SailPoint, Inc. (SAIL) Earnings Call Transcript & Summary

Well, Mark, great to have you.

Hi, Kelly.

No. It's a quick trip to San Francisco, so appreciate you coming out. Want to just...

Hi, there. Hi, Gabriela. Nice to see you.

All right. Great to see you [indiscernible]. Mark, it's a real pleasure to have you with us at Communacopia again. My colleague, [ Kelly Blenty ], is to my right. Thank you for joining us. Thanks [indiscernible], Goldman Sachs Communacopia and Technology. So Mark, we're in the middle of this incredibly high pace of innovation in identity. And so my question for you is, as a founder of the company, what would you articulate as SailPoint's core competency? And how does that now inform the way you're thinking strategically about where you have a right to win in this pace -- this heightened pace of identity innovation?

Yes. It's a great question. I think our kind of unique core competency is this ability to go, as I call it, kind of deep and wide. Most of you are familiar with the identity landscape, oversimplifying a pretty complex area but there's kind of access, right, which is log in, single sign-on, MFA and there's privilege. But if you think about those for a second, the nature of SSO and sign-in is very wide. You want to try ideally to sign people into everything but it's a very shallow level of security, meaning you just have that log in. You authenticate them with some sort of strong authentication, log them in. By the way, a metaphor there is there's a check-in at the bottom of the building. You check in with the security guard, show your license, you get into the building. But from that point on, the security guard has no idea where you are or what you're doing. So it was a strong authentication and an entry but that's what that technology has always focused on. So they have a very wide coverage in the enterprise technology landscape but very, very shallow, if you will. Conversely, privilege is the opposite, right? Its history is a very deep set of controls over a very limited number of users, over a very limited number of things. So I want to understand every keystroke being executed by a database administrator or a systems administrator because those powerful users with access to systems can do very damaging things either accidentally or intentionally. So we want to tightly control. But again, think of it as very deep but quite narrow. So you've got wide and shallow, you've got deep and narrow. The nature of what we've always done is wide and deep because you have to map ideally every identity across every part of the infrastructure, application environments and data. That's really difficult to do in enterprises with highly complex IT environments. And the scale is nontrivial. I think it's interesting that in commenting on the Cyber, Palo deal, there was a note that the CEO of Palo said that hey, Cyber comes with about 8 million identities and the management was like, we're at [ 125 ] and growing very rapidly. And now let's get to some of the innovation. So that deep and wide, I think, is our core differentiated competency because to understand back to my silly building analogy, not just what it takes to walk into the floor of the building but to map that building and every building in New York City and understand exactly how they're configured and what it takes to get into each floor, in each room is pretty hard in a typical enterprise. So there's a lot of depth and complexity that we've had to grapple with for many decades now, couple of decades, I should say. But across like a lot of the world's biggest, most complex shops. The innovation, I think, that's going to come now is on 2 or 3 key dimensions, Gaby. One is -- Gabriela, sorry. One of them is you're going to have to extend that landscape as deep and rich as ours is to every identity and that is now, as we all know, as much about nonhuman as human identities. And real quick on that dimension, we've had employees and nonemployees for a while now, right? Some sort of a human logging in, whether they work for you or not, they're authorized to get into your systems. There's 2 different things happening in machine and agent and I think it's worth calling out for a second. The machine identity landscape is not brand new. We've had service accounts, software bots, RPA, intelligent devices for, I don't know, depending on which one you're looking at there, a decade to maybe a couple of decades. What's new is they're part of the attack vector. Now everybody is cognizant of the fact that the bad actors are trying to attack those nonhuman identities, just like they're trying to attack all of our humans to break in. As the new thing is, these days attackers don't break in, they log in, right? They're not trying to break through the firewall so much as compromise identity and get into the system. So there's that issue of, oh, gosh, the machines are now in attack vector. We better figure out how to protect them, which, by the way, for most shops, starts with figure out how many you've got, where they are and who's responsible for them. That is also nontrivial for most enterprises. Agents are a very different set of characteristics. They're not something we've had for a long time. They're brand new but we all anticipate they're about to explode. And there's going to be tons of them everywhere. And unlike most of those machine type identities, which are kind of static/deterministic and programmed, these things are going to learn and adapt and grow, which sounds a lot more like a person. So we think what makes Agentic so challenging is it's got machine-like characteristics and human-like characteristics. And for the security teams to get their arms around this at the scale we think it's coming and the complexity that it presents is going to be very challenging. But it starts with you have to map that entire identity landscape and all the data landscape. And that's not something we've been great at in our space. We've helped people log into systems. We haven't necessarily understood all the data that they can access in the environment. And we've not tied that nicely into the security landscape. And to be fair to the deal that just got announced, it was a good validation point that the security ecosystem and the identity ecosystem probably need to come together. We would argue that wasn't the best choice for doing that but that's what they did. So we agree that, that's where the world is going. You need that identity context and the security context to really secure your enterprise from all these attacks that are identity-centric. But in our minds, you're going to have to have that breadth and depth to do that well and to do it comprehensively.

