Rapid7, Inc. (RPD) Q4 2021 Earnings Report, Transcript and Summary

Good day, and thank you for standing by. Welcome to the Rapid7 Fourth Quarter and Full Year 2021 Earnings Conference Call. At this time, all participants are in a listen-only mode. After the speakers presentation there will be question and answer session. [Operator Instructions] Please be advised today's conference is being recorded. [Operator Instructions] I would now like to hand the conference over to your host today, Sunil Shah, Vice President, Investor Relations. Please go ahead.

Thank you, operator, and good afternoon, everyone. We appreciate you joining us today to discuss Rapid7's fourth quarter and full year 2021 financial and operating results, in addition to our financial outlook for the first quarter and full fiscal year 2022. With me on the call today are Corey Thomas, our CEO; and Tim Adams, our CFO. We have distributed our earnings press release over the wire and is now posted on our website at investors.rapid7.com, along with the updated company presentation and financial metrics file. This call is being broadcast live via webcast, and following the call, an audio replay will be available at investors.rapid7.com until February 16, 2022. During this call, we may make statements related to our business that are forward-looking under federal securities laws. These statements are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995 and include statements related to the company's positioning, our future goals and financial guidance for the first quarter and full year 2022 and the assumptions underlying such goals and guidance. These forward-looking statements are based on our current expectations and beliefs and on information currently available to us. Actual outcomes and results may differ materially from the expectations contained in these statements due to a number of risks and uncertainties, including those contained in our most recent quarterly report on Form 10-Q and in the subsequent reports that we filed with the SEC. The information provided on this conference call should be considered in light of such risks. Actual results and the timing of certain events may differ materially from the results or timing predicted or implied by such forward-looking statements, and reported results should not be considered as an indication of future performance. Rapid7 does not assume any obligation to update the information presented on this conference call, except to the extent required by applicable law. Our commentary today will be primarily in non-GAAP terms and reconciliations between our historical GAAP and non-GAAP results and guidance can be found in today's earnings press release. At times, in our prepared comments or in response to your questions, we may offer incremental metrics to provide greater insight into the dynamics of our business or our quarterly results. Please be advised that this additional detail may be onetime in nature, and we may or may not provide an update in the future on these metrics. With that, I'd like to turn the call over to our CEO, Corey Thomas.

