Check Point Software Technologies Ltd. (CHKP) Earnings Call Transcript & Summary

Perfect. Welcome, everybody, bright and early here in London on Tuesday. I'm Meta Marshall. I head up cybersecurity research here at Morgan Stanley, filling Hamza's shoes in his departure. We're delighted to have Check Point here today. For any research disclosures, please see morganstanleyresearch.com. And I'm going to hand it over to Kip to give a little bit of a safe harbor for Check Point before we start.

So good morning, everyone. During the course of the presentation, there may be forward-looking statements made. As with all forward-looking statements, there's risks and uncertainties that could affect the outcome of results. If you'd like a comprehensive but not exhaustive list of those risk factors, maybe read something before you go to sleep, so you do go to sleep quickly. Take a peek at our 20-F filed with the sec.gov. And as with all forward-looking statements, we reserve the right to update as required by law. And back to you, Meta.

All right. So we're delighted to have Roei Golan here, CFO of Check Point here with us today. It's been almost a year since the CEO transition in Check Point's history. From your vantage point as CFO, just what has changed in terms of strategic priorities, decision-making cadence or risk appetite?

So first, great to be here. Thanks for hosting us. So Nadav joined us in December. Actually, I think it's today, he's marking the first year. I think he joined in December 9. So I think since Nadav joined, we felt there are many changes in the company that Nadav brings. Again, I don't think that -- in the end, Check Point is an amazing company before Nadav. It was a great company before then. But definitely, when Nadav joined, he understand that in order to make this company even better, some changes needs to be done and mainly around the go-to-market. Since he joined, I'll start from individuals, he almost changed all the go-to-market leadership. We have a new CRO. We have a new Global Head of Americas that just joined us a few weeks ago, Rachel. We have a new CMO that came from BeyondTrust that arrived -- that joined us in September. And we have other leaders, second-line managers, leaders that joined. So I think there are a lot of changes in terms of individuals in the go-to-market. So that's one aspect. The other aspect in terms of the leadership, it was important for Nadav to hear the voice of the customer, not only from one person. Before he joined, we had one or two persons in the leadership forum that represent the voice of the customer. Today, we are -- we have six people. And that's important because when I'm looking on -- when I've been in these leadership meetings before Nadav joined, before these changes and now, the narrative of the discussions are different. It's not that we didn't talk about the go-to-market before. But when you have six people that represent the voice of the customers in these meetings, you definitely feel different narrative, not only one opinion from one person that represent the voice of the customer. And definitely, that's -- this is a significant change. So that's from the individual changes that he's done. I think the even more important change that he is trying to do is on the culture perspective. I think the importance for him to have first transparency to the employees. I think we are doing today almost every -- not almost every quarter, there is a [ all-in ] for all company when Nadav is sharing his strategic, his views on the company, where the company is heading. And that's something that -- it's new. I mean, it's something that we didn't do in the past. And second, even more important, the sense of urgency. As I said, it's not that we didn't have sense of urgency before, but I think that the focus today and sense of urgency that things cannot be postponed, and we need to get back to customers or even to our internal customer, which -- employees, as soon as possible and not delaying anything. I think that's something that's been changed. I mean, since he joined, mainly because of his focus on that. So again, a lot of changes. Last thing that I would like to add, I think also very important, the C-level engagement. When I'm talking about C-level engagement, so we -- Nadav came from a cybersecurity background. Although he was not the CEO of a corporate, he was at Team8, the founder of Team8. He spent there more than 10 years. And during this time, he managed to have a significant group of people that is -- he knows, connections. And definitely, we feel it today. We feel today that his meetings with the C-level, which is start with the CISO of the largest banks in the world or largest companies in the world and then with the CIOs and even with the CEOs, that's something that we have less in the past. And that's definitely -- it's tough to quantify it in numbers, but that's definitely on the long run will help us to accelerate our business just from these engagements.

