Rapid7, Inc. (RPD) Q2 2023 Earnings Report, Transcript and Summary

Thank you for standing by. My name is Jessica, and I will be your conference operator today. At this time, I would like to welcome everyone to the Rapid7 Second Quarter Earnings Call. All lines have been placed on mute to prevent any background noise. After the speakers' remark, there will be a question-and-answer session. [Operator Instructions] I would now like to turn the call over to Sunil Shah, VP of Investor Relations. Please go ahead.

Thank you, operator, and good afternoon, everyone. We appreciate you joining us today to discuss Rapid7's second quarter 2023 financial and operating results in addition to our financial outlook for the third quarter and full fiscal year 2023. With me on the call today are Corey Thomas, our CEO; and Tim Adams, our CFO. We have distributed our earnings press release over the wire, and it is now posted on our website at investors.rapid7.com, along with the updated company presentation and financial metrics file. This call is being broadcast live via webcast, and following the call, an audio replay will be available at investors.rapid7.com. During this call, we may make statements related to our business that are considered forward-looking under federal securities laws. These statements are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995 and include statements related to the company's positioning, strategy, business plans, restructuring plan, financial guidance for the third quarter and full year 2023 financial goals for full year 2024 and the assumptions underlying such goals and guidance. These forward-looking statements are based on our current expectations and beliefs and on information currently available to us. Actual outcomes and results may differ materially from the future results expressed or implied in these statements due to a number of risks and uncertainties including those contained in our most recent quarterly report on Form 10-Q filed on May 10, 2023, and in the subsequent reports that we filed with the SEC. The information provided on this conference call should be considered in light of such risks. Actual results and the timing of certain events may differ materially from the results or timing predicted or implied by such forward-looking statements and reported results should not be considered as an indication of future performance. Rapid7 does not assume any obligation to update the information presented on this conference call, except to the extent required by applicable law. Our commentary today will primarily be in non-GAAP terms and reconciliations between our historical GAAP and non-GAAP results can be found in today's earnings press release and on our website at investors.rapid7.com. At times in our prepared remarks or in response to your questions, we may offer incremental metrics to provide greater insight into the dynamics of our business or our quarterly results. Please be advised that this additional detail may be onetime in nature, and we may or may not update these metrics in the future. With that, I'd like to turn the call over to our CEO, Corey Thomas. Corey?

