Cyberark Software Ltd

NASDAQ:CYBR

Good day, ladies and gentlemen, and welcome to the Q1 2018 CyberArk Software Earnings Conference Call. At this time, all participants are in a listen-only mode. Later, we will conduct a question-and-answer session and instructions will follow at that time. [Operator Instructions] As a reminder, this conference maybe recorded.

I would now like to turn the conference over to our host for today's call Ms. Erica Smith, you may begin.

Thank you, operator. Good afternoon. Thank you for joining us today to review CyberArk's first quarter 2018 financial results. With me on the call today are Udi Mokady, Chairman and Chief Executive Officer, and Josh Siegel, Chief Financial Officer. After preliminary remarks, we will open the call up to a question and answer session.

Before we begin, let me remind you that certain statements made on the call today may be considered forward-looking statements, which reflect management's best judgment based currently available information, specifically our expectations and beliefs regarding our projected results of operations for the second quarter and the full-year 2018.

Our actual results might differ materially from those projected in these forward-looking statements. Please see the risk factors contained in the Company’s annual report on Form 20-F filed with the U.S. Securities and Exchange Commission and those referenced in today's press release. CyberArk disclaims any application or undertaking to release publicly any updates or revisions to any forward-looking statements made today.

Additionally, non-GAAP financial measures will be discussed on this conference call. A reconciliation for the most directly comparable GAAP financial measures is also available in our earnings press release, which can be found www.cyberark.com in the Investor Relations section. And please note the webcast of today's call will be available on our website in the Investor Relations section.

With that, I would like to turn the call over to Udi Mokady. Udi.

Thanks, Erica, and good afternoon everyone. Thank you for joining the call today. CyberArk kicked off 2018 with a great quarter and we are very happy with our results. We exceeded our guidance growing revenue by 22% to $72 million, generating $13 million in operating income representing an operating margin of 18% and $33 million in cash flow. We are off to a strong start which puts us in a great position for the remainder of the year.

Before we dive into the details from the quarter, I wanted to recap discussions I had with customers and prospects at the RSA Conference a couple weeks ago. We are all facing similar challenges. Hackers are innovating at light speed and organizations require protection against major impact factors such as the floatation of cryptocurrency, the evolution of ransomware and the tax on critical infrastructure.

The regulatory environment is becoming more rigorous, particularly with the GDPR compliance deadline looming. Automated processes inherent in cloud and DevOps are not only driving improved efficiency and productivity but are also creating privileged accounts and secrets faster than at any time in history.

This is exponentially expanding the attack surface. However, our Global Advanced Threat Landscape Report indicated that 50% of organizations have no privileged active security strategy for the cloud, leaving them vulnerable to attack. Almost every discussion at RSA emphasized the need for measurable security solutions across cloud, hybrid, and on premise, more collaboration among vendors and empowerment, in this new world, Chief Security Officers are demanding the security enabled business operations.

These customer trends certainly contributed to our results in the first quarter. The DevOps revolution is in full swing and security is an enabler for digital transformation. Organizations are leveraging faster code development as a key competitive advantage. They recognize securing credentials and machine identities is a critical component to the long-term success of these strategic initiatives.

During the first quarter, we were pleased to see that eight of our top 10 deals included Application Identity Manager or Conjur and that more than 10% of our business came from this product family. As a reminder, Application Identity Manager is securing production applications, primarily running on premise, while Conjur is protecting high velocity applications and the DevOps pipeline.

In one of our largest new business deals during the quarter, a Global 500 Transportation company chose CyberArk to secure its hybrid environment across AWS, Azure and private cloud infrastructure as well as its DevOps pipeline. The customer will deploy Conjur, Application Identity Manager, Core Privileged Account Security and Endpoint Privilege Manager in the cloud.

The cloud and DevOps methodology are empowering this organization to drive more productivity and agility into its business. This global company is also an example of a Greenfield customer. During the first quarter, we continued to see the vast majority of our engagements are Greenfield opportunities, even in large global organizations.

We were thrilled to see the government vertical gaining momentum around the globe with major deals across geographies contributing to our success in the first quarter. We want a state government in the Americas for Core Privileged Account Security and Endpoint Privilege Manager.

