Cyberark Software Ltd (CYBR) 2014 Q3 法說會逐字稿

Good day and welcome to the CyberArk Software third-quarter 2014 earnings conference call. Today's conference is being recorded.

At this time, I would like to turn the call over to Staci Mortenson. Please go ahead.

Thank you, operator.

Good afternoon. Thank you for joining us today to review CyberArk's third-quarter 2014 financial results. With me on the call today are Udi Mokady, Chief Executive Officer; and Josh Siegel, Chief Financial Officer. After preliminary remarks, we will open up the call to a question-and-answer session.

Before we begin, let remind you that certain statements made on the call today may be considered forward-looking statements, which reflect management's best judgment based on currently available information. I refer specifically to the discussion of our expectations and beliefs regarding our projected results of operations for the fourth quarter and FY14. Our actual results may differ materially from those projected in these forward-looking statements.

I direct your attention to the risk factors contained in the final prospective for our IPO, filed with the US Securities and Exchange Commission and those referenced in today's press release, both of which detail factors which could cause our actual results to be materially different from those projected in the forward-looking statements. CyberArk expressly disclaims any application or undertaking to release publicly any updates or revisions to any forward-looking statements made herein.

Additionally, non-GAAP financial measures will be discussed on this conference call. A reconciliation for the most directly comparable GAAP financial measures is also available in our third-quarter 2014 earnings press release, which can be found at www.cyberArk.com in the Investor Relations section. Also please note that a webcast of today's call will be available on our website in the Investor Relations section.

With that, I'd like to turn the call over to our Chief Executive Officer, Udi Mokady. Udi?

Thanks, Staci, and good afternoon, everyone.

I'd like to start by thanking all of you for joining us today on our first conference call as a public company. We are very excited to (inaudible) our IPO in September. We believe this is an important milestone for CyberArk and one that further enhances our brand awareness and increases the resources we have available to execute the Company's long-term strategy.

I'm very pleased with our strong third-quarter financial results. Our success was driven by multiple factors, including CyberArk's industry-leading solutions, our large underpenetrated available market, and our scalable go-to-market model.

CyberArk reported total revenue for the quarter of $28 million, a 66% increase over Q3 last year. For the first nine months of 2014, our revenue grew 45% compared to the same period a year ago. We also reported a strong non-GAAP income level of operations of $8.4 million, and non-GAAP net income per diluted share of $0.20.

We are seeing the return on our investments in sales and marketing programs globally. These investments are well aligned with the increasing demand for our solutions, driven by the evolving threat landscape, a sea-level imperative to stop hackers, and budget allocations for further account security across a broad set of verticals.

Josh will walk through the financial details in a moment. But, as this is our first quarter as a public company and some of you may be relatively new to our story, I will provide a brief overview of CyberArk's value proposition, our market opportunities, and our go-to-market model.

We are global leader and a pioneer of the new layer of IP security solutions that protect organizations from cyber attacks that have made their way inside the network perimeter to strike at the heart of the enterprise. Our software solution is focused on protecting privileged accounts, which have become a critical target in the lifecycle of today's cyber attacks.

Privileged accounts have been built in to just about every connected device, database, and application to provide IP staff with the ability to deploy and manage the technology. And our experience shows that an enterprise typically has at least 3 to 4 times more privileged accounts than employees. Privileged accounts act as the keys to the IP kingdom, providing complete access to and control of all parts of IT infrastructure, investor control systems, and critical business data.

To solve the immense challenge, we built CyberArk's Privileged Account Security Solution, a single integrated solution providing proactive protection and monitoring of privileged accounts to prevent privilege escalation, which can severely limit an attacker's movement. We can detect and alert on the malicious use of privileged accounts in real time. We arm our customers with actionable intelligence they need to quickly respond to an in-progress attack.

Over a decade ago, we began building our platform, starting with our core digital vaulting technology, which is a secure repository for privileged credentials. Since that time, we have added five additional products to our privileged account security solution, all sharing resources and data from our technology platform.

This approach provides our customers the flexibility to deploy one or more of our products initially for single-use case, and then expand over time to address a larger portion of the privileged account security challenge. In addition, it allows us to effectively leverage our R&D resources using agile processes to bring new products to market.

