Qualys, Inc. (QLYS) Earnings Call Transcript & Summary

All right. I think we're going to go ahead and get started. First of all, good morning. My name is Douglas Bruehl, and I'm an associate on the software research team. With me this morning, we have the privilege of hosting CEO, Sumedh Thakar and CFO, Joo Mi Kim, both of Qualys. So we'll do about a 20-minute Q&A session up here and then save the final 15 for any remaining questions from the floor. So welcome to both of you. Thank you so much for being here. For those not as familiar with the Qualys story, can you give a brief overview of both the platform and the business?

Yes. Brief is going to be hard. I've been at Qualys for almost 20 years, but Qualys, we are a cloud-based cybersecurity platform that provides enterprise cybersecurity solutions as a platform to some of the largest enterprises in the world. And essentially, we provide our customers the ability to mitigate their cyber risk and monitor their cyber risk. And what that means is we help our customers and the largest enterprises in the world find all their assets, detect risk, mitigate the risk and then monitor them for any malware attacks, et cetera. And we do that off of a single organic platform across cloud container, remote endpoints as well as IoT and OT environments.

Great. So last year, you announced the acquisition of TotalCloud for cloud workflow management as well as automation. How does that fit within your platform?

Yes. So 1 of the key capabilities that Qualys has really provided our customers for a while is Vulnerability Management, Detection and Response, which is VMDR. And this is the ability for our customers to discover assets and then ability to find all the vulnerabilities across all of those assets and then prioritize the most critical ones that are being exploited actively and then remediate them. And so as the last -- in the last few years, attacks have become sort of more and more frequent and exploits are getting exploited much faster. It's becoming very important for customers to reduce the amount of time that they're exposed with the vulnerabilities and figure out ways to bring automation in the remediation workflow. So there's many different things that our customers leverage from Qualys, including Patch Management and the acquisition of TotalCloud really was bringing very niche technology that helps our customers understand their vulnerability exposure in the cloud environment as well as providing ways for them to create workflows that bring automation to reduce the amount of people that have to manually go and look into how to get their issues fixed. And so TotalCloud has been integrated into the Qualys platform, especially around VMDR and our CloudView solution. And that's really helping our customers create drag-and-drop workflows on how they can address vulnerabilities when they come up and critical vulnerabilities and how they can get into remediation and then the operational side, of creating tickets, et cetera, so that they can really reduce the amount of time that they're exposed with some of these exploits that are out there.

Great. And can you talk to us about EDR 2.0, so what features are included within this new platform? How does it offer tangible benefits versus the prior version? And how does it integrate the minor attack threat context mapping?

Sure. If you look at where EDR sits in the overall cybersecurity strategy, it is sort of your fallback to be able to detect if somebody is actually on your assets and attacking you, leveraging malware. And so typically for an organization when they have an EDR solution that is blocking an attacker on the asset. That's obviously a very important functionality, but it also means that some of their risk mitigation capabilities failed and did not work as expected, why -- that's why the attacker was actually able to get through the environment onto the box. And so with Qualys having VMDR deployed a lot of customers. We have 70-plus million agents out there. The ability for customers to leverage the same agent that they leverage today for vulnerability management to also be able to monitor their assets for malware and which is the EDR capability. That makes a lot of sense. And so last year, we had our first version of EDR that we launched where customers could leverage the same agent that they already have, to reduce the number of agents that they have and have the ability to monitor malware. We learned a lot through our experience with our customers and feedback that we got early on. So we released the 2.0 version early this year, and that version not only focuses on sort of what your garden variety EDR does, which is detecting malware, but also helps organizations reduce the risk of getting compromise and mapping the attack that they are seeing back to vulnerabilities and misconfigurations that actually led the attacker come into the organization. And so by reducing that, they are able to very quickly pivot and then be able to not only detect the malware, but also have the ability to figure out how the malware got on to their assets and pivot to find other assets where they need to put mitigating controls. So they don't get exploited on other assets and really bringing it all on the same platform. So today, in the best-of-breed approach, customers are deploying too many agents that they're not happy with too many different solutions. And at the end of the day, as a customer, you really never deploy an EDR agent on an asset that you're not also patching. Because if you're trying to protect the asset from getting malware then you need to also patch. And so that's where we believe that Qualys has a very compelling solution that brings EDR, Patch Management, Vulnerability Management and asset discovery together with a single agent, helping customers not only block -- and detect and block malware, but also ensure that they put mitigating controls in place upfront and patch their systems so they actually reduced the opportunity for malware to get on to that. So EDR 2.0 release really has been about not only mapping to the MITRE attack framework, which we do. And we also participated in the MITRE evaluation recently, but also the ability to give a more holistic end-to-end capability of risk mitigation and not only the detection part that comes at the end.

