Corero Network Security plc (NYA1.F) Earnings Call Transcript & Summary

Good afternoon, and welcome to the Corero Network Security plc investor presentation. [Operator Instructions] The company may not be in a position to answer every question received during the meeting itself. However, the company can review the questions submitted today and publish responses where it's appropriate to do so. Before we begin, I'd like to submit the following poll. I'd now like to hand you over to CEO, Carl Herberger. Good afternoon to you, sir.

Good afternoon to all those in the U.K. and Europe, and good morning to any and all folks joining us from the U.S. Thank you for joining us today for the Corero Network Security Full Year 2024 Results and Conference Call. Really appreciate your time and interest in Corero and look forward to walking you through what has been a fantastic year for the company. Before we go there, I think you know that today, we are covered by the safe harbor rules and forward-looking statements accordingly. We thought this year, we would spend a little bit of time to overview where the threat landscape is and what is driving our business. We'll talk through many different attributes. But first is this year in DDoS. We're, as you know, laser-focused on this distributed denial of service business. And they are not simple disruptions in the marketplace. This idea of cyberattacks that render companies unavailable or not available continues to grow year in, year out and evolve just like technology evolves itself. The weapons that companies or people are using to purvey cyberattacks are often in disruption, distraction or very real damages associated with these cyberattacks. The cost to businesses are often in hundreds or thousands of dollars, sometimes even in $1 million. You're probably familiar just recently, Twitter, X has been focused on actually being disrupted from DDoS attacks. So it's showing that they're escalating, that there's many different forms, and you can't necessarily throw technology at this or dollars at this. You must have a partnership that's associated with it. And as this slide shows, DDoS attacks are measured in many different ways, often in volume. The world's largest DDoS attack was just registered just a few weeks ago by Cloudflare at 5.6 terabits. This is the kind of size that even cloud DDoS scrubbing providers would struggle or maybe even tip over on this kind of size that goes through the Internet. There's many different ways of measuring how pervasive and escalating these attacks are. But one of the ways that they're evolving is this idea of AI. AI is actually changing every aspect of our life. And one, of course, is the threat landscape, the cyberattack threat landscape. And you see here, even AI companies are being hit with DDoS attacks, rendering their services offline. Countries and countries' real estate, their infrastructure and Internet real estate is often being targeted by companies or I should say individuals that are up to no good. Sometimes it may be nation states. Sometimes it might be transnational threats and so forth. And it continues to pervade. So in addition to the attacks sequencing themselves and the evolution of the threat itself, one of the things that's fueling the attacks is this idea of groups that you can conscript or actually conscribe to be able to do bad things on your behalf. These are essentially special operators. These folks actually drive innovation. They are like special military operators that know how to use tools, techniques and retain often a lot of capability to themselves. But they essentially act as threat actors. Sometimes they are affiliated with nation states, as you can see here, the Lazarus Group and Killnet as great examples. And sometimes they're just transnational groups that know how to actually commercialize their know-how for bad. In addition, those groups as well as other groups have been designing weapons that can be sold to people that want to do these kinds of attacks. So these tools allow folks that are not very, very technology savvy to be able to purvey, be able to execute on their interest on actually attacking somebody. These tools or weapons are often software that conscript devices -- technical devices in a botted army, a robotted networked army. And what they do is actually enslave processors and capabilities on devices. And the devices often continue to perform their sided function, and you're unaware that there is an effect going on of an enslaved device. Here are 4 examples, really powerful examples of very large worldwide botnets that are used to employ DDoS attacks and other kinds of attacks, and they're commercial platforms. They're essentially SaaS-based platforms that are purchased at time of need to actually use as weapons. So that's what we're really focused on, the tools to be able to actually get -- to nullify the tools, to make the risks associated by these threat actors less and to make the effects of the actual vulnerabilities either null or void. That's what Corero is all about. We're laser-focused on this idea of who we are and what we're trying to do. And what we are is a company that produces software focused at filtering out the problems associated with cyberattacks trying to render you unavailable. System availability isn't just important. It's absolutely mission critical. If you think about everything that you do, your phone and the apps you have on your phone, the services, probably what you do daily requires availability of certain kinds of applications and partners that absolutely would go out of business or be rendered a fatal flaw if they weren't able to be delivered continuously available over the Internet. There's no other way to ensure yourself from these threats except to procure a solution such as ours. Our automated adaptive DDoS defense stops attacks in seconds. In fact, we believe we have the best detection time and best mitigation time and integrates seamlessly with existing infrastructure. It turns the cost of security into a business advantage. Essentially, we provide a transparent capability that overlays your environment and often offer customers the ability to monetize this protection and create new revenue streams. DDoS attacks are evolving at an alarming rate. It requires a partner, not just a technology, so that you know how to stay on top of it and you can get -- you can adapt along the way to the problem that's being forced. We have platforms, software that sit on the front line, delivering intelligent, advanced and hardware-agnostic protections in real time. But we're not standing still. In 2024, we expanded our portfolio and we -- our platforms, and we'll talk about that more here. But first, for the high-level numbers, I'll hand it on over to Chris to talk through how we performed in 2024.