Thank you, Sunil, and welcome to everyone joining us on today's second quarter 2020 earnings call. I would like to start by acknowledging the plan we announced today to restructure and optimize our organization by reducing Rapid7's employee base by roughly 18%. While it was an extremely difficult decision, we believe this step is critical to build on the momentum we're seeing in security operations and to position us to be a more profitable growth company in 2024 and beyond. I will discuss more details about the strategic rationale behind this decision and the associated financial impacts later on today's call. Let's start with our second quarter results. I'm pleased to report that Rapid7 ended the second quarter was $751 million in ARR or 14% over the prior year and delivered revenue and operating income above our guidance ranges, alongside better-than-expected free cash flow. During the second quarter, we continue to see strong and improving traction with our consolidation offerings. Customers are gravitating towards our holistic security operations stack, particularly threat complete, which unifies risk and threat management into a single integrated offering. The performance of our packages once again exceeded our expectations as over 1/3 of new ARR in the second quarter was driven by either a direct or cloud risk complete deal as customers look to increase the effectiveness and efficiency of their security programs by consolidating their vendor footprint. A great example of this consolidation was a six-figure ARR deal in the second quarter with an existing InsightVM customer that was looking to replace a legacy SIEM solution managed by an MSSP. Building on our established VM relationship, Rapid7 was uniquely able to provide the customer a comprehensive security solution and our best-in-class technology coupled with the expertise of our SOC analysts was amplified by the value proposition from our Managed Threat complete offering. We competed against many large players in the extended detection and response space. And the customer chose Rapid7 based on the strength of our automation capabilities, our security and incident response expertise and our predictable pricing model. This customer is indicative of the current environment where customers are upgrading and consolidating providers while looking for better quality services and experiences. Customer spending dynamics in the second quarter were broadly in line with our expectations with ongoing macro sensitivity, influencing customer budgets. We've optimized our sales efforts around this new normal by leaning into customers' needs for more cohesive, efficient solutions that are aligned with their resource constraints. Our strategic focus around SecOps consolidation continues to gain momentum, and we are driving, focused innovation across our core products and capabilities to accelerate customer value. We are particularly focused on integrating a frictionless cloud security experience into risk management programs for mainstream buyers. A great proof point is our recently introduced Executive Risk View, a new capability they give security practitioners unify visibility to risk across all combinations of on-premise, cloud and hybrid environments. Executive Risk View's ability to holistically assess risk and track security program effectiveness is a complete differentiator for us across VM and cloud security. It's also an example of our unique ability to add value for customers by leveraging the breadth of our Insight platform. Our expertise in helping customers secure the cloud and hybrid environment is illustrated by a six-figure competitive win in the second quarter with an enterprise manufacturing company. As an existing customer, they've built out a strong risk management program with the traditional environment with Rapid7's vulnerability management and AppSec solutions. Despite a flat budget this year, the CSO security teams needed to extend risk visibility and management into their growing cloud footprint. After an extensive POC, Rapid7's cloud security capabilities set us apart from other well-known players for multiple reasons, our ability to provide unified visibility to risk across the full environment, the integration and ease of use of our platform, and our ability to offer extensive automation, including automated remediation. Ultimately, these product differentiators, combined with the budget predictability and value proposition from our cloud risk complete offering led the customer to consolidate this part of their SecOps stack on the Rapid7 Insight platform. Turning now to our strategic areas of focus as we enter the second half of 2023 and look forward, we remain anchored on our core customer mission to make the best security operations technologies accessible to all. Let me share with you how we're optimizing to executing against this mission through our focus on the modern SOC. With the industry undergoing a customer-driven shift to consolidated security platforms, the early success around our integrated SecOps strategy is evident as our consolidation offerings track ahead of expectations. Looking ahead, we see an evolving set of critical customer dynamics in this space. First, we have noticed a customer shift from cloud security as a specialized function to cloud security as an integrated capability within security and SecOps teams. We view this as a massive demand driver for integrated SecOps and think that we have a significant opportunity to be the leader in delivering integrated risk and threat management across on-prem, cloud and external tax services. Second, as the threat landscape continues to grow in complexity, customers are showing more demand than ever for integrated expertise to support them in effectively managing their security technologies. The convergence of these key trends, security consolidation, integrated cloud security and expertise-driven outcomes are the foundation of what we view as the new modern SOC. Rapid7's focus is to be the leading provider of integrated security solutions for the modern SOC by providing risk and threat management within the context of overall security delivered as a service alongside expertise tailored to the needs of each customer. Let me walk you through three distinct opportunities for Rapid7 to support the modern SOC, and why we believe that we are optimally positioned to win. One, customers continue to upgrade from legacy log-centric detection to cloud-native detection and response programs. With over $300 million of our ARR and detection response with growth at over 25%, it is clear that customer demand is strong, and we have to establish both the scale and product leadership to win this opportunity. Two, customers can no longer treat their risk and threat functions as distinct. The modern SOC manages threats as a function of risk and vice versa. With our integrated best-of-breed capabilities across risk management and threat detection in both cloud and traditional environments, we are uniquely positioned to deliver this integrated experience to mainstream buyers. And three, customers are increasingly reliant upon both greater levels of automation and integrated expertise alongside their technology. Having built best-in-class service augmentation with our global SOC presence, we see massive potential to drive high-margin managed services, both through existing offerings and investing in accelerating our strategic managed service partnerships. With that context, let's talk about the strategic decision we announced today to restructure our organization and reorient our cost structure, and how that positions us to better execute against our strategy. We recently completed a deep analysis of our cost structure to delineate and accelerate our investments, to deliver the most comprehensive modern SOC offering for our customers. Earlier today, we announced plans to reduce our global workforce by approximately 18% and to consolidate our global facility footprint. There are two clear outcomes from this reorientation. First, it is clear that we have an opportunity to lend leaner as a business, about half of our plan changes our efficiency-related cuts that we expect to flow directly to the bottom line. These include streamlining management layers, reduction of role overlap and optimizing our own and offshore talent mix. Second, we have a compelling opportunity to strategically reallocate investment to key areas that we believe will drive the most long-term value for customers. With a vast amount of our product expansion now behind us, we can reallocate and accelerate investment in capabilities and services that customers are purchasing around the modern SOC, including our managed service partnerships. We expect these changes will meaningfully optimize our cost structure while enhancing future product capabilities and delivering a higher quality customer experience. Ultimately, these changes position us to drive strong and more profitable growth over time by aligning our investments with our customers' long-term SecOps needs, while at the same time establishing a strong free cash flow support for our business. Tim will guide you through more specific financial details later on the call. But at a high level, net of the investments we are making in strategic focus areas, we expect these measures to substantially expand our profitability profile while driving significant progress towards our midterm rule of 40 objective. Looking ahead to 2024, we believe these actions position us to deliver at least $160 million in free cash flow in 2024 and doubling from our current 2023 guidance of $80 million. Given the investment levers in our business, we have confidence in our ability to scale free cash flow in 2024. While it's premature to set any revenue or ARR growth targets for 2024, this free cash flow expectation does not assume improvement in the macroeconomic environment, and we're confident we can execute to this target even if our top line growth or to be sustained at this year's levels. Shifting our focus back to 2023. I'm pleased with the progress our team has made during the first half of 2023, laying the groundwork for us to drive ongoing customer impact with our integrated SecOp strategy, including executing to our first half growth targets. Looking to the back half of 2023, we continue to see line of sight to our original full year ARR guidance range. With that said, we believe it is prudent to establish a high confidence expectation range that accounts for a modest degree of disruption over the next three to six months as we implement the strategic realignment. As a result, we're reducing our full year ARR guidance by approximately 2% at the midpoint to account for potential disruption. This is coupled with a significant ramp in our operating margin expectations, which we will now expect to improve by approximately 700 basis points over the prior year. Tim will share more specifics on this in his comments. In summary, we continue to focus on highest value, most impactful areas of our business on behalf of customers. While the changes we announced today are difficult, we have a compelling opportunity to position ourselves to deliver stronger, more profitable growth, and we remain committed as ever to our enduring goals, help customers securely transition to the cloud, expand the capabilities and value of our Insight platform and balance strategic investments in durable growth with expanding profitability. Thank you all for joining us today. I will now turn the call over to our CFO, Tim Adams, to share additional detail on our financial results and outlook. Tim?