Great. So that's a good segue into sort of a higher-level question of what differentiates you from other SaaS security platforms in this market?

Yes. I think most of the SaaS security platforms we see out there today are very focused on sort of best-of-breed approach and customers at the end of the day, either they only do EDR or they only do Vulnerability Management or they only do asset discovery or they only do Patch Management. So the way we have developed our platform and the capability of a single agent and a single platform to provide multiple of these capabilities, I believe is a differentiating factor for us. So customers are able to do -- they're discovering all of their assets so that they can actually protect them. Then discovering all of the vulnerabilities and misconfigurations, leveraging the same platform for mitigating by actually providing patch management capability, not just reporting those and then monitoring if those assets are getting malware and then doing that in cloud container as well as remote endpoints. That's really, I believe, how we differentiate ourselves from other platforms that are either EDR-only or Patch Management only. And today, customers, a lot of the CSOs that we talk to, they don't want to have so many different platforms and so many different agents. And so the way we differentiate is going back to our customers and providing the ability to reduce the number of agents, the number of experts that they need for different solutions and then be able to really concentrate their security and cybersecurity efforts on a single platform, single agent, which is a different approach than having multiple different best of breed where they have to get experts and then they have to get developers to pull all the data into a single spunk or something like that to see the visibility. So we provide unified dashboards and unified views across the entire environment in the same platform.

Great. Thank you. So shifting a bit into the financials. So over the past year, you've held sales and marketing relatively flat as a percentage of revenue. Does this imply that you've achieved your desired level of growth? Or is there something else?

Yes. We look at the market, and we see significant opportunity out there in the market. I know that the sales and marketing expense relative to our peers has been lower. It's always been that way. With that said, we think that there are opportunities for us to increase investments, and we've guided to that for this year. And so we expect that the increase in incremental spend to be heavier weighted towards the second half. I think that with the increase in investments, we should be able to further accelerate our growth and continue the momentum.

Okay. And partner revenue accounts for over 40% of your total. How do you balance this between your partner channel versus your internal sales? And how do you sort of frame how much of that mix you would like?

Great question. So this is one of our kind of strategy sessions that when we are talking about our go-to-market strategy that we emphasized this year since our priority is in the GTM market and accelerating growth and driving that growth for the business. How we thought about it was, in terms of the mix, 60% coming from direct sales force and 40% coming from partner, we don't necessarily see us targeting a certain percentage. We are increasing our relation -- like our interactions with the partners out there and enhancing our partner programs. Because how we see it is, increasing our sales force will have an impact on our growth rate, but that's going to be lagging. If you're talking about an immediate return to that growth rate, I think a lot of it will have to depend on our ability to work better with our partners, leverage their distribution channel out there to increase our local acquisition. And that's really what we're driving towards this year when we announced a new partnership program last quarter.

Okay. And in this most recently reported quarter, first quarter of '22, your operating margins expanded by 300 basis points, what factor or factors are driving this?

I think that's a testament to our strong operating model. We've always had very high profitability. Specific to Q1, our revenue grew by 17%. If you take a look at our gross margin, which has always been in the 80 percentage range. A year ago, it was 80%. This year, it ended up being 81%, so that's 100 basis points there. And then on the operating margin, most of the improvements came from the G&A, with G&A now being 6 percentage of revenue versus 8% that was due to lower third-party expenses.

Okay. And then shifting to cloud a bit. Can you talk about ways to improve growth and strategy for the cloud and some potential drivers like federal spend?

