Varonis Systems, Inc. (VRNS) Q1 2017 Earnings Report, Transcript and Summary

Greetings, and welcome to the Varonis First Quarter 2017 Earnings Conference Call. [Operator Instructions] As a reminder, this conference is being recorded. It is now my pleasure to introduce your host, Staci Mortenson, Investor Relations. Thank you, you may begin.

Thank you. Good afternoon. Thank you for joining us today to review Varonis' first quarter 2017 financial results. With me on the call today are Yaki Faitelson, Chief Executive Officer; and Guy Melamed, Chief Financial Officer. After preliminary remarks, we will open up the call to a question-and-answer session. During this call we may make forward -- we may make statements related to our business that would be considered forward-looking statements under federal securities laws, including projections of future operating results for our second quarter and fiscal year ending December 31, 2017. Actual results may differ materially from those set forth in such statements. Important factors such as risks associated with anticipated growth in our addressable market; competitive factors, including increased sales cycle time; changes in a competitive environment, pricing changes and increased competition; the risk that we may not be able to attract or retain employees, including sales personnel and engineers; general economic and industry conditions, including expenditure trends for data security solutions; risk associated with the closing of large transactions, including our ability to close large transactions consistently on a quarterly basis; our ability to build and expand our direct sales efforts and reseller distribution channels; new product introductions and our ability to develop and deliver innovative products; risks associated with international operations; and our ability to provide high quality services and support offerings could cause actual results to differ materially from those contained in forward-looking statements. These factors are addressed in the earnings press release that we issued today under the section captioned forward-looking statements, and these and other important risks are described more fully in our reports filed with the Securities and Exchange Commission. We encourage all investors to read our SEC filings. These statements reflect our views only as of today and should not be relied upon as representing our views as of any subsequent date. Varonis expressly disclaims any application or undertaking to release publicly any updates or revisions to any forward-looking statements made herein. Additionally, a non-GAAP financial measure will be discussed on this conference call. A reconciliation to the most directly comparable GAAP financial measures is also available in our first quarter 2017 earnings press release, which can be found at www.varonis.com in the Investor Relations section. Also, please note that a webcast of today's call will be available on our website in the Investor Relations section. With that, let me turn the call over to our Chief Executive Officer, Yaki Faitelson. Yaki?