Well, let's stay on this idea of mapping because I think you're touching on something really important here. When you talk to your largest, most sophisticated customers, maybe share with us some of your observations on those conversations. Are they saying to you, we are so excited to deploy agents. We're so excited to deploy our internal built GS AI agents. Help us figure it out. What do those conversations look like? What is the step 1, step 2, step 3 of getting the identity [indiscernible] to be able to then go big with agents?

Yes, it's a great question. I think there is some difference between those 2. We're, again, taking broad things and simplifying them as we all have to, to get our brains in the right place. There's 2 big buckets of agents. You nailed it. I think there's the kinds that are going to come through the software vendor world. And they're going to be made available to customers. I think customers are going to have to decide which of these things they take advantage of or not but they're going to come from the Salesforces, the ServiceNows, the Workdays, et cetera, right? And I think the general sense I get is most customers are exploring those things, looking at those things. They have some excitement about some of those things but I wouldn't say there's a fever pitch to go adopt that technology. On the other side is where I think most customers, certainly mid- to large enterprises with some level of sophistication in their shop, they're the most excited about the bespoke things they can go build and do. They're very unique to their business and they're the most nervous about those because they recognize we might accidentally create an exposure we don't understand. Some of you have been around various flavors of security, there's an old saying in our space, which is why do race cars have brakes? Answer, so they can go fast. right? Like if you're going to adopt technology, especially technology that's rapidly changing, you need to have confidence that you can brake when needed. And I think what you're seeing in this kind of slowdown in Agentic adoption that we're all reading about is some of that concern being expressed by hesitation. The customers are saying, look, I'm excited about this stuff. We've run some pilots. It looks like it could be very powerful. And then the next story comes out that did you hear about that story, where some agent went rogue and exposed all the companies' W-2s to the junior analysts. I mean there's crazy stories out there of where agents ran off and grabbed data that wasn't well protected and exposed it to either someone or something they weren't supposed to. And so if you're a security person, even a business person, you're like, before we step on the gas pedal and really run fast at this, can we be sure we have brakes that we trust, that we sure we can stop or slow down or turn when needed. So I think that's the tension we're feeling. But I -- our belief is, we're going to move through that in the next few quarters and we will be back to talking about how fast and aggressively people want to adopt this technology because the business benefits are pretty clear, whether it's "replacing people", which there's clearly going to be some of that. I think a lot more of it is making people more effective, the whole augmented intelligence unpacking of the AI acronym. There's going to be plenty of opportunity, I think, for people to go, wow, we can do a lot with this. We just have to make sure we have the controls that if something appears to be going awry, we can deal with it very rapidly. And so what that means for our kind of space, again, you have to have that comprehensive picture of where is -- let me give you something that people aren't talking about much. One of the problems with all these machine and/or agents is, you have to make sure some human is responsible. There's a whole bunch of what we call orphan accounts today, meaning there's a service account, there's a RPA process. There's a -- some device, who's responsible for that thing? Some human in the organization has to go, that's mine. I've got that. I authorized it. I still think it's important. We still need it. That really is pretty nonnormal, abnormal for that to be true today. We've done it for the people, right? We're really good now at saying, I understand all these people, yes, they have valid access, that's correct, right? We're just starting to figure out what that looks like for all these nonhumans. It's going to be a very big deal for agents, we think, because -- what about this concept that a super agent spins up a subagent? Who knows that happened? Who decided that was okay? Who authorized that to stay? Terrifying. If you're a security person, right, I'd like to say, this is like your employees birthing a bunch of children every day and you have to keep track of where they're going in the enterprise, Terrifying. So how do you do that if you're a security professional. That's one challenge. And then the other is, we're going to talk about this at our conference with some of the big players in the space. The biggest challenge today is, we've got these controls that we've learned how to put in place back to my building metaphor, all the badge access on every room and every floor. We don't have any ability today to pass that from the human to the agent for the data. There's just no construct for that today. So if you authorize an agent to go do work on your behalf, you don't know for sure that what work it's trying to go do is, in fact, got the controls you have. So it -- that's where we get these situations where the agent pulls back data that you weren't actually supposed to be able to see but the agent could, oops, that's not good. So I mean these are the stories we're hearing from real customers all the time. That's their -- the excitement about AI and agents are really high and the fear is also quite high. And that's the place we think we've got to step into and say, here's what we're going to do to try to help you address that.