Yes. I think we are in the early innings for a lot of organizations as they're continuing to look at cloud and multi-cloud environments to migrate workloads into what we see a lot of customers are going for multi-cloud environments, and they're going for a hybrid cloud environment where they continue to have some amount of on-prem presence and some amount of cloud expansion. And that's sort of where they look at a partner like Qualys, who has been with them for their on-prem environment that has worked with their auditors to provide capabilities that they can actually take their workloads and take the same kind of security and compliance capabilities into the cloud. And so that's why a couple of years ago, we announced our CloudView capability, which essentially helps customers look at their cloud misconfigurations in addition to their on-premise configurations, which is the CSPM or Cloud Security Posture Management capability. And then additionally providing ways for them to keep a tab on their workload that is running in the cloud itself or any vulnerabilities, EDR or patching needs that they have. So really helping them bridge the gap because they don't make a switch in 1 day to suddenly go from no cloud to all cloud. So they need a migration path and they need a way for them to have technology that will work with them. So we've created the capabilities and innovated around that on the platform to provide cloud migration with the cloud agent capability, but also with DevOps and CICD pipeline assessment and scanning, which is a big part of what customers are looking for when they move to the cloud. We recently announced the ability for us to scan their cloud formation template as an example, to really shift security as left as possible. And so that's sort of how we work with our customers today is continuing to be -- work with them to help them migrate their workloads and the security that goes with it from their on-prem solutions into the cloud solutions as well. And then I think from the government perspective, I think the push that we're seeing from the government in terms of the bulletins that CISA has been putting out is really highlighting and being a lot more prescriptive about what are the key vulnerabilities that are being targeted by attackers actively. So we're seeing more and more of those coming out from someone like DHS, CISA and -- which is -- really highlights the importance of the Qualys platform because all those bulletins really talk about, which are the key vulnerabilities that need to be patched immediately. And that's the big differentiator, we believe, for Qualys is we're not just reporting on vulnerabilities, but we're actually helping organizations patch. And those directives that CISA is putting out is not just for federal agencies. Obviously, Qualys, we are FedRAMP certified. So we do have some federal agencies that leverage us. But a lot of the private enterprises, they are taking and following the CISA guidelines to track these vulnerabilities and make sure that those units are getting patched and us providing those abilities to directly into the platform with CISA dashboards, et cetera, so customers can immediately 1 click focus on identifying those issues in their environment and getting them patched. I think that's really what is the differentiator from our perspective. So I think cloud migration is something as we will see more and more happen. We believe we are well positioned to work with these customers to help them migrate their workloads into the cloud.

Great. And then you just mentioned your FedRAMP certification. How does it gaining that affect your total market opportunity and sort of the different revenue streams available to you?

Yes. I think today, I would say that federal is not a huge part of what we -- our revenue is, but it is an area of opportunity. And so getting FedRAMP certification is an important step in as government agencies themselves are working more towards moving solutions that they use into the cloud, having a FedRAMP certified solution or FedRAMP certified partner that they can leverage solutions from does help us set up for potential opportunities in the future with federal agencies. Where they would be looking for instead of deploying more on-prem software, they will be looking for FedRAMP certified solutions. And the good thing about the platform because the entire platform gets FedRAMP certified every single capability, whether it's Vulnerability Management, Asset Management, Patch Management or EDR or Container Security, all of those capabilities are FedRAMP-certified every time we add a capability to the platform because the entire platform is FedRAMP certified. So we are excited about the potential opportunity that we have there in the future, and that is something that we continue to work through our FedRAMP certification to leverage that for getting into additional agencies.

Great. So when you look at customer profiles within the U.S. versus international, how do those contrast? And then sort of longer term, how do you see the opportunity in the U.S. versus, say, EMEA or APAC?

I think the -- we see little bit more entrenched architecture in the U.S. enterprises because they have had -- maybe they've been early adopters of security architecture and best-of-breed. So they have built a lot of workflows and capabilities around those architecture. And so we feel like there is -- takes a little bit longer for organizations, the large organizations in the U.S. to make that switch or make that move into -- moving into more newer, more SaaS-based platform and the cloud migration does give them that opportunity I feel a little bit more. Outside the U.S. there is -- because they don't have that much of a preexisting deployed entrenched solution, they have a little bit more flexibility into moving directly into SaaS-based solutions for their security and rearchitecting their platform because they don't have that much of a legacy technical debt that they have to overcome and rebuild to get into that direction. So I think the opportunities -- the way I look at that is IT infrastructure now is sort of democratized with public cloud. And so enterprises all over the world are leveraging similar capabilities, similar IT solutions. And so the security solutions that they need to secure those are fairly similar, no matter which part of the world that they are in. And with us having the advantage of having multiple of these capabilities built into the single platform, I think that does help customers who are looking to now go into a new direction or migrate to the cloud to leverage something like Qualys right out of the back, when they're looking at rearchitecting their security stack. So as I've talked a little bit in some of the earnings call, as examples of new customers that are coming on board to Qualys, net new customers, they are actually looking to rearchitect their stack, and that's why their very first purchase with Qualys now is multiple solutions, in many cases, not just looking at Vulnerability Management, but they will say this is an opportunity to rearchitect by getting a solution that also does Asset Inventory, that also does Patch Management, that also does Container Security. And they see that as an opportunity to not just replace a solution that is giving them a huge list of CVEs with another solution that's giving another huge list of CVEs, but take the opportunity to reduce the number of solutions and really streamline their security program. So we do see that customers outside the U.S., like the larger customers are a little bit more flexible. On the other hand, from a customer profile perspective, clearly, the SMB customers have less people and less silos in their organization. So they are able to move a little bit faster compared to maybe the very large enterprise customers.