Thanks, Staci, and good afternoon, everyone. Q1 was a strong start for the year with license revenues increasing 38% to $19.2 million and total revenues increasing 33% year over year to $40.4 million, exceeding our projection. Growth in the first quarter was balanced. We saw solid contribution from both the U.S. and Europe and strength across new and existing customers. When we entered 2017, we were focused on building on strategic objectives, including increasing awareness and adoption of our solution, more effectively targeting companies with 1,000 or more employees who could spend more with us both in initial length as well as the extended opportunity and innovating to extend the value we delivered and extend our differentiation. During the first quarter, we successfully executing on all three of these priorities. We know that for companies big and small, managing and securing data is a big problem, and one that keeps getting bigger. We recently compiled our 2015 data risk report, which is an analysis of some of the recent risk assessment conducted by Varonis. Each year, Varonis conducts well over 1,000 risk assessments for customers and potential customers. These assessments provide insight into high risk area as well as provide recommendations on access remediation to reduce the risk profile. As you might expect, files and e-mails are most at risk and often breached because they are high value assets and usually vulnerable to misuse by insiders and outsiders that breach the perimeter. While organization focus on perimeter defenses and chasing threats, the data itself is left broadly accessible and unmonitored. 236.5 million folders containing 2.8 billion files compromising [comprising] almost 3.8 terabytes of data were analyzed, and our findings were astounding. 48.1 million folders were open to global access groups or groups that had access to the entire organization. 47% of organizations had at least 1,000 sensitive files open to every employee, 22% have 12,000 of more sensitive files. 71% of all folders contained stale data accounting for almost 2 terabytes of data, 24.4 million folders had unique permission that will require regular review to keep up to date and comply with regulation like GDPR, especially if they contain sensitive data, representing a necessary complexity. The Varonis risk assessment was performed with organizations in 12 countries across 33 industries. Our results clearly illustrate that this is a global problem that is not limited to any 1 industry vertical. Through our data risk assessment, or initial implementation, customer will begin to realize the extent of their vulnerability across multiple platform, which drives organic spend strategy. During the first quarter, we added 187 customers, and from these customers we saw larger initial commitment. 47% of our license and first year maintenance came from existing customers, which represent the highest percentage in our history. Together, these 2 metrics have emphasized that our customer lifetime value is growing and customers increasingly look at Varonis as their data security platform. To further reinforce our belief that organization need a data-centric security strategy and technology, Gartner recently published a 2017 market guide for data security audit and protection. Gartner said the challenge facing organizations today is the data is pervasive and does not stay in a single site on premises. Gartner recommends that organization implementing DCAP strategy and show these products that orchestrate data security controls consistently across all styles of source-sensitive data. Varonis was included on the short list of relevant products. We believe the increased focus on this area bring awareness to a problem we have been addressing for years, namely data access control [drift] due to the nature of digital collaboration and the limitation of existing point solution and detection capabilities to expose insider abuse and potentially compromised systems and accounts. With the Varonis Data Security Platform, you can protect enterprise data against insider threat, data breaches and cyber attacks, apart from analyze content, accessibility of data and behavior of the people and machine that access data to alert on misbehavior, enforce list privileged model and automate management functions. The need for our solutions is resonating in the market. Over the last several weeks, we have hosted nearly 2 dozen Varonis Connect events across the globe and registered attendance is approximately 70%, is approximately up 70%. Our Data Security Platform has been on display. In Europe where the Connect event where we had a lawyer discuss how to prepare for GDPR, which is a top of mind for any organization. Varonis' Data Security Platform can find the relevant data, make sure it's identified, align with business owners, lock down and regularly reviewed, used correctly and deleted when no longer needed. Our conversation with customers and prospects continue to reinforce our belief that we are uniquely positioned to help companies comply with GDPR. We expect this will be a tailwind to our business as we move through the second half of 2017 onto 2018. DatAlert continues to be the group for our vision, our message and our operational approach to creating security strategy that can detect, prevent, sustain. Ransomware, still a top concern for organizations and continue to be a reliable way to start the discussion from the CISO or CIO. In these discussions, they learn how we can help with the other pressing issues like insider threat and compliance, and they start to see our Data Security Platform as a foundation to a better security strategy. This is working especially well in companies with more than 1,000 employees. We continue to extend our Data Security Platform, and we are particularly excited about the launch of the Varonis Automation Engine that automatically finds and fixes some of the most dangerous file system security issues so that you are less vulnerable to attacks, more compliant and sustainably enforcing a list privilege model. The Automation Engine will fix hidden security vulnerabilities like inconsistent ACLs and global access, revoking unnecessary privileges that user no longer need to use, reducing our customers' overall risk profile to have them meet audit requirement much more quickly and with less manual effort. Just to give you an idea of what this means, organizations have tens of thousands, sometimes millions of folders they need to remediate with our DatAdvantage to fix a single share or file folder open to global access group without disturbing employee productivity takes three to six hours. So many organizations simply wouldn't try. To use those same 6 hours, DatAdvantage users can safely remediate over 20 shares, a 20 export activity gain. Now with Automation Engine, customer will be able to remediate entire servers, thousands of shares and folders within only few hours of manual effort. This is a thousand export activity gain, a real quantum leap. Now to set a job, the Automation Engine simply remediates thousands of folders by itself. As the Automation Engine runs, companies will close serious audit gap and attackers will no longer be able to exploit mis-configured permissions, hidden many levels down in the directory tree. We believe that this is a new level of proactive security should give our customers peace of mind that their data is protected. We also believe the Automation Engine can help accelerate that document data privilege, as fixing inconsistent permissions and global access are a prerequisite to turning access control decision over to owners. Once data owners are in charge with data privilege, data security is far more efficiently and effectively maintained. Other highlights of our 6.3.170 release includes an analytics rewind function in DatAlert, which allow customers to use DatAlert threat models to analyze past user and data activity collected by DatAdvantage and identify alerts that they would have received had they enabled this threat model in the past. This will reveal attacks that they might have missed and allow them to preemptively tune out false positives. This release also includes new DatAlert threat models that detect new suspicious mail book behavior in exchange or password resets and unusual activity from personal devices. On the go to market front, we continue to make investments to grow and sustainably scale the business through resellers and alliance partners. For example, we recently extended our relationship with NetApp. Customers store critical data on NetApp systems for their performance, stability and flexibility, can now use Varonis for security. Every company with high performance storage has a lot of data, and almost all of them have initiatives around insider threats, compliance and ransomware. Many times, all three. By connecting us with CIOs and CISOs, we'll get more opportunities to show how through Varonis, the strength of their platforms and underlying auditing capabilities can be realized, and our customers' security requirements can be addressed. We are pleased and excited to play an important role in NetApp's data fabric and hybrid cloud strategy. We remain optimistic about opportunity ahead of us, we believe we are uniquely positioned to provide the data security platform that gets at the heart of our customers' data security challenges. The investments we have made to build awareness, drive adoption and innovate are working. Our focus on execution and consistently delivering against the goals we have discussed with you is enabling us to deliver sustainable growth and drive leverage throughout the business. With that, I will turn the call over to our CFO, Guy Melamed. Guy?

