CyberArk Software Ltd. (CYBR) Earnings Call Transcript & Summary

All right. Well, we wanted to thank everybody for coming here today and for joining us at our IMPACT customer event. For those of you on the live stream, thanks for tuning in. And for the folks that made the trip all the way to Boston, we really appreciate you taking the time out of your busy schedule. It has been a busy couple of days for us already so far at IMPACT. We had our partner event yesterday. Hopefully, you that are here in the room were able to attend the keynotes. Those of you that are on the live stream, if you have a moment, listen in, there were some great content and some new announcements, really worth the investment. Before we kick it off, we want to remind you that we will be talking about forward-looking statements. Those forward-looking statements are going to be about our Q2 results, our full year 2023 results and beyond. Those forward-looking statements are subject to risks and uncertainties. Those risks and uncertainties are outlined in our Form 20-F that is filed with the SEC. So for more details, please go to our website. We have a lot to get to from a content perspective in a relatively short period of time. So just to kind of outline what the general agenda is going to be, Matt Cohen, our Chief Executive Officer is going to come up right after me and walk us through our vision. Then he's going to hand it off to Clarence Hinton, who's going to talk -- he's our Chief Strategy Officer. And he's going to talk about the market opportunity and go deeper into our strategy and how that translates into our total addressable market. From there, we're going to deep dive into the go-to-market and how we're going to capitalize on that market opportunity. Simon Mouyal, our Chief Marketing Officer, will talk about all of the investments we've been making, some of which you saw today on the main stage in our brand and being an identity security company. Unfortunately, Chris Kelly, who is our Chief Revenue Officer, is not feeling well. He made the trip all the way here to Boston. He's in a hotel room. We decided it was in the best interest of everyone that he stay there and not go and take over for his presentation. So Matt's going to go through how we're going to execute against that opportunity. Chris was really looking forward to spending some time with you. So over the course of the next couple of months, we'll figure out a way to make that happen. From there, we're going to turn it over to Peretz Regev, who is our Chief Product Officer. He is going to talk to you about how our innovation is actually delivering and fueling our long-term growth. Then Josh is going to come up, and he's going to talk about how that translates into the financial model from a long-term perspective. We're going to take a quick break, that will be at about 3:00, then we're going to come back, Amy Blackshaw, who you saw today up on the main stage is going to have a discussion with a couple of our customers, 2 customers that have really embraced the identity security platform. We think it will be very interesting for you to hear directly from them. Then we're going to open it up for a question-and-answer session with the executive team. We should be finishing up right around 4:00. So we've got a lot to get to. Thank you all again for coming here. And with that, I'm going to turn it over to Matt.

I'm used to the idea of walk-up music now, and I'm not getting it. Did you notice how big her smile was when she was talking about Josh? It's because she, it wasn't read the rest of us because she's excited about what Josh is going to go over. So we will all try to get you excited as well by what we have to talk about. And before I jump into the framework for our discussion this morning, I'll start with actually what I was talking about on the main stage, which is this idea of these 3 forces. And you'll notice that we use the term forces and when Simon's up here, he's going to show you some of the new branding, which is like a force field around the identities that exist within our organizations as a countermeasure against those forces. But the forces really are this proliferation of new identities that's happening and sprawling throughout our customers, our prospects in every enterprise around the world. It is amazing to watch the sheer number of identities that each one of us have. Just think about yourself within your environment, the different user name and password credentials that exists just for you. Now multiply that by a 40x multiple and you get into the notion of what machine and non-human identities are playing havoc on organizations' security teams around the world. We talked about new environments and this idea of complex hybrid environments that all of our customers now have to maintain as they try to take advantage of the cloud, but still have capacity dedicated on-prem. And then we talked about new attacker methods. And I think [ Rudy ] and Lavi at the end did one of the best presentations I've seen in a while that just help put the point on how innovative the hackers are out there, how they can leverage things like generative AI to really drive up the ability to be able to fish and fake and actually get into our organizations and breach and wreak havoc. Those 3 forces does shape the CyberArk strategy. It's not worth talking about anything else if we don't understand those 3 things, because it's those 3 things that make identity centerpiece of cybersecurity strategies for all of the security teams we talk to. It's what keeps us at the top of the list. Now we've talked to you for a while about these 3 internal forces or really, pillars of our strategy, which is the ability to grow and grow exponentially, the ability to be able to innovate, and that innovation helps drive growth, but also the pillar of profitability. And profitability is a key milestone of the CyberArk strategy, and I'll hit on it a little bit today, and Josh will hit on it more in his presentation. All 3 of those areas: growth, profitability, innovation, and all 3 of the forces I talked about, new identities, new environments and new attack methods, they all have at their center our identity security platform. The platform is what drives our ability to grow, and we'll talk about that in a little bit. The platform drives our ability to be more profitable because it allows us to be able to innovate more effectively and efficiently. Before we get into what's looking forward, let's look back a little bit because we're pretty proud of what we've accomplished over the last couple of years. In 2020, it was actually the beginning of 2021 Investor Day, the last time we got together, we were sitting as a company with about $273 million of ARR, about $247 million of recurring revenue, about $56 million of subscription revenue and our bookings mix of new business was 37%. In the fiscal year that we just finished, again, about the same time as our last Investor Day, we are now a $570 million ARR company, now upwards of over $600 million. We have $500 million roughly of recurring revenue, of which $281 million is subscription revenue. And we finished the year at an 88% subscription mix, now up to 95% in Q1, and that's how we see it moving going forward. So we've significantly shifted our overall business model to a long-term durable recurring subscription model. But we also told you some things at the Investor Day in 2021 and we now are able to talk about success against all of them. First, we talked about shift in 8 to 10 quarters, and we shifted in 5. We talked about accelerating the revenue growth from the subscription trough in 2023, and we already saw that happen in 2022, early. We talked about growing ARR 30% throughout the subscription transition. And we were able to actually grow ARR greater than 40% through the transition. We talked to you about improving profitability in 2024. And now you're starting to see improving profitability already here in 2023. And finally, we talked to you about $1 billion in ARR by the end of 2025. And now we're talking about $1 billion in ARR in the first half of that year. Now we sit on this for a second just to make sure that all of our investors understand that we believe in excellence when it comes to execution. And it sets the stage for, as Josh and maybe I'll preview a little bit, our expectations for 2025 updated in 2027, why you should have trust in our ability to go execute, because when we put out goals, we task ourselves with exceeding those goals. Now what I talked about on the main stage today was this idea of accelerated innovation. We are fundamentally in the business of providing an identity security platform that can solve the challenges of proliferating identities, complex environments and new attacker methods. And we can do it against 6 key areas: workforce and customer access, endpoint privilege security, Privileged Access Management, secrets management, cloud security and identity management. It is our platform and our ability to innovate in these new areas that when combined with the shift to subscription, the shift to a recurring revenue model creates the durable business model that not only can sustain us in terms of growth, but also keeps us in a leadership position. Hopefully, we hosted you here at the event, you had the chance to talk with customers during breaks, during lunch. You'll hear from some customers today where we bring them up in front of you. When you talk to our customers, I think what you hear is the notion that they trust us. They believe in the partnership that we've created. And more so, they believe that we are an essential component, a pillar, if you will, of their cybersecurity strategies. It's that durable business model, that leadership position and the essential component of identity security that actually allows us to be able to navigate what is for sure a difficult macro environment. There's no customer, same customers you talk to, I'm sure, who aren't feeling the effects of the macros. It's a reality in the room in every discussion. But business leaders, security leaders still need to make decisions. And they need to invest whatever dollars they do have in the critical infrastructure and security tools that allows them to be able to meet the objectives that they increasingly have to promise all the way up to the Board level. Our ability to navigate this macro environment, as you saw in Q1, as you saw in our outlook for the year is because we continue to be at the top of the list of security requirements for our companies, for our customers. And we see that ability to be able to grow the lifetime value with our customers for many years to come. Why is it again? Because identity is the attack surface. We have to understand that. Ultimately, almost every attack is trying to get to an identity. It's trying to steal credentials to be able to get to data infrastructure systems, but the ultimate pathway is the identity. And it is not enough. It is not enough. We see that as a proud MFA/SSO provider in the industry, it is not enough to just manage identities. We must do more. It's also not enough to identify threats. You've heard me say this before, we would never have an endpoint deployed without an EDR solution. We have to be able to identify threats that come in, but identifying threats is not the same as securing those threats, securing identities, making sure that endpoint cannot be manipulated and that EDR system can simply be turned off. So managing identities is not enough, identifying threats is not enough. Securing identities is the foundational component of cybersecurity in this modern world. Our mission as a company, you heard me put this up this morning if you attended the keynote, our mission is to secure the world against cyber threats, okay? We are protecting our customers against the most malicious, most threatening attacks. And we do that hand-in-hand with our customers so that they can fearlessly, they can move without fear into the unknown and take advantage of digital innovation, digital strategies. We can't have our customers afraid to go to the cloud because it introduces more risk. We can't have our customers afraid to enable work from home or a hybrid work environment. We, hand-in-hand with our customers, protect them, secure them so that they can move forward. So Clarence is going to elaborate on this in a moment, but we believe that the TAM, the total addressable market, of our entire solution stack is about $50 billion. We believe actually that's a conservative estimate. And that's up significantly from what we talked about in 2021 as we entered into new markets, as secrets management exploded, as access exploded, as we got into cloud security and identity management, we believe, fundamentally, we are operating in a $50 billion TAM. And I asked, Erica, if I could just quickly go through the notion of why we win in each one of these pillars. Just so everyone can understand why we're confident in our ability to be able to capture that TAM. In access, workforce and customer, we are differentiated in our ability to be able to bring intelligent privilege controls to things like single sign-on, multifactor authentication. The actual adaptive MFA/SSO business is kind of at a level of parity between most of the vendors that are out there. But the ability to be able to add in things like workforce password management, a secure way of vaulting and rotating the ability of personal passwords. Secure web sessions, which adds the ability to do privilege escalation, privilege isolation and the ability to be able to have screen recordings and step up authentication for SSO, a more secure SSO. That's how we compete in the workforce access space, by tying it into the identity security vision. In the endpoint space, we really are the only one who can implement least privilege at the end point. I said this on the last investor call, and I'll say it again, we're happy to see Microsoft actually validate the importance of this market, come into EPM so that we can differentiate with our technology in a market that's even more well known. When we think about PAM, this is our very roots, and no one would question our leadership position here. But our moat that sits around us with our Privilege Cloud solution, which is now used by almost 2,000 customers. Our ability to be able to provide the most robust ability to protect all targets within an enterprise and provide both standing and just-in-time access. This sets us apart in the PAM space, not to mention the fact that we created the category. When we think about Secrets Management, and this maybe is an area that people are most confused about. The idea that drives our winning strategy versus, for example, a HashiCorp is that we're able to provide an avenue for developers to still develop leveraging local tools but provide a centralized secrets management vault and policy that allows security to be able to manage the vault sprawl that happens as development groups explode within an organization. Our Secret Hub solution, which integrates with AWS and Microsoft, and works now with our PAM self-hosted and our Privilege Cloud, which is a big development for us, allows us to be able to walk into organizations and say, developers develop, keep doing what you do. Develop in the native AWS secrets store, that's fine. We'll house the credentials back in the CyberArk vault, we'll push it to the native secrets store so it's available for the developer, they won't know what happened. But the security team now has the ability to centrally manage policy. We also win in secrets management because we are an enterprise security tool. We're not a cool developer tool. And that becomes a special sauce when you're talking about the ability for security and DevOps to work together. And you heard me talk on the stage today about how we win in cloud security. We will win into cloud security, it's still a pretty small piece of our business. But our belief is that the war in the cloud will not be at the moment of figuring out how to better discover or scan. That's where a lot of the attention in the market is today. It's a hot market. And discovery is really important in the Wild West that is the cloud, where nobody knows what entitlements everybody has. At some point, they're going to figure that out. And at that point, they're going to need to lock down access. They're going to need to control. Similar to what happened in the PAM space, but they're going to need to do it natively, easily, without interfering with developers. IT professionals, our CIO is in the room, they're a little cranky, they're a little hard, but they do what's asked. Developers don't always. So we have to provide an easy, seamless way for developers to be able to partake of the security tools in the cloud and lock down control. And we believe the fundamental differentiation there is just-in-time or zero standing privilege. For security, we can make sure that a developer has no credentials, no privileges when they're just standing still. But when they need access, they can elevate, request access, do what they need to do and then go back to not having unfettered access anymore. And finally, our strategy and identity management is really around complementing the other pillars. We are not big IGA, identity governance. We partner still with the likes of SailPoint and others for big IGA programs and projects. We want to provide the modern IGA solutions that allows for life cycle management, the ability to be able to automate flows, the ability to be able to understand compliance within the identity security platform. And so it becomes a halo or a complement to actually a PAM program. Most customers buying identity compliance are buying it as an add-on to their PAM implementation to make sure that they're able to easily and seamlessly ensure that they're complying for audit. So when we think about the company, and we'll talk about it a little bit more, and I'll get a chance to go back into the old hat and talk about go-to-market, we have built the go-to-market to scale not to $1 billion, but beyond. Our job is to make sure we have our sights set on what's next after $1 billion. We'll talk to you this morning more about when we'll reach that $1 billion, but our job is to get beyond. And we built that scale on the back of ecosystem partners, channel partners, MSPs, our investment in our marketing organization to generate new leads, and Simon will talk about that. And our ability to harness and leverage data and analytics to drive where we focus within the organization as we scale to capture new customers. And Peretz is going to come up here in just a moment and talk a little bit more about this platform. But I want everybody to understand, the investment in the platform is not just for our customers. It is the differentiation for our customers, but it actually goes beyond that. It actually sets the stage for our R&D organization, our product organization to be extremely more efficient and profitable. It allows us to develop new services quicker. It allows us to unite technologies on the back end and actually is a key piece of our driver to get to profitability. Before I wrap up here, I will just mention that we, as an organization, and they're kind of foundational principles of my leadership and how I like to drive an organization, we are built to scale. We are focused on programmatic execution on any of the key areas. When we say we want to be more of a platform-selling machine, we go and create a program to make sure we can execute against it. When we want to be able to make sure that we're more efficient in R&D, we're going to create a program to make sure we execute. The reason why I'm emphasizing that, our ability to leverage data and information and our ability to be able to extend everything to do with the platform, is you should have confidence, just like we did in the transition from 2020 to now that when we talk about the goals that are going to show up on the next slide, that we will execute to not only achieve them, but to exceed those goals for the years to come. And with that in mind, I was able to pull up somehow, with permission from Josh, 2 of his slides. So as we think about 2025, we are refreshing the model to be $1.1 billion plus, plus is important, in ARR. 25% revenue growth. So that was 20% revenue growth before. We're so confident in our growth trajectory and in our platform that we've updated that model to bring it up to 25% growth through 2025. We believe we'll have operating margins of 15% plus. That allows us some runway to continue to innovate, to continue to invest, to continue to drive the platform that will help spur on that growth. Underneath the covers, you will see 20% free cash flow margins and roughly $200 million in free cash flow. That's our refreshed 2025 model, and it's something we're excited about. But it's not quite as exciting as -- we're not quite as excited as we are by the 2027 model. In 2027, we expect to have $1.6 billion plus in ARR, still greater than 20% revenue growth, greater than 20% operating margin, a greater than 25% free cash flow margin and ultimately, approximately $375 million in free cash flow, and that will continue to grow as we get into '28, '29 and '30 because we see the trajectory for long-term growth, long-term profitability and we believe, fundamentally, it is our commitment and a requirement that we operate as a Rule of 40 company or better from 2025 onwards for our history. With that in mind, I thank you for your time this morning, and I'm going to turn it over to Clarence.