Great. Thank you. And then before we jump into audience questions, is there anything that I haven't covered to this point that you would like investors to understand about Qualys?

Yes, we are very excited about the opportunity in front of us, and I think we're very proud of the business that we have built and the profitability that we have focused on over the last few years. And today, that really is giving us the opportunity for us to look at expanding our growth while maintaining industry-leading profitability, which is -- stands out fairly uniquely definitely in the cybersecurity space and in the changing environment today. I think also the platform providing multiple different consolidation capabilities will also be very interesting for customers as they're moving more into streamlining their security stack and moving into looking at managing their spend and managing the number of solutions that they have. I do feel that we have a great opportunity, and we're really focused on the right level of execution with the right approach towards maintaining the balance between industry-leading profitability and solid growth as well.

Great. So at this point, if you're listening to the live stream, you can submit your questions electronically. For everyone else here, feel free to raise your hand.

If I think about VMDR adoption, it's been pretty good. I suspect that patch management has been a big driver behind that. And I'm curious, one, if that's true. And secondly, I asked your largest competitor about remediation and patch management yesterday, and they sort of said, no, that's not -- they didn't see the value in it because customer organizations were so varied, and it was challenging to do remediation. So I'm curious about how you're able to do it and what -- how do you segment the customers to find those customers that do want patch management and remediation all on the same platform?

Yes, great question. I think we -- I think there is no question in our mind that -- and the whole point of Vulnerability Management is to remediate those vulnerabilities, right? If you're getting a report and you're not patching them, then what's the point, right? So they always go hand-in-hand. Whatever comes out of your uneven management capability needs to be patched. Now it's a question of where you're going to use a different solution to catch or you're going to use a consolidated solution to patch? And one of the great things about the VMDR is that we are providing the ability to discover assets, discover the vulnerabilities, prioritize them and provide a patching plan. The Patch Management capability is an add-on. So not everybody who's ready immediately. They actually have to purchase the Patch Management if they want to use Qualys to deploy the patches. Now the great thing is that it's the same agent. And a few earnings calls ago, I gave the example of one of our large customers who has 300,000 employees globally. They were leveraging Qualys Agent for VMDR on all their employee devices. When the pandemic hit, everybody took their laptop, went home. And they are a service organization, they needed a way to show compliance with patching levels. And there was just no way for them to do that over VPN and over leveraging SCCM and some of the other older capabilities that are out there. So they were able to call us. And within a very short period of time, you were just able to flip a switch in the back end leverage the same agent to start to patch those 300,000 assets immediately. So there is definitely a desire for customers to find ways to mitigate the risk by shortening the amount of time that they're exposed with these vulnerabilities. And in fact, a couple of weeks ago, we had a conference in London, where we talked about the kind of data that we see on our platform where customers who are scanning using Qualys and using another tool for patching versus customers who are using Qualys for scanning and using the built-in patch management capability. And on an average, it was about half the amount of time that those vulnerabilities were exposed compared to when they were using the other solution. And I think that really is compelling way to look at from customers because at the end of the day, their goal is to reduce the amount of time that they're exposed by reducing the amount of time it takes for them to find the vulnerability and patch it. So we are seeing very, very positive feedback from our early adopter customers. We are happy with the trajectory that our Patch Management, Paid Patch Management capability is seeing. Of course, it's not material yet to the total amount of revenue that we have. But it is something that we are seeing very positive feedback and traction from everybody.