Thanks, Yaki, and good afternoon, everyone. It's a pleasure to be joining the call today as the CFO of Varonis. As many of you know, I've been with the company for almost six years, most recently as VP, Finance. I'd like to take the opportunity to thank Yaki, Gili and the Board of Directors for putting their trust in me, and I'm excited to be in my new role helping to lead Varonis to the next level. We plan to continue on our path to profitability while making the necessary investments to grow the business and leverage the model to its fullest. Moving on to the quarterly results. Total revenues for Q1 were $40.4 million, an increase of 33% year-over-year. Our results reflect demand from new and existing customers in both the U.S. as well as Europe. Those results were supported by our consistently high maintenance renewal rate, which again came in at over 90%. License revenues were $19.2 million. This represents a 38% increase from Q1 '16. Our maintenance and service revenues were $21.2 million, increasing 28% compared to Q1 '16. Looking at the business geographically, U.S. revenues increased 39% to $24.4 million or 16% of total revenue. EMEA revenues were 33% of total revenues, or $13.2 million, an increase of 26%. Rest of the world revenues increased to $2.7 million, which is 7% of our total revenue. For the first quarter, existing customer license and first year maintenance revenue contribution was 47%, up significantly from 37% in Q1 '16. We continue to focus on expanding our relationships with existing customers as well as increasing the number of new customers. During the quarter, we added 187 customers. We are pleased to see our new customers making larger initial commitments to us as we continue to focus on attracting companies that have more than 1,000 employees. As of March 31, 2017, 49% of our customers had two or more product families, up from 45% as of March 31, 2016. This positive trend validates our focus on innovation and expanding the use cases for our product. Before moving on to the profit and loss items, I would like to point out that I'll be discussing non-GAAP results going forward, unless otherwise stated. For Q1 '17, that excludes a total of $4.4 million in stock-based compensation expense and $402,000 of payroll tax expense related to stock-based compensation. Please note that a detailed GAAP to non-GAAP reconciliation can be found in the tables of our press release, which is available on our website. Gross profit for the first quarter was $36 million, representing a gross margin of 89%, in line with our gross margin in Q1 '16. Turning to operating expenses, during the first quarter, we made some additional investments in the business, which among others included supporting our growth and maturity in Europe, GDPR initiatives, as well as ongoing investments to support growth in the U.S. In addition, we're always investing in innovation, expanding our security data analytics platform, and the launch of the Automation Engine, which Yaki discussed earlier, is a great example of this. That being said, we are doing so in a thoughtful and measured way so that we can capitalize on the large opportunity in front of us, expand our total addressable market and at the same time realize leverage in the business. Operating expenses totaled $42.2 million in the first quarter compared to $35.2 million last year, an increase of 20%. As a result, operating loss was $6.2 million, or an operating margin of negative 15.4%, for the first quarter. This is a significant improvement compared to an operating loss of $8.1 million, or an operating margin of negative 26.5% in the same period last year. As you know, foreign exchange gains and losses can fluctuate. During the quarter, we had financial income of $469,000 compared to financial income of $645,000 in Q1 '16, primarily due to larger foreign exchange gain. Our guidance does not consider any additional potential impact to financial and other income and expense associated with foreign exchange gains or losses, as we do not estimate the movements in foreign exchange currency rates. Net loss was $6.1 million for the first quarter of 2017 or a loss of $0.23 per basic and diluted share compared to net loss of $7.6 million or a loss of $0.29 per basic and diluted share for the first quarter of 2016. This is based on 27 million and 26.1 million basic and diluted common shares outstanding for Q1 '17 and Q1 '16, respectively. Looking at the balance sheet, we ended the quarter with approximately $121.3 million in cash, cash equivalents and short-term deposits. During the quarter, we generated positive operating cash flow of 8.3 million compared with 5.4 million in Q1 '16. We ended the quarter with 1,148 employees, a 16% increase from 989 at the end of the first quarter 2016. In comparison to the prior quarter, we added 50 additional employees. We have continued to increase our headcount to grow the business and realize productivity improvements as we scale. Moving to guidance, for the second quarter of 2017, we expect total revenues of $47 million to $47.8 million. We expect our non-GAAP operating loss to range between $2 million and $1.6 million, and non-GAAP loss per basic and diluted share of $0.09 to $0.08. This assumes a tax provision of $300,000 to $500,000 and 27.2 million basic and diluted common shares outstanding. For the full year 2017, we are raising both our revenues and profit guidance and are pleased that we are now expecting to deliver non-GAAP operating profit. We now expect total revenues in the range of $201 million to $204 million, representing year-over-year growth of approximately 22% to 24%. We expect our non-GAAP operating income to be in the range of breakeven to $1.5 million and non-GAAP net loss per basic share of $0.03 to a non-GAAP net income per diluted share of $0.01. This assumes a tax provision of $1.4 million to $1.7 million. It also assumes 27.2 million basic and 30.5 million diluted common shares outstanding. We also continue to expect to generate positive cash flow from operations for 2017. In closing, Q1 was a strong start to the year, and we are pleased with the growing market awareness and adoption of our products. The investments in the business are paying off as evidenced by the strong Q1 cash flow from operations, positive trends in the customer satisfaction metrics and the leverage in the business, enabling us to provide non-GAAP operating profit guidance for the full 2017 year. With that, we'll be happy to take questions. Operator?