We signed our largest ever government customer in APJ to protect both human and machine identities for our healthcare system in the region and we want our largest UK government customer who will secure privilege credentials across the entire agency. In each of these seven figure deals the customer recognize that unsecure, unmanaged privileged accounts are a top security and business risk.

One of our key initiatives for 2018 is to maximize the effectiveness of our global sales and marketing engine across both new and existing customers. We were pleased with the strong new business momentum and we ended the first quarter with more than 3800 customers.

In the mid market, we continue to see traction with law firms, universities and hospitals, among other organizations. In early April, we rolled out our first multitenant offering from managed security service providers, which can be licensed based on construction pricing. Our partners can now further extend privileged access security through organizations of all sizes, including deeper into the mid market.

Add on business was also robust in Q1. Existing customers continue to take a strategic approach to privileged access security, rolling out multiphase CyberArk programs. We are on pace for third of our customers to expand their CyberArk employment again this year. Examples of expanded relationships during the first quarter includes seven figure deals with the top 20 pharmaceutical company, a top five manufacturing company and two of the world's top 15 banks.

As we discussed in detail in our investor day in March, we conducted an in-depth analysis of our customer base across parameters like geography, vertical market and customer size. Our analysis of customers spent indicates that we have penetrated only about 20% of our customers potential, representing tremendous run way for growth just within our base.

Geographically all of our regions performed well. The Americas and APJ delivered record quarters for revenue, which we are very pleased to see in the first quarter of the year. With the organizational changes we made in the EMEA the region grew 29% in first quarter, Rich Turner joined CyberArk in Q1 EMEA he is working closely with the entire team on delivering consistent performance in 2018. They are off to a great start.

Another important component of our go to market strategy is extending our reach through our global ecosystem of channel and technology partners. During the quarter, our global channel business represented more than 60% of the business.

In addition, advisory firms like PWC and Deloitte continued to invest and build out their CyberArk practices as they recognize that securing privileged accounts is critical to a comprehensive security strategy. We saw nearly 60% increase in business influenced by the advisory firms in the first quarter of 2018 compared to last year.

Our C³ Alliance continues to be a key differentiator with prospects and customers who are looking to simplify the implementation of their best of breed security strategies. With the C³ marketplace we expect our partner program to continue to drive business for CyberArk and just as importantly improve the security fabric across our customers environment.

The marketplace dramatically simplifies and extends the value of the Privileged Access Security to our more than 80 alliance partners. We are seeing strong tractions from customers across identity, business automation, cloud, orchestration and vulnerability management, among other segment.

During the quarter examples of C³ integrations that influence deals include OKTA, Sailpoint, Ping, ServiceNow, Rapid7, Tenable, AWS, Chef, Puppet and Ansible. Building an enduring cyber security leader requires multiple dimensions, including establishing and nurturing relationships with customers and partners, as well as an ongoing commitment to innovation.

The major enhancements to our solutions that we delivered in the fourth quarter contributed to our strong results in Q1. The new functionality focused on simplification, automation and risk reduction across cloud on premise and DevOps pipelines.

The response from our customers and prospects has been overwhelmingly positive. In addition, because of the investments we made in cloud automation last year, an increasing number of customers are deploying CyberArk in the cloud, including key wins in the first quarter by two leading SaaS application vendors and a global media company.

As we look at the evolution of the threat landscape, our innovation ensures our customers IT environments are better protected. The rate of cryptocurrency attacks is staggering, and only increasing making protecting cryptographic keys top of mind for many customers. Today, we are not only securing their IT infrastructure we are helping customers secure and manage the access keys themselves for cryptocurrency.

We are very excited about the acquisition of Vaultive in March. Customers were asking for CyberArk to secure access and implement proactive security controls for administrators of SaaS applications and infrastructure as a service as well as privileged business users, which are frequent targets for cyber attacks. We will leverage this technology, which can be delivered as a mobile or native experience to seamlessly extend our solution to the highly privileged users.