You guys have been talking for a while about ramping investment and it's been slower. So maybe help me understand maybe why -- what the delay is and what gives you confidence that you'll be able to actually sort of hit those investment targets in the next second half? And then my second question related to that is that as you think about the market kind of, I guess, where we're going right now where people are really focusing a lot on cash flow and margins right now. Is there any part of consideration to maybe slowing those investments or not ramping them in the second half?

Yes. question, do you want to?

Yes. Great question. We've had a lot of discussions about this internally because we recognize the fact that we are prioritizing growth. We're trying to balance the growth with profitability, and I think that we've been seeing that for the last couple of years, and there has been delay in spend. It wasn't intentional. There were some outside events that happened to impact our spend planning. But earlier this year, when we had guided to the margin, there were a couple of things that we had taken into consideration, which was the increase in competitiveness in the market. We wanted to make sure that given the inflationary pressures as well, that we allocate enough funds so that we can really execute on our priority of retaining key talent and attracting the right people. Given that the C-suite is built out for them to really hire the Level 2 and the entire team. With that said, we knew that the new hiring will be more heavily weighted to the second half of this year. So our targets haven't changed. We are still planning to hire those people. In addition, some of the lower spend, if you take a look at Q1 specifically, I want to call this out. Our EBITDA margin was 48%. But if you take a look at the line items, right, the G&A went down, and that was due to lower third-party vendors, that's not going to have a negative impact per se on the growth rate, right? And you're looking at gross margin expansion, that's great for us as well, 80% going up to 81%. Now if you take a look at the sales and marketing, last year and then the year before, it hasn't grown year-over-year. This year, it's grown by more than 10% year-over-year, right? So that's why if you're really looking at the spend and breaking it down, we are spending more on the sales and marketing. It's just not showing up on the operating margin, and that has to do a lot with our scalability of our platform and how we're managing the business is, we recognize, especially in this market, we want to maintain the industry-leading profitability. If we can lower expenses where we see fit, cost efficiencies in G&A or even on our data centers, we'll execute against that. Sales and marketing, I do expect that expense to continue to grow as we invest there into the business to accelerate that growth.

Yes. And I would say that if you look at where we started with 2021 and now where we are heading towards, I think we have been able to achieve good amount of growth without a significant change in the sales headcount, which really goes down to the leverage that we feel that the platform has because we are able to work with customers and work with them from an expansion perspective and looking at selling them additional capabilities, right? And I think that helps us really focus on saying that with the right investments, we will be able to focus on working towards getting growth in addition to maintaining our industry-leading margin, right? We have sort of been that standout unapologetic about our profitability last few years, despite the focus being different. And I think today, we feel like we are very well placed to capitalize on the profitability and the cash flow that we already have and make meaningful investment without really compromising significantly on our profitability.

A few short questions, if I might. Just I was wondering, first, how much of your business is driven by the requirements of cyber insurance, if you could speak to that? Just on M&A, if you could speak to adjacencies, white spaces, where do you want to invest? And on competition, you mentioned lowering the number of agents because people have too many agents rolled out on their machines for security vendor like CrowdStrike, for example, talks about EDR and that they have a sprawl of new modules that able to roll out. So if I'm a customer, why would I go with your EDR versus like a best-of-breed, for example, like CrowdStrike or SentinelOne or Carbon Black?