[Operator Instructions] Our first question is coming from the line of Gur Talpaz with Stifel.

So Yaki, I wanted to ask about GDPR. You talked a lot about it on the call, but perhaps you could elaborate a bit and tell us how you're positioned here to take advantage of it. Now are you starting to see any sort of impact yet from GDPR? Or is it still a bit too early?

Gur, it's, revenue impact, it's a bit too early, but what's going on with GDPR, the way the regulation is really is structured, it's addressing data and the scope of the actual solution and the implication if you are not going to solve it. So this is not something that the organizations can negotiate. And the other thing that we see is that what it did, it brought a lot of insider threat and data-centric security discussion from the business to IT to the security people. And what we see, the way we are measuring the growth is that we just see many more C-level people talking to us, many more high-level conversations that's been initiated from a board of directors. And when they are looking at it, so much is related to the data, classifying the data, understanding who can access the data, restructuring the data, what they are doing wrong with the data and also if something is happening, very fast to know what happened. So virtually it's tailored for us. It always takes time. But what we learned is like with the overall adoption curve that we saw in North America, we just, it's hard to really understand when you'll see the breakthrough, but we just see that just the overall conversations with customer, we see who is showing up to our marketing events, we just see how seriously CISOs are taking us, how we're expanding with these organizations, how, it's never simple, but how simple in terms of -- to justify the price. And definitely, GDPR is another very strong driver.

All right, that's helpful. And then maybe Guy, one for you. If you look at the overall numbers, license growth, you have 38%. It really stood out. Is there anything specific that happened in the quarter that drove upside or just general strength that you saw across the board?

So, Gur, that we've been delivering on what we've been saying and we always believe in the business and we always say take a multi quarter view, and we believe that we can grow, and we just feel very good about the first quarter. We felt it was great momentum, and we're happy with the result.

That's great, thanks a lot and Congrats again.

Thank you. The next question is coming from the line of John DiFucci with Jefferies. Please proceed with your question.

This is Julian Serafini on for John DiFucci. So I guess one question I wanted to ask you guys is on the new customer additions, right, you talked about, I think, 187 customers being added, which is a little lower than in past quarters. Is that strictly a function of just like larger deal sizes and pursuing larger customers? I guess I'm hoping you can kind of elaborate on, I guess, maybe the sales pipeline or the deal size and kind of give some -- shed some light on that.