Thank you, Sunil, and good afternoon to everyone on today's call. Thank you for joining us. Rapid7 finish 2021 on a high note delivering strong fourth quarter results on broad-based strength across our security transformation and vulnerability management solutions. Security transformation saw year-over-year organic ARR growth of over 50% exceeded our expectations for the quarter and the year, driven by our team's strong execution and a growing need for customers to manage increasingly complex security environments. We ended the year with $599 million of ARR, growth of 38% over the prior year and growth of over 30% on an organic basis. These growth rates highlight the compelling value proposition our Insight platform is delivering to our customers and support our belief that 2022 will be another strong year for Rapid7. Our commitment to executing on our growth and profitability framework is evident in today's results. We delivered nearly 100 basis points of non-GAAP operating margin expansion for the year, while accelerating ARR growth and absorbing our largest ever acquisition to date. We also saw significant scale and cash flow exceeding $50 million of operating cash flow in 2021 and delivering $35 million of free cash flow for the year, ahead of expectations. This puts us on a great trajectory to execute against our mid- and long-term free cash flow targets. While Tim will share more on our operating results during his prepared remarks, these financial highlights illustrate the strength of our underlying business and our commitment to making responsible investments in growth. We began last year with our 3 enduring goal in mind to enable customers to securely transition to the cloud, to expand the capabilities and value proposition of our best-in-class Insight platform and to balance our dual mandate of scaling profitably while strategically investing to drive durable growth. In March, we expanded on this vision at our Investor Day, where we outlined our medium- to long-term financial goals and elaborated on a few key opportunities, including the large and expanding addressable market for our solutions, our ability to grow ARR per customer by cross-selling and upselling into our base, focusing on higher-growth strategic customers to support this expansion and an underpenetrated international market with significant room for share gains. During 2021, we executed extremely well across all of these opportunities. We accelerated ARR growth while expanding our addressable market beyond $30 billion. ARR per customer grew 17% for the year approaching $60,000 per customer. Customer growth accelerated, driven by increased demand and notable improvements in retention as we eclipsed 10,000 customers globally. And we saw approximately 50% year-over-year growth in our international revenue. Moreover, the escalating cyber threat landscape we experienced throughout the year validates the durability of these opportunities, as customers transform their business, cloud adoption gains pace and the ability to manage cybersecurity risk becomes even more challenging. These issues are now a top priority for executives and boards, particularly as the labor market for security professionals tightens and regulatory scrutiny and brand risk increase. These market conditions provided a healthy secular backdrop for our strong growth in 2021 and should support durable ongoing growth in 2022. I'll highlight 3 areas that are driving our success today. First, our Insight platform provides customers with a broad-based integrated suite of best-in-class security operation solutions. We've invested in and expanded our capabilities over the last few years to build a leading position in the extended detection and response, cloud security and vulnerability risk management markets. We further strengthened our customer value proposition by adding platform services, including SOAR and threat intelligence to provide security teams with comprehensive visibility, analytics and observation that they need to manage an evolving IT environment. The depth and breadth of our platform is increasingly becoming a competitive differentiator. It's driving demand with our customers, particularly as security teams look to consolidate an increasingly fragmented set of security solutions. This is demonstrated by the strong growth we saw across our Insight platform throughout 2021 with particular strength driven by our security transformation solutions, which now represents the majority of our total ARR. We see a long runway ahead in terms of our platform opportunity as we expand our base of multiproduct platform customers. The recent law for [indiscernible] vulnerability highlights the value of holistic visibility and monitoring our Insight platform can provide in helping customers to drive better security outcomes. Beyond the critical importance of InsightVM and providing visibility to the risk and customer traditional environments. Customers are leveraging Insight cloud sec to identify vulnerable cloud entities InsightIDR to monitor for attacker behavior related to low for sale. Our application security capabilities to both monitor and block against attack attempts and velociraptor for forensic analysis of exploitation attempts against the vulnerability. The scope of incidents like log for shale demonstrates the persistent nature of the elevated threat landscape our customers are facing today and why we expect cybersecurity will remain top of mind for organizations of all sizes as we look ahead. The second aspect of our business I want to highlight is our market-leading incident detection response. As the topic of XDR gains most year, many of you have asked how Rapid7 InsightIDR is delivering customer impact in the zero. The answer is that we've always approached IDR from this perspective. When we began building IDR in 2013, most people were focused solely on data collection. Rapid7 took a detection-first approach, hence the name, incident detection and response. By combining leading data collection capabilities on our Insight platform with detections from our analysis of attacker behavior and layering on user behavior analysis by integrating and compliance dashboards, we were able to build not just a market-leading SIM, but also a market-disrupting capability to detect and respond to attacks more effectively. We have since extended the breadth and depth of our offerings at a risk capabilities, including endpoint detection and forensics and network traffic analysis to provide more comprehensive visibility across customer environments as well as embedding automation to drive productivity to help customers deliver better security outcomes. Our investments in natively integrating these capabilities is why customers are choosing InsightIDR to help minimize the scenes and gaps that exist in their fragmented technology environment today. We continue to invest in expanding our platform capabilities most recently via the addition of Insight's best-in-class threat intelligence offering. We remain early on our integration efforts, but have begun to see the vision of combined internal and external attack services monitor and resonate with our customers. During the fourth quarter, we saw great progress on our ability to sell Insight into our existing customer base with nearly 40% of our new threat intelligence business driven by cross-sell. A great example of this was a 6-figure competitive displacement with a well-known global food and beverage brand. The customer added threat command alongside our detection and response and vulnerability management solutions, in part because of the enterprise relevant alerts and the ability to automate workflows to improve the efficiency and effectiveness of their size. We remain bullish on our long-term opportunity to deliver a market-leading XDR solution to our customers as we continue to integrate threat intelligence into IDR. Lastly, I'd like to take a moment to discuss the emergence of our cloud-native security platform in site cloud sec. Digital transformation and the accelerating customer shift to cloud-based infrastructure is disrupting security programs. Cloud environments are more dynamic and scale and difficult the traditional IT environment. This is why security teams are increasingly looking for solutions that are built from the ground up and manage the unique risk in their cloud environments. While the cloud security market remains in its early days, it is clear to us that success and feature in the cloud relies on holistic data collection, analytics and automation, all capabilities that are core to Rapid7. This is how we have architected Insight Cloud Sec, -- by integrating 3 critical areas of technology to bring together multi-cloud data for which visibility and analysis across cloud posture management, cloud workload protection and cloud identity and entitlement management. We continue to innovate and invest heavily in this space given the massive opportunity ahead to help our customers migrate securely to the cloud. Our approach is resonating with customers as evidenced by a competitive 6-figure deal with a Fortune 500 company. The customer's homegrown approach to securing and growing multi-cloud environments will struggle to scale with the pace of their cloud development. They selected Insight Cloud sec for our scalable automation, seamless integration with Insight VM and our public cloud provider coverage that few competitors can match. Our swift time to value and out-of-the-box capabilities provide tangible benefits for the customer, allowing Insight Cloud Sec to become, in their words, a cornerstone of their security program. As we look across all 3 of these areas, we expect that many of the market dynamics we experienced in 2021 will continue to intensify in 2020. The attacker landscape continues to become more hostile and the pace of innovation, particularly the move to the cloud is accelerating and the security cap is getting wider. It is clear that security now has a permanent seat at the table and executive and board discussions. And we expect this to fuel durable growth for our best in-suite Insight platform as we look ahead to 2022. These dynamics are also impacted by the increased turnover many companies are facing in today's labor market, exacerbating what has already been a tight talent environment for cybersecurity professionals. Rapid7's sustained focus on addressing the needs of resource-constrained customers, by delivering best-in-class productivity and efficacy of security programs while lowering the cost of operations positions us well to drive strong customer impact through our Insight platform in this environment. As we march forward into 2022, we remain committed to executing against our 3 enduring goals for Rapid7, enhancing our customers' ability to securely transition to the cloud, building out an increasingly integrated best-in-suite platform experience and driving to attain profitability growth. We believe that secular tailwinds in security in the evolving IT environments put us in a great position to execute on these goals in 2022. And we are confident that we have the right technology and people to drive another year of durable growth. Our team remains committed to delivering on our 2025 goal of becoming at over $1 billion rule of 40 company, and we see great line of sight to achieve in that given our strong execution in 2021. Amidst an ever escalating cyber threat landscape, I'm tremendously grateful to all of the security professionals around the world who work tirelessly to keep our technology environment safe. The Log4Shell vulnerability, strand security teams at the end of an already busy year, and I'm proud of our Rapid7 team for their commitment to supporting our customers during the ongoing remediation efforts. We know that the threat environment with the team to impact the organizations of all sizes and that gives us conviction and the importance of our mission to make the best in security operations achievable to all. Thank you to our team and to our customers for supporting us on this journey. Before I turn the call over to our new CFO, Tim Adams, I would like to thank Jeff Kalowski for his significant contributions over the last 5 years. When Jeff joined the company, we had a VM solution and an annual revenue run rate of around $150 million. Today, we have broad-based best-in-class security operations platform generating nearly $600 million in annualized recurring revenue. Jeff was a critical player in this transformation. We wish him all of the best in retirement. Tim, we're thrilled to have you on board as we usher in the next chapter of growth for Rapid7, and I'm excited about all the great experience you will bring to our leadership team. Thank you for joining us today. And now I will hand the call over to Tim. Tim?

