Qualys Inc (QLYS) 2024 Q4 法說會逐字稿

Good day, and thank you for standing by. Welcome to Qualys Fourth Quarter 2024 Investor Conference Call. At this time, all participants are in a listen-only mode. After the speaker's presentation, there will be a question-and-answer session (Operator Instructions) Please be advised that today's conference is being recorded.

您好，感謝您的支持。歡迎參加 Qualys 2024 年第四季投資者電話會議。此時，所有參與者都處於只聽模式。演講者演講結束後，將有一個問答環節（操作員指示）請注意，今天的會議正在錄音。

I would now like to hand the conference over to your speaker today, Blair King. Please go ahead.

現在我想將會議交給今天的發言人布萊爾金 (Blair King)。請繼續。

Thanks, Gigi. Good afternoon, and welcome to Qualys' fourth quarter 2024 earnings call. Joining me today to discuss our results is Sumedh Thakar, our President and CEO; and Joo Mi Kim, our CFO.

謝謝，吉吉。下午好，歡迎參加 Qualys 2024 年第四季財報電話會議。今天與我一起討論我們業績的是我們的總裁兼執行長 Sumedh Thakar；以及我們的財務長 Joo Mi Kim。

Before we get started, I would like to remind you that our remarks today will include forward-looking statements that generally relate to future events or our future financial or operating performance. Actual results may differ materially from these statements. Factors that could cause results to differ materially are set forth in today's press release and our filings with the SEC, including our latest Form 10-Q and 10-K. Any forward-looking statements that we make on this call are based on assumptions as of today, and we undertake no obligation to update statements as a result of new information or future events.

在我們開始之前，我想提醒您，我們今天的演講將包括前瞻性陳述，這些陳述通常與未來事件或我們未來的財務或營運績效有關。實際結果可能與這些陳述有重大差異。今天的新聞稿和我們向美國證券交易委員會提交的文件中列出了可能導致結果出現重大差異的因素，包括我們最新的 10-Q 表和 10-K 表。我們在本次電話會議上所做的任何前瞻性陳述均基於今天的假設，我們不承擔因新資訊或未來事件而更新陳述的義務。

During this call, we will present both GAAP and non-GAAP financial measures. A reconciliation of GAAP to non-GAAP measures is included in today's earnings press release. And as a reminder, the press release, prepared remarks and investor presentation are all available on the Investor Relations section of our website.

在本次電話會議中，我們將介紹 GAAP 和非 GAAP 財務指標。今天的收益新聞稿中包含了 GAAP 與非 GAAP 指標的對帳表。提醒一下，新聞稿、準備好的發言和投資者介紹均可在我們網站的投資者關係部分找到。

So with that, I'd like to now turn the call over to Sumedh.

因此，現在我想將電話轉給 Sumedh。

Thank you, Blair, and welcome to our fourth quarter earnings call. Looking back to last year, I can truly say that 2024 was a year of incredible product innovation and rebranding of Qualys, as we celebrate our 25th-year anniversary. As one of the first SaaS Security companies in the world, we have continuously strived to exceed market expectations and serve as the leader when it comes to disruptive technology in cybersecurity.

謝謝，布萊爾，歡迎參加我們的第四季財報電話會議。回顧去年，我可以真誠地說，2024 年是 Qualys 令人難以置信的產品創新和品牌重塑的一年，因為我們將慶祝公司成立 25 週年。作為全球首批SaaS安全公司之一，我們不斷努力超越市場期望，成為網路安全顛覆性技術的領導者。

Today, the message is clear. Today's CSOs want to anchor cybersecurity conversations around business risk reduction as the impact of their cybersecurity spend. The market wants a platform that enables them to speak unified language of risk to their boards and business partner, while letting their teams pick the underlying platform and best-of-breed solutions for specific areas in cybersecurity rather than an aspirational goal of consolidating 50 different cybersecurity vendors into one.

今天，訊息已經很明確了。當今的首席安全官希望將網路安全對話圍繞著降低業務風險作為其網路安全支出的影響。市場需要一個平台，使他們能夠向董事會和業務夥伴講統一的風險語言，同時讓他們的團隊選擇底層平台和針對網路安全特定領域的最佳解決方案，而不是將 50 家不同的網路安全供應商整合為一家。

Recognizing the difficulty and complexity of implementing and utilizing multiple security solutions from numerous security vendors, we have evolved our platform previously focused on vulnerability scanning and telemetry collection to become a full feature risk analytics and quantification platform, bringing data analytics and insights with embedded AI models to customers, while giving them the flexibility to continue to leverage their existing security tools.

認識到實施和使用來自眾多安全供應商的多種安全解決方案的難度和複雜性，我們將先前專注於漏洞掃描和遙測收集的平台發展成為一個全功能風險分析和量化平台，透過嵌入式人工智慧模型為客戶帶來數據分析和洞察，同時讓他們能夠靈活地繼續利用現有的安全工具。

The net result for customers is a vendor-neutral orchestration layer that provides full visibility and risk scoring for an organization's entire attack surface, aggregates and correlates all security findings, leveraging over 25 tech feet and powers a single AI-driven workflow that centralizes, quantifies, articulates, prioritizes and remediates cyber risk while delivering the efficiencies of consolidation.

對於客戶而言，最終結果是一個與供應商無關的編排層，該編排層為組織的整個攻擊面提供全面的可見性和風險評分，匯總和關聯所有安全發現，利用超過 25 個技術優勢，並為單一的 AI 驅動的工作流程提供支持，該工作流程可集中、量化、表達、優先處理和補救網絡風險，同時實現整合效率。

The rebranding and continuous enhancement of our platform is a result of our unwavering focus on prioritizing our customers' need and addressing their challenges with innovative new solutions. In 2024, this collaboration led to a significant platform enhancement that bolster our strategic relevance and further expand our market opportunity. We introduced TruRisk Eliminate to extend our remediation capabilities beyond Patch Management.

我們平台的重塑和持續增強是我們始終專注於優先考慮客戶需求並透過創新的新解決方案來應對他們的挑戰的結果。2024 年，此次合作帶來了重大的平台增強，增強了我們的策略相關性並進一步擴大了我們的市場機會。我們引入了 TruRisk Eliminate，將我們的補救能力擴展到修補程式管理之外。

We enhanced our cybersecurity asset management capabilities with patent pending technologies to turn previously unknown internal and external facing assets into security managed assets in real time.

我們利用正在申請專利的技術增強了我們的網路安全資產管理能力，將以前未知的內部和外部資產即時轉變為安全管理資產。

We brought the MITRE ATT&CK prioritization Matrix into the Qualys TruRisk platform to uniquely predict, identify and respond to critical risk with an attacker centric view. With TotalAI, we delivered groundbreaking new capabilities to find and secure generative AI applications and large learning models. We organically unified cloud infrastructure entitlement management, CIEM container run time protection, Kubernetes posture management, SaaS security posture management and our AI-powered TruRisk insight capabilities into our TotalCloud CNAPP platform with multi-cloud ITSM integration, strengthening our market position and further fixing the power of our platform, we went GA with our enterprise TruRisk management solution, setting a new gold standard in the industry for proactive cyber risk management, planting the flag for organizations to operationalize a modern risk operations center, ROC at scale.

我們將 MITRE ATT&CK 優先矩陣引入 Qualys TruRisk 平台，以攻擊者為中心的視角獨特地預測、識別和應對關鍵風險。借助 TotalAI，我們提供了突破性的新功能來尋找和保護生成式 AI 應用程式和大型學習模型。我們將雲端基礎設施授權管理、CIEM 容器運行時保護、Kubernetes 態勢管理、SaaS 安全態勢管理和我們由 AI 驅動的 TruRisk 洞察功能有機地統一到我們的 TotalCloud CNAPP 平台中，並透過多雲 ITSM 集成，加強我們的市場地位並進一步鞏固我們的強大網路平台的強大功能，我們透過企業管理計畫在新產業發展了一個新的商業組織ROC 奠定了基礎。

In less than a quarter since going GA with ETM, we have seen strong interest with currently over 50 active prospects for our POC. Our ETM solution goes beyond current Continuous Threat Exposure Management, CTEM platforms with our ability to speak business language, effect remediation actions and partner with cyber insurance underwriter. We believe these innovations will allow our customers to standardize on a trusted platform like Qualys layering on top of their other existing cybersecurity solutions. With a long track record of solving the most challenging cybersecurity challenges -- use cases for our customers, Qualys pioneered the cybersecurity patching category, seamlessly integrating it into our platform and bridging the gap between IT and security teams.

自 ETM 正式投入使用以來不到一個季度的時間裡，我們就看到對我們的 POC 有濃厚興趣的活躍潛在客戶，目前有超過 50 個。我們的 ETM 解決方案超越了目前的持續威脅暴露管理、CTEM 平台，我們能夠使用商業語言、採取補救措施並與網路保險承保人合作。我們相信這些創新將使我們的客戶能夠在其他現有網路安全解決方案之上，在像 Qualys 這樣的可信任平台上實現標準化。Qualys 在為客戶解決最具挑戰性的網路安全挑戰（用例）方面有著長期的記錄，它開創了網路安全修補類別，將其無縫整合到我們的平台中並彌合了 IT 和安全團隊之間的差距。

Last year, we successfully deployed over 100 million patches with Qualys agent and in turn, eliminated over 100 million potential incidents in our customer environment. Despite this achievement, our journey has shown that patching alone is simply not enough. That is why we introduced TruRisk Eliminate, which revolutionizes patching by empowering organizations to isolate critical assets or implement compositing controls, protecting against zero-day vulnerabilities and misconfiguration when patches aren't available or feasible to deploy. This is a major competitive advantage and our innovation doesn't stop there.

去年，我們利用 Qualys 代理程式成功部署了超過 1 億個補丁，從而消除了客戶環境中超過 1 億個潛在事故。儘管取得了這項成就，但我們的經驗表明，僅靠修補是不夠的。這就是我們推出 TruRisk Eliminate 的原因，它透過授權組織隔離關鍵資產或實施合成控制，在修補程式不可用或無法部署時防止零日漏洞和錯誤配置，從而徹底改變了修補程式方式。這是一個主要的競爭優勢，而我們的創新不止於此。

We've recently introduced TruRisk Uninstall as a fourth component to our TruRisk Eliminate package. TruRisk Uninstall allows organizations to hunt for detect and uninstall end-of-life software, misused or unused application and other forms of tech debt while removing one of the most highly exploited attack path available to adversaries with a simple click of a button.