A few weeks ago, at our North American customer conference, we launched version nine of our privileged account security solution. Version nine includes our new SSH key manager product. Combined with our platform and other products, customers can now proactively secure, manage, and monitor SSH keys, as well as other privileged credentials in a single, integrated solution.

Widely used by IT teams to get privileged root access to critical UNIX systems, SSH keys are often created without any oversight or management, essentially providing ongoing, uncontrollable access to high-value UNIX-based systems. Research by Ponemon Institute shows that three out of four enterprises have no security controls in place for SSH keys, and that 51% of enterprises have already experienced an SSH key-related compromise. We are excited about the upsell opportunity for this product and also believe it strengthens our competition position in closing new business.

During the third quarter, we also introduced CyberArk's Privileged Threat Analytics 2.0. The extended analytics now includes new behavior algorithms and enhanced integration with SIM solutions.

Privileged Threat Analytics is now integrated with McAfee Enterprise Security Manager, and supports two-way integration with HP ArcSight and Splunk Enterprise. This enables customers to pinpoint privileged-based threats which were previously hidden in massive volumes of system information that organizations collect yet struggled to gain real value from. Our Privileged Threat Analytics adoption is off to a strong start, with a growing number of customers now in production.

CyberArk targets the top 10,000 plus enterprises and midsize organizations around the globe. With over 1,600 customers, including 15% of the global 2000, we are just scratching the surface in our large and expanding market.

With our proven land and expand upsell strategy, our existing customer base also provides significant opportunities for future growth. Historically at least 30% of our existing customers come back the following year and either purchase new products or add more licenses of previously developed products.

CyberArk goes to market through a high touch channel-fulfilled [hierarchal] sales model that combines the leverage of channel sales with the account control of direct sales. This approach allows us to maintain close relationships with our customers, while benefiting from the global reach of our partners. Currently, approximately 50% of our revenue comes direct and 50% through the channel.

Our business is both geographically and vertically diverse. While the Americas is our largest market, approximately 40% of our revenue comes from outside the US, mostly from EMEA and the Asia-Pacific region.

Our customers represent a wide range of verticals. Financial services is consistently our largest vertical and has historically been at least one-third of our orders. Year to date, nine verticals contributed 5% or more of our orders, compared with just seven for 2013. During the third quarter, we saw an increase in orders come from government, energy, utilities, and retail to name a few.

During the quarter, we added a number of new customers in the retail vertical. One example is a six-figure deal that came from a large US-based small-box discount retailer that purchased Enterprise Password Vault, Privileged Session Manager, and Privileged Threat Analytics. This retailer recognized the importance of securing privileged accounts as a critical part of their broader security strategy and selected CyberArk based on the breadth and depth of our solution.

Another example, a top Italian bank extended their usage of CyberArk in Q3. Following an incident earlier this year involving privileged credentials in the application server environment, they expanded their use of CyberArk to include Application Identity Manager and Privileged Threat Analytics. They also expanded their existing license of Enterprise Password Vault.

In addition to providing the bank with better security against both internal and external threats to enable them meet compliance goals set by their internal auditors, as well as those set by the Bank of Italy, European Central Bank, and the PCI DSS relation.

As I mentioned a couple of minutes ago, we held our North American customer event in mid-October. Excitement about our solutions was at an all-time high and awareness for the need for the full breadth of our offering continues to grow.

There is an increasing understanding of how CyberArk -- of how the cyber battlefield has moved inside the [natural] perimeter. In fact, our keynote speaker, former White House CIO, Theresa Payton, spoke about how critical privileged account security is to an inside-the-network security strategy. The initial reaction to our SSH key management announcement was also very positive and further validates that we continue to lead in this new critical layer of privileged account security.

In summary, we are very pleased with our third-quarter, including strong financial performance and new product releases. Our market opportunity is large and we remain optimistic about our growth outlook. As you can tell, we are very excited to be operating as a public company and are focused on building our organization for long-term success.

With that, let me turn it over to Josh. Josh?

Thanks, Udi. I will start with a detailed overview of our third-quarter financial performance and then provide some comments on our fourth-quarter and full-year 2014 outlook.

Beginning with the income statement, we generated revenue in the third quarter of $28 million, up 66% year over year and ahead of our expectations. License revenue was $16.6 million, increasing 67% over the prior year and represented 59% of the total revenue.