Thank you, Corey. Good afternoon, everyone. Thank you for joining us on the call today. I look forward to working with all of you and hopefully meeting you face-to-face in the near future. First, let me say I'm very excited to be part of such a great company. I have known Corey in the Rapid7 team for a few years, and I am truly honored to be here. I've been on board for just over a month, and I have been impressed by the level of talent and experience across the organization. There is a strong culture of collaboration, teamwork and customer focus. As one of the executive leaders, I will be working across the company to ensure that we continue to align our business and finance strategies to support our overall growth and long-term financial targets. Now before I turn to the results, a reminder that except for revenue, all financial results we will discuss today are non-GAAP financial measures, unless otherwise stated. Additionally, reconciliations between our GAAP and non-GAAP results can be found in our earnings press release. Rapid7 delivered strong fourth quarter and full year 2021 results. Total ending ARR of $599 million grew 38% over the prior year driven by growing customer demand across our portfolio of security transformation and vulnerability management solutions. ARR growth was over 30% on an organic basis in 2021, an acceleration over the prior year and highlights Rapid7's exceptional ability to drive durable growth as we scale our business. Full year revenue of $535 million grew 30% over the prior year and exceeded the high end of our guidance range. Strong demand for our Insight platform solutions drove product revenue growth of 31% over the prior year to $501 million. As Corey shared earlier, the need to manage risk across an increasingly complex IT environment, fuel organic growth of over 50% in our security transformation solutions, ARR in 2021. We I am thrilled to share that our security transformation solutions now represent the majority of our total ARR. We continue to see a healthy mix of growth coming from both new and existing customers during the year in addition to experiencing strong and improving customer retention rates throughout the year. Our customer base grew 18% over the prior year ending 2021 with over 10,200 customers globally. Our expanding suite of leading security solutions and the compelling value proposition of our Insight platform is underscored by the ARR per customer of 58,300 at year-end, which is up over 17% over the prior year. Our commitment to driving durable growth while expanding margins within our profitability framework is clear in our operating results. Rapid7 generated approximately $8 million of operating profit a year-over-year improvement of nearly 100 basis points and $35 million of free cash flow during 2021, both of which exceeded our guidance. We were able to achieve these results while increasing our investments in growth, absorbing our largest acquisition to date and hiring and retaining talent in a more competitive labor environment. Now turning to our fourth quarter results. Total revenue in Q4 of $152 million was up 34% over the prior year and above the high end of our guidance. Product revenue grew 35% year-over-year to $141 million. Our international revenue grew 59% and represented 20% of total revenue for the fourth quarter, while North America revenue grew 29% over the prior year and represented 80% of total revenue. Product gross margin was 75% in the quarter, while total gross margin for the quarter was 71%, down slightly from the prior year, but in line with our range of expectations. As we've shared previously, we continue to expect product gross margin to trend in the mid-70s and overall gross margin in the low 70s. During the fourth quarter, we continued to invest in growth and innovation and absorbed a full quarter of expenses from our Insights acquisition. Sales and marketing expenses grew 34% year-over-year and represented 44% of revenue as we ramped investments to position ourselves for growth in 2022. R&D investments grew 45% year-over-year and represented 22% of revenue, while G&A expenses grew 31% and represented 9% of revenue. Our ability to reinvest our top line overperformance from the second half of last year provides a strong foundation for growth in 2022, while maintaining the commitment to executing against our profitability framework. Fourth quarter operating loss of $6 million was slightly better than our guidance. Our adjusted EBITDA loss was $2 million in the quarter and net income per share was a loss of $0.16. Moving to our balance sheet and cash flow. We ended the year with cash, cash equivalents and investments of $258 million compared to $310 million at the end of Q3 2021. The reduction was primarily driven by the November redemption of the remaining $45 million of our convertible senior notes due in 2023. We delivered better-than-expected fourth quarter and full year cash flow from operations, reflecting strong ARR growth, and we exceeded our expectations by generating $35 million of free cash flow in the year. This brings us to our guidance. The strong results we achieved in 2021 highlight the large and growing opportunity we have to deliver our best-in-suite Insight solutions to customers as they face an increasingly complex risk environment. Our demonstrated success across the 3 areas that Corey elaborated on. The breadth and depth of our Insight platform as customers look to consolidate down to strategic security vendors. Our unique approach to delivering a market-leading extended detection and response solution, and our early traction in helping customers migrate securely into the cloud, provide a solid foundation for our outlook into 2022. With that in mind, for the full year 2022, we expect an ending total ARR of $740 million to $750 million, which represents growth of 24% to 25%. We plan to share relevant ARR guidance updates likely in the second half of the year. We expect total revenue for the full year to be in the range of $682 million to $690 million, representing growth of 27% to 29%. On profitability measures, we anticipate non-GAAP operating income to be in the range of $17 million to $24 million for the full year, with non-GAAP net income per share in the range of $0.05 to $0.16. This is based on an estimated 60.9 million diluted weighted average shares outstanding. For full year 2022, we expect to generate strong growth in operating cash flow, which when coupled with slightly higher CapEx infrastructure investments to support our growth should drive healthy overall growth in free cash flow to a range of $40 million to $45 million for the year. The operating margin expansion we expect in 2022 reflects our growth outlook and is consistent with the profitability framework we have previously outlined. Moving to quarterly guidance. For the first quarter of 2022, we expect total revenue in the range of $153 million to $155 million, representing year-over-year growth of 30% to 32%. We expect non-GAAP operating loss for the first quarter in the range of $7 million to $5 million, driven in part by early year investments and some annual Q1 events such as kickoff. We expect a non-GAAP net loss of $0.18 to $0.15 per share for the quarter, which is based on 58.3 million basic weighted average shares outstanding. In conclusion, we remain committed to driving durable growth and margin expansion within our profitability framework as we continue on our path to becoming an over $1 billion Rule of 40 company. Thank you for joining us on the call today. And with that, we will open the call for questions. Operator?