Vaultive’s cloud native technology platform was purpose built for mission-critical applications that require the highest level of availability, performance and control. Early customer response to the acquisition has been extremely positive. We are thrilled to have the team join CyberArk as their in-depth cloud experience, and state-of-the-art technology furthers our leadership in securing cloud infrastructure and applications.

It was a great quarter and we are off to a strong start for 2018. Our results reflect the momentum in the market, our investments in innovation, and the healthy demand for privileged access security across all geographies. Our execution in the first quarter, robust pipeline and industry leadership position us well to execute our strategy for the remainder of the year.

With that, let me turn it over to Josh. Josh?

Thanks, Udi. Before we begin reviewing the quarter I wanted to remind everyone that our first quarter results are in line with the new accounting standard 606 and we will be using what is referred to as the modified retrospective approach to disclosure.

So we are pleased to exceed our outlook across all the guiding metrics, including revenue, operating income and EPS. Total revenue increased by 22%, year-on-year to $71.8 million. License revenue reached 38.5 million increasing 17% over the first quarter last year and representing 54% of total revenue.

Our growth was driven by both add-on business as well as new customers who recognize the importance of privileged access security with new customers representing more than 40% of license revenue in the first quarter. Maintenance and professional services revenue was $33.3 million, increasing 28% over the prior year period and representing 46% of revenue.

Geographically, the Americas delivered another quarter of consistent results, increasing revenue by 18% year-on-year and reaching a record $44.1 million or 62% of total revenue, EMEA had a strong quarter, increasing revenue, 29% to $21.8 million or 30% of total revenue and APJ revenue grew 28% and also a record of $5.9 million for the region, or 8% of total revenue.

The business was also well diversified across verticals, energy, pharmaceuticals, global government, retail and transportation and travel all grew faster than 50% during the quarter. In fact, global government represented more than 15% of our overall business and that was driven by demand form national agencies in Europe and APJ as well as state and local governments in the Americas.

As I move through the P&L, all financial results will be discussed on a non-GAAP basis, please see the full GAAP to non-GAAP reconciliation in the tables of our press release. Our first quarter gross profit was $62.4 million, or 86.9% gross margin, compared to 86.5% gross margin in the same period last year.

We continue to invest in the business to capitalize on our significant market opportunity and scale our operations. R&D expense grew 45% year-on-year to $11.5 million as a result of a number of factors, including R&D headcount increasing by 27%, the weakening dollar as a vast majority of R&D employees that based on Israel, and the acquisition of Conjur in May last year and of Vaultive in March of this year, both now in the Q1 comparables of last year.

Sales and marketing increased 24% to $32 million, as we expanded our sales organization across all geographies to support direct and indirect sales. G&A increased 34% year-on-year to $6.3 million, as we scale the business to support our growth.

In total, operating expenses for the quarter increased 30% to $49.8 million compared with $38.3 million for the first quarter of last year. Operating income was ahead of our guidance at $12.6 million or 18% operating margin. This compared to operating income of $12.7 million or 22% operating margin in the year ago period.

Our overall expense growth is primarily related to headcount. We ended the first quarter with 1053 employees around the world up from 1015 at year-end and compared with 867 at the end of the first quarter of 2017. To scale the business, we moved into new global headquarters in Israel during the third quarter last year, as well as new offices in London and Singapore earlier this year in the first quarter.

These increased expenses are also not in the comparable period last year. Net income was $11.8 million or $0.32 per diluted share for the first quarter of 2018, compared to $10.2 million or $0.28 per diluted share for the first quarter of 2017. In the first quarter, we were pleased to generate $33.1 million in cash from operations or 46% cash flow margin.

The strong cash flow was driven by our strong results in the fourth quarter, as well as collections from our higher maintenance renewal activity. We ended the quarter with $344.2 million in cash and investments and this is after the cash consideration paid for the acquisition of Vaultive during the first quarter. This compares to $330.3 million at year-end.

Turning to our guidance. For the second quarter of 2018, we expect total revenue of $72 million to $73.5 million or 27% growth year-on-year at the midpoint. We expect non-GAAP operating income to range between $10.2 million to $11.4 million and non-GAAP net income per diluted share of $0.23 to $0.25. This assumes 36.9 million weighted average diluted shares at a tax rate of 21% for the second quarter.