Maintenance and professional services revenue was $11.3 million, increasing 64% over the prior year. We continue to benefit from the significant increase in new license sales, and are over 90% renewal rate on our growing install base. We also saw an exceptionally strong quarter for our revenue from professional services as we brought -- as we were brought on by several large customers during the quarter to help accelerate their adoption of our products.

In addition to the overall strong sales execution, our top-line growth this quarter was further boosted by our ability to recognize deferred revenue, resulting from a number of bundled licenses sold earlier this year during the first and second quarter. In total, during the third quarter, we were able to recognize approximately $4.2 million in license revenue and $600,000 in maintenance and professional services from these transactions. As we look at our year-to-date results, total revenue increased 45% during the first nine months, year over year, and above the 2013 growth rate of 40%.

Looking at the business geographically, we continue to see strength weighted some to the Americas, with revenue more than doubling year over year to $18.5 million, or 66% of total revenue. EMEA revenue was $8.3 million, or 30% of total revenue, a 22% increase year over year. The balance in Asia-Pacific was $1.2 million for the quarter, a slight decrease compared to the prior-year period.

Given the size of our company, we do expect some variability by geography on a quarter-by-quarter basis due to deal sizes and timing of those deals. Looking at our geographies over nine months, the Americas represent 60% of revenue and EMEA represented 34%, with the balance coming from Asia-Pacific.

Turning to the margins, I will review our results on a GAAP basis, and where applicable, on a non-GAAP basis. Non-GAAP numbers exclude stock-based compensation expense, but please note that a GAAP to non-GAAP reconciliation can be found in the tables of our press release. Our gross profit was $24.4 million, or 87% gross margin, compared to $14.7 million, also and 87% margin in the third quarter last year.

In regards to operating expenses, we believe there is a large market opportunity in front of us. The threat landscape continues to evolve and get more complex, and privileged accounts are one of the key areas under attack. Based on this, we will continue making a significant investment in order to drive awareness and adoption, increase our direct sales force, and channel partner relationships, and continually out-innovate the competition.

Drilling down into our OpEx, research and development expenses grew 35% year over year to $3.7 million. Sales and marketing expense increased 40% year over year, to $11 million, and general and administrative expenses increased 77% to $2 million. G&A also reflects additional expenses we have begun to incur already in our transition to a public company. In total, operating expenses for the third quarter of 2014 were $16.7 million, compared with $11.7 million for the third quarter last year, for a 42% increase.

For the third quarter, GAAP operating income was $7.7 million, compared to $3 million in the third quarter of last year. Our non-GAAP operating income was $8.4 million for the third quarter, compared to $3.1 million last year in the third quarter.

This was a strong result and ahead of our expectations, driven by our revenue out-performance and keeping our expenses in line with our budget. Non-GAAP operating income for the third quarter of 2014 did exclude $686,000 of stock-based compensation expense compared with $110,000 in the year prior.

On a GAAP basis, our net income was $3.3 million for the third quarter of 2014, compared to $2.5 million for the third quarter last year. GAAP net income per share was $0.11, compared to $0.09 in the third quarter of 2013, and that's based on 29.5 million shares and 27 million diluted shares outstanding. On a non-GAAP basis, our net income was $5.9 million for the third quarter of 2014, compared to $3.3 million for the third quarter of 2013.

During the quarter, we had a financial expense of $1.1 million, primarily due to foreign exchange losses, compared to a gain of $300,000, due primarily to foreign exchange in the same period last year. As you know, foreign-exchange gains and losses can fluctuate. Our guidance does not consider any additional potential impact to financial and other income and expenses associated with foreign exchange gains or losses, as we do not try to estimate future movements in foreign currency rates.

The non-GAAP net income for the third quarter of 2014 also excludes an additional $1.9 million of non-GAAP warrant adjustment expense, compared with $647,000 in the prior year. As the warrants were fully exercised at the IPO, going forward, there will not be additional warrant adjustment expense. Non-GAAP net income per share was $0.20, compared to $0.12 in the third quarter last year.

Turning now to our balance sheet, as of September 30, we had cash and cash equivalents of $169 million, inclusive of $90.3 million in cash raised during our IPO, compared with $65.6 million as of December 31, 2013.