Thank you, Corey, and good afternoon to everyone on today's call. Thank you for joining us. Before I turn to the results, a quick reminder that except for revenue, all financial results we will discuss today are non-GAAP financial measures, unless otherwise stated. Additionally, reconciliations between our GAAP and non-GAAP results can be found in our earnings press release. Rapid7 ended second quarter of 2023 with $751 million in ARR, consistent with our expectations and growing 14% over the prior year, reflecting continued demand for our Insight platform with the strongest growth contribution coming from the high priority areas of detection and response and cloud security. We continue to see threat and cloud risk complete offerings tracking ahead of our expectations at over one-third of new ARR in the second quarter, with the benefit coming from both landing new customers and driving upgrades and expansion within our base. We also saw balanced contributions from new and existing customers in our overall business during the quarter with ARR per customer that grew 7% year-over-year to $66,500 as existing customers leverage more capabilities on our platform. We saw a nice improvement in total net customer adds ending the second quarter with nearly 11,300 customers, representing growth of 6% year-over-year. Second quarter revenue of $190 million grew 14% over the prior year and exceeded the high end of our guidance range. Product revenue grew 14% year-over-year to $182 million and was better than expected on favorable linearity in the quarter. International revenue grew 17% over the prior year and represented 21% of total revenue, while North America revenue grew 13% year-over-year. Now turning to our operating and profitability measures for the quarter. Product gross margin was 76% in the second quarter and overall gross margin was 74% and both in line with our expectations. Sales and marketing expenses represented 39% of revenue in the quarter, down from 41% in the prior year. R&D expenses were 21% of revenue, unchanged from the prior year, and G&A expenses were 7% of revenue compared to 8% in the prior year. Higher revenue, combined with slower hiring in the quarter drove stronger-than-anticipated operating income of $13 million in the second quarter. Our adjusted EBITDA was $19 million in the quarter and diluted net income per share was $0.18 better than our guided range on higher operating income. There are two additional items from the second quarter, I want to mention that our non-cash and do not affect our non-GAAP results. First, our GAAP net income reflects a $13 million noncash charge related to a capped call transaction from our 2023 convertible bonds. These bonds were retired as part of a refinancing nearly two years ago, but the associated capped calls require us to record a mark-to-market adjustment at the end of the second quarter. This capped call transaction was settled in early August, resulting in a cash receipt of slightly over $17 million. Second, as part of the restructuring plan, we will be consolidating our global real estate footprint. As a result, we incurred a noncash charge of $27 million in the second quarter related to real estate assets that we determine are not necessary to support our strategic growth objectives. Moving to the balance sheet and cash flow statement, we ended the second quarter with cash, cash equivalents and investments of $296 million. This is before the $17 million we collected in August related to the capped call transaction on our 2023 convertible bonds. Operating cash flow was $31 million, and we generated $26 million of free cash flow in the second quarter, driven by stronger profitability and more favorable collection trends. Now turning to our outlook for the remainder of the year. The restructuring plan we announced today is a focused effort to align our organization and our investments around the areas of business that are driving the most value for our customers. This was not a decision we made lightly, and we believe these actions will enable stronger and more profitable growth as we invest to meet customer demand for consolidated SecOps solutions. We expect to incur charges of approximately $24 million to $32 million related to the restructuring plan throughout the third and fourth quarters of 2023, of which the majority are expected to be cash expenditures and weighted towards the third quarter. We also expect to incur $3 million to $4 million in non-cash impairment charges from the consolidation of our real estate footprint throughout the second half of 2023. These restructuring charges will be excluded from our non-GAAP operating income and non-GAAP net income results, though the cash expenditures will be reflected in our operating cash flow and free cash flow. As such, the cash benefit of reduced head count will be offset by the associated severance-related cash charges. As a result, we are maintaining our expectation of approximately $80 million in free cash flow for the full year. As Corey mentioned, we are updating our full year ARR outlook range to $800 million to $805 million or approximately 12% to 13% in growth over the prior year. This is roughly a 2% reduction in year-over-year growth at the midpoint, which despite healthy year-to-date momentum in our business, we believe, is appropriate to account for modest disruption risk in the business as we make these important strategic changes. We are adjusting our total revenue guidance for the full year to $771 million to $775 million or roughly 13% growth. The $3 million reduction at the midpoint is wholly driven by lower professional services revenue, tied specifically to our restructuring cost actions, which we now expect should be approximately flat compared to last year. We are raising our full year operating income guidance to a range of $86 million to $90 million, which represents approximately 700 basis points of operating margin expansion over the prior year. We expect full year net income per share to be in the range of $1.23 to $1.29 based on an estimated 67.5 million diluted weighted average shares outstanding. Turning to quarterly guidance. For the third quarter of 2023, we expect revenue in the range of $196 million to $198 million, which represents growth of roughly 12% year-over-year. We expect operating income for the third quarter in the range of $29 million to $31 million and non-GAAP net income per share of $0.41 to $0.44, which is based on 71.7 million diluted weighted average shares outstanding. As we look out at next year, we expect to generate at least $160 million in free cash flow in 2024, doubling from our current 2023 guidance of $80 million. We feel good about our results year-to-date and about our ability to pursue the strategic opportunities ahead of us as a leaner, more agile company. Thank you for taking the time to join us on the call today. And with that, we will now open the call for questions. Operator?