Thank you, Carl. Just a quick introduction. So I'm Chris Goulden. I'm the CFO. I joined Corero in 2024, just coming up to a year with the business now. So just some key highlights. Revenue at $24.6 million. This was 10% growth over 2023. That translated into $2.5 million EBITDA. That's relative to $1.8 million EBITDA in 2023. Pleasingly, ARR growth of 16%. Our exit rate from 2024 was $19.5 million. So strengthening growth of our repeatable and secured revenue for future years. Gross margin stayed above 90%. Now this is reflective of the software-led nature of our solution. We do sell hardware appliances, but it's a small portion of what we sell. It's not a requirement of our solution, hence, the high margin. Pleasingly, customer renewal rates have stayed high, 97%. And we have 90 people worldwide, which is growing. And we currently operate in over 50 countries globally. That's also growing.

Okay. So now we'll go over again our mission. Who are we? We're rather laser-focused on really one thing, what people would call stopping DDoS attacks and I would call the ability to render you unaffected from a cyberattack, trying to actually hit your availability. These attacks need to be detected early and often before they cause damage, before they cause downtime. Essentially, we ensure or protect uptime. And there's only one way to do that, and that's to have software such as ours from a private company that can actually help you do this filtration. We preserve your revenue, and we earn your trust along the way. Ours is a world that most cybersecurity companies can't do, this is this availability concern versus data security concern, and must be procured by somebody. And when we don't work, it's evident to all. When we do work, it's transparent to many. So we stop attacks, and we do this exceedingly well. It's not just about stopping attacks. It's about keeping the services online without disruption. It is often the case that people don't judge this world with the idea of disruption delay or complexity in the way in which we stop attacks. We stop attacks simply, transparently, without disruption and without delay. We deliver real-time adaptive protection. We essentially have continuously removed the human element and the delay associated with protection. So we know how to do adaptive protection seamlessly automatically, which reduces IT workload, reduces operational expense, reduces complexity and the deployment that maximizes ROI from day 1. It results almost in 0 complexity. So once installed, what we get from our customers is that it just works, continuous availability, exactly what today's businesses need. So how do we do it? What's the product set? We have 2 products today, which historically we've had one. We have a suite of products called SmartWall ONE. SmartWall ONE can be deployed on-premise or in a hybrid environment. There's only 3 ways to do DDoS today. There's cloud DDoS. There's on-premise DDoS. And there's the combination of cloud and on-premise, which is called hybrid. We factor into 2 of those models, and we provide sell-through to the third model, the cloud DDoS. And our alliance partnerships with Akamai and GTT have been most notable with our partnerships in cloud DDoS. Our solutions are our flagship platform, which is -- provides for this always-on. It can become in hardware form, but hardware is nothing special for us and only represents between 10% and 15% of our overall sales. It's built to meet you where you are software based. And our most predominant deployment includes our intelligence services, which we don't just respond to attacks. We actually begin the process of proactively preventing attacks by, like weather reports, understanding the kind of attack that you're going to predictively endure. And we know how to actually put protections in place before the need to detect. This predictive analysis has been a heavy -- new product introduction to us in our continuous innovation. In our SmartWall ONE platform, we took 2024 to new heights. We're not just stopping at DDoS. We rolled out -- we're not just stopping at the DDoS that we once had. We're rolling out platforms and capabilities that meet the next generational need. You'll notice here that we started with a software version of our 400-gig industry-leading capacity early in the year of 2024. And we ended the year with a platform that was high-speed engineered should people want to actually have a preconfigured platform with our software that they can have reliable performance and experience wonderful capabilities. And along the way, we've added new capabilities to add to our DDoS solution. But we're not just stopping with DDoS. We've actually, this year, for the first time ever, extended our product portfolio beyond DDoS. So we introduced in the fourth quarter this notion of CORE. CORE is an ecosystem. It's an observability and a resilient-based ecosystem built in the cloud from the ground up, designed with cloud-native capabilities to work with SmartWall ONE or independently of SmartWall ONE but to be purchased around the adjacent capabilities to what we do on SmartWall ONE. Essentially, what you now have is we went from 1 product to 4 products that we have today, and you see them represented here. We do traffic observability. We do web application protections, including web application firewall and layer 7 DDoS. And you can see here also, we've entered the Zero Trust capabilities. We believe that we have now tremendously commercialized these capabilities, and you'll start seeing product announcements and sales announcements as we head into this quarter, the second quarter of 2025. We're excited about what this means. We're projecting somewhere between 5% and 10% of our overall bookings coming from the second capability and moreover, being able to address more of the addressable market of DDoS as we expand our portfolio to have bundled sales of these capabilities. Essentially, customers are used to purchasing these features with DDoS. It's essentially our fries and Coca-Cola to the burger that we have been selling for years. All right. So one of the areas I promised to talk about is what's driving our business beyond the threat landscape, which is