Deferred revenue as of September 30, 2014 was $27.7 million, compared to $24.5 million as of December 31, 2013, and $31.9 million as of June 30, 2014. The change in our deferred revenue balance from June 30 this year primarily reflects the recognition this quarter of both the license and support revenue from the first- and second-quarter deals that I discussed earlier. This is offset partially by the new deferred revenue primarily from support contracts, which continued to increase, based on our rapidly growing license revenue.

In the third quarter 2014, we generated $835,000 in cash flow from operations, compared with $6.5 million in the prior-year period. We ended the quarter with 415 employees worldwide, compared with 301 at the end of the third quarter in 2013.

Now, moving to the guidance for the fourth quarter and for the full year 2014. For the fourth quarter of 2014, we expect total revenue of $26 million to $27 million, which represent growth of approximately 30% to 35%, compared with the fourth quarter of 2013, and strong sequential growth when you normalize for the deferred revenue recognition we discussed earlier.

We expect non-GAAP operating income to range between $1.6 million to $2.5 million, and non-GAAP income per diluted share of $0.04 to $0.06. This assumes a 34.7 million diluted shares outstanding.

For the full year 2014, we expect total revenue in the range of $92.7 million to $93.7 million, or a growth of approximately 40% to 42% year on year. We expect non-GAAP operating income to be in the range of $13.6 million to $14.5 million, and non-GAAP income per diluted share of $0.29 to $0.31. This assumes a 30-million diluted shares outstanding for the year.

In closing, this was a very strong third quarter, and when combined with our outlook for the fourth quarter, we are set for having a very strong second half of the year. We are confident in both our short-term and long-term outlook for the business.

Our market opportunity continues to grow. We are seeing the positive impact from our investments in sales and products and demand drivers for privileged account security are in our favor.

I will now turn the call over to the operator for Q&A.

(Operator Instructions)

Sterling Auty with JPMorgan.

Thanks. Hi guys. I wanted to jump into a couple of areas. First, can you give us more color on the deals from the first and second quarter that came out of deferred revenue? What was the trigger that allowed the revenue recognition in the third quarter? Is there any follow-on -- is there going to be anything similar to that in the fourth quarter?

Hi Sterling, and thanks for joining the call. Yes, the $4.2 million of license revenue and the $600,000 of support and services revenue that we deferred from the first quarter into second quarter were all related to bundled license transactions. That included our newly released from December last year of the Privileged Threat Analytics product that we started to sell only in the beginning of this year.

All of those -- all of that in total amount relates to those transactions which included some of our Privileged Threat Analytics. We were able to -- we had to defer them at the time and were able to recognize them in the third quarter of this year.

We do not anticipate -- or we anticipate going forward that products that do include our privileged or licenses that do include our privileged analytics will generally be recognized as we recognize all of our other license products, at the time of delivery, barring any special circumstances. So, I would say that the catch-up of those, [definitely] with the number of deals that we did in the first half of the year and delivered that we now in the third quarter were able to recognize.

Okay. When you look at the fourth quarter, specifically the professional services and maintenance line, to charge normalize from what came in there, would you expect that line item to be up, down, or flat, sequentially?

Looking at -- we obviously don't break down our guidance going forward between the maintenance and the license. However, if we look at Q3, I would say a normalized run rate of the maintenance contract piece of Q3 would be somewhere around the $10.3 million.

That has to do with the fact that we recognized deferred really for two reasons. We recognized $600,000 of deferred maintenance and services related to the transactions I discussed, and also, we had a particularly big quarter with regard to revenue coming from projects during the third quarter, where we were asked to provide professional service days for several of our clients to accelerate their adoption. That was the rest.

That makes sense. Just one for Udi. Now that you've gone through the IPO process, it's usually a big branding and marketing event. I'm curious what kind of reaction you are seeing in the market, either to helping on sales cycles or helping you get in the door to customers that you haven't seen before, now that you've gone through the process of becoming a public Company. Any comments there would be helpful.

Definitely, Sterling. Our sales people are definitely reporting greater awareness in the field from both prospects and also channels on the CyberArk software and also the need for the new security layer, Privileged Account Security.

We also had a great opportunity to really feel it with our North American customers. We could really tell the excitement of all the customers that really selected CyberArk as a mission-critical software, and we're excited to see us as a public Company. Yes. We are seeing it as a big brand awareness that is visible in the field.

Great. Thank you guys.

Karl Keirstead with Deutsche Bank.