All right. It's a pleasure to be here with everyone. Appreciate your time and your consideration. And so for today, I'm going to take you through our market opportunity that Matt teed up so wonderfully. So we talked about the 3 forces. So I have 3 forces plus another trend that I'll touch on to really frame the opportunity. So of course, the explosion of new and different types of identities, driven by the ongoing digital transformation, cloud migration, consolidation of trust is something we should talk about. And that's where we see we've gotten a little bit to the breaking point of best of breed, and we -- our customers are concentrating their focus on a smaller set of vendors. We'll talk about that more. New environments, the reality is dynamic, multi-cloud, hybrid cloud, that's where we live now. And finally, new attack methods that again, as everything has expanded, the tech surface has increased, all the bad actors have upped their game significantly. So let's start with new identities. And the way I like to think about this is you can look at the number of digital identities. As Matt alluded to earlier, as a multiplier of the underlying number of humans accessing data infrastructure, et cetera. So to put this in perspective, if I'm a domain admin or an IT admin, a developer, even an IT engineer, I'm going to access multiple platforms, multiple workloads, systems, targets, applications. I'm going to have a wide variance in large number of different identities associated with that access. Hence, the multiplier effect for those privileged identities. Even as Matt mentioned, for the more typical business user, like all of us here, I'm looking at a bunch of applications, internal and external. I may have different workspaces. I'm accessing different data stores. Again, multiple identities, digital identities for each of those, big multiplier effect. Never mind the fastest growth of them all on the machine identity side, certificates, keys, et cetera. And as Matt said, this is roughly a 45x. And we're not at some stabilization point. Our research indicates that in the next year, the vast majority of customers expect that the number of aggregate digital identities to double. So this is a very, very large and growing consideration and concern and each of these identities is even more privileged than had been before. Now consolidation of trust. Obviously, cybersecurity is a very, very high profile. Breaches are headline news; cyber warfare, headline news. And we went through a period of time that there's a wide availability of capital. So there are hundreds of new cybersecurity firms that were born in the last few years. And while best-of-breed it sounds good, we've gotten to a bit of a tipping point where many, many enterprises deploy and manage cybersecurity solutions from more than 100 discrete cybersecurity vendors. And we talked about the macro environment. When you think about still having more problems to solve, when you think about cybersecurity debt still accumulating, the last thing an enterprise wants to do is add another 100 vendors to address that. But you also can't revert back to check the box. The stakes are simply too high. You must effectively solve these cybersecurity problems. And so that's why we see the pivot to the cybersecurity companies that effectively solve these problems. And trust is the operative word here. And respectfully, companies like Okta and Microsoft that aren't rooted in cybersecurity, they're outside of that circle of trust. We're really talking about companies that were established in, born in, have huge credibility and track records in delivering best-in-class cybersecurity solutions like CyberArk and Identity Security. And this is a trend that we believe will be highly beneficial to customers as they consolidate and concentrate their efforts on fewer high-quality vendors that cover more ground are very, very well integrated. Obviously, that would be a benefit for the vendors as well, like CyberArk, we do think the long tail of 1,000-or-so point product providers, they're going to be a little bit on the outside looking in, and we expect many of them to be absorbed or to even disappear in the coming years as this trend continues. New environments. We've talked a lot about this. But just to put some color around it, when you think about cloud migration, it takes multiple shapes and it comes in multiple phases. So you have the classic lift and shift of a specific workload asset from on-prem to the cloud. That's not typically a centralized activity. You may look and shift different workloads to different clouds. So you have multiple clouds just for that. Then as enterprises become more sophisticated, then they want to become cloud native on their own and start developing their own cloud native applications. Again, not centralized, so that happens on multiple platforms. And I keep on saying this because, again, our research shows that the vast majority of enterprises either currently used or by the end of this year, expect to use at least 3 cloud platforms. And while there's been a dramatic shift to cloud, there's still large pools of critical assets, infrastructure, applications that remain on-prem in customer-managed and hosted data centers, and we expect that to persist. So what you're really looking at is complex hybrid cloud and multi-cloud environment. And oh, by the way, you have a hybrid workforce. So we have a bit of a balance between return to the office and continuation of work from anywhere. So the combination of hybrid multi-cloud, hybrid workforce, again, the traditional network perimeter is not particularly meaningful. And I have to say it again, identity is effectively the new security perimeter. A new attack method. So it's not enough that we have increasing threat surface, but we have increasingly sophisticated attackers that are even collaborating with each other. We have organized syndicates cooperating to execute cybercrimes, like ransomware-as-a-service is an example of that. And obviously, it's become very, very visible that cyber warfare is real, not just a fairytale, not just a concept, and that puts us in a very, very high and sustained threat level. But there's more fun on the horizon, meaning we've talked about generative AI. It's still early. We're still not -- it's still not absolutely clear how this played out or how this will play out. But what we do know for sure is as Matt alluded to, it really ups the game. Generative AI ups the effectiveness across hacker levels. If I'm relatively novice, I've access to tools, it can bring me to an intermediate level, immediate -- similarly advanced. If I'm an advanced hacker and I am proficient in the use of Generative AI, I can ascend to virtuoso-type levels of attack. So it's the same vector, the same threats, just amplified. And when you think about Generative AI is particularly damaging on the human element. So think about the ability to create fake messages, images, videos, what have you, is enough to fool and bypass even the most wary frontline human. So again, putting the emphasis on the importance of securing the identity vector. So I'll just quickly walk through what this means for identity security. Again, when you look at the proliferation of identities, what does that mean? It means there's a wide range in terms of numbers and types of identities that provide for opportunities attackers to land, move laterally, escalate their privileges until they're able to do whatever damage they want to do. Consolidation of trust, there's a lot of noise in the system. Everyone's talking about identity. Everyone is talking about zero-trust, but there are only a few -- there are only a few cybersecurity leaders who have the breadth and depth of capability to really deliver identity security. The new environments, Matt talked about this earlier, a lot of emphasis on problem zero in the cloud, meaning wow, moved all the stuff up to the cloud, what have I done? What do I have? What are my vulnerabilities? It's important. You have to understand that but that's not fundamental security. And ultimately, we expect most of this capability to really be folded into broader platforms as the focus shifts, as it must, to real security and control. And finally, on the new attack vector side, I just talked about this, and I didn't even mention quantum. That something else that's on the horizon. The point here is that it's not enough for cybersecurity leaders to protect against the known threats of today. You have to build out future-proof cybersecurity solutions. And that's what we do, by focusing -- by going forward with an assumed breach mindset and focusing on defense and depth. And so for us, this really -- this really brings us to 3 key principles that went into the formulation of our Identity Security solution and the underlying platform. So for us, obviously, all these different identities we're talking about, you have to secure them all. Human, non-human, internal, external, highly privileged, not as privileged. Intelligent privilege controls. And when you actually protect them, it's a layered approach. So it goes from authentication, secure access, post authentication, monitoring and control, it's a continuous security cycle for all identity types. And finally, this only works if you actually enable the business. You can't shut things down. You can't impede the modernization of businesses when you apply security. So we have to put forward solutions that have automation, orchestration, intelligence that are required to really enable business transformations to happen very, very securely. In the platform, you've seen it. Peretz will take you through it in more detail. I'll skip one through. But again, this is how we actually do it. We deliver on the promise, and Peretz will take you through it. So consolidation of trust, consolidation doesn't mean M&A, but given the environment, perhaps we should talk about it a bit. So what do we look for? What's our approach when it comes to M&A at CyberArk. First, it is strategy first. It must be consistent with our forward goals. And second, we have a very, very, very talented team of technologists on the product side, on the engineering side, build is always on the table. It's always an option. So when we look at M&A, it's about dramatically accelerating our strategic initiatives or our product road maps. And finally, given that, the code is important. High-quality code in terms of its design and the underlying architecture and the teams, highly capable individuals where there's culture alignment, and that's super important. And then finally, I hope you appreciate that we're fairly thoughtful when it comes to deployment of our capital. We look for -- to generate outsized returns for our investors and generate accretive financials in fairly short order. I use Idaptive as an example, acquired 3 years ago. As a stand-alone, very, very strong SSO and MFA capabilities, served as effectively the launch pad of our Identity Security strategy, accelerate the development of our SaaS platform and really enable our business transformation to SaaS and subscription. That was already under the way, just provided some more fuel to the fire. And we've seen substantial synergies, both operationally and technologically, the results are here, 3x ARR in 3 years. And I went with Idaptive there. I could have gone Viewfinity, the centerpiece of our EPM product. I could have gone Conjur, underpinning management, very similar stories. In terms of the TAM, go through quickly, the $20 billion that we talked about 2 years ago, that was roughly split evenly, probably the slim majority is in our core markets. Think about Privileged Access Management, Endpoint, Secrets Management. And the remainder was a rather conservative estimate on the workforce side. And you've seen much bigger numbers in that on Workforce Identity. All the trends we talked about in terms of proliferation of identities, the extension of privileges, those have been significant tailwinds for our core business. Also add the increase in identities associated with cloud access, that has substantially grown our core markets. Meanwhile, on the identity side, we expanded use cases to include business to business. And also, as Matt mentioned, very discrete aspects and areas of identity management. So these things in combination have served to 2.5x our TAM to approximately $50 billion, again, relatively conservative estimate, and we believe there's substantial upside here as the tailwinds persist, as we continue to execute on our strategy and build our resolution set. So that's all I have here, and I'd love to hand it off to my colleague, Simon.