very, very heavy. We're pleased to announce that the resurgence of data center build-outs, data center growth, data center design, data center processing renewals, that resurgence, in fact, boom of data center builds, which is being driven by AI software and the need and the rush to make sure that companies and countries can take advantage of the next-generation economies, this AI build-out becomes required to actually have DDoS as part of the build-out. DDoS has become an infrastructural requisite item like windows to a building to install in data centers as you build them out. This pull-through capability, regardless of the threat landscape, has been a net boon to us and something that we've been experiencing in our sales pipeline in the very near term. And it's something that you should be aware of, and it's highly correlated. In fact, AI growth and data center growth are highly correlated. The pull-through is DDoS in that series. All right. So let's now talk about the growth strategy that we put in place last year, 2024, and continues into 2025, which remains. And it's a 4-pronged strategy. The 4 pillars of this strategy is to expand our global footprint. Essentially, what has had -- Corero has historically been -- has been essentially making the market in the U.S., where you'll notice, and we'll talk about it later, that most of our sales is in the U.S. The good news on that is it demonstrates that we can compete in the world's toughest technology and toughest environment for competitiveness, and we compete quite handsomely. What we haven't been competing in is throughout the world, where about 50% to 60% of the addressable market lies. And it requires sales hubs or franchises to be built. And that's something that we have been dedicating ourselves to. Over the year, we have gone from 8 direct selling resources at Corero to 16 resources, of which the original 8, we only have 3 existing personnel that existed. So it's been almost completely transformed in our selling community. At the same time, we continue to sell -- invest into our sales, as I mentioned, salespeople, sales hubs, sales franchises, sales partnerships and marketing. And you'll notice here that we've had a dramatic increase in marketing. Why? Because ours is a challenging brand in an established marketplace that our biggest impediment to Corero is people just not realizing that Corero is available to be purchased. So we're making people aware. We're deepening client relationships. Our current customers that are very happy with us with -- we're rewarded with tremendous renewals. We have a high customer satisfaction and experience rate, and we're now beginning the process of cross-selling and upselling with our secondary products. And I'm happy to report indications are that we're going to have very strong NRRs and very strong growth in -- to our existing customer base. Lastly, we have taken a strategy for the last 15 months to present ourselves as a worthy alternate option to the existing providers that are in the marketplace. So we have a very strong market competitiveness motion where we go after our competitors' renewals. That's the 4-pillar strategy: expanding our global footprint, investing in sales and marketing, deepening our client relationships with renewals and cross-sells and accelerating our market competitiveness. And all of this, I'm happy to say, is working. Some of it spectacularly, some of it is continuous bits and bobs as we continue to hone down. We're doubling our frontline sales teams. There's more boots on the ground. We've doubled the size of our direct sales team, as we mentioned. We've markedly increased our marketing investments. We think we're now well tooled. We don't see that investment continuing on. And it's not just spending. It's strategic firepower. We've retained our customers. We have loyalty with a lift, and we also went head-to-head with our competition. And you'll see in the marketplace, as we continue with our RNSs, every single new logo win essentially comes at a competitive cost for our competitors. So here are some highlights. And if you notice, we mentioned names here. Mentioning names in the world of security is not easy to do. Mostly, it comes with authorization. Most people don't want to reveal who their security providers are. When they allow and they are comfortable to reveal who their security providers are, it tells you that they're at tremendous amount of comfort and joy with their provider. You'll also notice here standout deals, which are over $1 million. For a company that booked $28 million of bookings last year, you'll notice 7 $1 million deals that we did. So our execution is paying off, and we're keeping our customers. So we're adding new -- many new logos and keeping our customers. So what each win is reinforcing one thing: Corero is the go-to name in DDoS protection. So don't take my words for it. Don't take our words for it. I think the best words are always coming from the customers themselves. You can find online videos of the next 2 testimonies we're going to provide. But these names are heavy. They're well-known, established, listened-to mentors in their space. Paul Mazzucco is the CISO of one of, if not the largest, managed data center environments in the United States for a company called TierPoint. That has numerous on-ramps and off-ramps to public cloud infrastructures, residents in their data centers, something like 16 of them, and replaced their entire DDoS portfolio in 2024 with Corero and went -- you can see here the quote, how they measure us, from 6 minutes to 18 seconds globally, which is a massive result in essentially massive customer improvements and for them, undisrupted operations. And the second competitor -- second testimonial here we'll highlight, again, there's another video out there online of this individual who actually suggests and correlates exactly what we suggest who we are. We are a technical solution that offers complete transparency and complete unfettered execution. We're simple. We help them standardize and automate, and that's what we do. For those of us in U.K., you'll find, I'm sure, comfort and joy that that's a U.K.-based company. Over to you, Chris.