[Operator Instructions] Our first question comes from the line of Matt Hedberg with RBC.

So just one, let's see. So I just wanted to maybe get a better perspective on the full year guide. I mean, obviously, the Q2 results were good. I just want to be clear, is the full year reduction just a function of the restructuring? Or is it that you're seeing macro trends deteriorate? Just maybe a little finer point on sort of the assumptions on the 2% reduction would be super helpful.

Very reasonable question. So the first thing is that we were really focused on looking at our cost structure, both this year, but more importantly, as we go into '24. And we decided that if we're going to have the right cost structure in the '24, this is the right time to actually make these changes. Now secondary impact is we have to really assess is what's the risk of these changes in the business. As you know, we had a back end of the year. But I would say [Indiscernible], we were trending well towards what we had set out. But when we think about the amount of change that we're doing with the 18% reduction in a back-end loaded year, we want to make sure that we actually gave a guidance range, so a very high confidence guidance range. So that was the primary driver of the change in the guidance.

Your next question comes from the line of Saket Kalia with Barclay

Okay. Great. I'll keep it to one as well. Corey, maybe for you. You talked about using this restructuring as a way to also reallocate resources. And clearly, there's a profitability benefit. But also as a way to reallocate resources to the areas where customers are seeing the most value I was wondering if you could just go one a little deeper into that. What product areas do you think are maybe going to get a little bit of increased investment? Where do you think you can get a little bit more profitability? Tell us how you thought about that?

That's the question. In fact, one of the things that we actually saw is we were seeing extraordinarily strong, healthy performance conversion rates in certain parts of our business aligned with what we actually saw with the package strategy that we actually laid out. We have to make sure that our entire organization was aligned around it. And frankly, it just wasn't. And that gave us -- this gives us the opportunity to actually get the alignment, right? The areas specifically Saket, you very this question is really I think about 3 core areas that we're really going to hope. One is what we think about the modern stock is customers are looking to upgrade their thought to drive efficiency. They need both great technology, yes, but also a consolidation play, but they also need expertise on demand. And so if you look at the investments that we're making, we're really bringing the mom and pop together, which people have to actually market their traditional environment, but they also have to really market their cloud environment, and they have both managed risk and threat. We've seen increasing demand and traction with that strategy. Frankly, the packages are actually going ahead of what we actually laid out, but there's opportunity to actually build a deeper, more integrated solution and to fully take that to market in a very compelling way. And I would say we're seeing some of the benefits of that, but we plan to accelerate the benefits. The second thing which actually alluded to in the previous statement was the accelerating our investment in continuing cloud. Cloud is that it's early evolution. It's early inning. The most important thing now is it's actually gone from a niche thing where you actually have a separate thing and as more customers focus on complex integrated environment, it needs to be a mainstream vein. Our goal is a leader in mainstream security operations where people are able to actually both monitor risk and threats across their traditional environment and their client environments and that this seamless experienced. We have great traction and great progress. But look, it’s a competitive market, we're not resting on our laurels and we actually are reallocating and refocusing our investment area. In the last area, I would just say it's more than anything a realignment focus area, as we've actually executed our strategy quite well on broadening our product portfolio. We've just actually had different experiences with different buyers of different products and services. And so we're streamlining and aligning that. That, frankly, is both an efficiency benefit, but it's a better customer experience for our customers. So those are the areas of major focus that we have.

Your next question comes from the line of Eric Heath with KeyBanc Capital Markets.

I'll ask 2 questions, if I may. Just first, I mean, Corey, can you help us just give us an understanding on kind of the type of growth profile you're setting yourself up for in '24 following this restructuring plan and the one follow up, if I may.

Yes. No. So I can answer that one pretty quick. It's way too premature to actually talk about the growth we’re about to report, mostly because I am not at all qualified to talk about what the economy is going to be like in '24. And so we'll update you on that later. I think the important thing to think about, we've made a lot of about is we knew we wanted to actually strengthen our free cash flow. We want to establish a strong foundation there. And so what we did was really pressure-tested the growth profile to make sure that it was going to be resilient, I mean the free cash flow that it would actually hit our free cash flow aspirations and targets in a lane of different scenarios. So we have a lot of confidence if we got to. What I will tell you, too, is that we're making investments in [Indiscernible] business, that as the economy normalizes, whenever that happens, we should actually see growth accelerate from where we expected to be this year. But again, it's too early to actually talk about what's going to happen in the economy. But we're definitely making the investments to actually yet to get more free cash flow and efficiency, but we plan to be a competitive grower in the market. And as the economy normalizes, our absolute focus is making sure that we're actually growing stronger than what we're seeing at this level today.

Okay. And then just on your comments about cloud, could you just maybe be a little bit more specific on where you'd like to invest in cloud security. Does this mean more kind of aggressively in the Snap space? Is that how I should think about it? And then just if you had any color on kind of how big the cloud security business is at the moment, that would be great color as well.