我們最近推出了 TruRisk Uninstall 作為 TruRisk Eliminate 套件的第四個元件。TruRisk Uninstall 讓組織尋找、偵測和卸載過期軟體、濫用或未使用的應用程式以及其他形式的技術債務，同時只需點擊一個按鈕即可消除對手最常利用的攻擊路徑之一。

In cloud, our innovation engine continues to execute at a high level. We believe we are increasingly well positioned to expand our share on the evolving cloud market as CISOs look to evolve the space approach into multi-cloud environments as well. Advancing our competitive differentiation, we recently brought many new capabilities into our agent and agentless total cloud CNAPP solution including comprehensive attack path analysis, enhanced risk quantification leveraging our TruRisk insight capability and automated no-code, low-code cloud workflow remediation. This latest release, which we call TotalCloud 3.0 unleashes an organization's ability to easily visualize the entire blast radius of an assets attacked path and systematically identify, prioritize and resolve critical threats for pre-run time and run time protection.

在雲端，我們的創新引擎繼續高水準運作。我們相信，隨著 CISO 也希望將空間方法發展到多雲環境，我們越來越有能力擴大我們在不斷發展的雲端市場的份額。為了提升我們的競爭差異化，我們最近為我們的代理和無代理全雲 CNAPP 解決方案引入了許多新功能，包括全面的攻擊路徑分析、利用我們的 TruRisk 洞察能力增強的風險量化以及自動化無程式碼、低程式碼雲端工作流程修復。這個最新版本，我們稱之為 TotalCloud 3.0，它使組織能夠輕鬆地可視化資產攻擊路徑的整個爆炸半徑，並系統地識別、優先處理和解決運行前和運行時保護的關鍵威脅。

As a result, TotalCloud 3.0 is streamlining operations with an unparalleled outside in and inside our perspective of an organization cybersecurity posture for secure cloud consumption.

因此，TotalCloud 3.0 以無與倫比的內外視角簡化了運營，確保組織在安全的雲端消費方面的網路安全態勢。

In our view, TotalCloud 3.0 is one of the most comprehensive CNAPP solutions available in the market today. And it's growing momentum is strong testament to the Assurance customers place in Qualys every day.

我們認為，TotalCloud 3.0 是當今市場上最全面的 CNAPP 解決方案之一。它日益增長的勢頭有力地證明了客戶對 Qualys 的信任。

Finally, with the introduction of Qualys' TotalAppSec, we are now providing customers with the ability to expand their AppSec assessments into expanding attack surface with the use of APIs for B2B and mobile apps. Qualys TotalAppSec includes comprehensive inventory and threat assessment of their web applications and APIs with unified malware detection and automated response.

最後，隨著 Qualys 的 TotalAppSec 的推出，我們現在可以為客戶提供透過使用 B2B 和行動應用程式 API 將其 AppSec 評估擴展到擴​​大攻擊面的能力。Qualys TotalAppSec 包括對其 Web 應用程式和 API 的全面清單和威脅評估，以及統一的惡意軟體偵測和自動回應。

Moving on to business update. Over the past several months, I personally met with many customers, prospects, and partners. These conversations also around the same topic. Customers require a holistic view of the cyber risk, one that is quantified and prioritized articulated in terms of risk to their business and remediated to an acceptable level in a single integrated workflow on top of their existing solutions.

繼續進行業務更新。在過去的幾個月裡，我親自會見了許多客戶、潛在客戶和合作夥伴。這些對話也圍繞著同一話題。客戶需要對網路風險有一個整體的認識，這種認識是經過量化和優先排序的，根據其業務風險進行闡述，並在現有解決方案之上的單一整合工作流程中將其補救到可接受的水平。

Given Qualys' blueprint for delivering these requirements with greater value to customers, our technologies are not only fueling new local land but also helping to increase power platform adoption, especially in the areas of VMDR, cybersecurity, asset management, management, patch cloud security, and now the TruRisk Corporation Center delivered by Qualys ETM with thousands of customers consolidating on Qualys Enterprise TruRisk platform, let me again share a couple of recent wins, which illustrate why these companies are turning to Qualys to help unify their security tools, quantify cyber risk in their environment, and fortify their security operations.

鑑於 Qualys 致力於以更大的價值滿足這些要求的藍圖，我們的技術不僅推動了新的本地土地開發，而且還有助於提高強大平台的採用，特別是在 VMDR、網絡安全、資產管理、管理、補丁雲安全等領域，現在由 Qualys ETM 提供的 TruRisk Corporation Center 有數千名客戶來幫助環境中的網路風險，並加強他們的安全運作。

First, an existing global 100 multinational insurance company security team with multiple tools in their environment, face increasing personnel costs and struggled with limited visibility into their overall risk profile.

首先，現有的全球 100 家跨國保險公司的安全團隊在其環境中擁有多種工具，面臨著不斷增加的人員成本，並且對其整體風險狀況的了解有限。

Through a highly competitive RFP process, this customer chose Qualys and launched an initiative to collapse security stack in just data from other cybersecurity tools into the Qualys platform and which asset contacts with business information brought by their CMDB integration and centralized remediation.

透過高度競爭的 RFP 流程，該客戶選擇了 Qualys，並啟動了一項計劃，將安全堆疊中的其他網路安全工具的資料整合到 Qualys 平台中，並將哪些資產與其 CMDB 整合和集中補救帶來的業務資訊聯繫起來。

This includes the purchase of eight Qualys modules and deploying ETM to begin orchestrating the block resulting in a seven-figure annual booking fee. We are now quickly migrating numerous data sources to the Qualys platform and delivering the outcome of consolidation and quantifiable risk and automated response aligned with business priorities.

這包括購買八個 Qualys 模組並部署 ETM 來開始協調該模組，從而產生七位數的年度預訂費用。我們現在正在將大量資料來源快速遷移到 Qualys 平台，並提供與業務優先順序一致的整合、可量化風險和自動回應的結果。

Turning to the moment we see with TotalCloud CNAPP solution in a mid-six-figure booking upsell with the global shift taking longer and this existing VMDR CyberSecurity Asset Management, web application scanning and customer assessment remediation customer launched and initiated to further unify its security stack and replace its incumbent cloud-only security vendor.

現在我們看到 TotalCloud CNAPP 解決方案的預訂銷售額達到了六位數的中間水平，由於全球轉移需要更長的時間，並且現有的 VMDR 網路安全資產管理、Web 應用程式掃描和客戶評估補救客戶已經啟動並啟動，以進一步統一其安全堆疊並取代其現有的僅限雲端的安全供應商。

Through its evaluation, this customer determined that alternate -- their point solutions add complexity to their operations, like integration and risk detection, which hindered their ability to assess risk and consolidate their security tools.

透過評估，該客戶確定替代方案——他們的點解決方案增加了他們的操作的複雜性，例如整合和風險檢測，這阻礙了他們評估風險和整合安全工具的能力。

Today, through a highly scalable, natively integrated CNAPP solution, this customer is leveraging the Qualys Enterprise TruRisk platform to combine insights from built through run time with proactive risk management, while actively detecting anomalies, preventing zero-day attacks, closing security gaps, and remediating risk with ITSM integration through a single dashboard across its on-prem, hybrid and multi-cloud assets. These capabilities provide the visibility and automation necessary to defend against today's adversaries and represent a significant long-term opportunity for Qualys.

如今，透過高度可擴展、原生整合的 CNAPP 解決方案，該客戶正在利用 Qualys Enterprise TruRisk 平台將從構建到運行過程中的洞察與主動風險管理相結合，同時主動檢測異常、防止零日攻擊、彌補安全漏洞並透過跨本地、混合和多雲資產的單一儀表板與 ITSM 整合來補救風險。這些功能提供了防禦當今對手所必需的可視性和自動化，並為 Qualys 帶來了重要的長期機會。

With seamlessly integrated solutions delivered natively on our platform to solve modern security challenges, more and more Qualys customers are beginning to understand how cybersecurity transformation drives better security outcomes, saves time and cost less. As a result, customers spending $500,000 or more with us in Q4 grew 13% from a year ago to 207.

透過在我們的平台上原生交付無縫整合的解決方案來解決現代安全挑戰，越來越多的 Qualys 客戶開始了解網路安全轉型如何推動更好的安全結果、節省時間和降低成本。因此，第四季在我們這裡消費 50 萬美元或以上的客戶數量比去年同期成長了 13%，達到 207 位。

Consolidating workflow isn't just happening with customers. It's also embraced and prioritized by our partners, underscored by an interestingly strong mix of new business and significant growth. As we continue to endorse a partner-first sales motion, partner-led deal registration and win rates increase in Q4.

整合工作流程不僅發生在客戶身上。它也受到我們合作夥伴的歡迎和優先考慮，這體現在新業務和顯著增長的強勁組合上。隨著我們繼續支持合作夥伴優先的銷售動議，合作夥伴主導的交易註冊和成功率在第四季度增加。

In addition, with the launch of ETM, many of our cybersecurity service providers are now deeply engaged for the first time in delivering new Managed Risk Operations, mROC services encompassing risk certification security tool integration, risk monitoring and matching.

此外，隨著 ETM 的推出，我們的許多網路安全服務供應商現在首次深入參與提供新的託管風險營運、mROC 服務，包括風險認證安全工具整合、風險監控和匹配。

Similar to how MSSPs monetized the SOC for post-breach response, the mROC is now the new frontier for MSSPs to capitalize on the centralized and automated approach to pre-breach risk management. Partners are actively spearheading these new initiatives with Qualys as their mROC platform of choice.

與 MSSP 將 SOC 貨幣化以用於違規後回應的方式類似，mROC 現在已成為 MSSP 利用集中化和自動化方法進行違規前風險管理的新前沿。合作夥伴正在積極引領這些新舉措，並選擇 Qualys 作為其 mROC 平台。

Turning to our executive team update. I would like to congratulate Dino DiMarino, our Chief Revenue Officer, who has decided to accept a CEO role at another company. I wish Dino well and thank him for his contributions during his tenure at Qualys.

談談我們執行團隊的最新消息。我要祝賀我們的首席營收長 Dino DiMarino，他決定接受另一家公司的執行長職位。我祝 Dino 一切順利，並感謝他在 Qualys 任職期間所做的貢獻。

As we continue to focus on executing our product-led growth vision and partner for strategy, I plan to oversee the sales organization while continuing to grow our scale in the sales group. We're fortunate to have a talented next-level team of regional sales leaders who are energized by our competitive position in the market and ready to drive our business forward.