Thanks so much, Clarence. Hi, everyone. Very excited to be here. I mean, it's pretty good for me to be here because after this morning, and I hope you enjoyed the show this morning, I feel more relaxed. I can really enjoy the show. So I think -- if I click here, that's going to be easier. I think this title is interesting because if it was a year ago that I had the chance to have that conversation with you the title would have been very different. It would have been Transforming or Go-To-Market. But we just did that. And now it's a matter of turning that machine into something even more scalable. So I'm going to maybe explain a little bit what happened in the past few years and the past few months. And then what we are doing right now to continue to accelerate. The first thing that is important is -- for me as a CMO is what does really matter? What type of marketing engine I really wanted to build for the company? And you know what, these 3 themes really, really define what it is. Like for me, you look at marketing, you have different ways of defining success. For me, marketing is not a growth driver, you missed the opportunity. But you have to get into right. This is the marketing machine that need to drive demand, need to drive the leads, marketing qualified leads, meetings, opportunities and led to the new business generation. That is the most important part of the marketing. And you have to be passionate about the construct on how you do that because this is where you work in a very aligned way with Chris, our CRO. You work in a very aligned way with our product team to make sure that everything is orchestrated and what's important is in market at the right time. That machine is very important. All the very small little details is making it successful. The second part is definitely about the innovation. For us, we had all the tools. We just had to activate them in a way that was very, very well-orchestrated so it could perform. We could do everything around personalized outreach to our enterprise audiences. We could identify intent signals. We could definitely innovate across the board. We just build an inbound engine. So if there is any hand razor in our space that is interested in anything related to identity security, we will catch it. And I didn't know that in my last time I would also be impacted by AI and how AI can transform my function. And I can tell you, I already use it today. Some of the visuals that you've seen on stage are all generated by Midjourney. We are optimizing and accelerating our process of localization, so when we are in market in 1 language in the U.S., we are in market in 8 other languages at the same time. So all of that is definitely very important for us. We need to be able to outsmart our competitors and really be leveraging innovation for that. The last piece is about profitability. And profitability is important because marketing is seen as a cost center. So if I do a good job, if I do a good job to innovate in order to get our marketing machine to lead, to drive growth, then I can also optimize the way we are doing things. And it's not only about spending money, it's how do you spend money. We've been extremely focusing on doing high-touch, event-driven, in-person driven engagement, and we have to shift from that to get more programmatic. And that's the machine. That's the execution piece that's so very much important. So obsessed with that. And I'll shared some metrics with you so you can see about that in a few seconds. But the first thing is the positioning. And why I was so excited when I joined a year ago was I had that little window before the IMPACT conference in July to really redefine our positioning. And we had to elevate our positioning from PAM to identity security. We had to define what it is. We had to own it, and then we had to show up at that conference last year with a very clear, very clear idea of what is identity security, what are the -- is the 6 pillars under that and how we want to drive innovation and our road map and you've seen all the other innovation that we deliver today. So for us, when we think about the future of security being identity, we also really believe that with CyberArk, the future of identity is secure. So let me talk about why we are so confident in that is because we've been seeing all these recognitions. Not only the feedback from our customers that all want to go and build an identity security strategy, also the fact that we've seen the market going there. There is no category defined as a Magic Quadrant for Gartner, there are 2 here, and we are the only leader in these 2 Magic Quadrants. So that's the why we are seeing such a big momentum because we see that the market is going there. We see the demand. And it's not only Gartner. Across the board, if you look at Privileged Access Management, if you look at IM, or identity and access management, if you also look at DevSecOps, we've been recognized as a leader. So all that recognition is very important, and my team is highly focused on that because this is part of the education that we need to bring to the market. It's not only for us, it's also for Chris when he talks to partners. So we don't have to educate people. We have to just bring the solution to a problem and challenge that we already know that they have to fix. So we talk about marketing supercharge. Okay, it's a marketing term, but I like it. Because that transformation that happened a couple of months ago really help us to bring A talents, people that have very strong marketing expertise in the cybersecurity from SaaS companies that are helping us to elevate our game. And I needed that to make sure that we could scale. That was the most -- very most important thing is you think about designing a program, designing goals, designing a vision, you need the right leadership to do that. And we brought all of the amazing leaders and you've seen one of them on stage, and you will see another -- she will be on stage as well later today with Amy. So very important for us to have the right team to drive the right machine. Now also, we knew that scalability and profitability will be very important. So we built what I call, again, a recession-proof model. We build a center of excellence in India that helps us to scale. And when you think about some of the marketing functions that are still very much related or relying on human people to operate, this is where we needed some help. So we need more resources to help us do more account-based marketing at scale. We needed more resources to help us drive at scale execution of our programs. While we are speaking right now, this week, there are about 3 to 5 campaigns happening in every single market that we address. So that machine running is very important for us. The other thing that's very important here is we really want to make sure that we do it hand in hand with our partner and sales teams. So the alignment between my team and Chris' is amazing. Okay, you know what? I told Udi and Matt when they hired me that the relationship between a CMO and the CRO is even more important than the relationship between the CMO and the CEO. And it's true because when we do a good job, this is where magic happens. So we supercharge our marketing team in a very strong alignment with the sales team and very, very happy to see the outcomes. Okay. The first thing I wanted to talk to you about is, okay, what can you do now? Where do you take it from here? First of all, you still need to stand out, right? We created Identity Security, that category. We need to stand out. We need to make sure that the world knows that we have a solution to this big problem that some people, I thought I already said, we'll call identity crisis, that some of them will say, okay, you need to look at the identity fabric, some analysts will talk about that, but the identity and securing the identity is becoming the pivotal thing for everyone. So we want to position ourselves around that. We own the answer to this proliferation. You talked -- you heard about consolidation of trust. This is what we do, and this is very important. So for us, we're going to continue to handle the market that way. But in a very specific way, we're not going to -- okay, I talked about innovation being one of the pillar of this operating model that we built. I mean, doing a Super Bowl ad is not innovation, okay? Sponsoring a Formula One team is not innovation. What is innovation is to be able to use the new tools today that are available to surround every single decision maker, every single decision maker to come to us and engage with them to close the deal. And by doing that, you need to be programmatic. You need to be digital. You need to think about when you do a billboard in the airport, how you do geo-fencing on all of that. And why it's driving 8x higher conversion to us when we engage with them the next time. So that type of innovation is very important. And Josh is asking me a lot of times. Okay, yes you are investing awareness, whatever, how do you measure success? The old fashioned way of measuring success on brand awareness was you do 2 or 1 survey every year. And then by the time you do the survey and you get the results and then the market has changed and evolved and it's too late. There is a new way of doing that. There is a tool that we use right now to be able to measure our share of voice and our power of voice, which is basically share of voice with positive sentiment at scale on steroids, and we measure that on a daily basis. Identity Security being a new category. We look at it very precisely, and I can tell you that we are, of course, right now, with all the efforts that we are doing, #1 in these 2 categories, both share of voice, by lots and even for power of voice because this is what really is meaningful. So the other part, and I told you that marketing is just not -- it's a machine, right? The execution is important. So it's just not a one-off thing. We went through a digital transformation ourselves to make sure that we surround each of the decision makers. But what about building communities I was here yesterday talking to partners, we are rebuilding the entire portal experience with partners to make sure that we have the right resources, the right expertise, the right execution and activation for them at scale all the time, always on. We're going to do the same and we announced that today, that we got to do the same with developers. It's very important. So again, we can bring together this conversation that are happening in different teams today into one single conversation and make it easy for our teams and our partners to do that. You heard about go-to-market place. It was an amazing concept that actually Matt invented. And we decided to find ways to make it executed at scale and becoming the foundation, the foundation for us for everything we execute, all the campaigns, all the programs. And I'm talking about end to end. So it's not only marketing. Marketing is one piece, but there is, what is the value story, what is the enablement, what is all the activations that we do with partners and our customers and customer-facing people and also the marketing piece. All of that, that end-to-end cycle is now aligned to all the go-to-market place that we are doing. We have 8 of them and everything is done that way. So if you want to activate an overall story, value story or Identity Security, you have a full kit that you can go and execute. If you want to go to something specific to Cloud Security, you can activate the Cloud Security kit. That is the machine. And some people are not excited about execution. I'm very excited about execution. I can talk on behalf of my team, they all are very excited about the execution and getting this thing executed. So very important for us to align our effort on this. But it's not only about executing things. I'm sure you heard a lot of time, yes, I've done this number of events, I've done this number of campaigns. No, no, what really matters is how we measure the impact on the business. So part of the transformation for me when I joined was to also help my team to evolve this mindset. I take ownership on the number, the same way that Chris is taking ownership on the number. And that said, we all want to work for a company that's growing and accelerating. So we want to take ownership on the number. The proxy metric, which is basically the leading indicator to pipeline, which is another leading indicator to closing the business is the meetings. And the meeting is something very important for us. We define the success of every activity that we do based on a meeting. A meeting is important because it's a concrete thing. It's a concrete thing that I don't control. And I like that because what I do is I create leads we generate marketing qualified leads that transform into a meeting, an opportunity for CyberArk customer and/or a partner to have a conversation about their challenges, their projects and how we can help them to move that further. It's an opportunity. And our conversion between the meeting to a real opportunity, real active pipeline is by far above benchmark. So if we do a good job to drive meetings that convert into pipeline, we said that we have this marketing machine that's driving leading indicator to the leading indicator to our success. So very important and very glad to see that we have a record-setting pipeline today. And our meeting is growing 55% on the first quarter of this year, and it's been even higher for the past few weeks in the second quarter. So I told you it's not a one-off, and everything is programmatized for us. This even today gathered about 2,500 people between virtual and in-person. So very excited about that. But I'm also very excited about the over 19 cities where we're going to go and meet with more customers and more prospects and more partners, and we're going to get another maybe 3,000 people, very conservative. I think it's going to be more than that. But the idea is to take the best of what we've done here and bring it around the globe. So me and the executive team will be traveling. We will be doing that, as you can see, a lot of cities across all the different regions. But that is the best way, the best moment for us to get, what I'm talking about since I've been on stage is meetings and being able to be here the right conversations with the right people to get to a faster growth and support our aspirations to be a multibillion-dollar company. So with that, thank you so much for your attention. And then I invite on stagood evening, Matt?