Okay. So you just listed off a good list of kind of increased engagement with customers, increased engagement and culture, the C-level engagement. How does that translate to the model? You guys have had leading margins, but maybe mid- to high single-digit revenue growth. Just how are you thinking about that balance of kind of this push and urgency sense that you just mentioned versus kind of protecting margins over the next 2 to 3 years?

So I think, as you said, we have, I think, the best margins in the sector. Even today, I know that our margin went down slightly in the last few years, but still we're talking about 41% to 42% margin that we finished this year. And as we mentioned a few times and Nadav mentioned a few times in the earnings calls, we are not afraid of sacrifice slightly the margins. But in the end, we're going to keep investing in growth, but responsibly. Not like -- you should not expect from us to take down the margin in 1 year in 5 points or even 4 points. I mean that's not -- I don't think that we need it. I think we might go invest in certain areas more in order to accelerate growth, but it's going to be very responsibly, prudently, and that's how we look at it. There's no actually balance. But as I say, I mean, we want to show progress, and we want to accelerate growth every year. So right now, if you're looking on our midpoint, so it's around the 6% growth, we want to grow faster. It's next year and the year after. Again, I didn't get yet the question on the double digits, sometimes -- usually I'm getting it. But again, it's going to take gradually. I mean, the improvement will take every year. Not -- you should not expect from us in revenues to go from 6% to 10% in 1 year. It's -- again, we're going to do it responsibly, and we want to see improvement every year like we've seen in the last quarter was one of the best quarters that we had. We want to show more of such quarters that we'll see. So that's how we see it. And again, from a margin perspective, again, we talk about more about 2026 when we're going to announce earnings in February. But definitely, we should not expect a drastic change to our profile.

Got it. I'll let the rest of the day ask you the 10% question. So maybe turning to Infinity. Could you talk about what you're hearing just from the customer side in terms of kind of consolidation of security solutions onto a single platform? And just how does the Infinity consolidated platform address that need amongst your customers, particularly as you guys are kind of engaging with them more?

So I do have to say we have the Infinity agreement, Infinity platform, we launched it sometime, I think, in 2017. But definitely, since 2021, I think beginning of 2022, we started to see a significant acceleration on the adoption of the Infinity from our customers. We see more and more customers that are willing to move to Infinity. I think it's -- the reason for that are two. First, customer -- we have today, first, much better portfolio than what we have 6, 7 years ago or 5 years ago. We are not selling only firewall. We have great e-mail security product. We have great enterprise risk management product. We have great SASE product. We have multiple products that we can sell today except the firewall. And definitely, the Infinity is a platform and a tool to do that, to do this upsell -- or cross-sell, sorry, and selling this product. And definitely, we see more and more customers willing to do so because as I see it, first, it's easier for them to manage one vendor instead of now multiple vendors. In certain areas, they can do the same -- they can use the same policy and same management for these products instead of using different policies around the portfolio. And the last one, saving costs. Usually, when you're bundling our firewall with the e-mail security, with the SASE, with the endpoint, usually, if you're looking on the total, you're going to pay us less than what you would pay for seven different vendors.

Right. Okay. Feedback on the new channel program has been positive as we've been doing our channel checks. Just what are you hearing from partners in terms of competitiveness? And have there been any changes to kind of incentives that we should understand?

I think we do see very positive feedback from the channels in the last 12 months. I would say since Nadav joined -- it started when we launched a new partner program. But definitely, after Nadav joined, we did see more enthusiasm from the partners. I would say that, first, I think we are -- need to be honest, we're putting more dollars there. We understand mainly in the U.S. that we need to improve our channels -- engagement with channels. And that's, of course, it's not -- it usually comes also with more rebates, more speeds that we are giving. And I think engagement, I see more engagement. I talked about the C-level engagement. Nadav met -- is meeting with our -- with the C-level, with our biggest partners, working with them on strategic plans. And that's something, again, that we didn't have in the past. And he's actually sitting with them. He is now, by the way, in New York and part of his schedule is also meeting partners, our largest partners there. So that's something that's, of course, helping us because this C-level engagement is also something that's important to show the partners that we are willing to go together and invest together and drive the growth.