[Operator Instructions] And our first question comes from the line of Rob Owens with Piper Sandler. Your line is open. Please go ahead.

Obviously, a strong quarter punctuated by acceleration in looking at that organic ARR number, it's clear that the environment is as good as it's ever been. So Corey, with the vulnerabilities out there with all the attacks, do you have any sense, is there a pull-in of demand that we're seeing right now curious how sales cycles are trending? And how sustainable are these levels? And I do note that it does look like you're going to hit your midterm goal of $750 million in ARR 1 year early, just based on your guidance alone.

Rob, it's a great question. So one, I would say the demand environment oral is quite healthy. And we start highlighting that in detail and of last year. And I think it's driven partially by some of the big name either vulnerabilities or compromises. But I do think that it's actually moved to a level where this is on the permanent agenda now of both CEOs and Boards. And we think that's a very good backdrop for our business and our organizational role. I think part of the thing that has allowed us to capitalize on that well is I think that our team has a great story and great delivery on the ability to give customers, the productivity that they want and the efficacy they won't. And lots of organizations are looking for both of those. So just because it's in demand, they still want efficiency and productivity. And I think that's really the story that, that transcends. And so to answer to your core question is we think that, that is durable. We don't tend to chase sort of like the latest the latest Fed or the latest retailing is compromised. We tend to focus on like what's the long-term outlook and prospect, and we are seeing a high level of focus on customers, and we do think that we actually have durability of opportunity ahead of us.

And our next question comes from the line of Saket Kalia with Barclays. Your line is open. Please go ahead.

It's Saket Kalia at Barclays. And welcome, Tim. Corey, maybe for you. I was wondering if you could talk a little bit about the cross-selling success this year. To your point, nearly $60,000 in ARR per customer with just the bigger best in suite, as you noted. How do you sort of think about the cross-sell effort going into '22 with -- as that list of products kind of continues to expand?