隨著我們繼續專注於執行以產品為主導的成長願景和合作夥伴策略，我計劃監督銷售組織，同時繼續擴大銷售團隊的規模。我們很幸運擁有一支由區域銷售領導組成的才華橫溢的下一代團隊，他們對我們在市場上的競爭地位充滿活力，並隨時準備推動我們的業務向前發展。

With our FedRAMP High Ready platform, anticipating FedRAMP high certification in 2025 and our continued investing Federal GTM, we remain excited about the massive opportunity as the Federal Government looks to change the way things have been done in the past with clunky and costly on-prem solutions and move to cloud-based modern effective and cost-efficient solutions for cybersecurity risk management.

憑藉我們的 FedRAMP High Ready 平台，預計 2025 年將獲得 FedRAMP 高認證，並且我們將繼續投資聯邦 GTM，我們仍然對這一巨大機會感到興奮，因為聯邦政府希望改變過去使用笨重且昂貴的內部部署解決方案的方式，並轉向基於雲端的現代、有效且具有成本效益的網路安全風險管理解決方案。

In summary, I couldn't be more confident in our market position and opportunities for growth over time. Our leadership as a trusted security platform is a clear reflection of Qualys' dedication to continuous innovation, delivering value to customers and transforming cybersecurity risk management.

總而言之，我對我們的市場地位和長期成長機會充滿信心。我們作為值得信賴的安全平台的領導地位清楚地反映了 Qualys 致力於持續創新、為客戶提供價值和轉變網路安全風險管理的決心。

Looking ahead to 2025, we'll continue our disruptive innovation further advance our go-to-market investments and execute our strategic reason with a balanced approach to long-term growth and profitability.

展望 2025 年，我們將繼續進行顛覆性創新，進一步推進我們的市場投資，並以平衡的方式執行我們的策略目標，實現長期成長和獲利。

With that, I'll turn the call over to Joo Mi to further discuss our fourth quarter results and outlook for the first quarter and full year 2025.

接下來，我將把電話轉給 Joo Mi，進一步討論我們第四季的業績以及 2025 年第一季和全年的展望。

Thanks, Sumedh, and good afternoon. Before I start, I'd like to note that except for revenue, all financial figures are non-GAAP, and growth rates are based on comparisons to the prior year period unless stated otherwise.

謝謝，Sumedh，下午好。在開始之前，我想指出的是，除收入外，所有財務數據均為非 GAAP，且成長率是基於與去年同期的比較，除非另有說明。

We're pleased to report a healthy finish to the year, highlighting our continued execution, financial discipline and scalable business model. For the full year, we grew revenues by 10% to $607.6 million and achieved adjusted EBITDA margin of 47% even with continued 14% growth in investments in sales and marketing.

我們很高興地報告今年取得了良好的成績，突顯了我們持續的執行力、財務紀律和可擴展的商業模式。全年而言，我們的營收成長了 10%，達到 6.076 億美元，在銷售和行銷投資持續成長 14% 的情況下，調整後的 EBITDA 利潤率仍達到 47%。

Net income and EPS grew 16% to $229 million and $6.13 per diluted share, respectively. And free cash flow reached $231.8 million or 30% of revenue, all of which exceeded our expectations for the year.

淨收入和每股收益分別成長 16% 至 2.29 億美元和每股稀釋收益 6.13 美元。自由現金流達到 2.318 億美元，佔收入的 30%，都超出了我們對今年的預期。

Turning to fourth quarter results. Revenues grew 10% to $159.2 million. The channel continued to increase its contribution, making up 48% of total revenues compared to 44% a year ago. As a result of our continued commitment to leverage our partner ecosystem to drive growth, we were able to grow revenues from channel partners by 18%, outpacing direct, which grew 3%.

談到第四季的業績。營收成長 10% 至 1.592 億美元。該通路的貢獻持續增加，佔總收入的 48%，而一年前為 44%。由於我們持續致力於利用我們的合作夥伴生態系統來推動成長，我們從通路合作夥伴獲得的收入成長了 18%，超過了直接收入的 3% 的成長。

By Geo, 15% growth outside the US was ahead of our domestic business, which grew 7%. US and international revenue mix was 58% and 42%, respectively. With customers confirming their prioritization of security within IT budgets, we anticipate the selling environment in 2025 to remain stable with ongoing budget scrutiny persisting for the foreseeable future. Reflecting the sentiment in Q4, our gross retention rate remained approximately at 90% and our net dollar expansion rate came in at 103%, unchanged from prior quarter.

從地理上看，美國以外地區的業務成長了 15%，超過了國內業務 7% 的成長。美國和國際收入佔比分別為58%和42%。隨著客戶確認在 IT 預算中優先考慮安全性，我們預計 2025 年的銷售環境將保持穩定，並且在可預見的未來仍將持續進行預算審查。反映第四季度的情緒，我們的總保留率保持在 90% 左右，淨美元擴張率為 103%，與上一季持平。

In terms of product contribution to bookings, Patch Management and Cybersecurity Asset Management combined made up 15% of total bookings and 24% of new bookings in 2024. Our cloud security solutions, TotalCloud CNAPP, made up 4% of 2024 bookings. We attribute the success to our customers' need for broader contextualized awareness of their attack surface with natively integrated risk management and remediation workflows across all environments on a single platform.

就產品對預訂量的貢獻而言，修補程式管理和網路安全資產管理合計佔 2024 年總預訂量的 15% 和新預訂量的 24%。我們的雲端安全解決方案 TotalCloud CNAPP 佔 2024 筆訂單的 4%。我們將成功歸功於我們的客戶需要更廣泛的情境化感知其攻擊面，以及在單一平台上跨所有環境的本地整合風險管理和補救工作流程。

Turning to profitability. Adjusted EBITDA for the fourth quarter of 2024 was $74.2 million, representing a 47% margin compared to a 46% margin a year ago and 45% last quarter. The stronger-than-expected performance resulted from our targeted optimization efforts, which was part of our 2025 planning process. Consequently, operating expenses in Q4 remained relatively flat to last quarter, while sales and marketing investments grew moderately by 5% from last quarter.

轉向盈利能力。2024 年第四季調整後 EBITDA 為 7,420 萬美元，利潤率為 47%，而去年同期的利潤率為 46%，上季度的利潤率為 45%。超出預期的業績源自於我們有針對性的最佳化努力，這也是我們 2025 年規劃流程的一部分。因此，第四季度的營業費用與上季度相比持平，而銷售和行銷投資較上季度溫和增長了 5%。

EPS for the fourth quarter of 2024 was $1.60, and our free cash flow was $41.9 million, representing a 26% margin compared to 22% in the prior year. In Q4, we continue to invest the cash we generated from operations back into Qualys, including $5.8 million on capital expenditures and $42.3 million to repurchase 312,000 of our outstanding shares.

2024 年第四季的每股盈餘為 1.60 美元，我們的自由現金流為 4,190 萬美元，利潤率為 26%，而去年同期為 22%。在第四季度，我們繼續將營運產生的現金重新投資於 Qualys，其中包括 580 萬美元的資本支出和 4,230 萬美元的回購 312,000 股流通股。

As of the end of the quarter, we had $143.4 million remaining in our share repurchase program. We're pleased to announce that our Board has authorized another increase of $200 million to the share repurchase program, bringing the total available amount for share repurchases to $343.4 million.

截至本季末，我們的股票回購計畫剩餘金額為 1.434 億美元。我們很高興地宣布，董事會已批准將股票回購計畫再次增加 2 億美元，使可用於股票回購的總金額達到 3.434 億美元。

With that, let us turn to guidance, starting with revenues. For the full year 2025, we expect revenues to be in the range of $645 million to $657 million, which represents a growth rate of 6% to 8%. For the first quarter of 2025, we expect revenues to be in the range of $155.5 million to $158.5 million, representing a growth rate of 7% to 9%.

因此，讓我們從收入開始來探討指導。就 2025 年全年而言，我們預計營收將在 6.45 億美元至 6.57 億美元之間，成長率為 6% 至 8%。對於 2025 年第一季度，我們預計營收在 1.555 億美元至 1.585 億美元之間，成長率為 7% 至 9%。

This guidance assumes no material change in our net dollar expansion rate with moderate growth contribution from new business in 2025. We also realize that there may be some near-term adjustments to the plan given the upcoming CRO departure, we'll be sharing updates as we make progress throughout the year.

該指引假設我們的淨美元擴張率不會發生重大變化，且 2025 年新業務將帶來適度的成長貢獻。我們也意識到，考慮到 CRO 即將離職，該計劃可能會有一些短期調整，我們將在全年取得進展的同時分享最新進展。

Shifting to profitability guidance. For the full year 2025, we expect EBITDA margin to be in the low 40s, implying 18% to 20% increase in operating expenses and free cash flow margin in the low to mid-30s. We expect full year EPS to be in the range of $5.50 to $5.90.

轉向盈利能力指引。對於 2025 年全年而言，我們預計 EBITDA 利潤率將在 40% 以下，這意味著營運費用將增加 18% 至 20%，自由現金流利潤率將在 30% 至 35% 之間。我們預計全年每股收益在 5.50 美元至 5.90 美元之間。

For the first quarter of 2025, we expect EPS to be in the range of $1.40 to $1.50. Our planned capital expenditures in 2025, expected to be in the range of $8 million to $13 million and for the first quarter of 2025 in the range of $2 million to $4 million.

對於 2025 年第一季度，我們預計每股收益將在 1.40 美元至 1.50 美元之間。我們計劃在 2025 年的資本支出預計在 800 萬美元至 1300 萬美元之間，2025 年第一季的資本支出預計在 200 萬美元至 400 萬美元之間。

In 2025, we anticipate gross margin to contract by approximately 1% given certain investments we are currently making in some of our data centers to achieve greater operational efficiencies and reduce medium to long-term marginal costs.

鑑於我們目前對部分資料中心進行了一些投資，以實現更高的營運效率並降低中長期邊際成本，我們預計 2025 年毛利率將收縮約 1%。

With respect to operating expenses, we plan to align our product and marketing investments to focus on specific initiatives aimed at driving more pipeline, accelerating our partner program and expanding our federal vertical. As a percentage of revenue, we expect to prioritize an increase in investments in sales and marketing and engineering with a more modest increase in G&A.

至於營運費用，我們計劃調整我們的產品和行銷投資，重點關注旨在推動更多管道、加速我們的合作夥伴計劃和擴大我們的聯邦垂直市場的具體舉措。作為收入的百分比，我們預計優先增加對銷售、行銷和工程的投資，並適度增加一般行政費用 (G&A)。

With that, Sumedh and I would be happy to answer any of your questions.

因此，Sumedh 和我很樂意回答您的任何問題。

Thank you. (Operator Instructions)

謝謝。（操作員指令）

Kingsley Crane from Canaccord Genuity.

