Cyberark Software Ltd (CYBR) 2015 Q2 法說會逐字稿

Good day, and welcome to the CyberArk Software second quarter 2015 earnings conference call. Today's conference is being recorded. I would now like to turn the conference over to [Lisa Sheldon], Investor Relations. Please go ahead.

Thank you, operator. Good afternoon. Thank you for joining us today to review CyberArk's second quarter 2015 financial results. With me today on the call are Udi Mokady, Chief Executive Officer, and Josh Siegel, Chief Financial Officer. After preliminary remarks, we will open the call up to a question and answer session.

Before we begin, let me remind you that certain statements made on the call today may be considered forward-looking statements which reflect management's best judgment based on currently available information. I refer specifically to a discussion of our expectations and beliefs regarding our projected results of operations for the third quarter and 2015 fiscal year. Our actual results may differ materially from those projected in these forward-looking statements. I direct your attention to the risk factors contained in the company's annual report on Form 20-F filed with the US Securities and Exchange Commission and those referenced in today's press release. CyberArk expressly disclaims any application or undertaking to release publicly any updates or revisions to any forward-looking statements made herein.

Additionally, non-GAAP financial measures will be discussed on this conference call. A reconciliation for the most directly comparable GAAP financial measures is also available in our second quarter 2015 earnings press release, which can be found at www.cyberark.com in the investor relations section. Also please note that a webcast of today's call will be available on our website in the investor relations section.

With that, I'd like to turn the call over to our Chief Executive Officer, Udi Mokady. Udi?

Thank you, Lisa, and good afternoon everyone. Thank you for joining us today for the call. Q2 2015 was another exceptionally strong quarter for CyberArk. Our results exceeded our guidance across all financial metrics. CyberArk reported total revenue for the second quarter of $36.4, a 70% increase over Q2 2014, and our license revenue doubled year-over-year. We also reported strong non-GAAP net income of $6.6 million, resulting in non-GAAP net income per diluted share of $0.19. We again generated healthy demand for our platform and are capitalizing on the increasing opportunities in our pipeline.

Our business continues to be driven by the shift from tactical, compliance-driven projects to strategic approaches to implementing enterprise-wide privileged account security. This shift is enabling us to capitalize on the expanding cyber security budgets, participate in larger opportunities, and be seen as a strategic, trusted partner.

CyberArk's comprehensive and unique platform approach continues to be a strong source of competitive differentiation. Our ability to protect both password and (inaudible) credentials, isolate and protect privileged sessions, manage privileged credentials used by humans as well as by applications, all on a shared technology platform, enables our customers to protect privileged credentials throughout their organization with a single solution. Our unique continuous monitoring and real-time detection of malicious privilege activity complements our proactive controls and provides additional competitive advantage.

We now have more than 1,900 customers worldwide, and our new customer acquisition and customer cross-sell engines both performed very well again this quarter. Our top ten deals for the quarter were evenly split between new customers and existing customers that expanded their existing licenses and purchased additional products.

We are seeing a positive trend in multi-product sales to new customers. During the first half of 2015 we saw that more than 25% of our new customers purchasing three or more products, a significant increase from the prior competitive period, and there is still plenty of room for upsell and cross sell across these customers and our install base. This demonstrates strong execution against the market demand for a comprehensive privileged account security solution.

In Q2 we saw bookings more than double from multiple verticals, with the largest year-over-year growth coming from healthcare and the energy and utility markets. In fact, in Q2 our two largest deals were in the healthcare vertical. We have seen a cyber-attack in a particular vertical increase awareness and activity within that same vertical. This happened in retail as a result of the Target and Home Depot attacks. In the case of Anthem attack however, we are seeing a broader ripple effect. We believe this is driven by the fact that almost every organization stores their customers and employees' personally identifiable information, and therefore have a similar risk.