Thanks, Carl. We saw some of these metrics as highlights on a previous slide. But as you can see on this slide, the key financial metrics that we're tracking, all showing positive momentum through 2024, and this during a year of significant change. Carl joined the business at the end of 2023 going into 2024. He brought with him an accelerated go-to-market strategy that he's just explained. But that involved a significant amount of change for the business. And I think these growth rates continue to demonstrate the strength in the existing business and where we expect to take this business going forward. So both revenue and ARR continue their positive trend. In particular, ARR growing at 16% is really pleasing. Within that ARR number, one thing -- one of the trends that we're seeing, in particular, is the growth into new territories, particularly Latin America and Middle East. Our DDoS Protection-as-a-Service model is proving particularly popular in those regions. As mentioned before, gross margin remained above 90%. This reflects our software-led solution. I think we mentioned earlier as well, our hardware appliance is typically on an annual basis and on a typical bill of materials, somewhere between 10% and 15% of overall sales. Net cash showed a modest increase in the year. Now in the year, we funded some significant enhancements to the existing SmartWall ONE solution, as Carl mentioned. The 400-gig platform, in particular, the announcement of the Forte Telecom win at the start of this year, $1 million DDPaaS deal down in Brazil, that deal was predicated on the 400-gig platform. So immediate success of that investment. And today, we announced an expansion to our existing contract with TechEnabler, also down in Brazil actually. Again, that's an enhancement -- that's an upgrade to the 400-gig platform from the previous 100-gig platform that they had. So immediate returns on that investment into the existing SmartWall ONE solution. Other developments in 2024 is the start of CORE, our second product, as Carl mentioned. So really strong use of cash to develop innovations to our existing current portfolio and the second portfolio of CORE that we are super excited about. EBITDA grew healthily to $2.5 million, as mentioned before, $1.8 million in 2023. And a return to net profit in the year was particularly pleasing. Now all of this is underpinned by a strong balance sheet. Net assets continued to increase up to $18.6 million in 2024. Cash in the bank of $5.3 million, remaining debt free but with sufficient cash to fund our current operations as well as mentioned, investing in our current and next-generation product suite, which we really believe is going to drive further growth opportunities for us in the market. So taking a little deeper look at revenue. Carl mentioned that the Americas represents a significant portion of our revenue, the U.S. driving that, as we would expect. But particularly over the past 12 months, Latin America really has been a significant growth area for us. We mentioned the 2 deals, Forte Telecom and TechEnabler, both in Brazil, both significant deal sizes for us, both excellent partners who, as service providers, are generating opportunities for us with their existing customers who also have DDoS solution needs. Moving down the page on the left-hand side, looking at the revenue segments. If you look at the dark blue section, which represents 41% of total revenue, this is our software license and for our hardware appliances. Revenue recognition on these items are kind of upfront. So as we sell a CapEx deal as we refer to it, the software element and the appliance element, we take the revenue in year for that. The green section -- sorry, the green section, which is 35% of our total revenue, this represents the maintenance and support revenues that we actually see 100% attachment rate. So when we sell software, we always have maintenance and support to some extent attached to that deal. The lighter blue section, which is 24% of total revenue in 2024, this is our DDoS Protection-as-a-Service model, so our subscription model. Both maintenance and support and our subscription model and as-a-service model, those revenues are recognized over the life of the contract, and that's typically a 3-year period on a typical deal. Those are the 2 categories that make up our annual recurring revenue. So roughly 60% of our total revenue through ARR, and that's fairly consistent with prior years. The chart on the right then just shows the growth of the ARR over the previous 3 years, and we're really pleased with the continued growth of ARR. When we talk about CORE and the secondary product, that model will all be SaaS-based revenue, so will all contribute 100% to annual recurring revenue. Just a brief look at the cap structure then. So the top left shows the high-level breakdown of the shareholder register. You'll see that directors own 38% of the company, shows strong support from directors and ownership there with a further 50% held by -- through larger holdings of both individuals and institutions. On the bottom left, we've highlighted some of our key significant shareholders there. On the right-hand side, you'll see the cap table. It's fairly straightforward. There are no RSUs, no convertible notes. The only dilution to the existing shares outstanding are options, a relatively small amount for management and long-standing employees.

