah, there's competitors there. But it's a mostly greenfield market, which we view as positive. Yeah, I think if I go back to some of your earlier questions, I would describe and there is two select growth drivers. It's one customer expanding their cloud environments. And so DivvyCloud has natural growth, it's actually built into the expansion. Second, you know, DivvyCloud team has some great expansion capability, and modules that we're actually adding on that allow additional sort of value to customers over time, that also provide incremental ARR for customer over time. And so I would say it's a three-pronged sort of like thing, lots of new customers in greenfield opportunities, customers expanding, which is super positive. And they have the ability to actually provide incremental capability and functionality that's valuable to customers that allows us to continue to expand an ARR for customers.

Brilliant, thank you.

Thank you.

Our next question comes from the line of Hamza Fodderwala with Morgan Stanley. Your line is open.

Hey, guys. Thank you for taking my question. Corey, my first question for you was just around the recent announcement of the Cloud IAM Module for the DivvyCloud. Just wondering if you could give us any color as to, you know, what sort of drove your decision to get into the Governance - Identity Governance space, kind of what you're offering versus maybe some of the existing solutions out there? And kind of what the early response there has been?

Yeah, the responses were positive, but I do want to actually add a couple for clarification. So this is not us entering the IAM market as you would typically think about it. In fact, our primary competition is sort of like similar offerings, I think we introduced by Palo Alto here and a couple period elicits, so let me just talk about what it is as that to make sure that everyone's clear. If you think about cloud environments, you have the users that we actually think about. But you also have a mass of applications and rights, privileges and roles and entitlements that actually go along with that. And that can actually get very, very complex, very fast. And you can think about it as its own form of configuration management, but it also introduces massive risk. And so the way that I really think about it is that there's so many aspects of the cloud that has its own set of rights, privileges and entitlement and understanding what things like effective access mean, is an analytics problem and the solution to that is also an automation problem. So this is really about sort of, like how do you think about analytics and automation in a cloud context that happens to be around identity, which is very core to what sort of our both cloud and Identity initiatives, I focus on Rapid7's analytics and automation platform. So of course, we're tackling the analytics and automation problem as it relates to the cloud. And we think that in this space, you know, we think about Cloud Identity Entitlement Management, I think other people use that terminology. We think in this space, it was, of course, extraordinarily strategic for our customers. And the feedback that they've given us so far has been that this is the right path and they want to see us continue to invest here. We've already got some early traction.

Got it, you know that's helpful. And then a follow-up question for Jeff. I'm just curious, on how did the gross renewal rates trend in Q3, you know, versus maybe some recent quarters? And how are you thinking about renewal rates going, you know, going forward, as you know, we were likely to remain in a more uncertain macro environment, you know, for the time being? And that's it for me. Thank you.

Yeah, I mean, say at the beginning of the year, we did say that renewal rates would decline over the course of this year, which they've done. Are you asking? Not the overall renewal rate? You're asking our expiring renewal rate?

The return rates essentially. Yeah, yeah -

Yeah that's been very consistent and stayed in our historical range. And we've seen nothing, no changes there at all. It's still healthy.

Yeah, we're doing a you know, what I'll comment. I think our team and our customers with a very effective job of retaining customers with a special focus, frankly, on like, we see very good rates around our platform customers, which I think is important. When you think about sort of how we're getting going forward, if you take out, I would say, mix shift or the fact that from an overall perspective, we're happened to be doing more IDR deals, which are larger upfront deals. Our focus as we actually go forward, again, is to really grow, retain platform customers, because that's where all of the value comes from and that's where all of the, I would say, the scale and the leverage, where you get both growth and profitability over time. So looking at both to grow and retain that mix of customers over time, and then really leverage our packaging and pricing strategy to actually drive cross-sell and up-sell as we actually go along. And again, we'll talk more about that in our Analysts Day. But I'll say that strategies playing out quite well. And I think we have good visibility now mix up a call from puts and takes as we actually go into the future. But I would say the - if you think about the core to strategy is always an effective job of growing and retaining platform customers. And what does that do to the economic engine over the next couple of years? I would say that's going extraordinarily well.

Got it, helpful. Thank you.

Our next question comes from the line of Adam Tindle with Raymond James. Your line is open.

Hi, thanks. This is actually Alex on for Adam. I was just curious just speaking with some of your customers that you've noticed that one of your competitors managed to becoming a shared donor due to a, you know, lack of innovation, and kind of being slow responding to customer requests, consider leaving some share on the table for the grabbing. Have you noticed that? Have you, you know, how does the current competitive environment sort of stack up in your core VM market?

Okay, so it's the question about the core VM market. You know, I would say the, you know, as I said earlier, I think you may recall that I think the dynamics of VM are much healthier than we expected as we go out. And so really, it's the combination of, I think the innovation that you're seeing us do. Customers really like our focus on productivity, scale and ease. So we're continuing to make investments and drive innovation in the VM market. And that's resonating well with customers overall, which gave us the confidence last quarter to actually sort of increase our expectations around VM and then frankly talk about the durability of that. And to your question, I agree that customers long-term are actually looking at like who are the strategic players in the Vulnerability Management market and we see that as an opportunity. And so our team internally is very, very much focused about how do we continue to grow our share of the overall Vulnerability Management market. And we see ourselves as a sustainable share taker in that market.