But the strength of our business continues to be from the diverse set of markets and companies we serve. In Q2 our top 10 deals came from 8 different verticals, including healthcare, financial services, manufacturing, professional services, media, energy, telecom, and consumer packaged foods. We sold to multiple Fortune 100 companies, as well as mid-tier banks, mid-cap technology companies, and smaller organizations like a community hospital and a metro US airport.

We continue to show good progress in the government market, closing multiple new business opportunities. The list includes wins in US federal agencies, state agencies and local municipalities. While we are still in the early stages of building out our government presence globally, we are having success and believe this is an excellent potential. In particular, we believe that the US federal market is underserved and see opportunities for growth in the coming quarters.

The headline about the Office of Personnel Management breach on the front page of the New York Times explained that quote, "Chinese hackers have privileged access to government systems." This put the focus squarely on privileged accounts. In addition, the federal government's 30-day cyber security sprint listed privileged account controls as one of the top priorities, along with timely patching of systems and two-factor authentication.

To help us better address this opportunity, we have invested in and recently announced that CyberArk is the first vendor to achieve common criteria certification for a comprehensive privileged account security solution. This is an important independent evaluation of the security capabilities of IT products, highly valued by the US federal and other international governments. We also launched a new marketing and sales campaign to capitalize on the heightened awareness of our new certification.

The importance of our platform, the strength of our brand and our partner network were also evident in some other key wins this quarter. For example, advisory and consulting firms continue to help us drive business as a result of proactive predation testing one of these firms conducted for a client, privileged account security was put at the top of the security to do list, along with a strong recommendation to evaluate CyberArk. Based on the advisory's work, we were able to close a sizeable deal within a few short weeks.

Third party risk continues to be a critical security concern for our customers and driver for our business. In one example, our customer was changing their IT outsourcing vendor but refused to make the switch until their new vendor implemented strong privileged account controls and monitoring from CyberArk.

Last month we held our annual customer and partner events in EMEA and in the Americas. This year we hosted nearly 500 [F&Ds] in the combined events, which is a 70% increase over last year. And reflecting the global nature of our business, F&Ds came from 28 different countries. We believe this growth in attendance is driven by the continued success of our business, but also the increasing importance of privileged account security. The primary themes at both of these events were nearly identical. Privileged account security is a strategic priority deserving immediate attention and investment, and to do it right organizations need to deploy a comprehensive solution.

In each event, presentations were delivered that explained how an organization that had suffered a cyber-attack relied on CyberArk and our team of experts to help them rebuild trust in their IT systems. And they also articulated how a proactive deployment of CyberArk would have prevented, or at least severely limited the scope and damage of the attack. It was clear from these presentations, and almost every conversation I had with F&Ds, that the privileged accounts security is a high priority for organizations, and that CyberArk's platform approach offers a very compelling value proposition.

Finally, our M&A strategy includes acquiring innovative cybersecurity companies that have strong technology. In Cybertinel we found exactly that. I am pleased to share that CyberArk has acquired Cybertinel, an approximately 20-person, Israeli-based cybersecurity company. They specialize in cyber-threat detection and their innovative technology and expert staff provide strong complementary additions to the CyberArk team. In the coming quarters our combined teams will be working to bring exciting new analytic space capabilities to market that enhance our ability to detect potential threats at the beginning stages of the attack cycle.

In summary, we continue to drive our business forward on multiple fronts. Awareness of the need for privileged account security continues to flourish as the role of compromised privileged accounts and damaging attacks becomes better understood. I am pleased with our go-to-market execution and with our R&D efforts. We are executing on our M&A strategy and we continue to extend our leadership in the privileged account security market, helping more and more organizations protect their most critical assets from cyber-attacks.

I will now turn the call over to Josh. Josh?

Thanks, Udi. I will start with a more detailed overview of our second quarter, and then I'll discuss our third quarter and full year 2015 outlook.

This was another strong quarter for CyberArk as we exceeded our guidance across all the key operating metrics. Starting with the top line, we generated revenue of $36.4 million, up 70% year-over-year. The revenues consisted of $22.3 million in licenses, increasing 100% over the prior year period and representing 61% of total revenue. It was our license growth which drove our overachievement in total revenue again this quarter. In addition to consistent return of our existing customers, we benefited from an increase in new customers making larger initial commitments to us and buying multiple products.