Hi, thanks very much. Udi, I just want to give you -- or ask a question, I should say, around your comment that you saw an uptick in orders from outside the financial services sector. I wanted to ask you, you generally run 35%, maybe 40%-ish from the financial services sector. Was that also the mix for 3Q? Can you talk a little bit about some of the traction you're getting from outside that traditional banking vertical?

I think that definitely the financial services vertical continues to be our largest, but we're really seeing it continue to be a spread. One of the unique things about CyberArk is it's the same software solution across verticals and the problem exists in every type of enterprise.

So, what we saw is actually that there are now nine verticals that have more than 5% of -- a 5% piece of the pie in our spread, and demand coming from retail and energy and other sectors. A lot of IT technology manufacturing, as well.

Okay. Maybe a question (multiple speakers).

This is basically nine verticals up from seven verticals that were over 5% last year.

Got it. Okay. That's good color. Thank you. Josh, as we think about the revenue guide for the fourth quarter, obviously, on absolute numbers, we have a sequential decline in the fourth quarter, which looks unusual. Is the right way to think about this to strip out that unusual $4.2 million catch-up on the license side? And then barring that or ex that from 3Q to 4Q, we would be looking at more normal seasonality on the license side?

The revenue that we brought in from the deferred balance were deals that were done in the first half of the year. So, this was a catch-up in one quarter, and actually, we obviously -- if it's more like it would be -- they would've spread out over the first and second quarter. And then you would have seen much closer to the typical seasonality that we've seen historically. Then, you would see that sequential increase in the fourth quarter based on the guidance. In fact, if you strip out the deferred revenue, you'll see quite a bit of sequential growth between Q3 and Q4.

Got it. Okay. Congratulations on a great first quarter.

Thank you.

Saket Kalia with Barclays.

Hi guys, thanks for taking my questions. First one for Udi, if I can. Udi, I know it's still early days, but are you seeing any trends with Privileged Threat Analytics, in terms of upsell within your existing customer base? Can you also talk about how the competitive landscape there is similar or different compared to your core EPV and PSM products?

Sure, so I'll start with the second piece. It really stands out as a major competitive differentiation out there in the market. The only vendor to really have an integrated privileged account -- privileged threat detection capability on built on the data that CyberArk analyzes. This really translates to a big differentiator in the new business, and even customers who are evaluating Enterprise Password Vault or Privileged Session Manager are very excited to hear about Privileged Threat Analytics. And they can then plan on it for future rollout, once they have the bread and butter in place.

With regards to the upsell, we're definitely see that -- we're seeing growing interest with customers. There was a lot of interest in what we announced in our version 2.0, where they can actually leverage investments that they made also in SIM solutions where we can now buy directionally collect information to give them more value also on prior investments. And the fact that they can take historical data that CyberArk has already collected for them on privileged behavior and analyze it from day one from picking up threat analytics. Of course, the customer event is always a good opportunity for us to check the pulse for the existing customer base, and we saw very strong interest from the customer base on PTA.

That's helpful. Quick follow-up for Josh. Josh, can you talk about where you are in terms of investing in the sales organization? Maybe, in terms of quota-bearing reps and where you'd like to be by the end of this year?

Yes, as you can see, we continue to increase our sales and marketing expenditure rate. We talked about our OpEx for sales and marketing going up significantly year over year; talked about it in the prepared remarks. That's really coming out mostly on headcount around account executives. For direct sales, it's coming out in our customer success teams in the US and also in the rest of world.

I think that we feel very good about the productivity based on the fact that we are able to achieve and provide guidance for year on year of 40% to 42%, and we feel very good about the productivity that we are getting out of the growth and the increase from the sales investment.

What we see is we are continuing to bring people on through the fourth quarter, and already bringing people on for the fourth quarter to attend and be with us for next year, and we continue to go along these lines next year as well, to invest in the sales side.

That's great. That's it for me. Thanks very much.

Jonathan Ho with William Blair.

Hey guys, congratulations on the strong quarter. Just wanted to start out with some of the high profile breaches that we've seen out there, [improving] privileged identity management played a role there. Can you talk about what you are seeing in terms of the pipeline in the marketplace, especially relevant to your solutions and whether you see an uptick there as result of these breaches?