Yes. So we see attraction in cloud. We didn't release the specific numbers on it. What I would just say at a high level for cloud is we're actually seeing great traction. In fact, the traction has accelerated, which is part of our confidence in investing, and there's 2 different areas that I think we actually have core capabilities and strength and cloud vulnerability management, cloud annuity assessment and CSPM and cloud automation today and we have a good position in other areas. There's 2 things that we did. One, it's a continuing investment in overall cloud security to make sure that we have the leadership position there. And so there's some assets of CNA absolutely will be investment. But the other one is that cloud is to early spaces. It's not like how do you think about procurement AI in the cloud. And so it's also a nonstatic, it's a highly dynamic market. And we also want to make sure we have the investment capacity to make sure that we actually are leaning into the investment. Because of cloud, you actually have to be lean into the investments they relevant. The last thing I'd say is that we do see a big advantage and the traction that we've seen is customers are looking to manage cloud in the context of other things that we're doing in the environment, So I would say we see a major differentiator and integrated security operations management that includes cloud in the context of the traditional environment, allows people to manage our overall security footprint cost effectively. And we think that the market builds mainstream, that's a massive opportunity. And that will be one of our drivers to your previous question that actually helps us continue to actually accelerate growth as the economy normalises.

Your next question comes from the line of Matt Saltzman with Morgan Stanley.

Corey, just to start a quick one for you. When you think about the competitive landscape for Rapid7, I would assume things have certainly shifted, particularly as you broaden the product portfolio and really honed in on these bundled go-to-market motion. So I'm curious in the RFP process that you're seeing a broadening of the vendors that you're competing with and just kind of any commentary that you can give around win rates. I know it's still relatively early in terms of the bundles being in the market. But anything you can give us around win rates against kind of new competitors would be really helpful.

Yes. No, it's a good one. So look, I think the biggest new where we have to book the best. It's going to be clearly the modern stock space, that's the evolution of the SIEM market, but we also have a consolidation pipe. And you see a range of different competitors. You see the traditional SIEM players. You see some of the MDR players. You have a range of competitors. What I would say is that we're actually having a lot of traction of momentum. That's part of why we're continuing to double down in that business in that space. Conversion rates are high, the growth rate related to at-scale business is extraordinarily healthy. We're seeing lots of ability to attach around that business. And so part of what we're doing is really oriented around that modern stock, and how we based on it. So that's the first thing. And so our win rates are actually consistent and growing and high, and we feel very good. We're actually having with managed complete, I would just say, record conversion rates in that offering, which is a proxy or win rates, although we haven't publicly disclosed the limit. The second thing I would just highlight is there's 2 ways to think about the cloud space is integrated. Our strategy right now because the cloud place is both competitive expensive is we knock out the ballpark that we actually do an effective of upgrading our vulnerability management installed base, which is a special base and sticky. That's a motion that we really got focused on this year, and that's the purpose of CRC, and we're doing an extraordinary job right now with a very recent start and actually started to upgrade that CRC base. It's early. We have that vulnerability in the answer base. But we are not going out specifically trying to actually land lots of net new cloud customers because this is not the most efficient motion for us right now. we see our early momentum over the next couple of years is really upselling and upgrading our vulnerability base install base to complete -- you start to see evidence of that. I think I've talked about in the story. The pipeline building there. The conversion rates are there, we manage to do that. But that's the strategy and focus areas that we actually have there. Now inevitably, I think to really as we continue to actually build on that cloud momentum, we'll absolutely see more cloud competitors, and it's a hypercompetitive market and we'll tackle that as it comes. But to be clear, is that you talked about accelerating growth, we knock it out the ballpark by just upgrading our volatility management installed base, and that's what we're sort of currently under the focus.

Your next question comes from the line of Brad Reback with Stifel.

Corey, key percents of really large number. So as you manage the business going forward, how do you prevent I'll call it, morale breakage. And then how do we think about how long it will take to reinvest those savings back into the business?

One, you're quite right, 18% is large. Of course, we don't do this lightly. So let me just talk about how we actually thought about this. So the first thing is that from our employees, I think that we're able to say their employees today, is while we don't control it, incrementalism is not helpful to anyone. There's a lot of companies that have to do this multiple times. And so we actually kind of by about, hey, let's go deeper and actually do this once, if we have to it so that's the one thing that we have to focus on. The second thing is that we definitely like all companies have inefficiencies. We started by tech inefficiencies. The inefficiencies are absolutely a smaller number. But part of what we actually saw in the otitis next parts of our business that are actually growing quite healthily, having credible stickiness are showing great signs of the expansion and anchoring ability. And we did not have all of our team and resources aligned around that for obvious reasons, if you think about the likes of the business. And so when you think about -- you've got to do something like a risk or restructuring, you could just tackle the efficiencies, even with shallow, which actually causes more pain to employees over the longer-term frame. You can actually go a little bit different in an effort to actually do it once. And we think that's the best for employees, so they actually have some visibility in the conference moving forward. The data that gives me the most confidence in being our for most of our employees that they're excited about is that second part of actually making a hard decision to do some of the realignment that allows us to focus on the areas that people see the momentum because our employees see where we actually have momentum and us put a line in the sand that we will actually be investing behind these opportunities is a confidence builder for lots of our employees who actually looking at the opportunity in the market. So that's our decision. Make sure that our employees, we actually do this once with every new thing that we actually think its possible, making sure that we're being best in tackling the big opportunities that we're already getting progress on, and that's the type of thing that we think actually motivates and excites the employees that are actually moving more.

Corey dCurt, just on the second part of Brad's question about the timeliness of the reinvestment, we're going to be very thoughtful and very deliberate in terms of what we do. But Brad, you would expect to see some of that happening in the back half of this year and certainly carrying into next year. But again, we're very confident with that improvement in free cash flow doubling year-over-year to the $160 million that Corey mentioned earlier for next year.