Thank you. So it is great to be back up here and dive a little bit deeper in to go-to-market. Chris is really sorry, he didn't attend. He's not feeling well, he's well enough to text me just now and say, don't screw up his slides, but he's really not feeling that well. So I'll walk you through a little bit around how we are thinking about go-to-market, both today and actually into the future here. And it does start with this idea of this massive TAM that I talked about, that Clarence talked about. And it's a framing device, if you will, for what really is a rich and ripe market to sell into. Simon talked about setting up meetings, actually, setting up meetings is only a good metric if you have a really good solution to sell. If you have something that the customers want that actually when they see actually meets the market requirement. And so it is really important to play in a big TAM. That's a great first step. But as a go-to-market leader, what you think about is how can I convert that TAM into reality? And how does it actually make its way into day-to-day sales calls. And when we think about that as it relates to CyberArk, we are in an enviable position compared to other tech companies and certainly also compared to other cybersecurity companies in the environment. Now when we frame out the opportunity for us at a customer level, we talk about and we have in our systems, 75,000 dedicated prospect accounts that we can still go win. And we have our 8,000 customers that we can still go expand. So if we start with that landing motion for a second, you've heard us talk about it before, we still are primarily landing customers with PAM. About 85%, 80% of our new logos are PAM-landed. Now they're landing with PAM-plus multiple solutions, over 50% are landing with more than one solution when they first take a bite of the CyberArk apple. But our ability to not only continue to pursue PAM as a landing spot, but actually expand into access and identity into Secrets Management with Secrets Hub and our Conjur Cloud platform. And increasingly expanding into EPM as a first strategy and an overall security footprint. It's also one of the keys of launching the CyberArk Secure Browser this morning. which I'm sure we'll talk about more later. But the idea there is it plans to seed within organizations where they can procure the services like Workforce password management like Secure Web Sessions like our SSO, MFA, IdP. So as we think about the 75,000 customers that we can go after and we think about not only the enterprise space, but the mid-market and even the SMB space, we believe we have lots of room to run, and we are optimizing the go-to-market engine, both directly and as I'll talk about in a moment, through partners, to make sure we can pursue those accounts. But the 8,000 existing customers still are entirely untapped from a potential perspective. When we look at our 8,000 customers, the vast majority of them because that is our landing spot of old own PAM. We have about 30% who own Secrets Management, 22% own EPM, and 10% on Customer Workforce Identity and then you see it trail off. What that means is the cross-sell opportunity within our base remains huge. And it's one of the reasons, but not the full reason that we talk about a $5 billion addressable market within our 8,000 customers. We have the ability to, first of all, to take the PAM customer and sell them Secrets as their nonhuman identities explode to sell them EPM as they try to secure the endpoint and to get them on to our more secure version of workforce access. And we see that cross-sell motion starting to really take hold and become a flywheel effect, not only for us directly, but with our partners. But there's another underlying element within these 8,000 customers, which is they're actually underpenetrated within the solutions that they own. Believe it or not, despite the success with our EPM solution at most of our enterprises, they only own about 20% to 30% coverage of their overall end points as you move from not only workstations, both Windows and Mac, but also over to Linux servers and other endpoints within their environment. It's part of the way that Identity Security gets deployed, which is it starts and then there's a blueprint towards higher-risk identities or endpoints that you start to roll out. As we start to understand Secrets Management and the proliferation of these non-human identities and the ability to be able to tackle not just existing code but modern code, we start to see a tremendous opportunity to expand within Secrets. I think everybody understands that within cloud, we're just at the one yard line at the beginning. But even within PAM, and this is something I think, needs to be understood, there is a road map that we approach with customers If you ever sit down with our Identity Security blueprint, you can see it actually actioned out, which says you cannot secure all your privileged accounts out of the gate. There is a time and a place for various level of credentials or privileges to be secured, start on the most critical accounts, the domain admins, the service accounts. And then you start to move deeper into an organization and you secure the rest of their identities, the rest of their accounts. If you combine that with the proliferation a privilege throughout an enterprise where business users need PAM accounts and access. You start to see that actually our estimate within our base is that we're about 50% penetrated even in the PAM space, where we started. That's not to mention all those new logos that are out there for us to go pursue. So when we look at our existing accounts in this $5 billion TAM, this is also a protection strategy in a macroeconomic downturn, because we're able to do business efficiently and effectively and quickly with our existing customers as we upsell and cross-sell them throughout this environment. From a go-to-market strategy perspective, Chris would tell you, we're not changing all that much. What we are focused on, though, is honing our ability to execute effectively across the markets that we serve. We've taken what we traditionally call the enterprise and commercial, we call it now corporate, but the enterprise and corporate space, and we've subdivided it or subsegmented it into 4 areas: strategics, majors, core and SMB. And what that gives us is a better guidepost of how to organize our sales, presales technical engineers, even our post-sales customer success, support resources against the various subsegments of customers. That allows us to be more efficient, a strategic customer needs a higher cost of sale and SMB customers should go entirely through the channel. It also allows us to understand where to target Simon's marketing engine more effectively and efficiently. And then it all comes back though to the cycle that we implemented around CARE. So CARE stands for close, adopt, renew, expand. It's the lifeblood of a subscription company. Simon is really responsible for helping us go hunt and close, find us those new logos, get us those meetings, the sales team will take over and close those accounts. But once we've closed them as we try to move them into the expand motion, we've had to focus and invest within CyberArk on the renewal motion, the adoption motion with a focus into customer success, the unification of services support and success management and making sure that we can offer best-in-class success programs out to our entire customer base, both high touch for our strategic but also low-touch or digital success for down market. And we do all of that in conjunction with the other key ingredient, which is our partners. Now I wanted to share with you an example of this land and expand motion. And I chose 2 different customer examples. One is what we might call a heritage customer. We use that term rather than legacy. But a customer who bought PAM back in 2018, on-prem. And you can start to see their trajectory over a 4-year period of land and expand. It's an energy company, a big energy company, and they bought self-hosted PAM. And you can see that the first purchase was not that big. But then in 2021, they started to expand the PAM foot plan footprint to match the Identity Security blueprint we talk about. In 2021, later in the year, they actually cross-sell into EPM, and we were able to actually get to a large portion of their endpoints. In Q3 of 2022, we actually got them to convert to the modern stack of Privilege Cloud. This opens the door for us to be able to have conversations about all the new services. And then in Q4 of last year, we're able to cross-sell them back into Secrets Management. Now it's a 4-year journey, but over that 4 year, the expansion on the initial ARR was 20x. That's the type of opportunities we have within the base of customers that we serve. But I wanted to bring up a different example. This is an IT services company. And this is a company -- yes, in the upper right, it's only 7x expansion. But look at the time lines on this company. And it's because, in Q3 of 2021, they didn't just land with PAM. They landed with Privilege Cloud. So they started with a SaaS-first strategy. That opened up the door for us to quickly come back with add-on PAM, cross-selling EPM, getting them on to Secrets Management and Identity and getting them across the full platform. But then we're able to come back actually and give them more identity. And then ultimately come back because we're able to track in this particular case, we knew exactly the usage of the customer. We showed up at their doorstep, and we told them, you're ready for more PAM seats. And we're able to get more PAM deployed in the beginning of 2023 here. 7x multiple, still a really nice growth trajectory and a growth path over a short 2-year window, less than 2 years. And we're able to do that in our go-to-market motion, not just alone but with our partner ecosystem. I was on this stage, actually in this room. I believe it was on Monday. And we had several hundred partners in the room, crammed in here, thinking about and talking about where are we going from a partner ecosystem perspective. Tomorrow, we'll have a keynote with the top thought leaders in Identity Security from some leading SI partners. The SIs continue to set the stage for strategic thought within our customers, and they have dedicated, built CyberArk practices, not Identity Security practices that promote all brands CyberArk practices. We continue to see an expansion now in the MSP markets, the ability for not only down market, but also larger enterprise to outsource their entire cybersecurity stack to MSPs, and we increasingly see the SIs, the telcos, even the traditional resellers moving into the MSP market, so they can provide Cybersecurity-as-a-Service. For us, once you're embedded in an MSP platform, then your -- their route to market, you're their product as they bring their MSP services to market. We also see an expansion in marketplaces. We see it in our C3 or Alliance programs. And across the board, we believe the way CyberArk scales, and the way CyberArk scales efficiently is through our partner network. So we invest in this ecosystem in the certification and the enablement to make sure that we're able to scale as we move forward. Our overall go-to-market engine is built to scale to $1 billion very soon and beyond in the years to come. Now it's great to be able to sell the solutions and the platform that we have. And so I'm excited to turn the stage over Peretz.