I think that there are really two main drivers to that. One, the company, because the market is slowly but surely coming to us, we just went up market. So most of the efforts of most of the reps is 1,000 plus. Even most of them are 2,000 plus organizations. And even our inside -- even our inside sales team that were selling to 50 users, 100 users, going up to 200 users, 300 users and 400 users, and this is one. The second thing was many customers in the last two years -- and we were selling a lot to operations before to CTOs. And now we sell much more to CISOs, to security people. So we went -- we have this tremendous asset for customer base, and we just find the CISOs, and we are selling to them. And this is how you see the expand -- how we expand within the customer base. So these are really the two drivers. And within these two -- within this situation, we believe that the 187 customers that we brought is a very good number for customers.

That makes sense. And I guess one question I wanted to ask, maybe it's for Guy. So you're forecasting it to be profitable on the operating income line this year, so how do you about that longer term? Are you planning to run the business and grow that profitability? Or are you planning to maybe just reinvest in the business? Like can you kind of shed some light on that balance and how you think about that?

Of course. So first of all, we haven't changed our philosophy, and we're always very conscious on growing market share, but also bringing some of it to the bottom line. We just raised the revenue guidance for the full year, and we also raised the operating margin for the full year. So we're very happy with that. And we're really doing what we've said we would do all the time. So we're going to invest some of it back in the business, but we're very conscious on the operating margins. We've shown leverage in model and plan to continue to show leverage as we go -- as we move forward.

The next question is coming from the line of Matt Hedberg with RBC Capital Markets. Please proceed with your question.

This is actually Matt Swanson on for Matt. If I could ask one more about GDPR here. Yaki, when you're having these conversations is there anything notable as far as customers versus existing? And are there certain product sets that you feel like are really going to be the beneficiaries of this?

Thanks. Both the customer base and new prospects, it's everybody. And it's all of our product suites. It's really everything, but all the DatAdvantage, DatAlert and the DCF and the Directory Services are just -- and DataPrivilege are just answering this regulation and making customer comply with all the requirements, so it's both. It's something that is the discussion in Europe, and really every multinational, GDPR is front and center.

That's great. And then, the company has been executing so well for several quarters now. Can you talk a little bit just about the sales force coverage ratios and how you're thinking around hiring?

No, it's the same philosophy. We did everything that we said. It's a massive market. We can sell to everybody, virtually to everybody. And once you have a customer, they are buying more and more. So the key now is that the sales motion becoming more predictable. What I mean by that is it is very high percentage to land a deal if you're doing an evaluation, bringing the right stakeholders to the room, show them doing a risk assessment, doing what we call a data review, show them all the problem. It's very hard for a senior executive to leave the room and say, I'm going to ignore the problem. So we just want to make sure that we are inching forward towards profitability. This is exactly what we are doing. And we have the right management in place and then we are, in a measured way, we are increasing capacity. We see how we become 0.5 billion in sales and our strategic goal is to be a $1 billion company. We believe that many high value products can stem from our Data Security Platform, and we are always executing on our plan and executing on our vision and trying to do exactly what we said we would do.

The next question is coming from the line of Melissa Gorham with Morgan Stanley. Please proceed with your question.

This is Joshua Baer on for Melissa. Europe performed very well. So outside of GDPR, could you talk about where you are in the maturation of that market and your progress in ramping European sales capacity that helped contribute in the quarter?

Yes. In Varonis, to really understand the progress and understand the momentum, you must take a multi quarter view. You can't measure this business on a quarter-by-quarter basis. If you look throughout our history, we always executed well in the European market, and this is what we are doing. We have a great market there. We have a good team in place, and also we are well diversified within the market. GDPR is just another driver. But overall we are doing very well, and we keep expanding. So we also added a very strong leader in Germany and ramping up the team there. We have a good team in France, very good team now in the UK It's just a big market and with another very strong driver in GDPR. And the same that we are doing in all the markets, we can sell to everybody. We put the right infrastructure in place and keep expanding.

The next question is coming from the line of Greg McDowell, JMP Securities. Please proceed with your question.

Yaki, I wanted to ask about the Automation Engine product and maybe if you could just help us compare and contrast how we should think about the Automation Engine product cycle versus the DatAlert product cycle. Because I think, at the time, we didn't know DatAlert was going to become such a resounding success, and you've talked about the way it's a grown deal sizes and quote sizes and such. So I was wondering if you could just help us think through Automation Engine, how a customer would typically buy that product. Can they buy it stand-alone? Does it have to be part of DatAdvantage, maybe just a little more color would be helpful, thank you very much.