Okay. Maybe just turning to the budget environment. Cyber remains a key priority on IT budgets, but IT budgets maybe have continued to be under a little bit of pressure. We've seen varying degrees of checks this year in terms of how strong the cyber environment is. Just how would you characterize the demand environment this year versus kind of a year ago? And are you seeing any changes?

So I have to say that we do see stable environment, healthy environment, except there was some kind of uncertainty when we had this, we -- call it, Liberation Day, we had this time frame of some uncertainty on the tariffs. So that affected some -- that extended the sales cycles in this time frame. But again, we're talking about 2 months' time frame. After there was more certainty about the tariffs. So if I'm looking at what we are seeing today, pretty stable environment. I don't see any significant change in the environment. Of course, that -- anything can change it. And -- but as we're seeing today, it looks pretty stable environment. I know that more budgets are moving to the AI, but that's not on part -- on top of -- I mean, the security budget seems to be pretty stable. It probably helps some other IT budgets, but not security. I think security, everyone understand that mainly with the AI, you need to make sure that you have the best security.

Got it. Okay. I have an M&A question here. You guys also just raised a convert. So maybe just wrapping those two together, just how are you -- what were kind of the thinking behind the convert? And then just what has kind of been the M&A strategy that you guys are thinking of going forward?

So first, in terms of the convert, you're right. We completed the convert last week. It's I think the first issuance that we ever -- that we've done since the IPO in 1996. I think that first, there was an opportunity for us to raise cash in a very low financing cost. We are talking about 0 coupon. So that's definitely something that we have -- there was an opportunity, and we wanted to use this opportunity to do that because we couldn't know, I mean, if it's something that can last a few more months or next year when we -- if we're going to need more cash, if we'll be able to raise it in such low cost. So that was an opportunity, and therefore, we've done it. In terms of M&A, strategic M&A, so we don't have a concrete or any imminent M&A that we are doing next week or something. That's not why we did the convert today -- last week. But definitely, we are looking all the time on strategic M&A. If I'm looking -- if we are looking, and that's something that we also -- when we talked last week with the convertible investors about what we're going to do with the money. So Nadav and myself, we talked about our four strategic pillars that we are playing today. First is the hybrid mesh networking, which includes our firewall market -- our firewall business, SASE and the virtual firewall, which is actually the firewall on the cloud. So this is one aspect that we can do some tuck-in M&A and not significant M&A, but some tuck-in M&A, small acquisition that can improve our offering, mainly on the SASE. The second pillar is the workspace -- strategic pillar as the workspace, which include our e-mail security, our endpoint security, browser security and mobile. So that's now led by -- being led by Gil Friedrich, the founder of Avanan, which was the e-mail security company that we acquired and now he's leading all this pillar. And definitely also there, if we find something interesting that can improve our offering or expand our offering on the user security, so that's something that we can definitely do. The third pillar is the CTEM, continued threat exposure management, which includes today our ERM product, which is the Cyberint acquisition that we've done a year ago and doing very well since the acquisition in terms of growing the ARR. And the second is another, the Veriti acquisition that we've done in June. So there, both products are part of the CTEM. And then -- and there, definitely, we can do more acquisition if we want to expand our offering. I think we feel that there is a lot of potential in this market. There is no specific leader there. And definitely, we can -- we see the momentum there and the demand for Cyberint's products. So we might do more acquisition on that area. And the last one is the AI security. This is the last strategic pillar. We've done already one acquisition, Lakera, Swiss-based company, runtime AI, great technology. We looked on dozens of companies on the AI, we thought -- we picked them. We thought it's the most -- they have the best technology. It cost us a lot. It was very expensive. But I think on the AI, you need to pay premium if you want to have the best technology. So Lakera are part of the AI security pillar. So definitely, we are looking to do more on that front on the AI. If -- we are looking all the time. Right now, nothing specific, but definitely, if you're looking on the M&A, so probably it would be one of these four strategic pillars.