Canaccord Genuity 的 Kingsley Crane。

Hi. Thanks for taking the questions. Congrats on the great quarter. So again, you have so many great products in the portfolio. We've seen some others in the space up for more of a consolidated consumption plan that simplifies pricing and can get more products in the hands of the customers. So any thoughts on creative packaging opportunities over this next year?

你好。感謝您回答這些問題。恭喜本季取得如此出色的成績。再次強調，你們的產品組合中有很多優秀的產品。我們看到，該領域的其他一些人正在推行更為整合的消費計劃，以簡化定價並讓更多的產品送到消費者手中。那麼對於明年的創意包裝機會您有什麼想法嗎？

Yes, that's a great question. I think for us, as I mentioned in my script, really customers are looking at ways that they can anchor, how they're looking at their cybersecurity spend by looking at their -- the business risk and how they are able to articulate that spend by reducing business risk and that is a combination of bringing Qualys modules wherever available, bringing data from third-party solutions that are available. And so as we are early in this journey right now with ETM and the main feedback that we are getting right now from the early adopter customers for ETM and the POCs that we're going,

是的，這是一個很好的問題。我認為對於我們來說，正如我在腳本中提到的那樣，客戶實際上正在尋找可以錨定的方法，如何透過查看他們的業務風險來查看他們的網路安全支出，以及如何透過降低業務風險來表達這些支出，這是將 Qualys 模組（無論在哪裡可用）與從可用的第三方解決方案中獲取資料相結合的方法。因此，由於我們目前正處於 ETM 的早期階段，並且目前從 ETM 的早期採用者客戶那裡獲得的主要回饋以及我們正在進行的 POC，

I think as an evolution of that, we continue to look through the year at getting feedback from these early customers and how we can help them adopt the product platform, both in terms of the integration, but also pricing, and it is something that we will be continue to review throughout the year to see where we have opportunities for packing that sort of a model anchored around the adoption of ETM rather than individual modules.

我認為作為一種發展，我們會在全年持續關注從這些早期客戶那裡獲得的反饋，以及我們如何幫助他們採用產品平台，無論是在集成方面，還是在定價方面，我們都將在全年持續審查這一點，以了解我們是否有機會將這種以採用 ETM 而不是單個模組為基礎的模型打包在一起。

That’s great to hear. And Sumedh, with Dino's departure, it sounds like you're going to oversee sales efforts a bit a bit more hands on. You recently has taken on more with product and marketing as well. So just wondering, any updated plans on or thoughts on your bandwidth and if you wouldn't hire any key leaders across the business and how you plan to balance your time the upcoming year? Thanks.

聽到這個消息我很高興。蘇梅德，隨著迪諾的離開，聽起來你將更親自監督銷售工作。您最近也承擔了更多產品和行銷工作。所以只是想知道，您對頻寬有任何更新的計劃或想法嗎？謝謝。

Yes. Thank you. I've done this a couple of times in the past, and I'm happy to jump in periodically to help as needed. Again, we thank Dino for being part of the team, but we have been working on this for a while with the broader team, not just the CRO and our 2025 planning is in a good place. So now it's really about focusing on execution. And as you see key part of our execution is celebrating the success that we're seeing with our engagement with the partners and how can we pivot more towards a partner-oriented GTM strategy, which means that the focus will go a bit less on direct and growing direct and more on how do we partner with our partners from relieve gen, pipeline gen as well as execution on clothing deals, et cetera. So I think we continue to focus on executing that, working closely with partners and aligning our sales our sales leadership.

是的。謝謝。我以前已經做過幾次了，我很樂意定期提供所需的幫助。再次，我們感謝 Dino 成為團隊的一員，但我們已經與更廣泛的團隊合作了一段時間，而不僅僅是 CRO，而且我們的 2025 年規劃進展順利。因此現在真正要關注的是執行。正如您所看到的，我們執行的關鍵部分是慶祝我們與合作夥伴合作所看到的成功，以及我們如何更多地轉向以合作夥伴為導向的 GTM 策略，這意味著重點將更少地放在直接和直接增長上，而更多地放在我們如何與我們的合作夥伴合作，從救濟創投、管道創投以及服裝的執行等方面。因此我認為我們將繼續專注於執行這一點，與合作夥伴密切合作並協調我們的銷售和銷售領導。

With that, the good news is that leadership below Dino is very strong. Many of them have been here even before Dino joined us, and they are very connected, dedicated to the mission. And so I look forward to continuing to do that.

好消息是，迪諾 (Dino) 領導下的領導力非常強大。他們中的許多人在迪諾加入我們之前就已經在這裡了，他們聯繫緊密，致力於完成使命。因此我期待繼續這樣做。

I think on the product side, we have great leaders on -- with our CTO, Dilip Bachwani, as well as our SVP of Product Management, both have been here for over 10 years. And really driving working with me, the execution that is needed on the product side, again, aligning to our vision of delivering capabilities like MRO, which will encourage our partners to do more with us, not just from the GTM side as well, but also from the product side.

我認為在產品方面，我們擁有出色的領導者 - 我們的首席技術長 Dilip Bachwani 以及我們的產品管理高級副總裁都在這裡工作了 10 多年。真正推動與我合作的是產品方面所需的執行力，再次與我們提供 MRO 等功能的願景保持一致，這將鼓勵我們的合作夥伴與我們做更多的事情，不僅僅是從 GTM 方面，也從產品方面。

So again, we -- for us now, it is really more about finding the right leader who understands our partner focus and will be leaders who will be working with us on making sure that we are not necessarily focusing on the direct side of growing the business, but more around focusing on how do we pivot our partner focus and make sure that all the different aspects of business are going in that direction.

所以，對我們來說，現在更重要的是找到合適的領導者，他要理解我們的合作夥伴重點，並將與我們合作，確保我們不一定專注於業務增長的直接方面，而是更多地關注如何轉變我們的合作夥伴重點，並確保業務的所有不同方面都朝著這個方向發展。

Make sense. You definitely has deep bench. Thanks for the time.

有道理。您的板凳深度肯定很深。感謝您的時間。

Matthew Hedberg from RBC Capital Markets

加拿大皇家銀行資本市場部的 Matthew Hedberg

Hey, guys. This is Mike Richards on for Matt. Thanks for taking the question here. Maybe let me go back to Dino's departure and appreciating that you probably already had your sales kick off here and you had a plan for the year. But what are some of the changes that maybe we could expect or that I think could really improve the sales motion this year given his exit and you've taken the reins here?

嘿，大家好。這是麥克理查茲 (Mike Richards)，取代馬特 (Matt)。感謝您在此提出這個問題。也許讓我回到迪諾離開的話題，並感謝您可能已經開始了銷售工作，並且制定了年度計劃。但是，考慮到他的離職以及您接手公司的管理，我們可以期待哪些變化，或者我認為哪些變化可以真正改善今年的銷售情況？

Yeah. We really finished our planning for 2025 towards the end of last year, and now it is about executing on the sales goals with our sales head -- that's helping -- essentially manage the sales team globally, SVP of Product -- SVP of Partnerships and then our VP of Sales Ops & Enablement. And so as I talked a little bit about this and you saw the release of mROC, which is our partner-focused managed services platform as well as really focusing on working with our partners on how do we increase the deal hedges, how do we leverage essentially our margin to make sure that we are able to balance bringing customers to these partners, but also how these partners can actually create revenue for themselves with services that they can anchor around the Qualys platform with consolidation of multiple different capabilities with risk quantification, remediation, et cetera.

是的。我們實際上在去年年底就完成了 2025 年的規劃，現在我們要與我們的銷售主管一起執行銷售目標——這有助於——從本質上管理全球銷售團隊、產品高級副總裁、合作夥伴高級副總裁，然後是我們的銷售營運和支援副總裁。正如我剛才談論的，您看到了 mROC 的發布，這是我們以合作夥伴為中心的託管服務平台，我們真正專注於與合作夥伴合作，研究如何增加交易對沖，如何利用我們的利潤率來確保我們能夠平衡為這些合作夥伴帶來客戶，以及這些合作夥伴如何透過圍繞 Qualys 平台提供的服務為自己創造收入，透過整合風險量化、收入，透過整合風險量化、收入，透過整合風險量化、收入，透過整合風險量化、收入，透過整合風險量化、收入，透過整合風險、收入，透過整合風險、許多不同、補救功能來創造不同。

And so for us, really focusing on the pillars of how are we going to make sure that we last year, as we said, our focus was partner-led for new business. We started end of last year, and this is our key execution this year is how do we also work on our existing business, which has direct customers to leverage that relationship with our partners to potentially bring them some of our direct customers while working with them on a partnership where they bring us new logos so that we can execute towards creating more opportunities for ourselves.

因此對我們來說，真正關注的是如何確保我們去年的重點是合作夥伴主導新業務。我們從去年年底開始，這是我們今年的重點執行，我們如何處理現有業務，即擁有直接客戶，利用與合作夥伴的關係為他們帶來一些直接客戶，同時與他們建立合作夥伴關係，為他們帶來新的標識，以便我們能夠為自己創造更多的機會。

So there are multiple different things that we're focusing on that as well as a focus on our federal business, which is something that we are excited about the potential opportunity so we'll continue to execute on that aspect as well, because our current contribution to the business from federal is extremely small. And so there continues to be a much larger opportunity there.

因此，我們關注的是多個不同的事情，同時也關注我們的聯邦業務，我們對潛在的機會感到非常興奮，所以我們也會繼續在這方面執行，因為目前聯邦對我們業務的貢獻非常小。因此，那裡仍然存在著更大的機會。

So it's really about how do we pivot our execution, which has been a mix of direct and indirectly reduce the friction that is there and then build the confidence with our partners by not only giving them that confidence of the business.

因此，這實際上關乎我們如何調整我們的執行力，即透過直接和間接的方式減少現有的摩擦，然後透過不僅給予合作夥伴對業務的信心來建立與合作夥伴的信心。

We can bring them that is direct with us, but also giving them a potentially significant revenue stream by adding services around the managed rock capability, which we are seeing a lot of global enterprises and driving it towards given that it adds a layer on top of their existing groups as well.

我們不僅可以為他們帶來直接的收入，還可以透過增加圍繞託管岩石功能的服務為他們帶來潛在的可觀收入來源，我們看到許多全球企業都在推動這一進程，因為它在他們現有的群體之上又增加了一層。

Great. And then I just wanted to ask on TotalAI. I mean it seems like there's such a big opportunity there. Maybe stepping back, has there been any early customer feedback on TotaLAI? How are you thinking about it in terms of a growth driver for next year or maybe just picking up steam?