All right. So what do we think about 2025? Well, we've entered '25, I'm happy to say, with strong momentum. Already this year, we've secured high-quality contract renewals. We've extended reaches into Latin America. I think you probably have noticed our RNS on this. In the Middle East, we've maintained nearly 100% customer renewal rate. So we have great confidence that we're operating in both a high-growth market and with high execution. Moreover, DDoS attacks are not only not slowing down anytime. In fact, if you look, they are continuing to evolve, and they're making headlines every day. It is one of the top 2 cyberattack problems in the marketplace today. Our alliances and channel partner network is growing, stronger, giving us a broader market access. We've announced bigger and better contracts with Juniper, who have 1,500 salespeople. We continued on with GTT with alliance partnerships and Akamai with 800 salespeople over at Akamai. And the ability to scale faster and smarter is upon us, and we're continuing to take advantage of that at an ever-increasing rate. We have a robust financial foundation. I think you would all agree we're accelerating our go-to-market strategy. We remain debt-free and with a healthy balance sheet, including a strong cash position. We've signed 3 new channel partners this first quarter. We're excited about this and expanding our geographic push. We continue to innovate, as we mentioned, and develop new products at an accelerating rate that solve these mission-critical problems. These new solutions are also in high growth rates with incremental addressable markets with incremental capability to us, and it makes us feel extremely excited about what Corero means to the future of cybersecurity. This gives us, we believe, a major edge over our competitors. We have a proven platform, continued innovation and product development and an amazing global team that we've onboarded and continue to marry with what once was. We remain confident in our strategy, and we're excited with the opportunities ahead. And we're focused on developing long-term value for all of our stakeholders. Thank you for -- I want to give you an idea that both Chris and I are relatively new to the company, but we have a heritage of wonderful people in the company, including Ashley Stephenson, who's one of the founders of the company. He's been with the company for 13 years and is our CTO and Chief Product Officer. So we have a great marriage between the institutional knowledge of Corero with the new knowledge of Corero to move forward. And I want to thank you for your interest in Corero, and we look forward to answering any questions that you might have, and we're thrilled that you're here.

That's great, Carl. Chris, thank you very much for your presentation. What I'll do is I'll just bring your cameras back up at this point. [Operator Instructions] As you can see, we have received a number of questions throughout today's presentation. And Chris, perhaps I could hand over to you to chair the Q&A. That would be great, and I'll pick up from you at the end.

Thanks, Alessandro. Okay. The first question that's come through then -- bear with me, it's quite a long one. Do you expect to generate more from the Juniper partnership following its expansion? For some investors, we were perhaps expecting a little more contract momentum. Should this now change with the new agreement in place?

Yes, it's a great question. And the answer is yes, of course. The -- in a pithy way, what I would suggest was we've always had a great relationship. Of course, Juniper is also a very large shareholder of Corero in the nearly 10% stage. However, our original contract had aged in its effectiveness because the relationship was prescribed to be to the Juniper routers itself. So if you're not familiar with Juniper, they're one of the world's largest and probably most sophisticated, highest-performing network routing vendors out there. So they're characterized as being in the most demanding technology environments. And when they were selling our DDoS solution in the beginning, it was notable because mostly these companies were single router focused. Most of these companies have evolved their customers to having dual routing vendors or triple routing vendors. So these vendors wanted the Corero solution, but they didn't -- they wanted to purchase an entire environment. Now Juniper has the ability to sell into a multi-router environment. So said simply, Juniper now is selling the entire portfolio of Corero, and we have the ability to actually go in with Juniper in all environments and be able to experience the competitiveness of the Juniper sales team. So we believe this is going to lead with fundamental and foundational sales improvements and execution improvements and a relationship which will grow from the base that we have right now.

Great. Thanks, Carl. Okay. Next question then. R&D spend increased from $1.8 million to $3.2 million in the year. Is this the new normal spend or a one-off? And where have you spent the additional funds? Okay. Good question. So yes, typically, if you look at the history of Corero over the past few years, that $1.8 million range is where development is set. That was kind of the tick over of the existing SmartWall ONE solution. As we mentioned, 2024 has been quite a transformative year in terms of development. And a significant portion of that increase has gone into enhancements to the SmartWall ONE solution, so particularly the 400-gig platform. Now as we've mentioned, the 2 deals in Brazil, both significant deals, as well as many other deals and many of the deals in the pipeline were predicated on improving and increasing our capacity to 400 gig. So we've seen immediate returns on that development investment. Now in terms of returning to the $1.8 million base rate, the SmartWall ONE development, we do expect, is going to return to kind of base levels. So back to around that $1.8 million. What will remain is the development into the CORE platform. So the CORE platform development has begun. We're doing it in a very efficient way. The model with CORE -- the CORE slide mentions 3 capabilities. The CORE platform eventually will have many more capabilities. But rather than a big investment dump to create those capabilities and add complexity in one go, the model is to commercialize the immediate 3 capabilities that we've launched: see a return on the investment, check the market and check the demand for the most in-demand next capabilities and move on to those and do that in a staged approach. So we will not return down to the $1.8 million immediately because of CORE and because of the opportunity that we see in CORE to drive revenues within existing customers and also to expand the opportunity with new customers in the market. Next question. What would you consider your main revenue growth drivers are for FY 2025 and beyond?