So the automation suite is we are really running the same playbook that we did with DatAlert. And when you look at those value proposition, there are two main legs. One leg is security analytics, what we are doing with DatAlert that is based on auditing, and the other leg is the remediation. So as you recall, everybody that bought DatAdvantage really bought it primarily to do remediation of access control. So in almost every organization we installed the product, well over 70% of the data people can access is not relevant for them. So with DatAdvantage, you can remediate it. And what happened really is that you have enormous productivity gains with DatAdvantage and really in most organizations 1,000 plus, maybe it's the only way that you can do it, there is still manual effort. So in order to get the value, organizations really needed to allocate resources, sometimes a professional service center. And what we did with the Automation Engine, you're coming in without any human intervention. You can take tremendous amounts of data sets, say what is the desired configuration and remove all the global groups. And workers' access control is -- usually this is the lion's share of the problem. This is tremendous. Think about it. And with DatAlert, what happened is we have these threshold alerts and we saw the customer needs more, much more sophistication. This is the same thing that we saw with remediation. So it's -- we see that on paper, it's a fit to every customer and every prospect. Now it always take a year between we really know what is the adoption and sales force know how to sell it. But in terms of the overall story and in terms of how we believe that we designed the product, developed it and configured it, it can be a game changer to all the problem of remediating global access groups and fix broken access control in some file systems.

Great. And one quick follow-up. You announced -- or you mentioned that partnership with NetApp. And I was just wondering if you could talk through -- we all know that you have a very strong reseller channel, but we don't as often talk about the opportunity for expanding your technology partnerships. And NetApp seems like a good example of that. Could you maybe talk through the evolution of how this partnership came together and maybe what's on the table for future technology partnerships?

Yes. So throughout the years -- obviously, Rod and I came from NetApp, and we know them very well. Tom Mendoza, their Vice Chairman, is on our board. And we've always monitored a lot of data, a lot of the world's most critical and massive amount of unstructured data is on NetApp data system. And what we saw is that with ransomware and everything is this insider threat in the last year and half is becoming this top priority, and we have a lot of -- we met with a lot of the NetApp sales team and a lot of these CIOs and CISOs asking the storage vendors to provide security to the data systems. Then we start to work very closely with them and it's a spiff, so their salespeople are going to get paid on it. We are doing a lot of mutual marketing with a lot of commitment from their senior executive team, a lot of obviously commitment from our end, and we believe that they have a very compelling data fabric solution and vision, and we can be the security leg of the story and much more, really add a lot of value to the customer. So I just think that what happened is that their customers are starting to ask for this kind of solution, and we know them. And we just started to talk, it started to work, and we are building nice pipeline.

The next question is coming from the line of Srini Nandury with Summit Redstone Partners.

Yaki, again, on the question of GDPR, if I may. The GDPR is still 1 year away, and how do you see the business evolve over next few quarters going into 2018? And more importantly, are you planning to add resources in the geo to take advantage of this regulation? I have a follow-up, please.

It's not going to affect anything else regarding the business. What we are doing is within our just classification product and other products, we really want to make sure that we are hitting the nail on the head just with the product to things that are specific to GDPR. But the overall thing is really insider threat and data protection and malware detection and all of these things. GDPR is just another leg. But what GDPR is doing, it's just bringing the business, more awareness to the business people and more understanding of the consequences. You see what happens with, not with GDPR. And everything today that's related to cybersecurity. If you look at a massive data breach, usually there are very bad implications. And organizations are, they are all over the world are trying to [a body]. GDPR is another driver. Think about it, it's, for Varonis, it's like the ultimate marketing campaign.

But is a GDPR only for the Continental Europe? Or is it also for U.K.? Because now with the Brexit, is there any implication to U.K. itself because U.K. is your, one of your largest territories there?

This is David Gibson. That's a great question. One of the things about GDPR is it's got an extraterritoriality principle. Any organization that does business in Europe and pulls EU consumer data is subject to GDPR. So we are seeing people ask about it worldwide. I think it's really top of mind. People are starting, people ask, where do we start? How do we make sense? It's a big regulation, 99 articles, I think. And like Yaki said, it's really tailor-made for us, and they start asking the right questions.

[Operator Instructions] Our next question is coming from the line of Michael Kim with Imperial Capital.