Maintenance and professional services revenue was $14.1 million increasing 38% over the prior year, driven by the high rate of renewals from our growing installed base, and coupled with new maintenance revenue from the licenses delivered over the last four quarters.

Looking at the business geographically, in the second quarter we saw a broad-based growth. Revenue in the Americas increased 93% year-over-year to $20.7 million, or 57% of total revenue. EMEA grew 32% to $12.3 million, or 34% of total revenue. And Asia-Pacific more than doubled to $3.4 million, or approximately 9% of total revenue.

Turning to margins, I will review our results on a GAAP business, and where applicable on a non-GAAP basis. Non-GAAP numbers exclude stock-based compensation, pro rata expenses related to the follow on offering of secondary shares that we completed in June, and warrant revaluation expenses which we reported specifically in the second quarter of 2014. Please note that a full GAAP to non-GAAP reconciliation can be found in the tables of our press release.

Our second quarter gross profit was $30.3 million, or an 83% gross margin, in line with the gross margin in the same period last year. And for the first half we maintained our 85% gross margin level. In the second quarter of 2015 licensed cost of goods sold was impacted by a relatively higher demand for our appliance product as well as a software module we currently deliver on a resale basis.

In regards to our operating expenses, we believe our success is a direct result of the increased investments we have made across all fronts, and you should expect us to continue along with our path of investing to drive growth and long-term scale, but also keeping our focus for realizing solid returns on these investments.

For the second quarter, R&D expenses grew 28% year-on-year to $4.3 million, reflecting our ongoing investments in product innovation. Sales and marketing increased 60% year-over-year to $15.4 million, and we are pleased to see the investments we have been making driving the significantly higher levels of license growth. Lastly, G&A increased 148% to $4.1 million. This growth primarily reflects increased advisory services related to operating as a public company, ongoing incremental employee-related expenses, and combined with $487,000 related to expenses for the sale of secondary shares in the follow-on offering we completed in June. In total, operating expenses for the second quarter of 2015 were $23.8 million, or a 62% increase over the second quarter last year.

Also for the second quarter we delivered bottom line results ahead of our expectations as we continued to outperform on the topline while we managed expenses in line with our budget. GAAP operating income was $6.5 million, up from $3.1 million in the second quarter of last year. Our non-GAAP operating income was $8.2 million, resulting in a 22% margin compared to $3.3 million and a 15% non-GAAP operating margin in the prior year period. Non-GAAP operating income for the second quarter this year excludes $1.1 million of stock-based compensation expense and the $487,000 in secondary offering related expenses, compared with $184,000 of stock-based compensation in the prior year period.

Net income on a GAAP basis was $4.9 million for the second quarter, up from $1.2 million for the second quarter last year. GAAP net income per diluted share was $0.14, compared to a net loss of $0.01 in the second quarter last year. On a non-GAAP basis, our net income was $6.6 million, or $0.19 per diluted share for the second quarter this year, compared to $2.4 million or $0.09 per diluted share for Q2 last year. These are based on a 35 and 27.4 million weighted average diluted share count.

During the quarter we had a financial income of $327,000 primarily due to foreign exchange gains compared with the $1.1 million of financial expense in the same period last year, mainly from warrant revaluations. As you know, foreign exchange gains and losses can fluctuate, and our guidance does not consider any additional potential impact to financial and other income and expense associated with foreign exchange gains or losses as we do not try to estimate future movements in FX rates.

Turning to our balance sheet, we ended the quarter with $283.8 million in cash, cash equivalents and short-term deposits, inclusive of the $52.7 million raised in our follow-on offering which closed in June. In the first six months of the year we generated $36.3 million in cash flow from operations, up from $12.7 million generated from operations in the first six months of last year. We ended the second quarter with 523 employees compared with 387 at June 30th, 2014, that's an increase of 136 globally.