So the DDoS market is growing at 15% CAGR, and we think we can beat the average for the following reasons. We believe that we have a significantly differentiated product set, both with technology and price, and meaningful features and meaningful price reductions. And we offer this complexity and automation that really offsets operational expense for customers. So we think that that's a growth driver that we can actually take in the neighborhood of a large amount of share from the existing DDoS addressable market. In addition, as we mentioned with CORE, these are also very large markets that we think we can address because our customers today buy these capabilities together. In fact, we were the only vendor in the marketplace that didn't offer some sort of choreographed additional services. Essentially, we were a hamburger company that didn't offer fries or Coke, and now we have fries and Coke that often are purchased with -- and customarily purchased with hamburgers. Moreover, this hamburger company is really well liked, and the customers are very excited to see what our fries and our Coke look like. These are the new product portfolios. That will drive a tremendous amount of growth. Keep in mind that we don't have new salespeople. We don't have new sales engineers. We do have some new, of course, R&D engineers that are producing the product. But largely, we're able to monetize this, commercialize this with the entire sales force that we have. That is also a growth driver for us. So we have new things to sell, more things to sell, new markets to sell in with the opening up of our sales hubs throughout the world, and we have new partners to sell in. All of this should give you confidence that we are punching above our weight, that a company of $30 million goes to business with companies that are $1 billion in size and recognized brands, that we can go into any company and already have contracting vehicles from which we can actually monetize and commercialize our product portfolio. These are natural assets that we have yet to really take seriously advantage of and we're working on through 2025.

Thanks, Carl. Okay. You've mentioned that you signed a number of new partnership agreements. Could you possibly be spreading yourselves too thin? Or do they simply allow the business to cover wider sales [ pitches ]? Maybe I'll start on this one. So channel partners are a key revenue growth method for Corero. I don't think I'm speaking out of turn if I say that historically, the partner management has been -- there's been no real strategy. Let's put it that way. I think local partners, management was being done by local sales reps. What we've done in 2024 is we brought an experienced specific channel manager into the business. And he has come to the business to evolve and to improve the strategy around the channel. Now these 3 additional partners that have come in at the start of this year are part of this strategy, not just to grow partners or the number of partners, but to rationalize them into a more effective partnership network. So the idea being to bring partners who already have a pipeline, larger partners who can bring us into much larger opportunities that we might not be able to directly and to have some real structure how we go about that revenue driver. Do you want to add anything there, Carl?

Yes. Just a few things. My wife normally says she believes that you can never have too many people that love your child, and I think it's the same with us. In fact, I would even suggest that the partners and our alliance partners do the opposite of spreading ourselves thin. It allows us to have centralized communications with fewer people that can open up and scale our business at scale that we wouldn't ordinarily be able to have because they have the end last-mile relationships that we would have to forge, and they're readily trusted by their customers. So this is actually -- it's the opposite of spreading thin. It's more consolidating the message and allowing for further throughput.

Thanks, Carl. Next question then says, how important is your hybrid cloud offering versus Corero's traditional on-premise offering in terms of driving revenue and profit growth?

All of our filtration systems are dependent upon the customers' needs and wants about how they do their architecture. Some companies want to have scrubbing everywhere because it is the most sensible way, and hybrid is considered to be the highest-quality, fastest-producing, lowest-cost and lowest-disrupting solution in the marketplace. If you don't have hybrid as an offering, you will have leakage, and you probably will have some disruption, decay, delay or outage, simply put. Cloud DDoS is considered the least effective, "most dirty", highest-leakage solution in the marketplace. And we could talk about why, but it has a lot of technical reasons why that exists. And it's also very, very costly. So said another way, the hybrid is architecturally demanded by some of the highest-demanding companies that are out there and is a key to our success. Our solution is very unique in hybrid in that we can offer you the ability through the magic of software to make your network do the detection and make your network do the mitigation where nobody else can do this. This allowance of making the investments that you've made with your network devices and vendors do more for you just magically allows you to have a more high-performing, less complex environment.

Thanks, Carl. Next question is, could you explain your new CORE product and why you think this has the potential to transform the business?