So you acknowledged implicitly at the beginning here that there are competing narratives where PAM providers will say the value will accrue to us, IAM providers will say the value will accrue to us, a whole bunch of different value arguments. If this thesis is right and SailPoint is indeed uniquely positioned to [indiscernible], what should investors expect to see or hear from you 12 months, 2 years from now? What are the metrics we should be looking at? How do you think about which product segments will get the most traction as you address this problem?

Yes. No, I think if we're right, and we -- of course, we believe we are, why wouldn't we, doesn't everybody think they're right. At the end of the day, it should accrue and we're launching this agentic identity security product next few weeks here. If we're right, that's going to be a very widely, broadly adopted product in the not-too-distant future because we hear from customers, they don't have confidence that they're going to be able to manage these things. Now to your point, they're going to get offered other ways supposedly of managing or dealing with that. Our contention is, without that breadth and depth context, how can you do that? It's just -- we try not to overburden the point but I think you shouldn't miss it. It is so nontrivial for people that are coming from a login only or the understanding of only a handful of users and systems to say, now I'm going to manage hundreds of millions, if not billions of identities and maybe over time, multibillions of entitlements for those identities. That's hard. And to do it in relatively real time because that's the other challenge, we're moving from what we call admin time, what SailPoint has traditionally done to be fair, you call admin time, right? You started with the company, Oh, Gaby, you need these things to do your job. I'll get you that by next week. Read some books, read some books until then. And in the other end of it, right, we're pretty good at turning off access today. We've gotten better at it because we know that's bad when we don't, when somebody leaves. But it's still kind of -- and certification is the ultimate admin time, right? Once a year is enough to check that the people have the right access. What about the other 364 days? Things like you'd want to know. So there's some real breakages in where we've evolved as an industry as to how that's addressing the current identity threat landscape, is we are kind of lagging, to be harsh here. We're lagging in the technology from the identity community of addressing what's actually become the real problem. We're kind of -- to be harsh, sometimes doing kind of fake security, hey, look, I checked your log-in, yes but what if you got past the security guards. Now what? So I think we're going to have to step up the game and we're investing pretty heavily to get big into that game.

And I'm curious, are there features that have historically been considered privileged access that you don't need a vault per se. But are there features of that product set that perhaps actually make more sense in an IGA type platform? That is an existential question on [indiscernible]

Yes. No, it is. And it is -- you're right. No one is really debating whether the access heritage is the most critical heritage to manage the agentic world with all due respect to my friends at Okta and others. Like that's fundamentally a log-in technology. Well, these aren't logging in, what are we talking about when it comes to machines and agents, right? But when you get to privilege, that's where there's noise. You said it, so I'll go there. The core technologies of PAM are 2 big things, vaulting and session recording. When we had the problem of bad actors, either intentional or unintentional doing things with databases and servers and operating systems, the things that privileged access was designed to prevent happening. Those are the core things we decided we needed. You shouldn't have what we now call standing privilege. You come get in a credential, you log in with that credential. I time stamp it and I know it's you. And now I watch every keystone because you might do something wrong or might do something stupid, either can happen. And either way, I need to know exactly what you did. We contend those 2 core technologies have nothing to do with what's about to hit us. It's not about vaulting. It's not about session recording. So this idea that PAM that set of technologies give you some up -- head start on solving these problems -- there is a set of privileged challenge. That's where I think the confusion exists. There's all kinds of privileged challenges about to emerge here. This idea -- and [ Nikesh ] said it, again, we'll give credit where to do. He said, look, we believe over time, every identity will be privileged at some point in time, right, so do we. The trouble is, you just bought a technology that only handles a sliver of the identities and the things you do for those are not relevant to what we're about to deal with. So that's a problem. So we think what's needed is comprehensive understanding of all those identities and that detailed understanding of the data and entitlements they can access. That's what we do. And so it's not clear that a history or a heritage in vaulting and privilege is going to be particularly helpful to that. I'm sorry, vaulting and session recording. I just -- I personally, I'm trying to get educated as we say but like help me understand how that helps you win in this new world. I don't get it. When you say the word privilege, oh, you're right, there's going to be privilege. There's going to be escalation, de-escalation, dynamic privilege, very big deal coming with all of these technologies. But it's not clear that, that heritage gives you any head start there.