Your next question comes from the line of Joel Fishbein with Truist Securities.

Just a quick follow-up on Brad's question and then one about acquisitions. You guys are reaching a point where you have easier comps going forward. And I just if you've thought about how this may impact in terms of go-to-market or talk about any impact your go-to-market, feel on the street salespeople at the restructuring might have? I know there's not focused there. And then also just as a follow-up to that, how the restructuring or focus on free cash flow might impact your acquisition strategy going forward.

So the first is that we make every effort to make sure that we actually minimize customer impact in the short term, in the midterm, it's very positive to actually customer impact. We're actually locating more people to be frontline customer-facing and engage. One way the simple way to think about the restructuring is that it's very mild impact on our quotation people are frontline support people in terms of the number of net people in the organizations that are doing customer-facing stuff. There is a lot of impact in some of the overhead that's built up in line, the management layers, the efficiency. And so that is an impact. To your point, I think part of what we actually have to look at i We have a lot of positive signals. I mean, the momentum in the business we had in Q2, we built or part. We've seen great conversion rates. But what we really wanted to balance that with is making sure that we actually take profit share, that means the risk that comes from a change of this order of management size. And so part of that is making sure that we're deeply focused on making sure we try to minimize customer any customer friction that can come along with this, have the good communication. This is also why we actually reduced the guidance range to actually make sure that our team is focused on building a long-term healthy business. But again, there's some unknowns in there to actually go through a change in a relatively tight one. So that's the setup that we actually have around that. I think that we're quite set up well to actually manage our customers engage in on the short term. But in the mid term, we actually think it will be quite successful. And you had a second question?

It was on the M&A side, free cash flow...

On the M&A side, I think there's, what, two obvious points is that, one, generating more free cash flow gives the more range of flexibilities of options about how to do that. Of course, we'll actually look at what's the best benefit for long-term shareholders. And so that's going to be a focus later. It just gives us a lot more flexibility and a lot more option selling in the business, which is why I had a really, really big focus with him and the rest of our leadership team on establishing a much stronger foundation of free cash flows going forward because it allows us a lot more on. When we do M&A, look, I can never say we'll never do anything. We have a significant bias for tech and team things that are strategically aligned and oriented. That tends to be where we actually like to play and where we actually like to focus on in M&A. But I would think about the free cash flow, it's just given us a lot more capacity and options about how to actually generate value us.

Your next question comes from the line of Shrenik Kothari with Robert Baird.

So Corey, it's good to see that your threat and cloud risk complete offerings are tracking ahead of their expectations and it had over 1/3 of your new ARR and overall better-than-expected kind of favorable linearity in the quarter. From an international revenue standpoint, it seems like it again grew quite strongly about 17%. Can you provide some -- you or Tim provide some geographical color around both the favorable linearity as well as the overall retention rates sequentially from last quarter, I really appreciate it.

Yes. I'll tag team that with Tim. So the first thing I would just say is we're seeing, last year was pressure in the international, especially EMEA, Tim talked about retention last year. I would say we've seen a very healthy stabilization and a good place to actually continue growth and help them here. And so we feel very good about what's happening in international teams. We feel very good about the execution leadership. And we think we're set up well as we actually go forward. But a lot of that is just its improvement over last year, which we had a rough '22 when it came to international. And so you saw stabilization, and now you're starting to see some improvement on the [Indiscernible] moving forward.

And I would just add, Corey, certainly, a big opportunity still internationally. The growth rate has been better -- higher than what we've seen in North America, still a huge TAM over their big opportunity. And to your point, just on retention rate, something we pay a lot of attention to, and the team does a lot of work there, and they've remained stable.

Your next question comes from the line of Jonathan Ho with William Blair.

I wanted to see if I could get a little bit of additional detail on the MSP opportunity that you referenced and just like why is the MSP opportunity a little bit more attractive than in prior periods? How does the restructuring maybe impact that as well?

Yes, it's a great question. So we've been talking a little bit for a while about partnership, the partnership focus, but also the big opportunity about MSP's. Look, the way that we see it is as customers overwhelm, and they need both technology and services. As people try to tackle for a complex security environment, there's just not enough talent and other expertise. We have to scale with a strategy of both technology that's great, well integrated as the service experience. Rapid7 does some of that. So we have no aspirations to actually love it. Two, we're actually in MSPs are great partners. And so part of what we're doing in the efficiency of the streamlining is not just internally line and our team, we're actually leaning heavily into a partner strategy that actually the partners actually requires value customers to be investing more of those partners, co-selling more with those partners, investing in integrated technology solutions and support services with those partners. But we are rotating. Our orientation used to be -- look, partners have actually grown well with our business. We have key partners that are have to do quite well. But you'll see even more of that in the future. We have some great demand with some very key strategic partners that we've already shown momentum with this year. And we see a lot of opportunities to actually partner with key folks in the ecosystem going forward. And so that's a big focus. But at the end of the day, customers need great technology, yes. They need to be integrated, but they also need service augmentation. And our strategy is to actually do that not just our sales, but [indiscernible] partners.

Your next question comes from the line of Gregg Moskowitz.

This is Mike on for Gregg here. Just 2 quick ones. So firstly, just wondering were there any changes this quarter in average sales cycles, average deal sizes or duration as compared with the Q1. And just second, what sort of ASP uplift did you see for Threat Complete and cloud risk complete this quarter?