CORE will transform our business in almost every way imaginable. But let me give you 3 major ways, right? The first is it's a brand-new platform for us that's cloud native. So in other words, the platform is designed on for and from the cloud. But it is designed -- so it's called the next generation of software development, where although we use many of the cloud-native services, if you're familiar with such terminology, it means that these capabilities are only found on the cloud. You can't find them natively on software that's delivered on appliances. But we can actually detach that capability and allow you to purchase these capabilities for your own cloud. There's an acknowledgment that Software as a Service delivered from the cloud may have some limitations going forward for all sorts of reasons. And we're building this now for the next generation of what they call BYOC, Bring Your Own Cloud. And we can actually detach this and give it to service providers, which is amazing. So in our industry, we are developing the first cloud-native capability for our space. And we're doing it in a detachable Bring Your Own Cloud capability, which we can actually offer to managed service providers brand new. So that's exciting for us because it's a Software as a Service model from the cloud that can be delivered anywhere and give us hyper extensibility, hyper predictability. Second, it's very unique in the way that we do things. We can get to this, but this is being designed for service providers. So we're taking advantage of a lot of AI, a lot of API integrations, and we're providing for the ability to actually give a lot of bespoke capability to service providers. And they can build businesses on it, just like what they have done with our DDoS portfolio. Third, we have blended IP. So we can take the ability for our DDoS premise base and the SmartWall ONE product and now actually morph that capability into the cloud and actually take advantage of the next-generation ways of writing code and get operational efficiencies off of that. So there are 3 primary reasons. It's this cloud-native capability, Bring Your Own Cloud, the ability to have increased addressable markets and the ability to make our SmartWall ONE product much more relevant by cloud-delivered capabilities as we go forward. It's transformational for us. Really, fundamentally, we will be transformed as a business in a short period of time.

Thank you. You mentioned that customer retention was 97%. What is net dollar retention? So we don't report on the net retention at the moment. Simply, it's a function of kind of data. The way that orders and kind of data has historically been captured in the system has made it quite difficult for me to implement upon joining the business. But we're working through that and hope that to be part of our reporting requirements soon. What I can say is, though, 97% retention is high, which is great. And typically, upon renewal, we are upselling or at least doing price increases with those customers to stay. So it is over 100%. The figure I can't communicate yet, but we do intend to include that in the reporting suite at some point in the near future. Okay. You appear to be putting a lot of focus on U.S. investors. What is the interest?

Do you want me to take that one, Chris?

Yes.

Yes. The idea of having the ability to have access to more and more capital is not novel. It's something that I think we understand -- that everybody recognizes and understands. In addition, the American market has the additional ability to favor us relative to our competitor sets that are all listed on U.S. exchanges. So this is NETSCOUT and Radwares and other competitors, A10 Networks and so forth. So when we are talking to U.S. investors, we often have a much more favorable comparison than other companies listed on the AIM market, which is a traditional U.K. way basis of looking at things. I think also since most of our customers are in the U.S., having the ability to talk to U.S. investors also is a natural conversation. Often many of our customers are interested in equity stakes in the company or people around the environment, our partners and so forth are interested. Just like Juniper Networks is a big U.S.-based investor in our company, we think we'll see more of those kinds of things.

Thanks, Carl. Good segue, actually. The next question mentions -- well, it asks, you mentioned 5 main competitors. Can you please discuss them?

Yes. Do you want me to take that?

I think you know the market slightly better.

Yes, sure. So Radware, of course, is one of them. They're an Israeli-based company listed on NASDAQ, RDWR. NETSCOUT owns a sub-business called Arbor Networks. Arbor Networks was purchased by NETSCOUT a few years back. NETSCOUT is also on the NASDAQ. It's, I think, NTCT, if I remember correctly. A10 Networks, a load balancing company, has a DDoS offering in their portfolio. They're also listed on the NASDAQ as ATEN networks. Then you would have -- I think falling off pretty fast after that, there's -- I would say Cloudflare has a capability, but it's a cloud-based DDoS solution, which is often named. Cloudflare is listed, of course, also on the NASDAQ. And then the fifth competitor, I would say, in order of magnitude is perhaps -- Imperva Networks has a DDoS capability, which seems to be waning in the marketplace, my perception. Imperva has been purchased by a company called Thales, a French defense contracting company. So you'll find them under the Thales name as part of the portfolio of the Thales Group, T-H-A-L-E-S.

Okay. Thanks, Carl. The next question then, EBITDA grew by 42% to $2.5 million. Beyond revenue growth, what cost management or operational efficiency initiatives were implemented to achieve this substantial increase? Well, to be honest, nothing -- no specific changes needed to be required to get to that. So I'd say the 2 key factors that prompted that growth beyond revenue growth is the business has been set up pretty well. Carl and I joined the business in 2024. And the operations center, engineering, the support functions, all pretty well aligned, pretty stable and scalable. So when you talk about OpEx growth aligned with revenue growth year-on-year, we were able to just redirect most of that into the sales and marketing function simply because the other functions were sufficiently resourced and didn't need the same level of investment. The other element that's impacted EBITDA in the year as well is if we go back to the development piece and particularly to the 400-gig enhancements, the SmartWall ONE solution, a more efficient use of our existing team pushed more of the dollars from 2024 into -- onto the balance sheet, I should say, as part of the development of that product. But we were able to use that opportunity in the year to redirect OpEx towards marketing. Where are we -- okay. Next question then. Order intake rose by 13% to $28.2 million with over a 70% increase in the number of new customers. What strategies have been most effective in attracting new clients? And how does the company plan to maintain this momentum?