We thought -- as you know, we've expanded our product portfolio over the last few years. And our focus, first and foremost, is making sure that we're making the right products that customers want to adopt. I think hands down, we nailed the formula for how do you actually deliver like highly effective sophisticated products that are also adaptable and consumable and accessible by a wide range of customers. And so we feel we actually got that right. And for that part of the equation, it was incredibly important, not just to actually cross-sell the package, but to make sure that each of those offerings could stand on their own. And we've proven that out over the last several years. Over the last year or so, you've heard me start to talk about packaging and pricing. But I'll say that now that we've actually proven that we have this "best of suite". And really what that means is customers aren't making trade-offs and quality in order to actually get the benefit of a platform and platform leverage, how do we then actually turn that into something that we can use to actually reduce friction and how customer about and frankly, reduce our cost about how we actually engage with customers? And this is where cross-sell, I think, becomes quite strategic over time. And what I'd say is that in our pilots over the last few years, we've seen the evidence we've seen the attractiveness of the customer, and we've seen the adoption. And so what I'd say is we've seen the proof points. And now from here, we're continuing with the scale of those proof points as we go forward. So it will be like it won't be 1 big thing over night, but what we'll do is we'll get better and better at actually finding the optimum mix of adoption for customers that works for customers and work for us. Now the one thing I say to keep in my socket is that when we think about adoption, we're really focused on customer adoption, not Rapid7 sales. And what that really means is we want to actually deliver technologies and sell technology to customers at the pace that they can adopt those technologies because we think that, that's what leads to the most enduring success and, frankly, the best long-term customer economics. So that's how we approach it. I think we made good progress. I still think we've got a lot of upside in front of us, but we're on the road that we want to be on.

Got it. That makes a lot of sense. Tim, maybe for my follow-up for you, since this is our first call altogether. I was wondering if you could just talk a little bit to us about what attracted you to the opportunity at Rapid7? And understanding that it's only been a month at the company, anything you want us to know just about your process or rigor when thinking about the guidance, just the overall guidance philosophy?

Yes, Saket, thanks. First, let me reemphasize I'm thrilled to be here. I guess I've known Corey, for about 5 years or so now in Jeff Kalowski, and they're first-class people. They've built a great company, which I think all of you will agree with. And so I'm really thrilled to be here. It's a very strong team in the 30-plus days that I've been here. I've had the chance to meet a lot of folks face-to-face, and you can tell they are very smart, very hard-working, very engaged, very passionate and really focused on the customer, which I think is critically important. Corey talks a lot about the culture of a company, and I think that is very important. That really does matter to me how we operate and behave and work with each other. And I think it's all very important, and it's very mission-driven. There are a lot of bad actors out there that are creating a lot of havoc to the world as we know it. And I think we're out there really trying to get in front of that and prevent a lot of that. So I'm thrilled to be here, and I look forward to working with everyone over the next several years. In terms of the guidance, we feel very good about the guidance that we put out. We think it's showing very strong growth year-over-year with the top line ARR range that we shared. And I will tell you, I think this team does an outstanding job. They are very thoughtful. They are very thorough, and it's a collaborative approach, not just of the finance team, but we reach out to the sales leaders. Our COO, Andrew Burton, is very strong and very engaged with us. And it really is a very thoughtful process, and I feel very comfortable with how it's come together, and we feel very good about the guidance that we've shared with you today.

And our next question comes from the line of Matt Hedberg with RBC Capital Markets. Your line is open. Please go ahead.

And I'll offer my welcome to Tim as well looking forward to working with you Corey, security transformation products are clearly driving a lot of your growth. And I think there's a huge focus of TAM expansion. But obviously, you still have a pretty healthy VM business. I'm wondering if you could comment on as we think towards next year, maybe the relative health of that business versus maybe some of the start trends.

Yes. So I'll talk about both of those. Let me start by saying that I think that as we go forward, it becomes less important, mostly because of the way that we actually sell and operate to actually break out security transformation of VM. As we actually continue to drive the cross-selling, the packaging and the adoption strategy, we're focus much more about how to drive productive usage and consumption for our customers or anything else. So I just wanted to give that intro. And then to address your other questions, yes, we actually are seeing great growth of security transformation, and we're seeing durable growth on the vulnerability management. And we feel very good about all the aspects of our business. As you know, we're fairly rigorous about how we think about it. So security transformation, we saw extraordinary growth last year. And we see normal growth this year, we've used the 40% number for a couple of years now, and that really goes to the durability and we see that same durability if we actually go forward into the future. And when we think about vulnerability management, we see visibility as a persistent backdrop that drives not just vulnerability management, but it's also a big driver of our cloud solutions also. And so to get to your core question is that, when we look at our complete portfolio, we see extraordinary opportunity across the entire portfolio. And most importantly, we see the opportunity to actually meet customers wherever they are in their journey. And one of the things I think our sales team is really operationalizing with the help of Andrew and a bunch of other people is this mindset that we can go in and figure out what customer's most pressing issues are and address those issues wherever they are. And then from there, we can actually expand their success with adopting other solutions.