Hi, everyone. Just a quick introduction Peretz Regev. I've been in CyberArk in the last 9 months, joined 9 months ago, before that, I was the Head of Global Data Science in PayPal, which is an horizontal organization responsible for all AI and ML capabilities within the company. As you have heard, we continue to be focused on growth, innovation and profitability. And what is accelerating our business across these 3 themes, is our unified platform. Our investment in this platform and in our SaaS solutions yields already dividends to us. And of course playing along with our other investments that we have put in new products and services and has positioned us as the Identity Security and the ability to scale well beyond the $1 billion that we have discussed. I will focus today on the middle part, on the innovation and to show you how our proven ability to execute, track record of innovation with extensive experience of Identity Security with a security-first mindset will enable us to continue to be the leader in Identity Security. And our innovation around the Identity Security platform not only helps our -- the market needs and also helps focusing on our customers actually, it enables us to be much more efficient on the product and technology on the R&D side and to be -- to run operational efficiencies around our program. So CyberArk is a pioneer and innovator and a disruptor. We have a lot of experience in bringing the state-of-the-art capabilities in order to be able to solve really existential problems to our customers. Security innovation is our DNA. And with more than 80 related patents and with successful acquisition integration that Clarence just told you about as well as non-organic development, CyberArk is really the undisputed leader in Identity Security and in helping organizations to be a step ahead of the cyber attackers. We started by providing the capability to vault and rotate privileged credentials for a subset of users. And from there because we know the game, we actually expanded into much more of securing the endpoint, managing secrets, virtual and multicloud infrastructure support, workplace, vendor management and non-human identities. Just in 2022, we were able to brought to market the SaaS-based Secrets Management offering Conjur Cloud to secure these non-human secrets across cloud environments and CI/CD pipelines. Secrets Hub for AWS supports that developers can continue to use their own UI, their own preferred applications without any disturbances while IT and security teams will be able to control and manage it on their systems as well. Identity flows which is a no-code identity automation and orchestration to save the security and identity team precious time. Identity Compliance to continuously making sure we are enforcing lift privilege and demonstrate regulator compliance. Secure Cloud Access for JIT, just-in-time, list privilege access to cloud consoles and CLIs and as I mentioned, our Shared Services across the platform to unify the entire user experience and to drive intelligence across all identities in environment. And just this week, actually, just this morning, we have announced AI and ML capability within our EPM product, which enables automatic policy creation as well as new products that we announced, which is the Secure Web Browser. So as the pioneer in PAM, we are uniquely positioned to deliver on Identity Security because our core competency is securing this -- the keys to the kingdom. And these keys are actually helping our customers to control the access of sensitive infrastructure, data applications and keeping them out from any insider or external [ bad actor ] and of course, preventing them to disrupt the business continuity. Our approach is unique since CyberArk recognizes every identity, human and non-human can become privileged under certain conditions. And we do it all by offering the platform approach across the Workforce and Customer Access, endpoint management PAM, Secret Management, Cloud Security and Identity Management. All of these capabilities benefit from the Shared Services that unified the process and integrate the experience for our customers across the CyberArk services. And the beauty is in our ability also to share data and insights across these identities and environment. In our newest innovation, the CyberArk Secure Browser by extending the Identity Security platform to web browsing, we provide a clear path towards defense in depth for our customers. So our customers can enforce specific security controls in increasing security, privacy and productivity. Let's take a look on 2 use cases that our customers are -- how they leveraging our unified platform approach. First, we'll start with modern environment. So CyberArk has focused on the evolution of PAM, formed securing privileged access in a traditional infrastructure to applying the security-first approach and PAM use cases to the new type of identities. And when I talk about the new type of identities, they emerge in this new modern than infrastructure, which includes cloud, SaaS, DevOps, IoT and many, many more. As of today, think about the personas DevOps engineers, cloud engineers, developers, business applications, even my CFO over here, Josh, they require privileged access to their own applicable stack. But the method in which they access the solutions to secure them require different approach. We extend the privileged controls and multi-cloud environment. This is where our customers have deployed our different solutions like Secured Cloud Access; Cloud Entitlements Manager; Dynamic Privileged Access; Secure Web Sessions, the SWS; Secrets Management; and Secret Hub to secure both machine and human identities, all of it with zero trust, with zero standing privilege to extend the PAM across all these new environments with one single platform. We are differentiating ourselves with this way from our competition. Now let's take a look on how do we apply privilege controls to all identities, including the non-human identities. So as you know, there has been an explosion of machine identities. We are talking about a ratio of 45:1 between non-human and human. And as of today, these machines, all of them have accounts, they have credentials. And these are the secrets that we need to secure and help our customers secure. These secrets are growing in an exponential way and increasingly being targeted by cyber attackers and really are at a phase that these are the things that we need to make sure our customer is securing. So when you consider this number of secrets that must be secure, rotated and the number of tools, platforms, technologies that IT teams have to interact with, you can imagine I would -- can quickly be overwhelming. Our customers there have found out that CyberArk's enabled them to centrally secure all of their secrets, all of their application identities whether it's in the cloud, hybrid, containerized CI/CD pipelines or DevOps environment while using their preferred approach to the cloud without burdening their developers. Because secrets Management is core offering to our platform, customers see the value in extending their investment with us as Matt -- as mentioned before, yet another vital part of their identity security approach. So how do we do all this magic? So our R&D efforts continue to focus primarily on improving and continue to enhance our existing product solution and services as well as developing new ones to make sure that we meet the market needs. And again, just this morning, we have announced some of these new capabilities. We also maintain a dedicated CyberArk labs team that researchers reported cyber attacks. They are kind of thinking like the attacker people which helps us to understand to do the reverse engineering of these attacks and be ahead of the curve, ahead of the attackers for the next cycle and help our customers to be prepared for some -- this kind of an attack. Today, we already embed AI and ML capabilities across our solution. So for example, our ISI, Identity Security Intelligence and PTA, Privileged Threat Analytics, actually is building a multi-dimensional, I would call it, profile for identities based on activities from multiple products and use cases. This build actually allows us to identify any anomalies or different behaviors in the system and automatically remediate them by, for example, set up MFA or any PAM corrective actions. In addition, today, as I've mentioned, we have announced on the new AI capabilities within our EPM product that enables automatic creation based on Cloud sourcing. So just to wrap up this part, we believe that innovation is the engine for our SaaS platform, which accelerates our innovation, our growth and our profitability. And with that, I'd like to hand it over to Josh.

Okay. It's great to be here today. And Erica, I really like this idea of having more than -- all the people here in one room instead of traveling to over 25 conferences during the course of a quarter. So this is great to have everybody here. And let me get started. So you heard a lot this morning, whether it was at the keynotes or whether it was just here in the last hour about growth, about innovation, you even had Matt kind of give away some of the thunder about where we're going towards profitability. But I'd like to spend the next 10 minutes substantiating through some charts, through some graphs, substantiating our confidence in where we're going with the financial model and hopefully continue to build your confidence on where we're going on the financial model. So I'll start, first of all, that we're just over halfway through the quarter. And we're confident about our Q2 guidance that we just gave out in May, and we're reiterating it today. I think our 6-K went out this morning. And I will remind everybody that we actually raised the guidance in May compared to February. We raised the ARR to $740 million at the midpoint. We also effectively raised our guidance on the full year revenue because as Matt pointed out earlier, we are now at 95% of our bookings mix with SaaS and subscription. And when we gave out the guidance originally in February, it was on a 93% for the year. So in our last Investor Day, we said what we were going to do. Matt did a great job of pointing out line by line that we actually exceeded what we said we were going to do in that Investor Day, 2 years ago. And because we got through the transition faster, with higher growth rates, we pushed up by a year coming out of that profitability trough that you would typically see in the transition. So already this year, we're guiding to breakeven and we're already -- and we're seeing the acceleration in our revenue growth and coming out in the bottom line. and we're striking distance now of hitting that $1 billion ARR target. Now in mid-June, in June of 2025 as opposed to the end of 2025. The last 2 items I'm really pleased about because I know how that goes today to our shareholder value. The success of our last 2 years and our market leadership really puts us now into what Erica and I call the fun part of the transition because it's about the acceleration of revenue growth after suffering through the transition of having all that ratable revenue and already last year and this year, we see the acceleration of growth and returning for people who have been around the table for several years, to a much more familiar territory of CyberArk being a high-growth company with our guide this year approaching 25%. And we're now a fully recurring revenue business model. We were 70% 2 years ago, 80% a year ago. And in the first quarter this year, 90% of our revenue was recurring. If you were to extrapolate that Q1 recurring revenue, we'd be at $580 million for the year. That's already 80% of our guide. I want to remind the group that just a few years ago, it was only half of our business was recurring. I don't need to explain to anybody about the increased value of what it means to be a high-growth recurring revenue model versus a high-growth perpetual model company. I know that at least in the beginning of the quarter, I have a little bit more sleep at night. And you can really see the increased value in our model well expressed in our remaining performance obligation numbers, which we publish annually. Great growth in our RPO, 38% last year. But the current RPO actually grew over 40%, 41%, hitting 60% of our total RPO number. That was less than 1/3 before we kicked off our transition. Needless to say, this has made our model a lot more durable for both when we think about current day operation decisions but also a lot of our near-term, medium-term and long-term strategic decisions that we are taking on a daily basis because we know where the model is going in a much more confident way. And it's also a model that we can now bank on when we talk about the margin expansion that we'll soon see in the long-term model and the free cash flow expansion as well. Going through and now just on the other side of the transition -- our annual recurring revenue remains really the best measure of our performance. So I really -- we really focus on that on a regular basis. And in the last Investor Day, we set the goal of hitting $1 billion of ARR by the end of 2025. And I already mentioned just -- a bit earlier, that was based on a 30% CAGR growth. Having done 40% CAGR growth through that transition, we're now able to move up that $1 billion target to the midpoint of 2025 and but also be a lot more confident about setting our 2027 goal for the first time to $1.6 billion plus, as Matt likes to say, when the ARR will really start to align with the actual revenue growth rate of the business. This is the natural behavior of what happens when you come out of the transition. As we get further on the other side of the transition in 2027, really, the ARR growth now reflects the underlying growth of the business, and we remain confident that the overall market and industry tailwinds, a lot of which you are hearing about this morning really support the growth of being greater than a 20% company on an annual basis for the long-term. But let's look at the pieces that is driving our ARR growth. And it really starts with what Matt talked about earlier today in the second section, as Chris when he said we have 8,000 customers, but we only have 8,000 customers while looking at prospects of 75,000 customers, potential customers. And today, we not only land in the PAM space, about 85% of our lands are in PAM, led by Privilege Cloud today. But we also see 15% of new logos landing in EPM or in Access. And with the intro of our Conjur Cloud this year, we also see that as an additional landing point for new logos. We've enjoyed 30% to 35% consistently now of our new ARR coming from new logos. As our new logos don't land and go and buy everything across our entire platform on the first call, we believe we still remain significantly underpenetrated in our installed base for both up-sell and cross-sell after the land. We heard about the Blueprint strategy this morning, and our strategy expects potential annual recurring revenue could grow at least 10x initial land with our Identity Security platform and the go-to-market engine, the marketing engine that we talked about and the innovation that Peretz just got through discussing. And when we think about the add-ons, there's always a piece that's related to conversions and I get asked all the time, talk to us about the economics around the conversions. Until now, and we also expect during this year as well, will remain about single-digit growth of our ARR coming from conversions. And if you think about it on a like-to-like basis, so you're taking a maintenance contract from a perpetual customer, and you're now moving that maintenance contract to a subscription or to a SaaS contract we get uplift of 1.5 to even up to 3 times when they're moving all the way to SaaS. And that's before -- we're adding new upsells and cross-sells that typically will accompany a conversion sale. So I'm showing this chart because I think it clearly shows when you look at the customer cohorts by ARR size, it really shows our expansion growth in action. Greater than 40% year-on-year growth of our $100,000 ARR customers in 2022 versus 2021, more than 75% growth when you look at our ARR customers that are over $500,000 in ARR. And even those larger customers that are over $500,000 have leveraged our platform really for only 4 of -- on average of 4 of the 6 solutions on our platform. So if we combine the fact that while we're still growing quickly, that less than 20%, the 1,400 of our customers' base still has greater than $100,000 ARR with the fact that those 1,400 customers are equaling almost 3/4 of our ARR total today. It really shows the huge existing TAM that Matt pointed out this morning, equated to about $5 billion of the 6,000 customers that are today under $100,000 ARR that we know we can bring above $100,000 ARR above $500,000 ARR, and we also have many examples where it could be a $1 million annual revenue contract for customers as they really go all in across our platform. You've all been tracking and probably one of the most popular questions we get is what does your ARR pie look like by product? So over the last year, it's been very consistent. 55% PAM, 20% EPM, 15% Access, and 10% Secrets. We believe that, that will stay consistent through this year. However, if you ask, okay, what about over the long-term? What about, let's say, over the next 5 years? Well, first of all, we expect a much bigger pie to be talking about over the next 5 years. And we're positioned well to hit that $50 billion conservative number of TAM that we talked about earlier. And while we expect to remain our incumbent leadership in PAM and it will still be the leading player within our pie. We envision that the ARR growth from EPM, from Access and Secrets to increase their relevant proportion of the pie. And while it's so early today, we also expect Cloud Security to start to be a significant piece when we're thinking about the pie over the next 5 years. And that brings me to the long-term model. So just a couple of things to recap. We are the leader in the Identity Security space. We have a platform available today to be the consolidator of trust that Clarence talked about for all segments, all verticals for large enterprises, for corporate and down market, we've maneuvered in a best-in-class form through the subscription transition, really positioning us for the ability to continue expansion in both our operating margins and in our free cash flow capabilities. When we were last together, we anchored everybody on a Rule of 40 company. And we thought at that time, we might be more balanced. But since then, we've had amazing growth. We've entered deeply into the full and larger, much bigger TAM Identity Security market. And so for 2025, we are looking at a 25% growth rate, being able to expand our margins out to 15-plus percent on the bottom line, generating $200 million of free cash flow. And for the first time, we'd like to extend our long-term model out to 2027. And there will be more of a balanced Rule of 40 with at least 20% and similar in operating margins and similar in revenue growth. But being able to nearly double, expand our free cash flow from the $200 million to $375 million. And if you were to extrapolate through the math and you were to take our $1.6 billion plus ARR target, you would see that, that reflects about a 25% free cash flow margin. And that really puts us in the potential Rule of 50 group, line of sight for the Rule of 50 group when considering free cash flow margin plus revenue growth rate. So at this time, I hope that you are all excited about CyberArk as we are and the entire executive team. And I do think we've earned a break. So I will turn it now over to Erica for the rest of the agenda.