偉大的。然後我只是想在 TotalAI 上問一下。我的意思是那裡似乎有很大的機會。或許退一步來說，有沒有關於 TotaLAI 的早期客戶回饋？您如何看待它作為明年的成長動力，或者只是加速成長？

And then, I know it's all greenfield but who else are you seeing when you're going in and talking about TotalAI? Is there anyone else kind of doing what you're doing here or anything else on just competitive dynamics there?

然後，我知道這都是綠地，但是當您進入並談論 TotalAI 時您還看到了誰？還有其他人在做您所做的事情或從事其他與競爭動態相關的工作嗎？

Great question, I think if you look at the journey of AI itself over the last couple of years. I think in year 2023, a lot of people are looking at that, in 2024 lots of POCs took place in many companies around leveraging LLMs.

很好的問題，我認為如果你看看過去幾年人工智慧本身的發展。我認為在 2023 年，很多人都在關注這一點，在 2024 年，許多公司都會利用 LLM 進行大量 POC。

And then, as we get into 2025, we are going to start to see deployment of a more and more AI LLMs into actual production environments. We saw a little bit of that starting to happen at the end of Q4.

然後，隨著進入 2025 年，我們將開始看到越來越多的 AI LLM 部署到實際生產環境中。我們在第四季末看到了一些這樣的情況開始發生。

And so the -- the questions from customers really are about, how -- what are the things that they can do to secure their AI workloads. And the first question we ask is, well, how many do you have? And they cannot even answer that.

所以，客戶的問題實際上是關於，他們可以做些什麼來保護他們的人工智慧工作負載。我們問的第一個問題是：那麼，你有幾個？他們甚至無法回答這個問題。

And so in that sense, the TotalAI capability, and you probably saw a recent blog, we pointed our Qualys TotalAI to DeepSeek and found a whole bunch of issues. And it's really about helping customers to get a that level of comfort that whatever they are putting out in the production environment is not something that could be jail broken, it's not something that is leaking information that it should not. It is following compliance guidelines as well as detecting vulnerabilities in this.

從這個意義上講，TotalAI 的功能，您可能看過最近的一篇博客，我們將 Qualys TotalAI 指向 DeepSeek 並發現了一大堆問題。這實際上是為了幫助客戶獲得一定程度的安心，確保他們在生產環境中發布的任何內容都不會被越獄，也不會洩露不應該洩露的資訊。它遵循合規性準則並檢測其中的漏洞。

And so -- in that sense, the way we see it is TotalAI is fairly unique, because we're actually able to leverage our existing footprint in the customer environment to first help discover their AI workload so they don't have to deploy a resolution to discover AI in the first place.

所以 — — 從這個意義上說，我們認為 TotalAI 是相當獨特的，因為我們實際上能夠利用我們在客戶環境中的現有足跡來首先幫助他們發現 AI 工作負載，這樣他們就不必部署解決方案來發現 AI。

And then once we discovered those AI workloads, we're actually able to scan them using the scanner, the agent that they already have from Qualys and then provide them that visibility.

一旦我們發現這些 AI 工作負載，我們實際上就可以使用掃描器（他們已經從 Qualys 獲得的代理）對它們進行掃描，然後為他們提供可見性。

So early feedback has been very good, in fact, in our Strategic Advisory Board when we ask our strategic advisory board CSOs to pick the area that is top of mind for them for 2025, AI security came up the most.

因此早期的回饋非常好，事實上，在我們的策略諮詢委員會中，當我們要求策略諮詢委員會的 CSO 選擇他們最關注的 2025 年領域時，人工智慧安全是最重要的。

So we look forward to those engagements, turning into paid opportunities. However, CSOs are also going through this right now, trying to figure out how are they going to pay for this?

因此，我們期待這些合作能轉化為付費機會。然而，民間組織現在也正在經歷這個過程，試圖弄清楚如何支付這筆費用？

Where does that come from? Do they get additional budget? Are they going to get additional rates for security? Are they going to move some of money around from the exiting budget, given that overall increase in cyber spend is not that significant? We don't anticipate it to be that significant.

這是從哪裡來的？他們有獲得額外預算嗎？他們會獲得額外的安全保障費用嗎？鑑於網路支出的整體成長並不那麼顯著，他們是否會從現有預算中轉移一些資金？我們預計它不會有那麼重大。

So I think right now, it's a little bit early for us to know kind of impact it is going to have, but the opportunities that we are starting to see build up are definitely encouraging and positive. And in that sense, that the way we are scanning AI, we feel that it's pretty unique. And that's the feedback that we're getting from customers is this is a great way because they look at it as like the e-gates at immigration, like, the security will scan that LLM before it goes into production, and then give a thumbs a thumbs up or down, so that they can go back and see it.

因此我認為，現在我們來了解它會產生什麼樣的影響還為時過早，但我們開始看到的機會無疑是令人鼓舞和積極的。從這個意義上來說，我們掃描人工智慧的方式非常獨特。這就是我們從客戶那裡得到的反饋，他們認為這是一個很好的方法，因為他們將其視為移民局的電子門，例如，安全人員將在 LLM 投入生產之前對其進行掃描，然後豎起大拇指或豎起大拇指，以便他們可以回去查看。

And again, if you want to see the, kind of, things that our scanner is able to detect, you can read our blog around, when we pointed it to DeepSeek, what are the things that we founded on that. So we're excited about that. We just don't know right now and monitor really how that opportunity is going to evolve. And yes, it is greenfield, but also depends on how much additional budget resource we’ll be able to get from the CFO this year versus next year in terms of investing more in AI security, and we expect that to start this year and have a gradual ramp into next couple of years.

再說一次，如果你想看看我們的掃描器能夠檢測到的東西，你可以閱讀我們的博客，當我們將其指向 DeepSeek 時，我們在此基礎上建立了什麼東西。我們對此感到很興奮。我們現在只是不知道並真正監控這個機會將如何發展。是的，這是一個全新的領域，但也取決於今年和明年我們能從財務長那裡獲得多少額外的預算資源，用於在人工智慧安全方面投入更多資金，我們預計這將從今年開始，並在未來幾年逐步增加。

Great thanks again congrats.

非常感謝，再次恭喜。

Rudy Kessinger from DA Davidson

DA Davidson 的 Rudy Kessinger

Hey, thanks for taking my questions. The last two quarters now, you guys have had pretty good outperformance on both revenue and current calculated billings, I guess just particularly in Q4, just what -- relative to your guidance and expectations, what came in specifically better than expected? I know you said you had a weaker Q4 pipeline going into the quarter. But again, pretty strong revenue, current calculated billings in the quarter.

嘿，謝謝你回答我的問題。過去兩個季度，你們在收入和目前計算的帳單方面都取得了相當不錯的表現，我想特別是在第四季度，相對於你們的指導和預期，哪些方面具體比預期更好？我知道您說過，第四季的銷售管道比較弱。但是，本季的營收和目前計算的帳單仍然相當強勁。

And then just as I look at guidance for Q1 to next year, it doesn't seem like you're really expecting that to continue, particularly in Q1 with the revenue decline expected. So I don't know was there anything maybe onetime in Q4 that drove the upside? Or I'm just trying to put together the strength in Q4 and Q3, but not really seeing that continue in the guidance that you're providing.

然後，當我查看明年第一季的業績指引時，我似乎不認為這種情況會持續下去，尤其是在預期收入會下降的第一季。所以我不知道第四季是否有某個時候推動了上漲的因素？或者我只是想把第四季度和第三季度的優勢結合起來，但在您提供的指導中並沒有真正看到這一點。

Yeah, the second half of 2024 current billings, if you keep looking at that it was higher than the bookings performance partly due to the invoicing cycle. But if you take a look at the revenue in Q4 in particular, we did have better linearity, a little bit better on the renewal in terms of how the deals closed in the quarter that did have an impact on the revenue that we booked in Q4.

是的，2024 年下半年的當前帳單，如果你繼續關注，它會高於預訂表現，部分原因是發票週期。但如果你特別看一下第四季度的收入，我們確實有更好的線性，在續約方面稍微好一點，就本季度的交易完成情況而言，這確實對我們在第四季度實現的收入產生了影響。

Looking into Q1, one of the reasons why Q1 looks a little light is because we're not taking into any consideration from the late renewal slippage into Q1 and then plus the fact that the number of days in Q1 is lower by Q2 relative to Q4.

回顧第一季度，第一季看起來有些清淡的原因之一是我們沒有考慮到第一季度的後期續約滑落，再加上第一季的天數低於第二季度相對於第四季度的事實。

And then looking at the full year, one of the assumptions that we've made was if you take a look at our net dollar expansion rate, currently at 103%, which is great from the predictive of it stabilized. However, if you take a look at a year before or even two years ago, it's down.

然後縱觀全年，我們做出的一個假設是，如果你看看我們的淨美元擴張率，目前為 103%，從預測的穩定性來看，這是一個很好的數字。然而，如果你回顧一下一年前甚至兩年前的情況，你會發現它是下降的。

So taking that into consideration, looking at the trajectory of the business, we are assuming no improvement in net dollar expansion rate going into 2025. And then also the fact that we are taking that partner first approach, so which means that with the partner business currently making up 48% of revenue, in Q4 relative to 44% a year ago. We are expecting that trend to continue into 2025, which could have a shorter-term negative impact in the growth.

因此考慮到這一點，並縱觀業務發展軌跡，我們假設到 2025 年淨美元擴張率不會有任何改善。而且我們採取的是合作夥伴優先的方式，這意味著合作夥伴業務目前佔第四季營收的 48%，而去年同期為 44%。我們預計這一趨勢將持續到 2025 年，這可能會對成長產生短期負面影響。

Okay. And on the new logo front, I know for the first half of quarters in 2024, you caught out, I think, double-digit year-over-year growth in new logo bookings. I know Q4 was a tougher comp. But where did that land in Q4? And I know you're keeping that expectation of DBNER to remain steady, 1 of 3. Like what is your expectation then on new logo bookings growth in 2025? It would seem to be -- it's expected to be weaker growth than '24.

好的。在新標誌方面，我知道在 2024 年上半個季度，新標誌預訂量將實現同比增長兩位數。我知道 Q4 的比賽更加艱難。但第四季的結果如何呢？而且我知道您對 DBNER 的期望是保持穩定，1/3。那麼您對於 2025 年新標誌預訂量成長的預期是什麼？看起來—預計成長將比24年更弱。

Yes. That is the assumption that we're making right now because in Q4, like -- last quarter earnings, we had called out the fact that Q4 looked to be a little bit light from the new bookings perspective and actually it did turn out to be bad. We were a little bit disappointed with new bookings performance and the amount that it added to the revenue growth rate. So, we're kind of assuming that it will continue on that path into 2025, we're not expecting meaningful growth in the new business, especially particularly just because we are more focused on landing new logos through our partners. So we'll be working with them very closely to see what kind of incentives that we can offer them, so that they can really go out into the market and help us to get new customers in.