The question was, the impact of recent breaches and awareness. We are really seeing it across the board, with of course, some of the retail breaches that emerged all the way from December of last year and into this year, and also breaches in the financial sector and others. There's a strong awareness in customers and there's also growing awareness validated by third-party information that what attackers are after are privileged accounts if they want to get to meaningful data.

So definitely the CyberArk approach of assuming that the walls on the outside are not going to work and that they need to protect themselves from the inside is definitely catching and being accepted. The need to really analyze anomalous behavior to detect those breaches is being made aware.

We've had specific customers where with CyberArk projects have been expanded from compliance-type projects to cyber-security-related projects, both in the personnel involved on the customer account, but also in the funding and urgency of those projects. Naturally in retail, but not just in retail. It's been cross vertical where this is perceived to be a cyber-security problem, and therefore, CyberArk is an informed part of the solution.

Got it. Got it. Can you talk a little bit about the cross-sell and upsell opportunity that you are seeing? I know you mentioned the 30%. Can you talk directionally about how multi-product customers are trending, and maybe which products you are seeing the most cross-sell and upsell with?

As we've indicated in the past, many of our customers start with Enterprise Password Vault, and closely thereafter or in first deals with our Privileged Session Manager. Of course, the rest of the product set is very much built into the cross-sell. Our Application Identity Manager as in the Italian bank example. It's a classic Enterprise Password Vault customer that had a trigger that was both compliance but also incident-related to then get into the additional dimension of securing applications. So, we are seeing that continue to grow.

We're also seeing the fruits of the customer success teams that we launched that are helping customers really make the most of the fact that it's a shared technology platform. They already have this in place, and if they want to solve other aspects of the problem, they can easily jump into it. That's really guiding those customers and pollinating them. Josh also mentioned that many customers really took a strategic approach in implementing the product deeply. So, that leads also to upsell of existing product.

Great.

Rick Sherlund with Nomura.

Thanks. First, Udi, when these big, high-profile breaches occur, does your phone ring? Is there a recognition pretty shortly after that their firewalls and the perimeter defenses aren't adequate? What's the delay before they realize that they can't -- maybe they need a belt and suspenders both?

Again, we are in a long-term business, and we've been educating the market even beyond these incidents and major breaches. Of course, a lot of our business is also driven by proactive customers that are getting ready.

What we are seeing, following the increased publicized breaches is really growing awareness. When our field team and are engaging with customers, they already get it. They are beginning to think about securing themselves on the inside. The educational level of explaining the perimeter doesn't work today, has really decreased and not just in North America, but really across the world. There's growing awareness that any enterprise could be breached, and therefore, they have to be more proactive about it.

We have seen breached entities really grasp to put things under control, especially because forensics firms that they call in to eradicate breaches recommend CyberArk to them, and to really eradicate the privileged accounts, to stop that lateral movement within their network. So, breached customers are often -- breached entities are often referred to us by forensic firms.

Are you starting to see then a shortening sales cycle, and how do the dynamics work here with a broader product line at the same time? That actually could, I suppose, lengthen the sales cycle? Or, are you seeing net-net a shortening of the sales cycle?

I think net-net, there's probably slight shortening of sales cycles. Again, because we are so geographically diverse, there are different cycles in different geographies. There's still geographies where there is more education involved. But, actually, the addition of the additional products is -- it all fits in very well. We don't see that extending sales cycles. Customers can get the full picture of what a full privileged account security can look like, and they can start with one or two of the products or they can take a blueprint that they want it all.

Thanks. Lastly for Josh on FX. Is all of the FX impact in the quarter reflected in that other income charge of $1.1 million? You said the guidance going forward does not include the presumption of any FX charges, and you're not in the business, you said, to forecast currency. But if we just were to look at currencies where they are today, are we looking at a similar $1.1 million charge in Q4, which is about $0.03 in EPS? So, if that's the case, should we take that out of the $0.04 to $0.06 guidance when we are looking at our Q4 estimates?

The first part of the question is yes, with regard to the line item that you see financial expenses net, that includes that FX charge. On a GAAP basis, it also includes the warrant expense. Non-GAAP, that would be the FX charge.

I think, going forward, when we look at Q4, we obviously, I can't predict and I can forecast, but I would -- it really depends on when -- what the movement is going on. In other words, typically it's related to our sterling and to our euro during the third quarter, with the dollar strengthening against the sterling and against the euro, so I think we would have to track. And I think the best way to look at it is thinking about the sterling and euro movement in the fourth quarter.