Yes, I would say no change in Q1. If you think about Q4, Q1, Q2, it's been what we've seen. It's a pressured economic environment. Things take a little bit longer. But it's a stable trend what I would actually see. But yes, I just want to be clear, our demand outlook is healthy and stable. It's just you have an environment where customers are a little bit of pressure, and we have to be thoughtful about how that pressure manifest it. But we're also seeing things convert, we’re seeing lot of help. So we feel very good about the stable on the sub demand environment so far. Things are changed, but we feel very good about what we actually saw in Q2 and what that pertains as we actually move forward. On your second question is that the uplift that we saw on the packages was still double. It's roughly 2x. We feel good about that. We do have to do a job of managing more deals that could have -- that have higher ASPs in there. And that's also a penalty consideration we think about guidance with other banks, is roughly 2x, and that's been a positive training.

Your next question comes from the line of Gray Powell with BTIG.

So yes, maybe just one on my side. I want to make sure I had a stack right. I think you called out detection response at over $300 million in ARR with 25% growth. That's great to hear. I know you're not disclosing vulnerability management revenue anymore. But is it safe to say that that's still growing in line or maybe better than the overall VM market? Just how should we think about that mix.

Yes. So one -- I'll answer 2 questions. One, at the heart of it, when you think about competitiveness from a usage and adoption, we believe, and we're seeing healthy traction in usage and adoption of vulnerability management and new customer adoption of our bill management solutions. It gets a bit apples and oranges because this is the challenge when you actually have allocation as you do more platform sales, more solutions sales more packages. And so then you're actually attributing, and what I would just say there is that it really doesn't make sense to actually do the allocation base because, again, it's just more of an allocation based on revenue perspective. So the way that we actually are real in measuring this both this year, which again, is sort of start off a bit more challenged, but we're seeing the right ramp and the right trend in the right trajectory. But the answer we actually go forward is that we expect us to grow better than the overall vulnerability in the management market in the long term because we actually have a better overall growth profile and opportunity. Yes, we have to actually get to these near-term changes yes, the economy is in lessons. But we think we have a very healthy setup for that. And that's the main thing versus actually talking about like, how do you actually allocate dollars to line items.

Your next question comes from the line of Roger Boyd with UBS.

Corey, I'd love to go back on MSSPs for a second. A lot of your competitors in VM, cloud, SIN, et cetera, also emphasizing the growth opportunities they see in this channel. I wonder if you could just talk about the competitive environment there with MSPs and what makes Rapid7 a better partner versus some of your competitors? That would be great.

Yes, I think there's -- I appreciate that answer the question. So the first thing is when you think about MSSP, let's just talk about what they need in the fact. But the one, not all people will be successful at the pace. You're seeing a lot of movement in the market or almost every, I would say, channel partner, tech company VAR, a lot of tech companies are doing more managed services. And just to be clear, that's what customers need. So let's just understand like this is an area of core customer need. Now let's talk about why Rapid7 is ideally positioned, and while we have the lost momentum, in fact, while we put even more investment in this area. We are not interested in commodity, low-value managed services that do a poor job security for customers. We want to have world-class services that are good. We're also not interested in low-margin businesses. And so what we've actually had to really focus on over time in Rapid7 is how do you actually build an integrated platform. So the first thing I'll sell differentiation is very few people in the market actually offer integrated solutions that paying our security operations, which is what a lot of these partners are looking for. So if you think about our solution, it gives them a compelling solution that allows them to compete in detection of spots, the overall cloud security space, traditional relapse, the risk and compliance space and even now with some of our partnerships and some of our enhancements of [indiscernible], the endpoint space. It gives them the ability to go to customers with a holistic solution. That's critical, and that's what actually part of the port. The second thing that partners need to is they don't core margins. And so what we've actually built in is heavy automation for ourselves. When we look at ourselves to a lighthouse customer, we have highly competitive, highly attractive managed service and MDR solutions that have a high win rate, but also was at very, very high gross margins. And so when you think about competitive positions, we have a comprehensive solution with a lot of automation intelligence, they can be run at high gross margins, and we set ourselves up to actually partner well with those service providers. This is why we actually have lots of RAN is when we actually have tended advantage. And that's also why we're accelerating our investments in those partnerships because, yes, it's a little bit disruptive in the short term, but it gives us long-term scale in the business, and that's incredibly important to us.

Your next question comes from the line of Alex Henderson with Needham.

Just to start off with a clarification. You said your demand trends are stable and you were comfortable. But I was hoping if you could just tell us, is your pipeline as robust coming out of the June quarter as it was, say, coming out of the first quarter or out of the end of the year. So that there's no change in that trajectory as we go into the restructuring. So the change in revenue is only a function of the destabilization, not a pipeline issue. And could you talk a little bit about the linearity during the quarter? Was there any fall off in orders or closure rates late in the quarter that that we should be aware of?