Thanks, Josh. Perfect. So we are going to take a very quick break for cut back at about 20 -- after there's some food and snacks in the lobby and the exec team is here. So we can take a quick break, and we'll see you in about 12 minutes. Thank you. [Break]

Okay everyone. We are back. Thank you all for coming back and for participating in the second part of our day. I am going to turn it over to Amy Blackshaw, who runs our VP of Product Marketing. I think most of you saw her, most of you in the room saw her on the keynotes earlier today. And she is going to interview Jay, have a discussion. He comes from Aflac about how they've embraced our Identity Security strategy. And with that, I'm going to turn it over to Amy.

Hello, everyone. Thanks for being here. I'm Amy Blackshaw, and it's my pleasure to sit on the stage with Jay Coull from Aflac. And we're going to have a conversation about Aflac, CyberArk Identity Security. And I'm really looking forward to the conversation.

Excellent. Thanks for having me here.

Yes. Great to see you. So first, can you introduce yourself, your role, tell us a little bit about the company and how CyberArk helps secure identities there?

Absolutely. So as Amy said, I'm with Aflac. So I'm Senior Manager of Identity and Access Management for Aflac. I'm responsible for really keeping all of the technologies that make identity and access management possible. I keep them alive and working. With that, Aflac has been very deep into the privileged access space for a while. We started using CyberArk over 7 years ago. So it's in the core of our privileged access program. As we move forward and as the clouds move forward, we continue to evolve what that is. It slowed down for a while. Privileged access became a little bit of a quiet topic for a few years. It was just going well. And now we've gone to the cloud and everything is really coming together again so that it's a lot of exciting things that are going on.

That's great. Great. Thank you for being such a loyal customer. And I know that you started hands-on with CyberArk in your career, too, and then have progressed and now have a team working with the tool, so I know that you've been very close to it yourself.

Absolutely.

Yes. That's great. Can you tell us a little bit about some of the challenges from a cybersecurity perspective that Aflac faces today?

Absolutely. So I mean we're all worried about identity theft. There's a lot of different ways that can happen, whether it's phishing, whether it's just your business e-mail scams, whatever it's going to be. But we all have to worry about that. We're worried about protecting not just our customer data, but we're a brand. And we have to worry significantly about the brand. So even the most minor type of attack can really be a big hit against the brand. So we put a lot of effort into securing everything, whether it's a basic e-mail or all the way to the server back end.

Great. Thanks for joining us. Brian, great to see you. So we were just talking a little bit about Jay's background in Aflac and how they're using CyberArk. Can you do the same, introduce yourself, the company and how CyberArk is helping you secure identity?

Absolutely. Yes. I'm Brian Miller. Before coming to Healthfirst, where I currently am the CISO. I did about 15 years of cybersecurity consulting, coupled with EDS and the rest with Booz Allen Hamilton. A lot of DoD, Intel community, then some federal, some commercial. I brought all that experience to Healthfirst. We're about a $17 billion health insurance payer focused on New York City and up the Hudson Valley, about 1.6 million members. At this point, we pretty much have CyberArk everywhere. One of my initial things I did was really lock down identities. That's sort of core. If you can't lock down the identity, you really can't secure anything. So we have CyberArk PAM, which really controls all our superuser or administrative accounts. We would then move to Conjur, which allows us to lock up a lot of the secrets, which your applications are using, your DevOps pipelines are using and so on. And then recently, we adopted the Workforce Identity to give more flexibility and more control over the identities of our workforce.

Great, great. A follow-up question to that. Can you tell us a little bit about the cybersecurity challenges that you're facing at Healthfirst?

Yes. I think everybody is familiar with the ransomware problem and emerging threat vectors with ChatGPT and things like that. But ultimately, they all come back down to, if you can stop the vector by controlling identity, for example, if you can stop somebody from coming into your house, you can identify, okay, this is an attacker who wants to come in and do damage. At scale, it's a lot more complex, but our philosophy is if I can control identities of people, machines, everything out there, we can really control all of the threat vectors. There's a lot of solutions out there that look at this threat vector or that. CyberArk gives us a comprehensive approach to shutting down -- shutting those down.

That's great. That's great. Can we talk a little bit about sort of the importance of identity security platform? I mean I know that we talk a lot about our capabilities and our differentiation in our SaaS platform. We obviously are very invested and see the value. Would love to hear from you both and maybe we can start, Jay, with you about the idea of a platform for identity security and the value of that.

So when you go to a platform, it's a mixed bag. There's a lot of really good things that come out of it, but there's also long-term concerns. I'm on kind of defense on going to a true platform. I think that we find really good benefit from the ability to the UEBA user and entity behavior analytics when you go to a platform because you're just getting a much more consolidated version of what the data is and what's happening. The other side of it is you also have the concerns of supply chain risk. So if you have a platform that gets compromised, you have to worry about what else gets compromised within there. So you have to build your layers of the onion and security to make sure that you're not putting too thick of a single layer within a platform. So I kind of -- I sit there on both sides, administratively, a single platform is wonderful. From some of the risks, you have to look at it a little bit differently.

Understood. Understood. Brian?

Yes. I really prefer sort of a customer ecosystem or a platform approach. Our approach has really been to go with best-of-breed products and then really build out with those products to the greatest extent possible. This really allows us to get economies of scale, control costs, but also the challenges of really keeping a system up to date, keeping up with all the nuances of it, training people to administer it. I really find that a single provider for a given competency area like identity, we also do the same with cloud security with some of our other vendors and our endpoint and things like that. For us, for all of our corporate users, CyberArk is really our primary identity solution. We're to the point where we're trying to push Microsoft off a little bit. So they're just our identity store, and CyberArk is really controlling everything for our users and all our privileged access. One of the reasons also is give us some resilience. We've had a number of problems with MFA with other vendors in the past, CyberArk's approach to platform, high security, high reliability, like multi-zone, multi-tenant, and that's been very helpful. We have sort of separated our members and customers onto different platforms. A lot of that was strategic, and some of that was just timing. But we find CyberArk as our primary workforce security platform for identity.

That's great. Thanks, Brian. I think you talked a little bit in that comment or your response around what we've been talking about, the consolidation of trust. And the theory that with so many vendors out there today, that there is a move towards choosing fewer, more strategic partners. And so we heard you talk about that from an identity security perspective with CyberArk. Jay, I'm wondering your thoughts on that idea of consolidation of trust as well.

So we've found really good results with consolidation trust within vendors, especially when it comes to vendors that you've partnered with heavily. The thing that -- like I said, my concern isn't so much the consolidation trust because that is a wonderful thing. It's really just making sure that we've got all our different layers in there to still protect ourselves. It's very easy to become complacent when you take a vendor that you've decided is best in breed and the more responsibility that you give them to potentially have something go on that is outside of your view now because it's within that platform. But that's where you have different layers, and you make sure that you have those layers watching each other.

Yes. And I think to follow up on what you say, some vendors, they try to do so much of everything, like you say, you lose visibility. They become mediocre across everything versus I see vendors like CyberArk, they really are best of breed in their platform, and they do give you the capabilities, and they're nimble enough to also -- if you want something new and it's value broadly to the market, they really drive forward to make that happen. And they're actually doing that in a couple of areas for us right now. So...

That's great. That's great. I'm going to tack on to that answer just around CyberArk as a partner. So if you're able to come to CyberArk and say, there's challenges that we're looking to solve. We think you can help us here. Have you -- can you tell us a little bit about CyberArk as a partner in that scenario?

Yes. One of my favorite mantras is in -- am I looking -- I'm not looking for a partner who doesn't have problems or we're not going to have problems implementing their technology. I want a partner who's going to help me navigate through those effectively. Because whether it's my infrastructure or legacy things or my -- there's all kinds of things that can go wrong, but have a partner you can trust and navigate through it. And then as you really put out a best-in-class technology that's comprehensive, there's always things that I want this and that and the other thing. I don't want to have to go out and buy 3 more solutions. So having CyberArk willing to go and innovate and drive forward. And then CyberArk's culture, for me, I always look at culture. Can I count on this company to be there? Can I count -- is there a culture such that they'll support me? Or are they just trying to drive revenue at the cost of me, the customer? And CyberArk has been a company that I'm sure they're driving revenue very nicely. But as a customer perspective, they're driving as much value to me as I'm pushing in their direction as well. So...

I totally agree. When it comes to customer request enhancements, we've had a few that have gone through without any problem at all. When you request those and you're really building out what you -- or they are building out for you what you need, it really shows a really true partnership that we have with them. We've -- you talk to different people, and they're like, "Oh, well, we'd like to replace you with this." And there are very few products out there that you sit there and you will tell your senior leadership, whomever, that know we can't replace it. And because of CyberArk's partnership and where -- how they're so well ingrained into our processes, it's one of those products that it's there. It's a long-haul product and it's a long-haul partnership.

Wonderful. Glad to hear it. Let's switch gears to cloud strategy and cloud security. Jay, we'll stick with you. Can you tell us how CyberArk fits into your cloud security strategy?

Absolutely. So getting on-prem privileged access work really well. Identity security worked really well. As we started moving forward and the cloud came to be really in just the last 2 years for so many of us, it started moving very quickly, and things got ahead of whether it's your identity security program, a lot of things, because cloud was about speed. Fortunately, in the last 18 months, we've now caught up with that, and we've got CyberArk very deep into our cloud strategy. You are not able to get into one of our servers or systems in the production environment without going through CyberArk. A really nice thing about cloud, AWS, Azure, Google, is you have the ability to create controls that only allow access from a certain area. So even if you have access of active directory rights to do something at this level, you're actually able to take that down and only allow it if it's coming through a certain endpoint. So we've taken CyberArk and we've used it for access to all of our cloud access. Really, moving forward, looking at the cloud access platform that CyberArk has really just been pushing hard lately and having that next front door access also go through CyberArk. So this is taking anybody who's going into the console for AWS, anyone who's going to the console for Azure. That's also going to be protected by CyberArk. So it's very core to our strategy.

Yes. For us, we've been cloud first for quite a while. We're probably 80% in the cloud now. One of the things we're coming to realize is that as clouds sort of hit market saturation, we expect that they're going to start jacking up price to drive revenue. There's some things we want to lock into, but there's some things we don't want to lock into and we want to be able to stay nimble and choose the best Cloud, Azure, AWS, GCP, whatever. And one of the things we're doing right now is identifying a common stack, technology stack that will allow us to be nimble. And then if Azure has something that is really best of breed, we may lock into that one thing, but we won't be locked into any cloud. CyberArk is a key part of that from our development strategy, our supporting controlling identity in the cloud and all of that. The other thing is that we are an on-prem user right now, and that's been a great product. We found value in going to the cloud, and it allows us to sort of to upskill our engineers so we don't have our engineers doing day-to-day routine tasks, more they're really developing and evolving and staying pace with what's the art of the possible. So we're seriously looking at going to the cloud solution that CyberArk has provided. And again, also, it gives us the resilience more and more your disaster recovery and resilience isn't -- can you rebuild the server? It's what is your -- do you have a multizone strategy, multi-tenant strategy? Are your core services in multiple places? Like with CyberArk, we're already building out across 2 zones, 2 regions, 2 different tenants. So that's something that's very much high on my radar, and we'll be going there over the next few years.

Amy, can I add to that? So CyberArk on-prem has worked wonderfully for Aflac as well. But we've already started that move up into...

Privilege Cloud.