Now, moving to the guidance for the third quarter and full year 2015. Our guidance includes the acquisition of Cybertinel, which is not expected to have a material impact to our third quarter and full year 2015 financial results. For the third quarter of this year we expect total revenue of $36 million to $37 million, or 31% growth year-over-year at the mid-point. We expect non-GAAP operating income to range between $5 million to $5.9 million and non-GAAP net income per diluted share of $0.11 to $0.13. This assumes 35.5 million weighted average diluted shares.

Our Q3 non-GAAP operating margin guidance reflects the full run rate of the headcount increases we made in the second quarter, and we expect to continue hiring in the second half of the year across all fronts, but with an emphasis on our sales, R&D and professional services teams to drive our revenue growth into 2016.

For the full year this year, we are raising our guidance and now expect total revenue in the range of $145 million to $147 million, or growth of approximately 42% year-on-year at the mid-point. We are also raising our non-GAAP operating income guidance to be in the range of $28.8 million to $30.5 million, or approximately 20% operating margin. And we are raising our guidance for the non-GAAP net income per diluted share of $0.62 to $0.65. This assumes a 35.4 million weighted average diluted shares. Our guidance reflects the strength we are seeing in our business as well as our ability to realize leverage in the investments we are making to drive growth and scale in the business.

So in closing, we had another strong quarter. We continued to experience strong momentum in the business, and believe we are extremely well positioned to continue to win in our market. With that I'll now turn the call over to the operator for QA. Operator?

Thank you. (Operator instructions) Our first question comes from Saket Kalia from Barclays Capital. Please go ahead.

Hey guys. Thanks for taking my questions here.

Go ahead, Saket.

Hey, Udi. So first maybe for you, you know you mentioned that more customers are going with multi-product deals. Besides the enterprise password vault, which I would imagine most customers start out with, what are those products that are resonating the best in some of these larger multi-product deals?

Yeah, definitely. I think we often talk about the one, two punch where a lot of our customers take EPV to vault credentials and then PSM to create the isolation layer and recording and monitoring. The kind of the third punch that we're seeing more and more is our PTA, our privileged threat analytics, is they're putting a proactive control in place and they're adding the advanced detection around it. So I would say those are probably the top three in combination.

Got it. That's helpful. And then, Josh, you know you had a pretty big quarter-over-quarter increase in deferred revenue. Was it just a very strong maintenance renewal quarter or was there maybe a higher component of deferred license this quarter than usual? Any color there would be helpful.

Yes, Saket. We had actually a very strong increase on the support and maintenance, and that comes with the territory when we're growing our licenses as fast as we're growing them. For example, with the 100% year-on-year this quarter and also in the first quarter, we also had significant growth on those license revenues, so that is one component. We did also have a stronger component than usual on the license piece going into deferred revenue, but still being within our range of what we've seen historically.

Yeah, that's helpful. And lastly, if I could squeeze it in. In a little bit more strategic way, you know we all saw CA acquire one of your competitors, Xceedium. You know, if you could just talk to us a little bit about how tough of a competitor Xceedium was standalone, and maybe what sort of impact you think this might have on the business going forward.

Sure. I think the best way to describe it in the picture is to look at the IDC report we talked about that was released late last year that really showed that they were not -- that Xceedium was not ranked very high on strategy or capability. We didn't see them much in the market and since we competed very well against -- very effectively against CA so far, we think that we'll continue to have our competitive edge. We continue to differentiate with really more products and may actually see some disruption in this acquisition.

That's very helpful. That's it for me. Thanks very much.

Thank you.

And we'll take our next question from Karl Keirstead from Deutsche Bank.

Thank you. I'll start off with a question for Udi. The Cybertinel deal, I understand it's a little bit more of a group hire than it is a classic acquisition, but could you elaborate on the strategic value of this? And in particular are these technology skills you're picking up intended to complement your current privileged access focus or does this acquisition take you into a new threat detection area where you might be competing with a host of new vendors, FireEye and otherwise? Perhaps you could elaborate. Thanks.