是的。這是我們現在做出的假設，因為在第四季度，例如上個季度的收益中，我們已經指出，從新訂單的角度來看，第四季度的業績似乎有些疲軟，而事實上結果確實很糟糕。我們對新訂單的表現以及它對收入成長率的貢獻感到有點失望。因此，我們假設它會沿著這條道路持續到 2025 年，我們並不期待新業務實現有意義的成長，尤其是因為我們更專注於透過合作夥伴獲得新標誌。因此，我們將與他們密切合作，看看可以為他們提供什麼樣的激勵措施，以便他們能夠真正進入市場並幫助我們獲得新客戶。

Okay, that's all very helpful.

好的，這一切都非常有幫助。

Thank you.

謝謝。

Josh Tilton from Wolfe Research

Wolfe Research 的 Josh Tilton

This is Mark on for Josh Tilton. Just one quick question. We've heard several vendors talk about the services related to the federal vertical and the administration change. And we just wanted to ask, how are you thinking about that for the coming year in terms of potential opportunity and how it's factored into the guidance? Thanks.

這是喬許·蒂爾頓 (Josh Tilton) 的馬克 (Mark)。只需一個簡單的問題。我們聽到一些供應商談論與聯邦垂直和行政變革相關的服務。我們只是想問一下，從潛在機會的角度來看，您如何看待來年的情況以及如何將其納入指導中？謝謝。

Yes. We're super excited about the opportunity, right? And I think what exactly the administration will do on a day-to-day basis. I think it's -- your guess is as good as mine right now with all the things that are changing. However, think the narrative from the new administration has definitely been about not doing things the old way and really bringing more efficiency in everything that the federal government is doing. And so that -- we look at that as opportunities for us because manufacture agencies for many years have been using on-prem vulnerability assessment capabilities that are arcane that are costly to maintain, need a lot of hardware, need a lot of people. And so, as we await our FedRAMP high certification, which will then make our platform as one of the only FedRAMP high platforms that does vulnerability management, patent management and EDR -- risk management, all in a single platform.

是的。我們對這個機會感到非常興奮，對吧？我認為政府在日常工作中會具體做些什麼。我認為——鑑於所有事情都在發生變化，你的猜測現在和我的一樣糟糕。然而，我認為新政府的口號肯定是不再以舊方式做事，而是真正提高聯邦政府所做的一切工作的效率。因此，我們將此視為機遇，因為製造機構多年來一直在使用內部漏洞評估功能，這些功能非常複雜，維護成本高昂，需要大量硬體和人力。因此，我們正在等待 FedRAMP 高級認證，這將使我們的平台成為唯一在單一平台上進行漏洞管理、專利管理和 EDR（風險管理）的 FedRAMP 高級平台之一。

We are excited about the potential opportunities that it can bring. We continue to invest in our federal team. That is one of the things we're focusing on this year, focusing GTM, growing the team as well on the federal side. And with that and just a little bit hard right now to know when we will get that FedRAMP high certification this year with administration changes, but we are hopeful for that. And once we get that, that can open up quite a bit of opportunities for us, but hard to tell right now what impact it will have on 2025. So we're not factoring that anything major in it right now. But overall, given the narrative of being able to bring efficiencies and being able to modernize infrastructure and moving in a more positive direction, we think we're well suited to capitalize on that versus on-prem older on-prem solutions that have been incumbent there for a while.

我們對它能帶來的潛在機會感到非常興奮。我們將繼續對我們的聯邦團隊進行投資。這是我們今年關注的事情之一，關注 GTM，並在聯邦方面發展團隊。有鑑於此，儘管現在有點難以知道隨著管理變革我們何時能夠在今年獲得 FedRAMP 高級認證，但我們對此充滿希望。一旦我們實現這一目標，就會為我們帶來很多機會，但現在很難說它會對 2025 年產生什麼影響。因此我們現在還沒有考慮任何重大因素。但總的來說，考慮到能夠提高效率、能夠實現基礎設施的現代化並朝著更積極的方向發展，我們認為我們非常適合利用這一點，而不是已經存在一段時間的舊的本地解決方案。

Yun Kim from Loop Capital Markets.

Loop Capital Markets 的 Yun Kim。

Hey, great. Thank you. Quick question on the Enterprise, TruRisk Management or ETM. It seems like that's a clear differentiator for you guys out there. And it's definitely something that at least I'm keeping an eye on. If you can just talk about the overall go-to-market motion around ETM, the competitive landscape. And obviously, we're heavily leveraging the channel this year. Is this a product that could be leveraged into the channel? Not just direct? Thanks.

嘿，太棒了。謝謝。關於企業、TruRisk 管理或 ETM 的快速問題。這對你們來說似乎是一個明顯的區別因素。這絕對是我至少在關注的事情。能談談 ETM 的整體上市動向和競爭格局嗎？顯然，我們今年將大力利用該管道。這是一個可以利用通路的產品嗎？不只是直接？謝謝。

Yes, that's a really good question. Especially, if you look at right now, we don't – we believe we don't see any other solution in that space that is as comprehensive of ours because you have some aggregation solutions that are very focused on vulnerability aggregation, but they don't do risk quantification. There are some that do some risk quantification, but they don't do the aggregation part as well. And definitely, they don't see anybody who is kind of doing that, also doing a good job at remediation.

是的，這是一個非常好的問題。特別是，如果你現在看，我們相信我們沒有看到該領域任何其他解決方案像我們的一樣全面，因為你有一些聚合解決方案非常專注於漏洞聚合，但它們不進行風險量化。有些人會做一些風險量化，但他們不會很好地進行聚合部分。而且他們確實沒有看到任何人這樣做，並且能夠很好地進行補救。

And so if you look at the Qualys ETM platform and the concept of the risk operation center, which a lot of our CISOs are super excited about because they don't want to go to the Board for next year's strategy and say that they just want to implement another solution for multifactor authentication as their strategy. They want to be able to say we're building out the risk operation center, just like 10 years ago, we built our security operations center for Threat Detection.

因此，如果您看一下 Qualys ETM 平台和風險營運中心的概念，您會發現我們的許多 CISO 對此都非常興奮，因為他們不想去董事會討論明年的策略，也不想說他們只是想實施另一種多因素身分驗證解決方案作為他們的策略。他們希望能夠說我們正在建造風險營運中心，就像十年前我們為威脅偵測建造了安全營運中心一樣。

We want to do proactive risk management. And the ETM platform enables bringing out a risk operation center. And that's why because it provides various quantification, it provides the ability for the CISO to be able to have a conversation.

我們希望進行主動的風險管理。且ETM平台可以帶出風險營運中心。這就是為什麼它提供了各種量化，為 CISO 提供了對話的能力。

Today, they say we fix so many things and we had so many issues, but that doesn't mean anything to the business. ETM allows them to go out and be able to say, look, our $500 million business as a potential loss of $10 million a day. And currently, based on risk signals from multiple different products, the possibility of that happening is high. And if we invest $500,000, we can bring that risk down to an acceptable level and so now it is a much better conversation that the CISOs can have with the CFOs to say, "Look, we can invest $500,000 in this particular area of cybersecurity and to bring down the potential of losing $10 million a day by 80%, that's a much better conversation as to how they look at it and that's the feedback that we have gotten. And we don't see other platforms out there right now that are really enabling that.

今天，他們說我們修復了很多東西，遇到了很多問題，但這對業務來說並不意味著什麼。ETM 允許他們出去說，你看，我們的 5 億美元業務每天可能損失 1000 萬美元。目前，根據多種不同產品的風險訊號，發生這種情況的可能性很高。如果我們投資 50 萬美元，我們就能將風險降至可接受的水平，因此現在 CISO 可以與 CFO 進行更好的對話，可以說，「看，我們可以在網路安全這個特定領域投資 50 萬美元，將每天 1000 萬美元的損失可能性降低 80%，這是一個更好的對話，他們可以了解他們如何得到反饋的這個問題，這就是我們如何得到反饋的反饋。目前我們還沒有看到其他平台真正實現這一目標。

I think the GTM definitely evolved for us this year as ETM comes out because now it's less about a replacement conversation about your existing vulnerability management solutions, so our new business sellers can really go out there and say, that's okay, you can keep the current solutions that you have, if you have this cloud provider and that vulnerability provider and that identity provider. We're not here to have an immediate replacement conversation.

我認為，隨著 ETM 的推出，GTM 今年對我們來說肯定有了發展，因為現在它不再是關於現有漏洞管理解決方案的替代對話，所以我們的新業務銷售人員可以真正地走出去說，沒關係，你可以保留你現有的解決方案，如果你有這個雲端供應商、那個漏洞提供者和那個身分提供者。我們來這裡不是為了立即進行替換對話。

We can easily take the data from all of them, and we can show you a consolidated view of the risk coming from all these existing solutions, which makes it a little bit easier for the CISO not to have to go for a fight with their internal teams to replace the tool that is already working well for them just because they're getting some additional potential discount. So it essentially means our new business sellers, any customer that has any cybersecurity tool set becomes a potential customer for us for acquiring new logos and doesn't have to take that long as it would if you're replacing another solution.

我們可以輕鬆地從所有這些解決方案中獲取數據，並向您展示來自所有這些現有解決方案的風險的綜合視圖，這使得 CISO 不必與他們的內部團隊發生爭執來更換已經運行良好的工具，因為他們會獲得一些額外的潛在折扣。因此，這本質上意味著我們的新業務賣家，任何擁有網路安全工具集的客戶都會成為我們獲取新標誌的潛在客戶，而且不必像更換其他解決方案那樣花費那麼長時間。

Our post-sales team, they get an opportunity for existing customers that might have some other solutions for cloud security for EDR to then go and layer that on top. And we already had one customer that has a well-known cloud security provider just for their cloud estate, but then they are purchasing the ETM capability, paying us additional revenue on top of what they're paying their cloud provider to consolidate those findings into one, right? So it gives us the opportunity to make revenue on top of any investment that the customer might have made in other tools as well.