Yes. Really interesting comments, Kelly.

So you brought up earlier this idea of the convergence between security and identity. Curious, what does that mean for SailPoint?

It means we got more stuff to do. Yes, we got a lot to do. What we think that means is there's this kind of, again, unspoken reality that's a little bit true that we need to talk about more, which is, we've got 20, 30, 40 years of heritage in some of the core disciplines of security. We've been doing device security with -- back in the day, Symantec and McAfee before CrowdStrike took that game over, right? We've been doing network security when it was mostly about Cisco before Palo became the big guys to play there. And you've got newer things like cloud security where Zscaler dominates it. What isn't talked about much is none of those constructs have an identity context. When we're nice, we say they're identity and aware. When we're less nice, we say they're identity blind. Like they just don't understand identity. I see something happening on the device, I have a Mac address. I see something happening in the network, I have an IP address. I see something happening in the cloud, I have a cloud instance. Still don't know who or what is accessing this or doing something here. So that lack of identity context is partly why I think [ Nikesh ] did what he just did. I think it's why people like us are going to have to have a very robust API set and open communication framework between ourselves as kind of a center of gravity for identity, all kinds of identity, all kinds of data and that entire ecosystem. The danger and this is the classic problem of aggregation of vendors versus best-of-breed, what Palo has now done is, say, if you want to solve this, you do it with me, all my tech and cyber tech. I think we're going to find that there's plenty of customers that go, I've got lots of Palo. I've also got CrowdStrike. I've got Zscaler. I've got Fortinet. I've got -- I got a bunch of stuff here. It's all sending me security signals. I'd like all of it to be identity aware. So the trick will be how do you convince the customer that Palo with its technology is great at tying in all the rest of that security ecosystem. That will be interesting. So when people say, what do you think that's going to mean for us? I think we're going to be challenging them in the same way, by the way, we challenge Microsoft or others today who say, I've got this comprehensive set of stuff, well, go, great. But the things you do in our realm aren't actually competitive. You can't actually do what we do at the level and scale and complexity that customers require, which is why we don't lose to Microsoft.

Yes. So I want to ask a bit of a more near-term question. You guys reported earnings yesterday.

It was this week?

This week. So given you guys focus on large enterprises, you can see a little bit of a shift between quarters in business and you also have the term versus SaaS dynamic. The broader question there is, just how should software investors think about looking past some of the what you see in the quarterly volatility in results, particularly when software investors are almost used to seeing that sometimes.

Yes. No, thanks for that question. We're doing our best. And I guess we are partly here, Scott, my Head of IR, is here with me and Mitra, our CAO. We're listing because we were honestly a little frustrated. We thought, wow, we put up good numbers and told you we're going to continue to do well and people like, yes, that wasn't what we were looking for. We're like, what, what happened there? So that said, look, we do think that when you're in a weird term, SaaS mix world that we live in and we said, look, it's 90-ish-plus percent SaaS now but we still get term deals and when we get them, they're big. And so they move the needle on revenue and therefore, profit. And our friends in 606 accounting, thanks for that. But anyways, we are where we are in that. And so we said and when we came back to the public markets this year, look, try to keep your focus on ARR because that takes out the noise of whether the deal showed up as term or whether it showed up as SaaS. And that -- what we pointed to is say, look, we've seen nice healthy ARR growth, particularly strong SaaS ARR growth, which now represents like 60%, 70% of our revenue, 2/3 of our customers and that number is growing quite aggressively, right, high 30s, not low 30s. And so we're like, we've got a very healthy growth business here and it's probably best to measure it in ARR. It sounds like what we didn't get clarity around was what you should expect us to do as we guide you to where it's going. And there was a little sense of, oh, I was looking for a little more, like, oh, see, we felt like we kind of did the same thing this quarter as last quarter but there was FX help last quarter. We tried to call that out, too. So it's on us. We're going to try to make sure we're more clear. But I think if you look through the data there and you look at the cadence we established for a few quarters now of kind of a 2-ish beat and a 1-ish raise, plus or minus, you extrapolate that for 2 more quarters, we end the year at like a 30-odd percent ARR growth. There's not a lot of folks at $1 billion doing 30% ARR growth. So I think we've got a pretty healthy business. And it's coming at a time when we haven't yet capitalized on most of what we've just been talking about. None of those numbers include a dime for agentic yet. None of those numbers include much for machine yet. That just got launched and it's getting a really nice uptick but it's still low single digits part of our overall revenue mix. So we've got so much headroom in some of these emerging challenges and the companies we think are going to spend money with us to address them and yet without that, we're still seeing a pretty healthy growth of the business. So we're pretty bullish. And it's on us for not conveying that maybe with enough clarity to all of you. So we'll keep getting better every quarter.