Sure, sure. So I'll start with the end. No, we're not getting into an area with -- into competition with FireEye and others. Actually we see them as a strong partner and we expect this to even strengthen our partnerships.

I will also say that this is not just a hire. Why? Because this group brings very advanced capabilities in detecting advanced threats. And also of course the staff is very knowledgeable in how adversaries work in the most sophisticated cyber-attacks. So we see this as a strong complement on our current focus, but as I mentioned, in the next coming quarters we are going to combine it into the privileged account security platform to bring our customers even earlier detection of cyber-attacks in the attack cycle. So it's strengthening our advanced detection capabilities and definitely bringing in IP and technology that we value, along with a great team.

Okay, good. That's helpful. And then maybe a follow-up for Josh. Josh, on the P&L, one thing that's interesting to me is that you've posted three quarters in a row of license growth in the order of 100%, yet the maintenance and professional services line is actually decelerated and grew 38% in Q2. The gap between those two lines is actually widening. Why would we see that? Should we not see maintenance and PS begin to accelerate? Thank you.

You know, the maintenance is a direct component of the license revenue. I think what we'll see is -- and the maintenance is basically in line with what we -- you know from 2014 business more than from 2015 business. And what we're going to see maintenance enjoying the license growth going from the first half of this year, which was growing at a much higher rate. And as I mentioned to Saket, we actually did get a big increase in our deferred revenues, which is aligned with the license revenue.

We're still pretty much at our average rate of close to 20% annually on our license piece, and our renewal rate is still very high at above the 90% rate. So, you know, mathematically it has to fall in line with the license growth.

Yeah, it's not like the PS portion of that revenue segment is going through any unusual change?

No, in fact over the last six months, really the last three quarters, we've seen a big increase on a year-on-year basis on our PS, in line with the big increases that we're seeing on the license revenue. And now it's kind of at a new steady state as we've been growing the license revenue at this new rate.

Got it. Understand. Okay, thank you both. Great quarter.

Thanks.

And we'll take our next question from Sterling Auty from JP Morgan. Please go ahead.

Yeah, thanks. Hi, guys. I wonder if maybe you could start with, Udi, in the press release there's some talk about the move to strategic purchases and deployment from tactical compliance. Could you give us maybe a couple of examples of customer purchases in the quarter where the technology was being deployed beyond just the IT workers and IT department for privileged account security?

I would say that in taking a strategic approach, and we saw that a lot in the two customer events, you have customers that traditionally bought our solution for compliance reasons, and would then deploy it mostly to please the auditors. The big shift that is happening is because that in every one of the major breaches, it turned out that the way to really escalate and get to the goods was to hijack privileged credentials. And so when we talk about strategic approach, they look at the entirety of their IT infrastructure and look to deploy CyberArk, and again with more than one product across that entire infrastructure. We continuously have examples where it's beyond the privileged accounts that are used by IT users, although there are thousands of those, but also we have solutions like OPM where its business users are reduced to lease privilege to limit the exposure on the endpoint and on Unix servers.

Got you. And on the acquisition, I want to make sure I'm clear. Is Cybertinel going to end up being, when you bring them in, is there going to be a new product that you're actually going to be selling to your customers based on this acquisition? Or does this just bolster the existing (inaudible) PSM, et cetera?

So from competitive advantage reasons, we're not getting into that at this point. It's going to be integrated into our technology, but it could definitely end up expanding our solution set.

Because just following up on Karl's comment, you know I think why we're jumping to that, when we all do the preliminary Google searches like that and read some of it, it all comes up as advanced persistent threat, threat detection. It has a lot of the buzz words that we see with FireEye and Palo Alto and others. So just trying to be clear in terms of, you know, how this ends up complementing your solution without stepping on the toes of the partners.