That's great. Maybe just a really quick follow-up and it sort of touches on sort of something you mentioned in your script, but did [Log4Shell] have any impact on your Q4 growth rates? And how do you think about that as a potential demand generator sort of benefit to 2022?

Yes, that's a great question. So we treat all of these things as healthy backdrops. But keep in mind, we don't go in and sell into any type of leaching crisis. Like we're very focused on how we help customers with their long-term security program. But we think that these things do is it reminds customers about why security is important. And that's what we actually sell into is how do you actually build great security programs and the importance of security. We work very hard with our sales team to focus on the long-term aspects and not just sort of like using really painful incidents to have for our customers as the reason that we go in and sell. But yet, still, they provide incredibly healthy backdrops for customers to understand why security is incredibly important.

And our next question comes from the line of Brian Essex with Goldman Sachs. Your line is open. Please go ahead.

First of all, Tim, congrats on the new role. Looking forward to working with you again. And then Corey, maybe if we could talk a little bit about the algorithm for growth throughout the year, you had really balanced land and expand between customer growth and expansion within existing customers. Are we looking at the same algorithm in 2022? And then maybe on the back of that, could you talk about investments you've made in sales and marketing, the sales force and pricing configuration that might either drive that consistency or trend it one way or another away from the historical trend?

It's a great question. I'll remind you as -- when I think about sort of like the drivers of growth, and you really alluded to the 2 of them. We do land a new customers or we're driving ARR for a customer. And we have a big focus on both with the opportunity and the TAM in front of us. It's an incredible opportunity on the ARR for customers, which is a heavy focus. What we said at our Analyst Day I think still holds today. We expect ARR per customer to actually be over the medium and longer term, a higher growth contributor than adding new customers. And it's not because adding new customers is not good. We love to add new customers. It's just that we also have so much opportunity to actually provide great service to our existing customers, and that's a heavy part of the focus. The other thing I'll remind you is that while we occasionally provide sort of like stiff, we actually don't provide structural infinites that are about how our sales teams have to actually grow. And the reason that's important is that you would actually expect sales team to actually focus allow their time and attention on customer grades, especially when we have so much potential for a customer. And so if you ask me, I'll go back to the original outlook that I gave at the Analyst Day last year, is that, listen, we think that we can actually grow ARR per customer and consistently drive that forward. And we actually think that we can grow also new customers, but it won't be at the same pace over the medium term and the for customer growth. That said, last year, we were quite happy with the dynamics. And if the dynamics flip around this year, we're filing that too is not something that we're managing. We're really managing the quality of our customer adoption.

Got it. Super helpful. And maybe just a follow-up. I guess, jump ball on this one, given that Tim has only been there a short time. But on the TAM, what -- how do you think about the way that your customers are thinking about cloud security spend. And I know some of your peers have talked about 5% to 6% of total cloud IT spend should be the number, but it's still an evolving market? And I think pricing still has to be worked out, but any kind of reconciliation there in terms of where there might be upside, downside to your TAM estimates and how you kind of thought about addressing the opportunity there?

Yes. I'll start. We tend to be pretty pragmatic with TAM estimates, and we revised over time. I think we revised it again in this deck, if you look at some of the materials. And the way that we actually think about it is it's really based on what we think the realistic potential is for customers, and we were osteotome. As you said, cloud is still early in general. I mean we're still early in the overall cloud adoption cycle for customers. We're still early in the types of services that customers are adopting. And yet, still, we're seeing both good success, and it's something that we're incredibly excited about. And so I think cloud is one that you could absolutely have revisions in the future, but it's premature to do that sort of today because, again, we want this tax to be durable with customers. And so I would say that our cloud estimates that we just updated are very good, and we feel great about today. But the cloud market is evolving. So you can expect that to be as it evolves, something that as a intense, we'll revise that in the future.

Brian, let me -- this is Tim.

Yes, go ahead, sorry.

Let me just add to a comment Corey made earlier is that you're really capturing the mind share now of the C-level suite and at the board level and certainly at audit committee levels this broader framework of cybersecurity and what are we doing and how do we feel about our environment is top of mind right at the level where you want to be. And my experience has been over the past couple of years, you see folks really willing to invest more because the downside of having an event far outweighs the additional investment that they want to put to work.

And our next question comes from the line of Fatima Boolani with Citi. Your line is open. Please go ahead.

Tim, very nice to telephonically meet you. Corey, I have one for you and one for Tim. So I'll start with you. You alluded to the international performance in your prepared remarks. So I just wanted to peel that onion back a little bit. You've now seen 4 straight of accelerating growth in your Rest of World execution. So I'm curious if you can take a step back and share with us any notable drivers or any patterns of observable strengths, whether that is concentrated in certain countries or certain geos or any particular products that are really driving the bus on some of your international performance and the acceleration in international business? And then my follow-up question.