Privilege Cloud, so many different terms. So we've started to move up to Privilege Cloud because what it's going to give us is that best-in-breed technology without that best-in-breed weight on the back. Managing any type of a large platform like CyberArk, it takes a lot of work. It takes a lot of specialty -- specialization. It takes a lot of hours. Taking that and being able to hand that back to the expert to handle that entire back end and we just get the goods that come out of it is just going to be a huge benefit for us going forward.

Absolutely.

That's great. That's great. So we talked about new environments. Let's talk a little bit about new identities. So starting with PAM, I think you both have taken what you've done there with CyberArk and moved to different identities in your infrastructure and your organizations. Can you talk a little bit about how you've done that, Brian, move from PAM to new identities by using identity security from CyberArk?

So PAM was sort of table stakes, if you can't lock up your admin accounts. So we started that about 2015 to make sure we have security and people can't do bad things with our superuser accounts. We used their product AIM for our legacy, and then we moved to Conjur because it gives us the ability to rapidly log in, log out for our high-performance systems, our DevOps. And all of our secrets that are in that DevOps pipeline are kind of critical to lock up. And you can see with SolarWinds, they didn't have those secrets locked up very well, and there was a major compromise of their supply chain. And then it's sort of back to Workforce Identity. They really allows us to lock down our workforce. But some of the things that CyberArk is moving forward with is their passwordless log-on using the QR code. They have some pieces of that rolled out. They're rolling out the rest of it coming soon. We're -- I'm very much an early adopter for some of those capabilities, and I think that will position Healthfirst to really be able to do passwordless across multiple platforms, whether it's Linux or Windows or Apple or whatever, and really make security more transparent to our users. And that's really one of my holy grails. And then the other thing is with Workforce Identity, we have a lot of call centers. We've been able to set up our users in the call centers, set up their applications. They don't have to enter their passwords in every day. We've seen -- I'm actually getting calls from the call center, my peer, the VP there saying, "We want more of it. We need to get to offshore on." Well, it's reducing our call center cycle times and increasing productivity by about 20% in our case.

Great. Wonderful. Jay, over to you.

So I'm really bad about using PAM to really do -- to be my umbrella word for my identity security program, just what we've always called it, PAM. But going above the PAM account, really, in the last few years, we've gone to utilizing any capability we can to make sure that a password is never seen by anybody. We're doing it, whether it's in scheduled jobs and its applications that we're building on our own, whether it's using the different connectors that are in the CyberArk store. So we've really started moving service accounts, we call service accounts, into our privileged access program in the past 2 or 3 years. We've also moved to our third-party privileged access. So when we have people who are having to come in just to specific systems, we started using CyberArk Alero about 3 or 4 years ago, 3.5 years ago, I guess, when it came out, and really bringing vendors in to our program. And they may not have a massive amount of privileged access to a system, but it gives them very specific access to the system they need. And we're able to get them in, in a very short period of time. So we're really trying to move any identity that we can that's having to come in and get access in our network to something within our identity security program.

Wonderful. Well, with that, we are out of our time, but I want to thank you both for joining us. It means the world to us. And thank you for your time and for being great partners with CyberArk. And thank you all for listening.

All right. And now we are going to be moving up some incremental chairs, and the team is going to come up now and open it up to a question-and-answer session. So ideally, the way this is going to work is we have 2 microphones that are going to be on either side of the room. If you could raise your hand to the extent I can see who's raising their hand with the light, we'll call on you. And if you could just say your name and your company, that would be super helpful for the folks and the team on the webcast, and then ask your question. That would be perfect. So the team is coming up. All right. Saket, do you want to go ahead?

Saket Kalia at Barclays. Maybe, Matt, for you. Lots of great stuff just on TAM through the session and innovation just through the day from the whole team. But I was maybe wondering if you could just touch on one topic, which is just could you help us level set a little bit on competition, right? I guess the question specifically is, what are you seeing competitively? And sort of how are you thinking about just the broader platform, which was a key topic today? How are you thinking about that as a differentiator for CyberArk?

Sure. Sure, Saket. So I think here, first, if we start in PAM, we have never seen a better environment for us around how we compete in that core market. The PE-backed firms that are really the competitors in that space continue to do what they do. They undercut on price, and they compete effectively as #2 and #3 to get into RFPs. But our overall win rates against them continue to improve, and our ability to be able to actually, in our mind, take share in the PAM market continues. And the new entrants into PAM haven't been able to bring forth a credible PAM solution and really take the fight to us from a PAM perspective, which brings us obviously to certain competitors in the access space where we've taken the fight to them. And you heard me talk about earlier that we believe we can differentiate ourselves now, wasn't always the case. In the access market, with the notion of these security bodyguards, workforce password management, secure web sessions and the ability to be able to tie MFA and SSO into this platform strategy, into an overall identity security approach and to talk to customers, like you heard Brian talk about, which is this idea that if everything is tied back to a security-first mindset, he can feel more secure when it comes to the workforce and securing the workforce itself. So from there, you've heard me say it a lot, we're fighting from behind in the access market. We have big competitors in that space, but we believe we're winning more than we're losing, and the win rates are going up considerably from where they were just a year ago. And then clearly, in the secrets or nonhuman space, you battle with 2 things. Everyone talks about Hashi and HashiCorp and their kind of embedded vaults within their developer tools, but it really much more comes down to the secret stores that sit within the cloud providers, AWS, Microsoft, GCP. And you see development organizations at the workgroup level start to adopt those secret stores as part of their development life cycle. The problem, as we talked about this morning, a lot is it actually leads to vault sprawl where each individual CSP or each individual development team is standing up their own secret store. And security comes in and looks at that, it's the same thing that, by the way, happens with Hashi, and they say, "We can't possibly manage all of these vaults." And so the ability to be able to leverage the CyberArk approach, the back-end central sequence management is how we compete. And clearly, with our partnership with AWS and now with the availability this morning that we announced of Secrets Hub integrating with Azure Key Vault, this allows us to be able to be side-by-side with the tools that actually developers like to use. So across the board, that speaks to what we think of as a very strong competitive position. And the ability to bring forth the platform story with our customers puts us in a place where we can talk to them about their longer-term footprint, their longer-term road map and set up a strategy for growth.

And one other thing before we kick off a good too deep. You mentioned security first, and that gives me a perfect opportunity to introduce Omer. Omer Grossman is our CIO. He has joined us on the panel today. And I was hoping that you would share a couple of minutes about your background, because I think it plays so incredibly well into our approach around security first, that if you could share a couple of minutes, so folks know where you came from, that would be great.

Great. Thank you. Well, I join CyberArk 6 months ago, actually, 6 months ago this day. I came after 25 years of service in the Israeli Defense Forces. I retired as a colonel. My last 2 leadership position were the head of the biggest cloud service provider unit in the IDF, the on-prem top-secret cloud, hundreds of Israeli soldiers operating probably the biggest IT infrastructure in the Middle East. And my last leadership position was the IDF CISO. So encountered several big cyber actors in this domain. And I think one of the most prominent pillar in my strategy is security first, as Erica mentioned, using our own products. We call it drinking our own champagne, implementing best practices and keeping CyberArk secured.

That's perfect. So if you have any questions about the environment, he's definitely the person to ask. Adam, if you wanted to go.

Great. Adam Borg with Stifel. A great day today. Maybe, Matt, on the innovation front, the Secure Browser this morning, I thought, was an interesting new announcement. Help us understand -- I know it won't be released late this year, but maybe help us understand a little bit about, a, how does this differentiate? Like why will customers want this? And is this something that's really targeted to the IT folks or really broader workforce deployment?

Yes, sure. I mean you could tell by us talking about this morning, we are extremely excited by this innovation. At one level, it's a simple innovation, right? And there's others out there trying to solve it in the market, which is updating this legacy enterprise application into an enterprise-grade security tool. Our belief, though, is that fundamentally, our approach is differentiated here. Our ability to be able to offer the configuration of role and application within the environment, so that the IT and security teams can actually set up the browser to work for specific people, for specific applications or for any combination of the both. When a normal user was browsing the web, they should use their browser of choice. So we are not trying to replace the icon on the desktop. So everybody has to use the CyberArk Secure Browser. But we want the IT organization to be able to implement the policy that when certain users or certain applications are being accessed beyond just the identity security apps that sit within our portfolio, that they can configure it so that they only work with the CyberArk Browser. For those of you who missed the announcement, the CyberArk Browser allows for cookieless browsing by centrally storing browsers on the CyberArk server. It allows for the opsification of passwords by using a onetime security key, and it allows us to be able to set up an ability to protect against one of the most dangerous attacks, which is session hijacking. So we see it as a way to be able to extend our platform, to be an inroad into our platform, let's say, it's the eyes into the platform that people will use. It's also an ability to be able to download it onto desktops and actually see that landing strategy both in the enterprise, but also down market into the mid-market and SMB. And we think, it's early days here, that the combination of the CyberArk brand and the trust that comes with that brand, combined with making sure that people don't have to change their behaviors at all, will be a winning strategy for us as we bring it to market.

We'll go to Josh and then Alex.

Josh Tilton, Wolfe Search. Thanks for the question. You guys highlighted a bunch of different tech reasons as to why you win today. But my question is, in a macro where ROI is just so important, can you maybe talk to some of the pricing levers that you have to entice customers to go all in with your platform instead of choosing some of these other providers or competitors today?

So I'll jump in. We'll make sure that other people answer besides me on all the questions, but that's probably my specialty area here. So when we think about how we bring the platform to market, absolutely, the notion of being able to bring together packages that combine different parts of the portfolio to allow customers to be able to consolidate down their spend, increase their spend with CyberArk, but decrease their spend across the portfolio, is absolutely one of the things that we are bringing to market. We bundle in our access portfolio into some of our core PAM offerings. We're actually including seeding of some of our Secrets Hub and Secrets Management now included in those packages. Actually, our DPA, our Dynamic Privilege Access service, comes with some of our high-end PAM packages that get them started on the cloud journey. And by packaging around those elements, we're able to actually come to customers and take an ROI-driven approach. What's your total cost of ownership of all the tools you're using? We can actually drive that down. And in a lot of ways, to be honest, sometimes we structure some ramp-type contracts, so they can get off their legacy tools, get on to our technology stack and increase their spend gradually over time because they're already a captive audience. So we do feel like we have the ability to be able to leverage our strong position to capitalize in this macro environment. And we also see the renewals that are coming in as a great opportunity to be able to upsell.

And then Alex and then we'll go to Roger.

Great. Alex Henderson at Needham. I actually have 2 quick questions. I just wanted to go back to the browser for a second. Can you talk about who you think you're going to displace with that product? I mean does that impact the CASB players? How do we think about the pocket of money it's coming out of? And then on the pipeline commentary, you have great statistics at the top of the pipeline, 50s, 55%, 60% kind of numbers. But there was no numbers at the bottom of that pipeline. And I'm wondering why the numbers were left off there. Is there a reason why you haven't identified the rate -- year-over-year rate on closures of those deals? Is there some other issue that's between the top of that pipeline and the bottom of that pipeline that caused the numbers to be left off?

Yes. Sure. So maybe I'll answer the first one, and Simon, you want to talk about the second one besides just telling you that Erica won't let you put it there. But I think when we think about the Secure Browser, I don't think we're displacing anybody. I don't think the Secure Browser itself, by the way, is a monetization play. It's not going to make us hundreds of millions of dollars of ARR in and of itself. That's the beauty of us doing it versus a stand-alone company that actually has to monetize it for it to be valuable. What we are able to do with the Secure Browser is offer it as an enterprise-grade alternative to using, for example, enterprise chrome or not securing the browser. And by virtue of basically allowing our customers to use it as part of the platform, we're then able to sell them the embedded services that are built into the platform like secure web sessions, like workforce password management, like eventually our EPM solution. So think of it as a Trojan horse into the enterprises where they can start to use our browser to be more secure. We don't need the money that comes along with the browser itself because they're going to start to buy the services that are embedded in. And it's a unique position compared to some of the stand-alone browser companies, Secure Browser companies that are out there. Simon, do you want to answer the second one?