And something you have seen a benefit from recently is the shift to more of a bundling and suite-based pricing model. As you kind of talk about all these new things that you can add over the next couple of years with agents and just other functionality outside of PAM maybe, how do you think about what makes sense to include in those bundles versus what's going to be more of an add-on? And just how that kind of builds into I know what you think of as this identity platform longer term?

Yes. So it's a really good question. Yes, because first platform, like so many software players, I think platform has potentially multiple meanings. One is kind of a technology platform thought where you have a whole bunch of shared services. ServiceNow did this way back in the day, a company that actively did this. SailPoint has been doing it for a long time. A bunch of shared services, common data model, common policy engine, common identity store in our case. And then I'll call them blades to use an old term or slivers of application where you leverage all that underlying technology in your platform, which makes it faster and easier to deliver new value, right? Well, one of the things we'll always look at is, is each sliver we've got something that should just be considered core or additive. Today, the core that we offer in our business suite is the 2 biggies in our space historically, which are compliance and life cycle, right? How do you run those audit checks and how do you just manage the ongoing churn of your people and what they're accessing, your identities, whether they're people or not. And now we're finding that, okay, some of these things are going to become so common should we just drop them into the core offering and raise the price of the core offering or should we continue to make them optional. The school of thought we're still in for the most part is, there is such a heavy lift for most large complex enterprises to get their basics in place. We don't want to overburden them at that first contracting cycle with a whole bunch of stuff you probably won't get to for 2 or 3 years. So let's get you what you need to get going. What we are finding is, most of you are aware of this, we run a 3-year contract cycle. We are in an annual about a 3-year cycle typically. We're finding more and more customers who come back to us in the middle of that 3-year term to say, I'm ready for more. So we're doing more and more upgrades in the cycle, if you will, additional sales. And we pointed to this in the financials. We're every quarter now in a pretty nice mix of about half our new ARR is coming from new customers, new logos, half is coming from existing. We put up, again, a nice healthy 114% NRR again. We still talk about a GRR in the very high 90s. We don't lose much. And so at the end of the day, we feel like we got a great base to work from and we are innovating faster now. We will deliver a few new offerings here at this conference in a couple of weeks. And so we're going to try to keep saying to the customer, there's a base here and we want you to start with what you need to get going. And the speed at which you add some of these capabilities may be dependent on how fast you can go. So instead of overburdening them with here, here's everything you want all at once, the proverbial ELA of the last era of enterprise license, sometimes companies want that. Usually, they'd rather kind of pay for what they're using. So that's kind of our approach.

So as your conference comes up and as we think about some of the new product announcements you're going to have, how do you think in general about investing in your product stack right now given the fact that there's a lot of debate in the software ecosystem about what employee interaction with SaaS applications is going to look like. So I would love your view on that.