I forgot your first question, sorry. Cybersecurity -- yes. Cyber insurance. Yes, so I think the -- we don't have we're not seeing any direct conversations where customers are saying that they're increasing their spend or anything because of cyber insurance requirements. I think that is one part that probably factors into some of their decisions. But we do see that there is an opportunity for us to work with cyber insurance requirements to be able to provide sort of packet solutions that can help customers meet cybersecurity -- cyber insurance requirements. But today, the conversations are not directly sort of driven from that perspective. I would also say that from a competitive perspective, like I said, the EDR and having some modules around that certainly enhances the EDR capabilities that other players have. But at the end of the day, if your EDR blocks something that is on to your -- that's on your box. That is a little bit late because which means your Patch Management and your Configuration Management failed, and that's why the attacker was able to get to the box where your EDR was able to block that. And so when I sort of look at where Qualys provides that agent consolidation, we not only provide the EDR that those other providers are providing and some of the other modules like Asset Management. But we also provide very high-quality Vulnerability Management and the ability to patch, which we feel right now is something that differentiates us from some of those providers where, like I said, you will not install EDR or on an asset that you don't do Patch Management on. And so if you are using one of those providers for EDR, that does not provide Patch Management, then you still have to go out and get another agent. And then it's not necessarily the same agent consolidation that we're talking about versus with Qualys, you can really consolidate to a single agent with EDR, Patch Management, Vulnerability Management and Asset Management altogether with the same capability. So while some of those modules enhance the EDR. I think there is a fundamental capability of mitigating your risk of the attacker getting on to your box that Qualys provides with our EDR with Vulnerability Management and Patch Management that we don't see others providing in the market. And then yes, in terms of the M&A, I think we're we've always continued to look at technology that we can bring on to the platform because our focus really is to provide that seamless single interface for customers to be able to just like we've done with acquiring TotalCloud and some of the other technology where technology that our focus is to bring that technology onto our platform and make it available directly through the platform, not necessarily sell that as a separate stand-alone capability that we see some of the other providers. Because it doesn't necessarily help the customer even it's the One vendor, but they have to deploy 5 different platforms. That's not very helpful for them. So we always lead with focusing on making sure that we are providing ease of deployment, ease of use capabilities to our customers. Having said that, today, we are well placed with the amount of cash that we have and our profitability to look at meaningful M&A, if it makes sense, if it comes our way. And so we always are actively looking at opportunities where we can not only bring great technology to our platform, helping our customers consolidate, but also the potential of bringing additional customers or employees onto the platform. That's something that we continue to always look at.

Great. So do we have any more questions from the floor?

Just -- it seems like the reacceleration of growth of late has been largely based on your existing customers getting growing spend with your existing customers. Can you just talk about how you're growing more customer base, where you see that the best opportunities? I mean, you listed a few earlier, but maybe how do you prioritize them? And how do we track progress there?

Yes. I think we are excited about the opportunity for us to get net new customers. That is an area that we are focusing on from multiple different aspects, not only have we sort of rebuilt our team with marketing, and now we're focusing on digital marketing, lead gen, et cetera, focus on new business, presales team and hiring the presales team, but also our recent announcement of a new partner program that we have done to work with our partners to help find opportunities for them to bring additional net new logos to Qualys. I think that those are all the areas that we are continuing to focus on. We're a little bit early in that phase, but we do feel like there is opportunity for us to go out and help customers replace their sort of scan-only, reporting-only solutions with consolidating capabilities that actually help them mitigate and reduce their risk. So that's an area that we are looking at from not only internally with marketing and our own team, but also working with partners to find ways to bring net new logos to us.

Yes. And just to add a little bit more color to that. If you take a look at our history, right, with our revenue going from 20% down to 13% and now we've had that inflection point in before even an increase in an investment. The way it played out and really what we were trying to achieve was we're really focused on product development. We thought that one VM space was becoming commoditized. So we came up with the VMDR product. And with that, what we wanted to do was go to our existing customers and really test our thesis out that is -- do they see the value and relative to the increase in price that they would have to pay if they were to increase the asset deployment, the coverage of it? . And so we're leading with VMDR. And what that's helped us to achieve is that net dollar expansion rate going from 103% to 110%. So with that, we believe that our product has been tested out in the market. It's worked out really well with our existing customers, increasing retention rate as well as expand. Now given that, we know that we can take that model and create a repeat and -- with the new customer logo lands, but we're very early on in the phase. So I would say that how you could potentially imply that the growth contribution from the new is not as high as we think it could be. We're working on that. And by that fact, that net dollar expansion rate is 110% and our revenue is growing at 17% and our guidance for the year is 18%. You kind of can see where we're at currently. But we think that there's a huge opportunity out there. And the last point that I want to highlight is that if you think about the net dollar expansion rate right now, it's really mostly driven by our legacy products as well as VMDR because like Sumedh said, one of the key opportunities that we have is even with Patch Management that's been out in the market for over a year, it hasn't contributed that much yet. Just because we haven't -- we're very early in that inning packaging our product and making sure that our customer and the market out there really understands our value proposition. And so if Patch Management, CSAM, EDR and XDR were to take off, that would be an uplift to what our current customers are spending with us. And of course, a new logo land size would be bigger to if they were to start out with multiple products.

Great. Thank you so much. So unfortunately, that's all the time we have for this session. But Sumedh, Joo Mi, thank you so much for your time today. We look forward to watching you continue to succeed.

All right. Thank you very much.