Okay. Maybe turning to that, these emerging solutions or namely Harmony SASE, e-mail security, enterprise risk management, all saw greater than 40% year-on-year growth -- ARR growth in Q3. Maybe starting with SASE, what's kind of driving the outperformance that you're seeing? And any kind of color on attach rate you would kind of attribute for SASE?

On SASE. So SASE, I think we're doing -- we are growing more than -- faster than the market. We are still talking about -- we're still a small player there. I think our potential on the SASE is even much bigger than what we are growing even with -- that we are growing today more than 40%. I think because we are small and we see the potential with our -- even our current installed base, the potential is much bigger. We see the market. The market is huge on the SASE. And still, if you are looking on our installed base, our firewall installed base, I would say that mainly in Europe, most of the -- our own customers don't have any SASE solution today. So it's not that they have Zscaler or Netskope, they don't have any solution. They are still using their VPN. And that's something definitely that we have a potential to -- as a firewall customer, we have the best potential to penetrate there and sell them SASE. So the potential is huge. I think that we still need to do some more progress on the product in terms of the one aspect that we still didn't complete and should be completed in the next few months is the unified integration with our firewall to provide unified policy that a CISO will be able to manage the policy of the firewall and SASE in one policy instead of doing it separately, like they are doing today probably with Zscaler, if they have Zscaler and I don't know, Check Point. So I think that's a huge advantage that we have on the other vendors on the SASE. So that's one aspect. And the second aspect is to improve the scalability -- the scale. Right now, we are mainly selling to up to 20,000 users. And that's something that we are working also to scale it and be able to sell to bigger enterprises. So that's two fronts that we need -- it's more from a product perspective that we need to complete. And definitely, the potential there is much bigger than the 40% that we are growing today.

Got it. E-mail security, you guys also just mentioned well above kind of $100 million in ARR at this point. Just can you talk about how it's competitively positioned versus other players within the market space?

So actually, we just -- we exceeded $150 million ARR. We aim to be -- to exceed $200 million in the first half of 2026. We see very strong demand there for the e-mail. And I think that although the market itself is pretty mature, it's not growing. I think it's growing high single digit or even low teens, but we do see significant demand for our products. We see many replacement of the legacy vendors. On this market, I think that we have the -- in terms of security, first, we have the best security because it's integrated. The e-mail security is integrated with our ThreatCloud AI engines, and we have the best catch rate in terms of phishing and e-mail. So that's definitely our advantage. And in terms of competition, I think the -- as I said, we do see a lot of replacement of legacy vendors. There are -- there is a competition, of course, also from Abnormal that I think, again, I think we are -- we have better security there today compared to them. So that's an advantage that we have mainly on the enterprise market. We just named as a leader again, but improvement from last year in Gartner on e-mail security. So definitely -- and we got the FedRAMP certificate just 2 months ago. So that's definitely -- all these things together should help us to push the business even higher than what we -- and to grow even faster, hopefully, than what we grew so far.

Okay. I want to turn to AI for a second. You mentioned it as kind of the fourth pillar. You guys have now embedded some AI capabilities, including Infinity AI Copilot and ThreatCloud AI as well as the recent Lakera acquisition. Just how do you see Check Point competing in security for AI opportunity?

So I think there are two aspects. There are the security for AI that we talked about Lakera, and that's mainly about the runtime AI. And there, we have already today some -- one of the biggest enterprises in the world that are design partner working with us closely and a customer of Lakera, of Check Point already today, a customer of us. And definitely, we see there a lot of enthusiasm about the Lakera product because I think that today, if you're looking on the AI security -- on the security for AI, it's still a market that's been -- there is no specific leader there, it's mainly start-ups. This is a market that expect to be a huge market in the next few years. And we want to capture the flag. So we want to be a leader there. I think there is a huge opportunity there for us in terms of our positioning today on the security market. And this transformation to AI is definitely an opportunity for us to be a leader on that front. On the other hand, we have the AI for security. We talked now about the security AI and because you mentioned the Copilot, but then you mentioned the ThreatCloud AI. So ThreatCloud AI, it's not -- it's something that we have for several years. I don't remember when specifically the ThreatCloud AI engines, but definitely for several years. And that's being used, and that's AI engines that we developed in-house and have a catch rate of 99.9% based on the recent reports that were published both by NSS and Miercom. And that's -- and on top of that, we are working -- we have a designated team to even improve our AI for security to have -- to leverage the AI even more today to improve our security. So that's two aspects, but definitely, there's a lot of potential there. I'm not sure that in the short term, it's something that's going to affect significantly our numbers or our competitors' numbers. But definitely on the long run, that's the biggest potential.