Yes. Well, I'd say, always you got to consider the source, right? I think it's Mr. McDermott who runs ServiceNow that says, the whole world is going to be workflows. I'm, you might have a biased position on that. So I think we have to be careful with what's being talked about, about what's going to happen to the application environment. One of the things I've been saying to people and I always get a little [ cock-to-head ] response is, so there's some school of thought, so there's just going to be a bunch of ChatGPT or whatever AI tools sitting on top of data. Quick question, where all that data come from? What data? Like today, all that data comes through all the applications you run, do things like customer contracts and customer management and the software you're -- like there's a huge amount of data in most software companies, most businesses, I should say, sorry, that data came from all those business applications. Now we run all kinds of interesting analytics and try to understand that data and what's happening in our business. That data has got to come from somewhere. Do I think some of the things that we do today that got kind of statically embedded in applications, which might have been better left to very flexible workflows, I think some of that will be coming out, I do. But there's a whole lot of business processes that are pretty standard and repeatable. It's not clear why you wouldn't just build that into a classic application. Try not to sound like the old guy. This is the way we do it. But I think it's the way we do it. So I think there's a sense of some of that's going to migrate and some of it's not. And the whole hype cycle, our friends at Gartner, sometimes they do things that are interesting, sometimes less so. But that hype cycle curve is a good one, right? We've kind of been in this hype cycle. AI is going to disrupt everything tomorrow, half your employees should get a new job. I mean we were saying that about 2 quarters ago. Now we're in the trough of dissolution. I don't know if this is going to do anything. Oh, yes, it is. It's coming. So I think we're going to come back up that curve to lots of things are going to be changing. They're going to change probably at a faster rate than we've seen in much else. But is it going to take out half the jobs in America in a few [ deer ] years? No, I don't think it is. Is it going to change how people do their work? Increasingly so. Will it make them more productive and therefore, will you need a few less people? Probably in some areas. But I'd say, walk into an auto manufacturing shop. We used to have those -- there used to be hundreds of people making a car. Now there's a few people running a bunch of robots. But all those people found other things to do over time. So I think we'll find places where there's new roles, new needs, new activities but it's clearly going to be significantly disruptive, this technology. And I think we're trying to stay at the forefront of who's developing the tech, meaning the AIs and the LLMs, who's developing the apps and how are those evolving? What are our big important strategic customers thinking and make sure we're sitting in the center of all that with, okay, so to help secure and manage all this infrastructure of identity and data, we should do this. And that's where we're just -- we're market-driven as a mindset.

Yes. So you're not actually the first person to bring up that Gartner report. It seems to pop up frequently.

Hype cycle, good old Gartner. They get the 2x2 quadrant, they and BCG and everybody else and they get the hype cycle. They get 2. That's right.

So I'll ask one last question. The focus you have on large enterprises begs the question, TAM, like that's new logo adds that kind of comes up...

Love this question.

Yes, it comes up with investors all the time. So how do you think -- I'll ask in a bit of a different way, maybe how do you think about going down market to kind of increase that TAM over time outside of some of the other growth things you talked about?

So we've started to say this and maybe it will be helpful. If you look at where ServiceNow was when it was around $1 billion in revenue, which is where we are, they had 3,000 customers. Nobody was yelling at ServiceNow. Why aren't you going into SMB? So I think you should just think about the number of large enterprises in the world for whom we are kind of the only good answer. There's a complexity level. We've identified by name, 14,000 organizations around the world that we think represent good target customers for us. We are 14% penetrated into that list today. So before we worry a lot about SMB and go take on Microsoft arguably and Okta and some others on "their turf", we're going to try to go win the other 86% of those. And we won't get all of them. Of course, we won't. But I think ServiceNow has just now got to like 8,000 or 10,000 customers. CyberArk has like 12,000, like and ServiceNow is about 12x bigger, 8x -- I don't know, sorry, my data is not good there. But you can grow a pretty big healthy business, getting a lot of revenue from large complex organizations. Since we are particularly adept at that area, we think that's the smartest thing for us to do. We've gone to the, I call it, the low end of the enterprise and made sure we're kind of defending that part of the landscape. So think a few thousand users is a not bad metaphor. Most people draw the SMB line at like 1,000 and under, like, that is not interesting to us. No offense. We will occasionally show up in a customer in that scale usually because they're maybe a subsidiary that's super complex IT, something. But in general, we're just not worried about that part of the landscape and people say, "Oh, but how will you build a big enough business?" I'm like, reference ServiceNow. Like they built a $8 billion or $9 billion or $10 billion business with less than 10,000 customers. We think we're fine to grow a lot more of our business without worrying too much about the true SMB. We're going to be in the mid- to low end enterprise but in the shops where complexity is a very large concern and we have a uniquely good answer.

Thank you.

Mark, thank you. So many interesting ideas and we really appreciate you taking the time.

As always fun to do this. Thank you all for coming.