我們的售後團隊為現有客戶提供了機會，這些客戶可能對 EDR 雲端安全有一些其他解決方案，然後可以將其疊加在頂層。我們已經有一個客戶，他的雲端資產由一家知名的雲端安全供應商提供，然後他們購買了 ETM 功能，除了向雲端供應商支付將這些發現整合在一起的費用之外，還向我們支付了額外的收入，對嗎？因此，它使我們有機會在客戶對其他工具進行的投資的基礎上獲得收入。

But also from a partner perspective, as we work with partners, of course, the partners have been selling our competitor solutions for certain margin, and you could give them a little bit more margin here or there, but that doesn't move the needle as much. However, many of the providers who are resellers, et cetera, are moving to figuring out how they can increase revenue significantly with managed services because services is where they can make a lot of business. And so today with the deployment of ETM where we largest customers are actually the ones who are looking at deployment, they need services around that and services for risk quantification, service for aggregation, service for risk monitoring, service for risk elimination. And these are brand-new services.

但從合作夥伴的角度來看，當我們與合作夥伴合作時，當然，合作夥伴一直在以一定的利潤銷售我們競爭對手的解決方案，你可以在這裡或那裡給他們多一點的利潤，但這並沒有太大的變化。然而，許多作為經銷商等的提供者正在研究如何利用託管服務大幅增加收入，因為服務是他們可以開展大量業務的地方。因此，今天隨著 ETM 的部署，我們最大的客戶實際上是那些正在考慮部署的人，他們需要圍繞這一點的服務以及風險量化服務、聚合服務、風險監控服務、風險消除服務。這些都是全新的服務。

So these partners today are in the MDR market, which is a cutthroat market and the MDR source is provided by many people. But the reason why partners are excited and can potentially bring even more business to Qualys because every business of purchasing Qualys products that they bring can add additional services for them on top of Qualys that they can generate revenue on.

所以今天這些合作夥伴處於MDR市場，這是一個殘酷的市場，MDR來源由許多人提供。但合作夥伴之所以興奮並有可能為 Qualys 帶來更多業務，是因為每家購買 Qualys 產品的企業都可以在 Qualys 的基礎上添加額外的服務，從而為他們創造收入。

And so that is where a key part of what we are doing. And you saw the reads that we did with mROC is really about enabling ETM to be delivered through our partners for the most part, so that partners are excited about larger deals, bringing those to us and also they don't have to constantly get in the conversations of replacing tools to make additional revenue.

這就是我們正在做的工作的關鍵部分。並且您看到了，我們與 mROC 合作所做的努力實際上是為了使 ETM 大部分能夠透過我們的合作夥伴來交付，以便合作夥伴對更大的交易感到興奮，將這些交易帶給我們，而且他們不必不斷地討論更換工具來賺取額外的收入。

So a little bit of a longer answer, but it's something that is definitely an interesting way for us to tweak our GTM and have less replacement conversations and more about consolidation and letting them use the existing tool set that they have us. Because honestly, when we talk to our CISOs, very few of them, if at all, are actually thinking that they're going to replace all of their tools with a single vendor.

所以這是一個比較長的答案，但這絕對是一種有趣的方式，讓我們可以調整我們的 GTM，減少關於替換的對話，更多地進行合併，並讓他們使用我們現有的工具集。因為說實話，當我們與 CISO 交談時，很少人（如果有的話）真正想到要用單一供應商取代所有工具。

Well, I can tell that you're very excited about the opportunity around ETM. So just another question around the investments that you're making around the indirect channels. You already talked about the opportunity around MSSPs, but what about the hyperscalers and CSP? Is this something that could be also deployed on the cloud environment as well, meaning the CSP environment?

好吧，我可以說你對於 ETM 帶來的機會感到非常興奮。所以另一個問題是關於您在間接管道上進行的投資。您已經談到了 MSSP 周圍的機會，但是超大規模企業和 CSP 呢？這是否也可以部署在雲端環境（即 CSP 環境）上？

Yes, for sure, I think today, if you look at -- you can have this cloud security solution that is either provided by the CSP or is provided by one of the cloud-only solutions. But when I ask CISOs, I say that's great. So now you know you have 75 buckets that are open, but how does that impact your business? Do you know how much you'll stand to lose because of these budgets up and then they cannot answer that question because a lot of times, the risk may not be in the cloud directly, but the risk might be coming from a malware that is on the laptop of the admin who is looking to access that that particular cloud account. And a cloud-only provider cannot pick up, but an EDR provider will pick up the risk, how do you tie these two things together. And that's where something like ETM can be useful. And as our larger customers, they are working with different cloud providers, and they have EDP credits with different cloud providers, and they can leverage those.

是的，當然，我認為今天，如果您看一下——您可以擁有由 CSP 提供或由僅限雲端的解決方案之一提供的雲端安全解決方案。但當我問 CISO 時，我說這很棒。現在您知道有 75 個儲存桶處於開啟狀態，但這對您的業務有何影響？您知道由於這些預算增加您將會遭受多少損失嗎？僅提供雲端服務的供應商無法承擔風險，但 EDR 提供者將承擔風險，如何將兩者結合在一起。這時，ETM 之類的工具就派上用場了。作為我們的大客戶，他們正在與不同的雲端供應商合作，並且他們在不同的雲端供應商擁有 EDP 信用，他們可以利用這些信用。

We continue to work with them to find a way that we can essentially map customers that can -- that have other tools, but can actually use their credits to purchase things like ETM as well or working with partners who can then transact through some of these cloud providers for their credit. So, I think those are also opportunities that we are continuing to explore. We recently had a conversation with the cloud provider exactly around that. And so that's an area that we continue to push forward this year as well.

我們將繼續與他們合作，尋找一種方法，從本質上為擁有其他工具但實際上可以使用其信用來購買 ETM 等產品的客戶提供服務，或者與合作夥伴合作，透過其中一些雲端提供者來獲取其信用。所以，我認為這些也是我們正在繼續探索的機會。我們最近與雲端提供者就此進行了對話。所以這也是我們今年將繼續推進的領域。

Okay, great. Thanks and good luck with the ETN this year. Wish you the best around that.

好的，太好了。謝謝您，並祝福今年的 ETN 好運。祝你一切順利。

Jonathan Ho from William Blair.

威廉布萊爾 (William Blair) 的 Jonathan Ho。

Hi, good afternoon and congrats on the strong result. I just wanted to understand sort of relative to your guidance, how we should be thinking about the level of investments that you're making this year and maybe where you see the most opportunity to leverage that either relative to your go-to-market comments or on the product side? Thank you.

大家下午好，恭喜你取得的優異成績。我只是想了解相對於您的指導，我們應該如何考慮您今年的投資水平，以及您認為在哪裡最有機會利用這些投資，無論是相對於您的市場進入評論還是在產品方面？謝謝。

I think for us, we continue to evolve the product. And so there are opportunities for us to work with our partners on things like mROC. But I think our focus continues to be on GTM investments. That's where we were, again, tracking returns, seeing the success we're seeing with partners. And so it's really going to be about how do we continue to find ways with our partners to invest in GTM, but pivot more towards working with partners to bring them business and so that they can bring this business, doing co-marketing, joint marketing, et cetera, investing in road shows around mROC, et cetera, and then investments in the federal business, which is something that we want to continue to do.

我認為對我們來說，我們會繼續改進產品。因此，我們有機會與合作夥伴共同進行 mROC 等方面的合作。但我認為我們的重點仍然是 GTM 投資。這就是我們再次追蹤回報並看到與合作夥伴共同取得的成功的地方。因此，這實際上將取決於我們如何繼續與合作夥伴一起尋找投資 GTM 的方法，但更多地轉向與合作夥伴合作為他們帶來業務，以便他們可以帶來這項業務，進行聯合營銷、聯合營銷等，投資 mROC 周圍的路演等，然後投資聯邦業務，這是我們希望繼續做的事情。

So, those are essentially areas that we are looking to do. I think product development area is something that we do well and we do very efficiently as well. And so we will continue to add capabilities there.

所以，這些基本上就是我們希望做的領域。我認為產品開發領域是我們擅長的並且我們做得非常有效率。因此我們將繼續在那裡增加功能。

And of course, there will be certain investments in solution architects and the functions around the sales team with success for being able to go out and do POCs around mROC and around ETM, et cetera. But that's really how I see where we're going to be continuing our investment and not necessarily so much on engineering and product increases.

當然，我們會對解決方案架構師和銷售團隊周圍的職能進行一定的投資，以便能夠成功地圍繞 mROC 和 ETM 等等進行 POC。但我確實看到我們將繼續投資，而不一定在工程和產品成長上投入太多。

Got it. And just as a quick follow-up. I mean, I think we've seen a lot of emphasis around TruRisk and TotalCloud in our conversation. How do you think about this approach of selling on the bundling side and potentially what that uplift looks like from a revenue standpoint, maybe not immediately, but over time? And how do we think of that especially along the axis of adding additional product versus adding additional assets? Thank you.

知道了。這只是快速的後續行動。我的意思是，我認為我們在談話中看到了很多關於 TruRisk 和 TotalCloud 的強調。您如何看待這種捆綁銷售方式？那麼，我們該如何看待這一點，尤其是從增加額外產品與增加額外資產的角度呢？謝謝。

Yes, we are actually excited about the opportunity. We see that as ETM, which is -- ETM becomes a layer on top of the different cybersecurity capabilities that the company has. And ETM becomes the layer through which the CISOs really interact with the platform.

是的，我們確實對這個機會感到非常興奮。我們將其視為 ETM，即 ETM 成為公司現有不同網路安全能力的頂層。ETM 成為 CISO 真正與平台互動的層。

And so the way we see that is that -- those who want to adopt ETM, the platform play becomes actually quite interesting because now for ETM, they can actually adopt inventory, they can adopt vulnerability management cloud security, some of these modules from Qualys as they need and then also bring data from other third-parties as well.

因此，我們看到的是，對於想要採用 ETM 的人來說，平台的運作實際上變得非常有趣，因為現在對於 ETM 來說，他們實際上可以採用庫存，他們可以採用漏洞管理雲端安全，以及他們需要的來自 Qualys 的一些模組，然後還可以從其他第三方獲取資料。

And so as we get feedback from our customers, we do see that ETM can allow us more conversations around, here's a platform that is going to essentially pull in the things that you -- the basic things that you need for your initial risk management and then you can layer on by using additional spend for third-party data coming in.

因此，當我們收到客戶的回饋時，我們確實看到 ETM 可以讓我們進行更多的對話，這是一個平台，它基本上可以吸收您最初風險管理所需的基本內容，然後您可以透過使用額外支出來獲取第三方資料。

And as we learn through these conversations with our initial customers, I think that is going to inform later this year on how we come up with the packaging and bundling around ETM that includes multiple Qualys modules.