Okay, perfect, thanks. And then just to follow-up, if I may. Do you have any color on ARR growth, it looks like there's a slight deceleration in this quarter any guidance kind of implies a deceleration into the end of the year, do you have any commentary on that?

Yeah, I mean when we think about our overall ARR growth, we think that 29% is extraordinarily healthy, especially in this macroeconomic environment. And when we see it going forward, our real focus is on sort of like sustainable, durable aspects of the ARR, especially around our platform customers. You'll also note that I talked earlier about some of the investments that we're actually making to increase back our sales capacity, because we actually paused some of that one two periods of the pandemic. And a lot of that had to do with we see a very, very healthy demand environment over the mid-term.

Okay, perfect. Thank you so much.

Thank you.

Our next question comes from line of Alex Henderson with Needham. Your line is open.

Thank you very much. Can you hear me, okay?

I can hear you just fine. Thank you.

Perfect. You've talked about rightsizing your salesforce multiple times over the course of the call. It's clear to me that you've got a great product suite and that you're getting great uptick on it. Can you give us some idea of what the rate of expansion of your sales force is going to look like? And you know, what's your targets are? Do you expect to increase your sales staffing capacity faster than your top line? Or do you expect to continue to drive to margin expansion within that specific line? Or is margin expansion coming from R&D or G&A leverage?

That's a good question.

Like there's an opportunity here to drive your competitive edge?

Yeah, it's a great question. So what I would say is that, we do see up - we do see very, very healthy demand. But we expect to continue to get leverage in the overall business. You know what I would - the way I would describe it, that way for like 2021 to be back on the growth profitability model that we actually gave last year, well, we'll continue to get ongoing leverage while we are severely focus on sustainable growth in the overall business.

Okay. So the leverages across all operating lines or across the sales and marketing specifically?

Yeah, I would say it's - so we're looking at generalized average across I would say sales and marketing is, to answer your core question, is that are we planning to make sales more inefficient to drive growth? And the answer's no, No, I think that, you know, just put in practical terms is that, you know, put it in practical terms is COVID years sort of somewhat special. We do expect sort of like improved productivity often this year. And we actually see enough demand to actually improve the productivity offer this year. So I would expect sales to be part that improves the efficiency.

Then the second question if I could follow-up you clearly increasing revenue per customer. But I was wondering if there - if you were to look at your customers, are the size of the customers that you're now that on average moving up as well? Is that also part of the equation that you're penetrating into higher accounts, larger accounts and more strategic accounts?

Yeah, I would say yes, that's definitely an element of the equation. I don't want to imply that it's the only element of the equation question. But I will say it's one of the elements of the equation that's happening. We also are growing the ARR for customer of even on midsize customers. So you know, the way we think about it, that you got different sized cohorts of customers and we're looking at the dynamics of that. And so what we really want to see is increased adoption which we've actually talked about first at the platform, but we also want to see ARR expansion within different sized cohorts. But to answer your question, yes, we are having greater success and penetrating some of the larger enterprise customers.

Great, thank you very much for taking my questions.

Thank you so much.

[Operator Instructions] Our next question comes from the line of Gregg Moskowitz with Mizuho. Your line is open.

Okay, thank you very much and good afternoon, good evening guys. So Corey there are a lot of SIEM vendors out there and yet you continue to execute at a very high level with IDR. I know you don't compete head-to-head all that often for SIEM deals, but you did call out one displacement this quarter. And so I'm curious if you're seeing any changes competitively speaking that you would also point to?

No, I would say when we start off on our SIEM journey, we really were doing a lot of greenfield, it actually started off with a small, a slight mid market to like buy as well, let's say, now we're competing effectively across the board. And, you know, we definitely, we won a lot, we lose a few, but what I would say is that, we are becoming a mainstream firm leader across the board. And I think that gives us lots of upside potential over the next couple of years. And when you really look at the underlying foundation of that, it should be one of these enduring platforms, that is still continuing to provide scale, growth and leverage and satisfy our customers, you know, in the well not just the short-term, but also in the mid long-term.

Okay, that's very helpful. And then just maybe as a follow-up, we've been hearing about some improvement in your federal business. I know that has not been particularly strong area for Rapid7 historically. Is that something that you're seeing as well, and if so, we're just wondering if you could update us on why you may be getting traction in the federal vertical? Thank you.

Yeah, I would describe the federal budget vertical is stable. I think we have a strong public sector practice when you look at both the state and federal together. I think that really one of the aspects of the federal government, we've actually moved a lot to our cloud infrastructure and platform infrastructure. And that's just a while it's stable, it is a different road to tow to actually have a primarily SaaS platform in the federal now we're seeing in roads, we expect that to go over time, but we're actually patient about how that works its way through the system.

Okay, got it. Thanks, Corey.

Thank you so much, Gregg.

And I'm not showing any further questions. So I'll now turn the call back over to Corey Thomas, CEO for closing remarks.

Well, I just want to thank you all so much, again for joining us today. And I hope you and your families stay safe during this time. Thank you.

Ladies and gentlemen, this does conclude the program. Thank you for participating. You may now disconnect. Everyone have a great day.