Just going back to new customer additions, you've talked quite a bit about targeting customers with more than 1,000 employees. Could you expand on the ramp of POC activity and typically how long these POCs run, considering your time to value? And then, if your, if the conversion to POs are in line with expectations or better than your expectations.

I think that everything is according to expectations. What is really happening with the way that the market is coming to us is the probability to close a deal. And there is always pain involved in any closing deal in the enterprise space, but the products really brings a lot of value and the customer realize that they bring a lot of value, and there is a lot of values there. If you're positioning it right and you explain, it's really hitting on a lot of strategic initiatives for both, for security things, for operations things. And this is exactly what we are doing. We are doing these POCs, and we have good chances to convert a lot of them. And once we are in, as you see, we can then expand customers, are budgeting for it. And it just works very well. We are doing what we are with it. We are just doing it in a more favorable environment.

And are these typically multi product or single product POCs?

POCs usually are a multi product. Sometimes they're buying 1 product and they are budgeting for additional product for the next year. But a lot of our -- also for initial deals are multi product deals. Thankfully, we have many licenses to sell.

And just to add on that, the number of customers that have two or more product families went up from 45% last year to 49% this year. So the trend is positive.

And just on ASP, I'm not sure if you mentioned earlier, but how did that track in the quarter? And any color around ASPs?

So we provide ASP information on an annual basis. But what we're focused more is the customer lifetime value. And what we see that the targeting the larger customers is actually helping us get more dollars from those customers. We just do it in a measured way. It's part of our model, and it's working very well for us.

Our next question is coming from the line of Yun Kim with Benchmark. Please proceed with your question.

Yaki, we saw a solid execution out of Europe in the quarter. Can you just talk about how much of your business in Europe today is driven by insider threat prevention led deals or DatAlert type of deals versus the U.S.? And I am assuming that mix towards that DatAlert type of deals will increase in the second half of the year, as the implementation deadline for GDPR gets closer. Is that what you're expecting? And also, in terms of the typical deal size for GDPR driven deals, are they meaningfully higher, given that you have to address multiple platforms and require multiple product implementation?

Well, thanks for the question. Internal GDPR, as I said, it's still early to say how it's directly driving revenues. But it just drives a lot of awareness. It's always insider threat. And insider threat and a lot of malware detection. What we're starting to see in Europe is what we saw 1.5 years ago in the U.S., that it's a top priority. People really understand that the data needs to be protected and they assess what we should do in order to be protected. You could spend so much money on security and get nothing back. And the thing Varonis is -- Varonis is benefiting a lot from a very thoughtful purchasing process. If you look at many products and you decide what you need to do and where you need to place your guard and how to look at your information in order to be effective. So I can't tell you that it will be the same adoption curve and market trend as in the U.S. But we definitely see the same signs and the same trends we saw in North America 1.5 years ago.

Okay, great. And then, DatAlert obviously has been a tremendous success for you guys. You recently introduced Data Security Platform. Can we expect new product releases that leverage your recent success in the insider threat prevention and DatAlert, and also leverage your newly introduced Data Security Platform? I know you just introduced the Automation Engine. Is that part of that line and thinking? And then also, are you targeting that new product release Automation Engine specifically to existing customers? Or do you expect that product to drive new customers like DatAlert is doing right now?

We believe that a lot of high-value products can stem from our Data Security Platform. We see that data, on-prem and in the cloud and all over, it's a huge opportunity for us. And we are innovators. Look what we are doing, how we build this and what we are doing, so our plan is really to capitalize on the opportunity, and real innovation to add a lot of value to our customers and potential customers.

Okay. And finally, Guy, just a real quick housecleaning question. What should we expect in terms of CapEx spending for the year? Do you expect the CapEx spending to be up just a little bit? Or is there any big event that you're expecting this year?

So in terms of CapEx, we expect it to be several million dollars over our spend in 2016. We have some leasehold improvements in some of the offices, but not significantly.

We have reached the end of our question-and-answer session. I would now like to pass the floor back to Mr. Faitelson for any additional or concluding comments.

Before we end the call, I would like to thank all our employees for their contribution to our success this past year and all of our customers and partners for their continued support. Thank you for joining us today, and look forward to speaking with you again soon.

Ladies and gentlemen, this does conclude today's teleconference. Again we thank you for your participation, and you may disconnect your lines at this time.