No, no. Exactly. And that is very important for us because we are not getting into the endpoint security market, and we'll continue to be complementary to those partners. What we're doing is taking their capabilities to enhance our ability to detect credential misuse. It's all in the world of how do you expand lateral movement; how do you get the ability to hijack a credential. So it's really all about providing additional value to our customers earlier in the attack chain in our world of preventing credential theft and privilege escalation. And we found that in our hands, this is going to be a logical extension of what we do. So I'm really happy to clarify that. It's going to be a different value proposition than what may turn up in Google, and we will continue to partner with the likes of FireEye and others.

Got it. Thank you, guys.

Thank you.

And next we have Jonathan Ho from William Blair. Please go ahead, sir.

Good afternoon, and congrats on the strong quarter. If I could just start out with maybe the demand pipeline and what you guys are seeing there in terms of the sustainability of demand. I think in the past you talked about sort of an inflection point, and yet as we look at guidance on, you know it seems like for the full year, there is some expectation that you'll be hitting some tougher comps. So I just want to understand, you know number one, you know how you guys think about sort of the demand environment itself. And number two, sort of the sustainability of that throughout the course of the year.

So sure, Jonathan. So yeah, I'll start and Josh can elaborate. I think we are continuing to find that privileged account security is a greenfield opportunity where most organizations in the world have not put things -- have not put any layer in place on the inside against this major attack point, that is all around their infrastructure. And so account after account we found either nothing or we're replacing something very, very tactical.

And what we saw, and as I mentioned in Sterling's question, is that more and more customers are understanding that this is -- the new reality is that they shall be breached, and what do they do in order to really prevent attackers from getting that strong hold and moving around. And so we're very bullish on the opportunity to continue to execute globally, leverage channels, and our hybrid go-to-market to bring this new layer to the front. And of course, like you mentioned, naturally we have some strong competitors but it's not a reflection of the opportunity ahead.

Yeah and, Jonathan, if I would add, and you know translate the demand environment to the pipeline, we actually are seeing really our pipeline growing for the business into the second half. We are getting a lot more visibility certainly into Q3 and as well into Q4. And you know, we are -- I think are raising the guidance to the revenue levels, the annual revenue levels that we talked about earlier in the call to $146 million, the mid-point reflecting over a 40% growth year-on-year, while also still retaining our robust 20% operating margin level, I think really indicates the confidence that we have for this demand environment and for our continued investment to be able to hit on this demand environment.

Got it. And if you can just touch on maybe the go-to-market investments that you're making. Are you able to sort of find enough people? You know, how long does it typically take for them to become productive? And just maybe give us a sense of where those investments are going.

Yeah. So as you've heard, we continue to increase our headcount dramatically, finishing the quarter at 437 people. We're seeing that headcount grow across each of the areas -- 523 people, I'm sorry. It's growing so fast it's changing as we speak. And it's growing across all the areas, and specifically sales and marketing is the fastest growing department there as well. Although I will say that we're growing the revenue business faster than we're growing that headcount, and we're really able to get great execution out of our sales teams and increasing the sales and their quotas per person as we go into 2015. So you know, there are a lot of companies out there hiring, but we feel that there's a lot of demand coming into CyberArk seeing our growth rate.

And in terms of the sales cycles, them coming on board, we actually feel that they're coming on board and being able to contribute faster than I would say 12 months ago. And part of it is they're coming in to regions with already further -- already more developed pipes, more developed pipe and also we're able to attract people who are coming from the industry and with a full Rolodex already.

Great. Thank you.

Thank you.

And next from JMP Securities we have John Lucia. Please go ahead.

Hey, guys, thanks for taking my questions. First question, it sounds like your cross selling has gone pretty well over the last several quarters, and I think last time you updated us there were about 1.5 products deployed per customer. Has that number gone up? And then where do you expect that to go over the next year or two?

So I think if we -- you know, we have such a big install base, so in order to move the needle on average we're going to have to take some more quarters, and we'll look at that again at the end of the year and report on that. But I would say one thing that we did allude to today is that we are seeing, of our new customers coming onboard, a meaningful increase of our new customers buying multiple products, including even three and more products as they come onboard.

Okay. And I had another one. Oh, go ahead.