Yes, I'm definitely very excited about. We didn't put everything on the slide because, actually, what we didn't tell you is we have a lot of volume, a lot of volume. Volume on the pipeline side, as a record selling. We didn't put a number. I wasn't allowed to show the number, but recasting on pipeline, which I think feels good when you're a CMO because when people look at you say, "Okay, what are you doing?" What I'm doing is helping generate pipeline. The leading indicator to that leading indicator, of course, the meeting is really growing, and we really measure that. We have so much volume right now that our focus is to convert that even further. And this is where the partners come into play. Yesterday, we had that opportunity to talk to 300, 400 partners and really asking them to really commit with us to take that volume and convert it better. So our engine is working pretty well, actually. And I'm pretty proud of that. There is nothing to hide. I can just tell you that the momentum that we are seeing coming our way is pretty impressive.

And let me just -- I'll add one thing because I'll bail Erica out for a second. Erica doesn't like us to divulge certain statistics that they know -- that she knows that if we divulge it, then you're going to ask it every single quarter. So if we give you our pipeline growth rate, then you're going to ask for our pipeline growth rate every quarter. I think we're sitting down in a special place. We talk about record pipeline growth. The pipeline growth we saw in Q1 was equivalent to the metrics that you saw on the upper part of the slide. We have more pipeline coverage going into this year than we've ever had before. We're conservative a little bit in how we think that will convert because of the macroeconomic environment, and we want to take that into account. But just to be clear, he could have put the exact same numbers on pipeline growth and we would be fine.

Perfect. And I think we went to Roger and then we can go to Hamza after.

Awesome. Roger Boyd with UBS. Probably another one for Matt. Sorry, Matt. On MSSP, it's still early days, but if you think about this path from 8,000 customers today going to this TAM of 75,000 organizations, what percent of that do you think that you need to rely on MSSP partners to get at? And any statistics on where you think you are today would be helpful.

I would tell you that the industry suggests, the industry analysts, the kind of people who are out there analyzing this, they seem to think that about 30% to 40% of all cybersecurity spend will go through MSPs within the next 3 to 4 years. That's a remarkable statistic, right? So if you own -- if you're the backbone of an MSP, then that means as they consolidate the market, you'll be brought, first and foremost, to customers. So that's how we look at the market. So we don't know if that's exactly right or not exactly right, but we do see that as probably the best way to land new logos in the environment that we see going forward.

Hamza Fodderwala of Morgan Stanley. Josh, a question for you. You look pretty quiet there. So CyberArk has always been a very profitable company. Prior to the transition, you had over 30% free cash flow margin. You gave your long-term guidance for 25% free cash flow margin. I do understand that you do have the higher hosting costs with the SaaS solution, likely some decrease in duration as you move more to annual deals. But you do have more scale. You talked about more leverage from upselling a larger renewing base. So can you help square that for us? I mean could free cash flow margins be higher than your 25%?

First of all, yes, it could be. We set out our long-term model based on the 25%. But the things that are going to drive that are going to be -- and when we think about what could impact it, first of all, renewal rates. So to the extent that we can -- we do better than what's in our model for that 25% that can drive higher cash flow. Also, the billings rate can drive higher cash flow. One of the things that we want to be careful of, 5 years in advance, is also to know what is going to be the full billings, what will be the billings route. Today, we know that we're billing like a normal SaaS company. When we go out and sell, it's annual contracts, annual billing. That doesn't mean that as we bring out more solutions or customer behavior changes, that, that type of building might change down the road. And we want to be able to have some flexibility there. But we're -- I think as we pointed out, both Matt and myself today, we're confident that if we think about the 20-plus operating margins and to the extent that it's plus, it would also could be a plus on the 25% as well, getting -- even getting and matching where we were as a perpetual company.

I think, Eric, you had a question. And then we'll go to Madeline.

Eric Heath with KeyBanc Capital Markets. So I guess for kind of the team here, just understand, obviously, the home field advantage that you have kind of with PAM and selling that cross-selling to the base with secrets management and access management. So that clearly makes sense. But how do you transition to more of the story being landing outside of PAM first? How do you get the first right refusal, if you will, in terms of aligning with those additional products?

Yes. I'll jump in there, and then maybe Simon wants to talk about it as well. But for us, it's establishing the differentiation points that we've been working on. We weren't going to win in access if we were just a me-too in access. We had to actually establish an ability to be able to talk about ourselves being different in access. And I think we finally have established that point. And now it's about ramping up the sales channels and the partner ecosystem to be able to go after that. I think a secondary thing is our ability to be able to, as a company, talk about these other areas in a more meaningful way. We have to shed our own PAM skin as well and be ready to be able to approach the market in an identity security approach. Something like cyber insurance we talked a lot about on other calls, it actually introduces a landing spot of EPM really nicely because it puts in place some fundamental controls very quickly in time for an audit. So I think as you look at each individual element, you're going to see us ramp up our ability to go do that. I'd be very surprised that, that 85%, 15% holds up for much longer. I wanted Simon to comment on it because, actually, what we call Simon is the new logo guy. Like that's what he's known at. He puts out outrageous targets that even his team can't believe, and then he goes and tries to hit it. So maybe you want to comment on new logos.

Okay. This is definitely my obsession. And by the way, when I talk about meetings, there are new business meetings or not all the meetings. We generate more than that. But this is what we call to be precise pre-opportunity meetings and meeting with someone that we haven't created an opportunity with, so a new logo or a new opportunity for an existing account that hasn't been identified before. So definitely, the mindset is there. The new business for us is extremely important because we build that engine. And even if we -- you saw the little segmentation that's been presented, the pyramid here. There is definitely between the enterprise part of the major and the core part of it. This is where marketing has so much white space. We talk about 75,000. 75,000 accounts. It's amazing for me as a marketer to be able to go after that, surround each of these accounts, being super targeted surgical to really identify every single opportunities. But also from an inbound perspective, what I'm seeing right now coming our way by just executing our digital campaigns and programs is pretty impressive. Like the down market, I have a number in mind because I just looked at it a few minutes ago. We are talking about thousands and thousands and thousands of leads only it's coming our way just since we started the year. So it's really important for me to look at that and tell you that the leading indicator to the [indiscernible] is volume is there. Now from an execution perspective, this is where we have been really, really focusing a lot since last year. And from an enablement perspective, we had a big kickoff focused a lot on that is giving the confidence that this go-to-marketplace that I chair, the 8 plays that I shared. And with each of them, we have about 26 different use cases. They are extremely actionable for everyone in the company as customer actionable for each of our partners to go and articulate that same value story. You can start at a pillar level, if you want, with cloud security. You can start at the EPM level, if you want, or you can just have the holistic perspective around identity security and leverage cyber insurance as the first lever. I have another angle around Zero Trust, if you'd like. But this actionable framework that we've built is really the one that we are executing on a daily basis. And when I mentioned we have 3 campaigns a week, in some markets, it's about 5 campaigns a week in 1 market. So the machine is really, really generating a lot of return for us at the moment.

We're going to Madeline, and then we'll finish up with Jonathan Ho.

Madeline Brooks from Bank of America. So my question is really just around the broader platform strategy. We see a lot of companies right now like Okta and Thoma Bravo-led PE deals, everyone is trying to make the identity platform. So what's the strategy here really honing in on PAM versus saying we're also going to do what SailPoint does, we're going to go do access management more broadly? And then one more follow-up to just on the channel partners as well. Can you just help us quantify the success of the channel? And have you begun to see larger deals as you invest more there? And just what that trajectory has looked like?

I'll answer the second one, and then Clarence can jump in on the platform discussion here. But from a second one, the short answer is about 80% of our business goes through the channel. They're able to drive the biggest of deals actually in the quarter. They're also able to cover us from a distribution perspective, down market into the SMB space. We're very proud of the channel ecosystem that we've built. They deliver more than 90% of the services that are out in the economy, and they're able to actually implement on their own, drive value. So our overall partner play continues to grow. As we talked about earlier, MSPs will be a critical part, and we're excited by the channel program.

So on the identity security platform side of it, just from the conception, this was never about just coverage of different types of classic IAM. It wasn't about, "Oh, I'm going to have access management and PAM and IGA." We actually saw a gap in the market where you had management of a broad set of ideas, but you didn't have the real focus of security. That's something that actually came to the market. If you think about classic access management players, they didn't really think about security. Even on the IGA side, that wasn't the reason to be. It became something where they provided protection by default, security by default. So they kind of backed into it, but that leaves a wide array of things open where you're not taking an attacker-based mindset. When you're not thinking about defense in depth, that's where we are born. That's how we've always considered protecting our data, starting with the most privileged, the most powerful, and we just saw a need in the market to take that discipline, that thought process to the broader set of identity. So again, it's not just checking boxes in terms of being in markets, it's starting from the most privileged users and then going outwards. Like when you think about the workforce, how do you apply intelligent privileged controls? Again, it starts with secure access and then post authentication monitoring and control. That's not something that's part of classic access management. That's something new that we're introducing. The content of the security bodyguards, there are only 2 right now. That number will continue to grow. This -- now that we're solidly established in these multiple markets, you will see more separation between us and what's classically been access management, for example. And again, not going to governance, but there are aspects of identity management that will be central to our identity security approach and our strategy. And all of that will be baked into our platform over time. That's what drives our road map and our vision.

And I'll just add one element, sorry, which is I just want to make sure it's clear. We are the only identity security platform in the market. Okta has talked about coming into this market and launching a PAM solution that's not been launched yet. Thoma Bravo has consolidated a bunch of parts, and we don't even know what they're going to do with those parts in order to knit them together into what solution is going to be out there. So we're very proud, and you hear me in defending it, that we are the only identity security platform. There'll be others to come, but we believe we have a head start as we build out this identity security market.

Great addition. And last question is going to come from Jonathan, please.

Jonathan Ho with William Blair. Matt, you're coming into the company at a pretty critical time here with the transition. When we look at your 2027 targets, what maybe has to happen from a structure and scaling perspective in order for you to make the $1.6 billion target?

Yes. Thanks, Jonathan. And I think about it 2 ways, and anyone can jump in here if they want as we wrap up. But when we think about the idea of what has to happen to get to the $1.6 billion, I want to start from there are things that are going to go wrong, and we'll still hit $1.6 billion. The $1.6 billion, if you look at the overall TAM, we talk about this internally all the time amongst our team, we should be beyond $1.6 billion. But nobody executes perfectly. No one can capture all opportunity. But we believe that, actually, we've haircutted that opportunity down to $1.6 billion to take into account that we're competing from third place in access. And we do have formidable competitors in some of the other spaces that we have to go after. And ultimately, then when we achieve the $1.6 billion or beyond, it will be because we're able to execute on what this team has talked about today. Peretz has talked about investing in a platform and making that platform real. Simon's talked about creating an engine and changing the brand of CyberArk from PAM to identity security. Clarence has talked about the ability for us to actually be able to be a consolidator of trust. We talked about me and my [ Chris ] hat on the channel partners and the ecosystem. If we do a strong platform, a marketing engine, a strong partner ecosystem and continue to be a consolidator of trust out there, then the 2027 goals are conservative, not aggressive as we move forward.

And I think that's a perfect way to wrap it. And so, Matt, I'm not sure if there's anything else you want to say. I definitely want to thank everyone for coming today, but...

I want to echo that. I want to thank everybody for joining us. I know many of you talk to me. You actually got a chance to meet with customers at lunch, in the hallways. That's wonderful. We want you to talk to our customers. They're great customers and partners. And we really appreciate your support and participating in the event. So thank you.