Okay. Got it. You guys mentioned Europe maybe earlier days in kind of the SASE transition. You also kind of mentioned some softness in Europe over the summer. Can you just kind of unpack what you're seeing by region, maybe more specifically in Europe and whether -- just any trends there?

In terms of macro, you mean?

Yes.

Yes. So I think we did mention that there was some softness in Central Europe, mainly in Germany, in the public sector. We're all probably following and saw that there was some kind of political and -- political issues and elections that caused some kind of shutdown of budgets in the public sector. I think that, that's something that we are already -- we do see improvement there. I mean we see that the public sector is back to -- we do see already some very nice orders from the public sector there started in Q3, but continuing into Q4. So I think this issue is behind us. And the -- in terms of other areas, I think, again, I think I don't see any specific areas that macro related. Definitely, we are doing great in Asia. We have a new leader. She's not new anymore. I would say it's 2 years. She's 2 years with Check Point, a new leader that she is running our APAC business. And since she joined, we see significant improvement there. You don't see it yet maybe in the revenues. But when we are looking on the internal KPIs, so we do see significant improvement in Asia. So that's one area that we are definitely doing well. And again, now we did the change in the U.S. We have a new Head of Americas, Rachel, that joined us. She was in Palo Alto before and Cisco, a lot of experience on the security market. And she's going to lead the Americas and hopefully, we'll see significant change there in the Americas business.

Got it. It's come up in some of our latest conversations, but have you thought about potentially starting to disclose kind of an ARR and net retention at some point? Or just any other financial metrics you guys would consider disclosing?

We are considering it all the time. I have to say that without naming our competitors, but based on my discussion, a lot of discussions that I'm having with the sell-side analysts and with investors, sometimes no one understands what's included in the ARR of this. And I don't want to be in a position that someone will ask me -- what you -- I mean, we are -- you know Check Point. Check Point, if we are disclosing a number, we are 100% behind that without any manipulation. This is our numbers. Again, it's not -- I'm not saying that we might not disclose additional figures in the future. We just mentioned now that we are growing more than 40% in the emerging product. But before doing that, we need to be sure that this is the number, although it's -- again, it's a non-GAAP number, this is the number, that we are behind that, and it's not -- there is no -- any manipulation behind this number and all the investors and all the readers can understand what's included there.

Got it. And then just from your conversation with investors, what do you see as kind of the top two or three misunderstandings about Check Point today? And just how do you feel like you can kind of transform that discussion from the seat of the CFO?

You want to start, maybe you want to answer that? He has spent so much time with investors. So...

Repeat it again real quick.

Just what do you feel like are kind of misunderstandings in the conversations you have with investors right now.

I think the biggest one is this -- I like to say this because it's kind of a catchy little term, but this isn't your daddy's Check Point. This is not a Check Point that was even 10 years ago. This is not even 5 years ago. You have many different growth engines. You have a workforce that's empowered. It's now about ask for forgiveness, not for permission. And that creates a sense of urgency, as Roei talked about earlier, that the company really hasn't experienced in a long, long time. And I think all of those things really have changed the whole dynamic of the company while people are still thinking it's still the same way it used to be. And it's clearly not.

Okay. All right. With that, I know we have quick transitions. So Check Point, thank you guys so much for being here today.

Thank you.

Thank you.