I was just -- I would just add, from our existing customers, we're still seeing the consistency of over a third of our customers coming back and buying more products or new products as well.

Okay. And then I had another question on the Xceedium acquisition. Do you think this could be an early indicator of consolidation in the PAM space, especially as large infrastructure providers and security companies start to really realize the importance of privileged account security?

Yeah, I think it definitely shows that, again for a company like CA, they saw the strategic importance and they see that their customers are asking for this. And of course the CyberArk success is showing the growing market demand here. So again, I can't forecast the amount of smaller guys, or additional smaller guys to be picked up, but they definitely chose to go now based on the success we've had in the market.

Okay. Thank you.

And next we have Gary (sic) Powell from Wells Fargo Securities.

Great, thanks for taking the questions. Just a couple if I may. So over the last year or so, you've seen your license revenue and billings grow well in excess of the pace of your sales and marketing spend. How sustainable do you think that is? And then do you see any opportunities to further pass, or to further invest in sales and marketing initiatives?

First of all, Gray, welcome onboard in covering CyberArk.

Thanks.

But could you repeat the question? We want to make sure we got it.

Yeah, sure. So over the last year or so you've seen your license revenue and billings grow well in excess of the pace of your sales and marketing spend. How sustainable do you think that is? And do you see any opportunity to further invest in sales and marketing initiatives, or (inaudible)?

Okay, so, and that's kind of a continuation to the last question. We actually -- we are continuing to grow our sales and marketing teams very aggressively into 2015, and it's the largest grower in terms of our headcount portion. However, as I said before, we are outstripping that growth, and that's really I think reflecting a couple of things. It's reflecting first of all that, you know, we're able to attract people to get on the ground and up and running faster, and being able to hit their quota numbers faster after their recruit. And I think the other piece is that we've been able to keep our channel sales at pace with our growth, and that obviously gives us the exponential kick for being able to grow faster than our headcount growth.

Got it. Okay. And then just one more, if I may. When a customer has purchased the enterprise password vault and then comes back to purchase another product, whether it be privileged session manager or app ID, what's the typical uplift relative to that initial license purchase?

So I'll take that. This is Josh again. When we look at the second product, specifically if it's like a PSM coming in after the [APB], it could easily be the same size as the initial sale. And we see that also with some of the other products. I would say with the privileged threat analytics and the OPM it would be at some percentage of the original purchase.

Got it. All right, that's really helpful. Thank you very much.

Thank you, Gray.

From Imperial Capital we have Michael Kim. Please go ahead..

Hi, guys. So if you're looking at and comparing the Americas growth, the EMEA growth, maybe you could comment a little bit on the awareness for privileged account security in the EMEA markets. Do you see it sort of inflecting similar to what we saw in the US? And you know, clearly a lot of greenfield opportunities and just your sense of the pipeline and your visibility around that. Thanks.

Yeah, sure. That's a great question because we're definitely seeing that the awareness in the Americas, in the US and in North America has really heightened all the major breaches. And the awareness cross vertical, I think for the first time we saw that a breach in one vertical gets talked about in another vertical, and we can meet a prospect in the utility space and they will talk about a breach in the healthcare space. So in the US it's really getting there, and they've also -- a lot of prospects and customers are being more and more proactive to try to learn about what breached entities did to rebuild trust in their IT, and many of them did that with CyberArk and [go] strategic in what they do.

As we go further eastbound, I would say there's less awareness and there's much more education involved in EMEA and also in A-Pac, but it's definitely building. And again, similar things are coming up and in our EMEA customer event it really stood out that they were talking about the breach in the German parliament as a wakeup call for that market. The issues with the Polish airlines that were breached. So the approach to take privileged account security as a security issue and not -- beyond a compliance is getting there, but it's a little behind North America.

And with the previous comments about investing, your gross investments in sales and marketing, should we expect the majority or great proportion of that investment in the EMEA channel or be pretty equivalent between the Americas and EMEA?