All right. I'll give you a little respite, Chris. So we've had a multipronged strategy in creating new logos into the company and trying to drive revenue growth. The first clearly has been partners have led to a tremendous increase of awareness of tenders that are in the marketplace and our participation in those tenders, both renewal tenders or just brand-new tenders that are out there. So partner strategy is huge. Second, in this market, there is an acknowledgment for great quality capability. And we have a reputation as being a highly capable, highly cost-effective solution, often coming at tremendously less cost than what another company is using and probably higher quality. So that's an acknowledgment in the marketplace that gains a reputation and brings leads in. And so having just the best product often does turn out over time into great sales. The third strategy is you need local presence. I mean I don't think I have to tell many of you this, but if you're going to be putting down big dollars and often we're doing 7-digit deals, there are 8-digit deals that are in the marketplace, people want to make sure that you have a local sales hub, a local support hub, a local language support, that you're local culturally aware and so forth. Just said simply, Japanese people don't like to buy from outside of Japan. Same with Korea. The same with the Middle East and so forth and so on. So you have to recognize and acknowledge and invest. And you have to make those investments into those countries and to those people. And that has resulted in sales for us. And I think that that's just beginning. Third -- or fourth, I should say, is you have to have the proper product. So in DDoS, we had a full portfolio. Now we're going to adjacent products and product portfolio. People want to see that you can bring more to the table. Lastly, believe it or not, you have to reach a certain size to reach a certain size. It's success begets success. So you can't reach certain dollar amount deals until you're a certain size company. And I think our day has come. We're now beginning the process of actually accelerating big-sized deals, sales growth, decelerating sales cycles. I hope -- those are the 5 things I think about that are really leading towards revenue growth.

Thanks, Carl. We've still got loads of questions. So unfortunately, we're not going to get to all of them. I think we've got time for one more. If any of your questions have been asked that you are really concerned about asking, you can direct them to [email protected], and we'll see if we can answer them from there. But in terms of one last question, Carl, what again are the 3 shift features of CORE? I heard WAF, but I didn't see the others on the slides.

Yes. So the 3 capabilities, top line, web application firewall, including -- inclusive of layer 7 DDoS, that's the first. The second is traffic observability. Traffic observability is a very key issue, especially when it comes to DDoS, as you can imagine, answering questions such as, how much does my backhaul traffic cost me? Do I have the proper backhaul routing customers? Am I doing efficient routing of my traffic? Is my traffic all aligned properly? How do I know what's normal traffic and traffic flow management? It's correlated to the attack sequencing but answers broader questions and bigger questions. So traffic observability or what they call traffic flow analysis. That's the second one. The third one is Zero Trust Access Control, right? So I am saying this specifically, not what is most security vendors talk about, which is Zero Trust Network Access. Why am I saying Zero Trust Access Control? We believe we're entering a market adjacent to Zero Trust for sure, but it has different feature sets and is more focused at traffic that doesn't need to be authenticated. One of the things that Zero Trust Network Access just sort of ignores is that not all traffic is authenticated in an environment. We can talk through that, but there's all sorts of necessary reasons why traffic doesn't become authenticated. Unauthenticated and purposely unauthenticated traffic can cause you issues, brute force attacks and many other categorical issues. And we have -- we're now bringing to market strong solutions, and we're also commercializing these solutions at a great rate. People are very concerned about Zero Trust. In fact, the U.S. government requires Zero Trust, and Zero Trust Network Access isn't comprehensive across the board with its feature sets. We help round that out. Zero Trust Access Control, traffic observability and web application firewall, those are 3 industry segments with adjoining addressable markets that we are entering.

Thanks, Carl. Alessandro, I think that's enough questions we have time for [ today ].

Yes. Thank you very much. You've been very generous with your time. And of course, the company can review all the questions submitted today, and we will publish responses on the Investor Meet Company platform. Carl, I do know you have another call, but if I could just ask you for a few closing comments before redirecting investors to their feedback, that would be great.

Yes, of course. I think you can tell that Corero has embarked on an ambitious yet very, very achievable strategy in 2025 based upon very solid results and foundational growth in 2024. I think you should view 2024 handsomely, but I think you should view it as a nice step in very large steps towards our future growth and execution capability. I think you see product innovation that you've never seen or experienced with the company before. I think you see expanded markets that you've never seen and understood from Corero before. I think you see bigger deal sizes, bigger deal growth, bigger testimonials that you've never seen from Corero in the past or a kind of energy and a kind of optimism that's pervading the culture in the company for the future of our capabilities. So I look forward to talking about very big news results as we go through 2025, and we remain incredibly optimistic about the year ahead.

That's great, Carl, Chris. Thank you once again for updating investors today. Could I please ask investors not to close this session as you'll now be automatically redirected to provide your feedback in order that the management team can better understand your views and expectations? On behalf of the management team of Corero Network Security plc, we'd like to thank you for attending today's presentation, and good afternoon to you all.