Yes. Super fairful question, Alex, considering the amount of the things that we announced today. So the first thing I would just say is our overall pipeline is actually stable and our conversion rates are improved throughout the quarter. So we actually feel very good about the conversion rates. We feel good about the pipeline coming out. Again, the trends in the business are healthy from that perspective. Just to put a final point on because I think the fair question you're asking is like, a, how much of the guide down is the structural changes in risk management and how much of the guide down is sort of like just trends that you actually saw? And just to be very specific about that, is that -- it is about the structure with management. And here's what it comes out is we actually have a good opportunity. The year was already back-end loaded. We saw good trends. We actually don't -- we don't want to be overly precise about an 18% cut and what the implications of that are. And so the question that we actually exited after we decided sort of like how to set up 2024, how to set up cash flow, is what's been appropriate from a guidance perspective, knowing that we're actually going to be going through changes I would say, Alex, there's no precision that you can actually do this like take take a $1 million them only too long. We said, listen, we want to actually give a number that even with the changes that it makes to outcomes and knowing by the way, that in every quarter, I'll answer your other questions. Other question was here, we saw a great and consistent conversion rates throughout the quarter. Nothing fell off in the last week. In fact, we have had another consistent period of very strong close something. That said, is something that actually goes comes, somethings push, and that's what we expected. But in years, it's already back-end loaded, where you actually have things pushed and still close. What we didn't want to do was be over precise about what the impact of a change of this magnitude was. And so we actually asked of the question. It says, "All right, what's the range of outcomes if actually some things go well, some things don't something take longer or something push, and we actually want to have a high confidence guidance range. That was the primary driver of guidance than we actually thought.

Just one last question, if I could stick it in. The timing of these restructurings, given the announcement here in August, is most of the cost improvement then going to start kicking in, in the fourth quarter and into '24? Or do you get some of it in the current quarter?

Yes, Alex, you'll get a little bit in the in the third quarter, the majority of the team, the 18% is happening right now this week, you'll have some folks that are transitioning through the balance of the year, but then you get the full quarter in Q4. And of course, for next year as well, which you see in the free cash flow guide for next year.

Your next question comes from the line of Rob Owens with Piper Sandler.

This is Ethan on for Rob. I wanted to ask about net new customer additions. They looked pretty strong here, both on a sequential basis and a year-over-year basis. So I was kind of hoping you could add some more color there. Where did you see strength? Was it with the new packages, with the MDR services, just curious if there's anything to call out there, and why there's such a dark improvement?

Yes. It was a little bit surprising probably from what we have commented on about really rotating our focus on expanding the customer. What I would say -- and I want to just remind you is that we started with the focus first on the packages. And the follow-on motion in train and enabling was about how do we actually engage deeper and sell more into our installed base. So that motion really started in Q2. So I would expect this trend to change over time. But I'll probably look a little bit imprecise in the timing on the last call because that motion would start. But I still expect us to see, in fact, we saw a little bit more value expect to see a skew towards expansion in the installed base over the next year but we did actually, that was a follow-on motion from the package motion that we actually get to start the year. And then to answer your whole question, it's very broad-based across regions, products and territory. So I can't really localize it to one man. What I would just say is that the -- our sales team has a lot of confidence and a lot of momentum. I would say we're focusing heavy on expansion as we actually go forward. But that may rotate over at a store pace is the way that our take was in this quarter.

Your final question comes from the line of Brian Essex with JPMorgan.

Corey, I just want to follow on to that actually the last topic. I echo my congrats on some healthy net new ads here from a customer perspective. Just want to get a sense, anything you can provide us for attach rates within the installed base? How much running room do you have to go to kind of upgrade existing customers with adoption of packages. And are you seeing anything in your pipeline that's yielding greater confidence in sales productivity from a selling a platform perspective?

Yes. So I actually think we have a massive run rate. Part of what we actually saw in sometimes use work like restructuring you miss sort of like the realignment and optimization pieces, but a big opportunity that we actually see is that, look, for better or for worse, it actually work, but we actually hit the last couple of years, both through an innovation to manage development. We have relevant offerings today in areas. Yes, there's continuing work to do, but we actually put ourselves up for relevant to make sure that we're in growth markets as we actually go forward. And we have to actually do that by selling into areas that, frankly, vulnerability and management did not buy us lots of tailwinds. And when you think about the sale market, when you think about [indiscernible], you think about MDR, when you think about automation, when you think about cloud. There is a set up there, but we have to get traction. We have traction, and we actually have momentum. A part of what we're doing is restructuring is a lot of the alignment. We have not held our engine to actually really focus on expansion in the installed base. And that's an opportunity that's in front of us. So a big part of what we actually did in our baseline and we did our research, when we look at best practices and benchmarks is we actually have a lot of ground that we can actually gain this relatively straightforward for a company of our size, when it comes from the internal operationalization of how we actually expand and operationalize in our installed base. and we're applying that. It's not market size, but it's applicable, but now is the right time to actually do that because we actually have established critical minds. Keep in mind, most companies when they add new product extensions, never get critical mass. We actually have critical mass in growth areas and this is a good place to really focus about how we expand in the isolate and most of the opportunities in front of us at over $0.5 million ARR per customer and still being several hundred ARR per customer and having historically, frankly, immature processes around expansion, not a lot of focus maturing our processes, focusing on our alignment, our pricing and packaging. Those are the areas that we're focusing on, that drive that expansion in the installed base, and that is a big part of the restructuring line.

Corey and to your point, you see in that ARR per customer continues to grow, which has been very healthy, but there's so much room to grow from the mid-60s into the 100,000 numbers. A lot of headroom to go.

All right. I think that, that is all the questions that we have. I know this was a lot to cover. I'm definitely appreciate everyone's time and attention and all of you have a great evening.

Ladies and gentlemen, that concludes today's call. Thank you all for joining. You may now disconnect.