透過與初始客戶的對話，我們了解到了一些東西，我認為這將在今年稍後為我們提供有關如何圍繞包含多個 Qualys 模組的 ETM 進行包裝和捆綁的信息。

Today, we are already seeing conversations with our existing customers, where they are actually looking to buy additional Qualys modules just because they integrate into a singular score, right? That's the idea is that instead of getting all these big lists. And when I talk to CISOs and ask them what is the risk posture view today, they show me ten different dashboard from ten different tools, but that doesn't say anything about how much risk a particular entity in that environment has because every single facility tool is reporting a different set of findings. So true risk anchors to say, well, why should I buy AppSec from Qualys versus somebody else because the Qualys AppSec is already built into the platform, and there is no additional cost right now to use that within ETM.

今天，我們已經看到與現有客戶的對話，他們實際上希望購買額外的 Qualys 模組，只是因為它們可以整合到單一分數中，對嗎？這個想法就是，不要得到所有這些大清單。當我與 CISO 交談並詢問他們當前的風險態勢視圖是什麼時，他們會向我展示來自十種不同工具的十個不同的儀表板，但這並不能說明該環境中特定實體的風險有多大，因為每個設施工具都報告了一組不同的發現。因此真正的風險在於說，為什麼我應該從 Qualys 購買 AppSec，而不是從其他地方購買，因為 Qualys AppSec 已經內建在平台中，而且目前在 ETM 內使用它無需額外費用。

So it's like you can bring AppSec data from a third-party, if you would like. So we're open to that, but then they pay for the data incision or if they use the Qualys module, which we already have, that they don't have to pay for the ETM ingestion license as an example, and that is an insight growth potentially for them.

因此，如果您願意的話，您可以從第三方取得 AppSec 資料。因此，我們對此持開放態度，但是他們要為數據切割付費，或者如果他們使用我們已經擁有的 Qualys 模組，那麼他們就不必為 ETM 提取許可證付費，這對他們來說可能是一個洞察力的增長。

So as we roll this out, we will get feedback from customers and see how that increases our attach rate additional products. And then how do we come up with the pricing that allows them to adopt more capabilities as part of ETM without having to create purchase orders every time they want to try something new.

因此，當我們推出這項服務時，我們將獲得來自客戶的回饋，並觀察這如何提高我們附加產品的附加率。然後，我們如何制定定價，讓他們能夠採用 ETM 的更多功能，而不必在每次想要嘗試新功能時建立採購訂單。

So in a way, how do we find a way to give them access to bundle or at least to have access to multiple capabilities from Qualys within the spend that they have with us. So these are things that we are working through right now and that we are excited about getting feedback from our customers. And that should inform how we roll-out bundling and pricing at some point later this year.

因此，從某種意義上說，我們如何找到一種方法，讓他們能夠存取捆綁產品，或者至少讓他們能夠在與我們合作的範圍內存取 Qualys 的多種功能。這些都是我們現在正在努力解決的事情，我們很高興收到客戶的回饋。這應該會告訴我們今年晚些時候如何推出捆綁和定價。

Excellent thank you.

非常感謝。

Brian Essex from JPM

JPM 的 Brian Essex

This is (inaudible) on for Brian Essex. A quick question. I guess, you've now provided your revenue guidance for the year. How should we think about billings, especially with the strong billings that you had the last two quarters? Should it follow a similar trajectory to what you provided for revenue guidance? And overall, like how should we think of it throughout the -- going throughout the year? Thanks.

這是 Brian Essex 的（聽不清楚）。一個簡單的問題。我想，您現在已經提供了今年的收入指導。我們應該如何看待帳單，尤其是考慮到過去兩個季度的強勁帳單？它是否應該遵循與您提供的收入指導類似的軌跡？總的來說，我們該如何看待這個問題以及如何度過這一年？謝謝。

Yes. For current billings, we ended the year at 9% and total revenue growth rate of 10% for 2024. I would just assume for now since we don't provide current billing guidance, you can assume the same current billing growth rate in 2025 as a revenue guidance, which is $68 million.

是的。就目前的帳單而言，我們今年的年收入成長率為 9%，2024 年的總收入成長率為 10%。我現在只是假設，由於我們不提供當前的帳單指導，您可以假設 2025 年的當前帳單成長率與收入指導相同，即 6800 萬美元。

Got it. Thanks. And I have a quick follow-up. Can you help me understand like what do you think still needs to happen in the channel to see investments translate to top-line growth? I know like overall investments in the channel can be a lagging effect versus just investing in direct. Like at what point do you think you've invested what you need to do? Is it just that you need to continue with product knowledge overall is what still needs to happen? Thanks.

知道了。謝謝。我還有一個快速的跟進。您能否幫助我理解，您認為通路中還需要發生什麼才能使投資轉化為營收成長？我知道，與直接投資相比，通路的整體投資可能會產生滯後效應。例如，您認為什麼時候您已經投入了需要做的事情？是不是只是需要繼續掌握產品知識，整體來說這還需要發生嗎？謝謝。

Yes. I know, this is a multiyear program that we launched a couple of years ago and initially was just repairing our relationship with partners, in building confidence and getting initial deal regis up. We evolved that strategy into going fully new business partner first, which was, sort of, the next step. This year we are focusing on working to see how we can take some of our direct customers to the partners and have them bring us additional net new logos for having this partnership, the evolution -- next evolution of that is -- the margins and the percentages are fine, but how can we help them make $10 of services revenue on top of a dollar of product revenue potentially, right? That's where the evolution of mROC is.

是的。我知道，這是我們幾年前啟動的多年期計劃，最初只是為了修復與合作夥伴的關係，建立信心並完成初步交易註冊。我們將該策略發展為首先尋求全新的業務合作夥伴，這是下一步。今年我們重點介紹如何將我們的一些直接客戶帶給合作夥伴，並讓他們為我們提供額外的淨新標誌，這種合作關係的演變——下一步的演變是——利潤率和百分比都很好，但我們如何才能幫助他們在 1 美元的產品收入之上賺取 10 美元的服務收入，對吧？這就是 mROC 的進化之處。

And so I think we -- internally, of course, we continue to track our deal wages, we continue to track our win rates with partners, so it is particular that we're having good success with our strategy so far. And so now it is about pivoting towards that.

所以我認為，我們——當然，在內部，我們會繼續追蹤我們的交易工資，我們會繼續追蹤我們與合作夥伴的成功率，因此，到目前為止，我們的策略取得了良好的成功。所以現在我們要轉向這個方向。

And I think you have done a pretty good job of going from 60-40 down to a 52-48 split, while we're reasonably maintaining our margin. And so I think the customer into the way that we are thoughtfully tracking our investments and working with all partners.

我認為你們做得非常好，從 60-40 的分成比例下降到 52-48，同時我們也合理地保持了我們的差距。因此，我認為客戶會喜歡我們周到地追蹤我們的投資並與所有合作夥伴合作的方式。

So we continue to work with our partners and continue to improve our deal wages and then improve our win rates over partners. And part of that is we're doing a lot of investment spending time with that at their SK or providing them opportunities for up-sells with collateral and material and then also a lot of training that we are doing these partners

因此，我們將繼續與合作夥伴合作，繼續提高交易報酬，然後提高我們對合作夥伴的成功率。其中一部分是我們投入了大量的時間在他們的 SK 上，或者為他們提供附加銷售的機會，並提供抵押品和材料，然後我們還為這些合作夥伴提供了很多培訓

So they become aware of the Qualys capabilities and how to pitch some of the Qualys capabilities. So that -- those are all areas that we have been investing in. And we continue to invest there.

因此，他們意識到了 Qualys 的功能以及如何推銷部分 Qualys 功能。所以——這些都是我們一直在投資的領域。我們會繼續在那裡投資。

Hamza Fodderwala from Morgan Stanley.

摩根士丹利的 Hamza Fodderwala。

Hi. This is [Oscar] on for Hamza. Thank you for taking my question and congrats on solid result this quarter. Going back to guidance, last quarter, you noted expectations for ongoing budget scrutiny to proceed going forward.

你好。這是 Hamza 的 [奧斯卡]。感謝您回答我的問題，並祝賀您本季取得了可觀的業績。回顧上個季度的指導，您指出，預計未來將持續進行預算審查。

Today, you're expecting NRR to sustain at around 10%. And if I heard correctly earlier, you noted expectations for near-term potential adjustments to guide incorporate the CRO transition. So can you help us bring all that together? And how should we think about level of conservatism to guide. Thank you.

今天，您預計 NRR 將維持在 10% 左右。如果我之前沒有聽錯的話，您曾指出，預計近期可能會進行調整以指導 CRO 轉型。那麼你能幫助我們把所有這些整合在一起嗎？以及我們該如何思考引導的保守程度。謝謝。

Yeah. I think our guidance for this year takes into consideration of the points that you just laid out. I think that the biggest growth drivers in our business, it's still our existing customers.

是的。我認為我們今年的指導已經考慮到了您剛才提出的觀點。我認為我們業務的最大成長動力仍然是我們的現有客戶。

So if you take a look at our net dollar expansion rate having ticked down consistently for the last couple of years, because of where we ended in 2024 at 103, we're assuming no improvement to that 103% entering 2025 and given the light new bookings performance in Q4, and we're assuming that will kind of continue into 2025, that's informed our guidance of 6% to 8%.

因此，如果您查看我們過去幾年的淨美元擴張率持續下降的情況，由於 2024 年的水平為 103，我們假設進入 2025 年不會改善至 103%，並且考慮到第四季度新預訂量表現疲軟，我們假設這種情況將持續到 2025 年，這為我們 6% 至 8% 的預期提供了依據。

And this is what we see today. And we thought it was prudent for us to guide based on what we see today versus like Sumedh talked about. There's a lot of opportunities in the business and upside within our products like ETM, working very closely with partners to drive new local land as well as expand. But again, that's the timing of realizing that and recognizing into revenue is a little bit uncertain.

這就是我們今天所看到的。我們認為，根據今天所見的情況而不是像 Sumedh 所說的那樣來製定指導是明智的。我們的產品（如 ETM）在業務和成長方面都有很多機會，我們與合作夥伴密切合作，推動新的本地土地開發並實現擴張。但再次，實現這一點並確認為收入的時機有點不確定。

Got it. Very helpful. Thank you very much. That's it for me.

知道了。非常有幫助。非常感謝。對我來說就是這樣了。

Thank you. At this time, this concludes today's conference call. Thank you for participating. You may now disconnect.

謝謝。到此，今天的電話會議就結束了。感謝您的參與。您現在可以斷開連線。