Absolutely, Fatima. So it's a great question. I would highlight probably 2 things. It's less specific geographic. We're seeing fairly broad-based adoption. I do think one of the drivers, though, is sort of like 2 factors. One is the demand factor is that I think cybersecurity specifically the willingness to actually invest in cybersecurity program is growing. If you go back a couple of years, I used to talk about the fact that -- the -- and shareholders is sort of internalization, the global organizations did not have the same priority on cybersecurity, as you sometimes found in the U.S. to actually think that that gap is closed substantial. So I think you have a a basic driver that's there. I think the regulatory environment helps that. But also, I just think you have an environment where people are actually paying [indiscernibe] security. So I think that's a healthy demand backdrop. The second part is probably a little bit more particular to us is that we've done lots of innovation. But when we do innovation, and we launched new offerings, like I gave the stat on the call earlier when I was talking about, Jeff, is that we introduced the platform, we mean offering is available. We have new services. By and large, those new offerings and services tend to actually start their distribution in the U.S., and they send the star in our cloud U.S. instances. What's happened is over the last couple of years, we've actually got those technologies distributed around the world to more cloud instances. There's been lots of great work by our core infrastructure and platform teams. And that's kind of important in a world where like data sovereignty is more and more important. So that's a helpful unlocking potential. And then we've also invested a lot in our partner ecosystems. And our global sales team and global service team and global support team to actually support those customers around the world. So it's a combination of things that allows us to unlock the potential to meet the demand, and we're leveraging all the great stuff that we've actually invested in along the way.

I appreciate that, Corey. Tim, really quickly for you, I appreciate it's been about 30 days in the seat. But just with respect to some of your commentary around gross margins, I can see that you're still operating within your disclosed envelope. But just wondering if there are any one tiny items in the compression we saw this quarter and really how we should think about the shape of gross margins working through calendar '22, especially as some of the cloud portfolio and cloud security solutions start hitting escape velocity?

Right. No, it's a very good question. And just to remind everyone of the framework that we shared at the Investor Day about a year ago is that we expect our product gross margins to stay in the mid-70s with total gross margin in the low 70s. And if you go back and look at previous quarters, you will see some variability quarter-over-quarter, which we really attribute to product mix. We go back and we take a hard look at that. And it's important to note, and Corey and I both mentioned this earlier that we have outstanding growth this past year in the security transformation solutions growing over 50% on an ARR basis, and it now makes up the majority of that ARR. These products are earlier in the maturity curve, and we have programs in place that will drive scale and drive additional efficiencies. So again, we think it's all contained within the guidance that we've given for 2022, and we stay within that framework that we outlined about a year ago.

Thank you, everyone. And just a reminder to try to get to as many questions as we can if we can keep it down to one question.

And our next question comes from the line of Jonathan Ho with William Blair. Your line is open. Please go ahead.

Let me echo my congratulations. Just with the strong ARR per customer growth, is there a way for you to maybe parse this out a little bit more between and perhaps larger platform lands, expansion in your existing assets or maybe new product additions? I just want to get a little bit more granularity on how to think about sort of the sources of that strong ARR per customer growth.

It's a great question. Unfortunately, like there's not a several parsing that actually gets you the answer you're looking for because it actually with multiple contributors. We continue to execute well across customer segments, both big and small. As we talked about earlier, and we talked about sometimes our different products do have different ASPs. You can see on average security transformation solutions as slightly higher ASPs than VM. But again, that depends on sort of like segment and mix. You also have different trends internationally and you have distribution. What I would say, in general, to actually get to sort of like the larger trends that you can actually just think about is ultimately, over time, there'll be 2 big contributors to the ARR per customer. One is obvious cross-sell, which we talked a little bit about earlier. The second is upsell, which is about sort of like what's the usage and adoption on a per customer overall. And those are going to be like the biggest things that are actually going to drive the dynamic. And so -- and what we're seeing is some combination of all of that combined with the fact that especially if you look at cloud and IDR, they do have higher ASPs as we continue to have success there, that actually matters.

And our next question comes from the line of Michael Turits with KeyBanc. Your line is open. Please go ahead.

Congrats on the quarter, and Tim, welcome. I want to come back to the cost the cross-sell question that Saket started with. Corey, I love at Analyst Day, you said 22% of your customers and multi-platform sales. Is there an update on that and where it's going? And importantly, can you talk about what are the specific products that most often are sold together? And how are you going about packaging multiple products together in order to get those multiple product sales?

Yes. So it has continued to actually improve. I don't have an update to give it at this moment, and we'll give it episodically. But it has continued to improve. And really, what you're seeing right now are clusters that in some ways align with how we've actually done some of our early packaging pilots and some of the things that resonate. So you definitely get cluster around IDR. We actually see IDR and SOAR and the enhanced import delivery and other things going here. So you see things like that, that's become part of the modern stock normal selling motion. We're seeing the emergence of the idea of the cloud for door where people are sort of like cloud first users and then they're thinking about their vulnerability management. And eventually, we see some key leaves where they're thinking about detection to the land upon they actually think by cloud. So again, those are early indicators. And then there are some customers that are just interested in visibility. And so they actually think about both their cloud and their vulnerability management, so like the visibility platform. And so what our sales team is actually doing right now is really working to actually operationalize emotions that they see. But again, the thing I would emphasize is that it's -- we want to be able to respond to how the customer thinks about it. And of course, we'll always have some guidance about what we see across customers. But our goal is to actually respond to our customers. So customer focus on visibility that's great. If they want to actually update them or not, that's absolutely amazing. If they want to actually operationalize everything around the cloud, they will package over time and deliver the experience. But I just give you the 3 that are the most common that I actually see the most often traction around.