I think one of the -- I'll take this one, Josh. You can add. I think one of the things that CyberArk is really proud about is really diversity in everything we do, geographical diversity, vertical diversity. So as we look at the opportunities, we're happy to invest in also some of the earlier markets because we know we will see those fruits come in. I think in previous calls we gave examples of how South Africa was a region where we had no personnel on our own, and as we put people in place it started to flourish, and we've seen that of course in every region that we've invested in. So it's pretty broad-based.

(Inaudible). And just one more on PTA. I guess, you know, can you comment if you're seeing a shorter sale cycle and upsell with PTA, and if that product is maturing and you know any color around the [option] cycle?

So it's very much attached to the sales cycle of our enterprise password vault and PSM and other products that come together. I think the biggest change that we're seeing is that it's more and more perceived as something customers want to include, and I mentioned the one, two and now the third punch, that they want to include in the beginning the -- as there's more awareness that this is a critical -- privileged accounts are a critical issue, let's put proactive controls on it, but it's also put the advance detection to see if there are accounts that are used that are not managed by CyberArk, or to see if there are accounts that are misused. So it doesn't have a different sales cycle from the others, but just the awareness is growing, it's in the pipeline, it's in deals, and it's increasingly a differentiation used by our sales people and by our channels.

Very good. Thank you very much.

And next we have Catharine Trebnick from Dougherty & Company.

Hi. Thank you for taking my question, and the last name is Trebnick. Udi, a quick couple of questions. One is, the vault platform is typically the first one that gets sold into the customer base. What are the two other modules that follow that upsell routine?

Yeah, so every customer starts with the privileged accounts security platform, but it's always with a product. So we typically, at a minimum, have the privileged account security vault platform, along with our enterprise password vault. And I think as we alluded, the most common next one is our privileged session manager, and now more and more -- and of course it could be followed by privileged threat analytics, AIM, OPM, our newest [SSH] and other. As we've talked about in the past, the application identity management is a very important product as well, very often an upsell product where customers first start with the human users and then expand to application credentials.

All right. And the other question is really a lot of discussion on the sales and marketing and congratulations on the [print]. One of the questions we had is really around the channel development. You know, can you give us some data points on how many new channel partners you've used, or are you more reliant on some of your strategic partners?

So we didn't disclose specifically the growth in channels. We also very often believe in quality over quantity, so we're investing in the channel. We're investing in having our own channel manager staff continuously train and expand our channel presence. Overall, from a revenue contribution, we're continuing to see that it's around 50/50 between our channels and direct. But as the demand is increasing, and as the awareness is increasing in the market, the channels are also becoming A, one more effective for us, also very bullish about carrying CyberArk and as a leading product in their sales processes. So while I think we're still very under-leveraged in the channel, there's a lot that we are doing and will continue to do in further enabling them, training them, adding new channels in new regions, but it's a very, very important element in our hybrid go-to-market.

Okay. Last question. One of the companies we come across in the channel quite often is Centrify. And who do you see as other pure play privileged access manager competitors and do you run into them a lot competitively? And then I won't ask any more questions.

No problem. No, we hardly see Centrify in competition. They primarily provide AD bridging, which allows the connectivity between Windows environments to Unix environments and very often we complement that. I know they are increasingly trying to position against CyberArk but we don't see that much in the field. To your question in terms of pure play, I would mention [Biantrust] and Lieberman also on the list of (inaudible) that we see. But the ones we see the most are Dell, through their acquisition of Quest, and CA.

All right. Thank you very much.

At this time we have no further questions in the queue. And I'd like to turn the conference back over to Udi for any closing or additional remarks.

Great, thank you very much. Q2 2015 was another very successful quarter for CyberArk. The demand for privileged account security continues to increase, and we are executing well on the opportunity. We believe our future is very bright. As always, I thank our customers for placing their trust in CyberArk, and our employees and partners that continue to work hard to create value for our shareholders. Again, thank you everyone for joining us this evening.

Ladies and gentlemen, that does conclude today's presentation, and we appreciate everyone's participation.