We do have a hedging policy which helps to curtail it, but at the same time, it depends on when we get the sale. When we get the sales and deliver versus the change in the movement in the rate. So it's very hard for me to tell at this time, to really give you an estimate on that, what that FX rate would be.

Thank you.

I guess, to just add one thing, it's not something that's related to a long-term item. It has to do with the quarter-to-quarter operations.

(Operator Instructions)

Shaul Eyal with Oppenheimer.

Thank you. Hi, good afternoon. Congratulations on strong results straight out of the gate. A couple of quick questions on my end. How many -- when we look at the $4.2 million deferred balance that was brought forward, I know Josh, can you quantify, roughly, how many deals were associated with that $4.2 million?

That we can say was roughly between 5 to 10.

Okay. That's good. That's very helpful. What was the head count by the end of the quarter?

415.

Not for the purpose of front-running yourself, but I imagine you guys are probably in the process of thinking about and planning for 2015 budget. Any preliminary thoughts you can share with us at this point? Or is it too early to even think about it with us?

Shaul, it's early to talk about it. We're not really talking on this call about 2015.

Got it. That's fair enough. Thank you. Good luck. Good work.

Thank you very much, Shaul.

Sterling Auty with JPMorgan.

Thanks, I just wanted to clarify one thing. So, you've got the $4.8 million that came out of deferred, but how should we think about the seasonal pattern of deferred revenue, if we were to normalize for that recognition? Meaning, would you typically think that deferred revenue should be up, down, or flat in the third quarter, based on seasonality of maintenance, renewals, et cetera?

Okay. I think it's also a good chance for me to back up and also talk about the deferred revenue for CyberArk. We've talked -- deferred revenue for CyberArk, we are a perpetual software Company. Deferred revenue for CyberArk comes really from two buckets.

The first bucket, and it's the majority of deferred revenue typically on our balance sheet from quarter to quarter, reflects our maintenance contracts and some professional services, as well. There is a lesser extent that we've carried over, historically, a much lesser extent of our deferred revenue reflects deals, license deals that may have to be deferred for contractual terms and for US GAAP terms from -- usually between one to three quarters, before they eventually become recognized.

So, when we think about seasonality of deferred, if we normalize of the licensed transactions and the seasonality is that our deferred maintenance should go up regularly from quarter to quarter, sequentially, because it's basically taking more and more support contracts with the increasing license base that we have from quarter to quarter.

With regard to the second component of our license, that's really a component that I can't forecast. It's a component that basically comes in each quarter. We historically have transactions that come in and we have historically each quarter, we have transactions that fall out as we are able to recognize the revenue. So, there is no seasonality, per se, on the license piece of the deferred revenue. But, on the support and maintenance piece of the deferred revenue, it should sequentially go up from first quarter to fourth quarter.

If you normalize for the recognition, I apologize, I'm not in an easy spot to do this -- but, if you normalize for the $4.8 million, would it actually have gone up sequentially?

Yes. If we normalize the $4.8 million from the Q3, it's $23.1 million of revenue, and we're providing guidance of $26 million to $27 million for Q4.

I've got you. Thank you.

Shaul Eyal with Oppenheimer.

Thank you. One quick question, one follow-up, and again, could also be very, very early days. As we all know, over the course of the past few week, Accuvant and FishNet, two major security distributors have joined hands. Have you seen any impact, have you heard anything from these guys so far? Anything from your end, how that could potentially change your business going forward?

I think it's a great question; we have not seen anything but the industry talking about it. They carry many information security products and both of them are also CyberArk resellers and both have been very good partners of ours. So far we haven't seen too much -- anything happen on their site or any change in the business, but, we are staying tuned. It's going to potentially create a very large national VAR. And again, we are partnered with both entities that are being merged.

Got it. Thank you, Udi.

That concludes our question-and-answer session. I'd like to turn the conference back over to Mr. Mokady for any closing remarks.

Great. Thank you. In closing, I would like to thank you all for joining us. I also want to take a moment to thank our employees and partners for their hard work and dedication and to thank our customers for their ongoing support of CyberArk. Thank you.

Thank you, everyone. That does conclude today's conference. We thank you for your participation.