And our next question comes from the line of Jonathan Ruykhaver with Baird. Your line is open. Please go ahead.

Jonathan, you might be on mute.

Sorry about that. Got it. Yes. So Corey, I would love to hear your thoughts on the competitive landscape for specifically, who you view is delivering on true enterprise-grade detection and response capability? So that's just your thoughts as the market evolves with the endpoint that you're also introducing or DR capabilities. How do you think that shakes up the space over time?

Yes. I'll talk about the attributes of it in broad categories just because we don't talk specifically about specific competitors necessarily, but the attributes of how I think about winter and next year. And there are some. I think rapper, but there's definitely other players. It's you actually have to be able to actually bring data in natively. And it has to actually be a broad set of data. It has to be endpoint data network data, log data, you have to be able to bring that in, contextualize it and then allow people to actually do 2 things with it to actually be able to do high-quality detections against that heterogeneous data set and actually very, very fast automated investigations. And we think that, that is going to be -- we think that's sort of like the key and essential, and we've had this is for a long time. And there's multiple players in the market that are actually trying to build in that direction. And I think Rapids well positioned in that market well. The second question on the direction is the endpoint players I'll ignore the branding of XDR because again, we come from different places. I'll remind the rest of these, I know you know this is that XDR is really the combination of 2 things. One, it's a proper trend to say, we can't have these gaps and these themes in terms of visibility and how we actually process information. And that's true whether you look at how we approach it from an enterprise data perspective that's also so for the endpoint players about how they approach it from an endpoint perspective, and that's also a cooper network player. So in some ways, everyone has to have the X and XDR because customers are not being successful with a highly fragmented technology and a highly fragmented security environment. So that's a natural customer-driven trend. It's how do you actually reduce the gap and the fans and visibility that allow you to operationalize. Now when it comes to the idea of how do we think about how these things intersect across. And keep in mind, many of these are our partners also is that, yes, you'll actually see a lot more bleeding in overlap. So you will actually see some of the endpoint players that actually have some storage services or some data services that can take in mall data. And by the way, we actually have endpoint data that actually takes that you're still going to end up with a pretty sizable, not like a small one, a viable gap between endpoint players' ability to actually take in all types of enterprise data at that scale, process it, organize it and do the compliance and the investigation and the enterprise-wide detection that we actually do. Likewise, by the way, is that we have great -- we have some of the best-in-class endpoint for resin technology with velociraptor with large companies and governments all over the world that use the technology. But that's not the same as actually having a comprehensive enterprise endpoint platform. And so what I would say is that it gets confusing because we may use the sign language. But the center of mass is different. Rapid7 is when we talk about XDR, we are an enterprise data platform that's allowing you to collect all the relevant data across your platform, be able to actually search that, organize that, do high-quality detections on that and then do high-quality investigations on that consumer both the internal data sources and the external data sources and then automate all those stock workloads. That is extraordinarily different than what the enterprise players are offering in the market today. And so that just gives you a little bit of flavor about what the difference is, but also one of the similar trades that we're all adapting.

And our next question comes from the line of Brad Reback with Stifel. Your line is open. Please go ahead.

Just real quick, Corey, are your customers seeing any issues with employee employment levels being able to deploy your solutions?

Yes. I mean, not to give one word answer. It's something that we're actually tracking. And that is an area of concern is that, again, we're very focused that when we sell, we measure ourselves on what we call the customer value realization. Did the customer get the promise? And one of the most frequent challenges is staffing capacity. And so it's one of the things that I probably spending the most amount of too, we have -- I think it was asked earlier, I got to ask you sort of how you think about some of your investments. I would say lots of our investments are going to actually how do we accelerate some of the investments that we're making, not just in our sales customers, but also heavily in our partner ecosystem, so that we can actually have an ecosystem that if customers can't find the resources they need, they can still get the security that they need overall. And so yes, that is a big concern of mine in our team because customers do need talent, and they're having a higher turnover. It's taking them a longer time to actually fill those gaps. And what we're doing is we're working with our partner ecosystem to actually find ways that allow them to actually still build out their security programs and they're actually building their teams. And that's quite well received for our customers.

Thank you. And this is going to conclude our Q&A session for today's conference. And I would like to turn the conference back over to Corey Thomas for any further remarks.

Well, thank you, operator. Thank you all so much for joining us today. We enjoyed it, and we appreciate your buster, and we look forward to the next one.

This concludes today's conference call. Thank you for participating. You may now disconnect.