Our second quarter guidance reflects the full run rate of the people we hired in the first quarter, increased expenses related to the acquisition of Vaultive, as well as the RSA conference which occurred in the second quarter of 2018 compared to the first quarter of 2017.

For the full-year of 2018, we are increasing our guidance with total revenue to be in the range of $315 million to $319 million or a growth of approximately 21% at the midpoint. We are also increasing our guidance for non-GAAP operating income to be in the range of $57.5 million to $60.5 million and non-GAAP net income per diluted share of a $1.31 to a $1.37 this assumes 36.8 million weighted average diluted shares.

Our guidance for the full-year assumes effective tax rate of approximately 21% for 2018 and that takes into account the lower tax rate in Israel as well as in the U.S. For the full-year our guidance assumes approximately $2.5 million in operating expenses, related to the acquisition of Vaultive.

As we think about the remainder of 2018, we wanted to point out that we expect to have a seasonal step up in expenses related to marketing events and other programs from the second quarter to the third quarter, which will be similar to what we experienced last year in 2017. We were pleased with our results in the first quarter, Privileged access security remains a top priority for organizations, and we are continuing to see strong demand for our solution.

We believe we are well positioned to capitalize on the tremendous opportunity in front of us and I will now turn the call over to the operator for our Q&A.

Certainly. [Operator Instructions] And our first question comes from Saket Kalia of Barclays. Your line is open.

Josh could you talk a little bit about some of the new pricing schemes and how you have changed them for the Core Privileged Account Security kind of portfolio and maybe what impact that might have had on deal sizes in the quarter?

So just to quickly review, as you know, we have already had a big increase of customers buying EPV and PSM together for new business deals, as they take more and more of risk-based approach to Privileged Account Security. And so to simplify the pricing and strengthen our customer security posture, we have decided to enter a new pricing technique model which has EPV, PSM, PTM, and PTA for the new business deals, and based on pricing of per user, and we call this now the Core Privileged Account Security products and that’s been priced per user and our AM Conjur and our EPM continues to be priced on a per target system.

So, when we kind of look at the first quarter, actually a much of the business in the first quarter was still really off of closed, and deal cycles that were coming from last year, so there was still most of it coming off of the old price model with only a small sample with the new pricing model.

So it's still I think a bit early to tell, the impact on deal sizes, but what we are seeing is definitely a very positive reception by our customers for the simplicity that we have offered in the pricing model and some of the few deals that we did do in the first quarter were on the high-end of our new customer range, compared to what we have seen in the past.

Got it, that’s really helpful. Maybe for my follow-up for perhaps for Josh and Udi. Udi I think you mentioned a large customer that deployed frankly it sounded like the whole portfolio including core PAS in the cloud, I guess I just wanted to make sure we understood how that worked, are they purchasing a cloud subscription for core PAS. And maybe Josh a related question for you is how is that perhaps being reflected in the financials if differently at all?

No, actually it's very much based on our standard pricing and as a perpetual our license models our customers are able to deploy in cloud and for cloud and that’s how we have decided to deploy it. It’s a very exciting customer really because it really shows the expense of how DevOps is important and how its seen as part of really a deep privileged account, Privileged Access Securities strategy.

That’s right, so being continuing to be mostly a perpetual license pricing it hasn't really changed in terms of our P&L model.

That’s really helpful. Thanks very much guys. Nice quarter.

Thank you.

And our next question comes from Sterling Auty of JPMorgan. Your line is open.

This is actually Ugam Kamat on for Sterling. Thanks for taking the question. I just wanted to expand more on Saket's first question. So, would you mention that you rolled out like the multitenant for Managed Service offering for mid market. So how is this different from a pricing [Technical Difficulty] that you just laid out to Saket? How does the economics change in terms of consider a midmarket customer who was using the traditional pricing now shift to this consumption pricing model? How does that affect your revenue or billings number?

I will start, so the MSSP we just introduced that and we are working now on actually the first partnerships with the providers. The pricing that we will be offering is based on the term based license pricing for those MSSPs in year contracts or they can also do as pay as you go pricing in terms of further consumption.

And so obviously on the term based pricing will be reflecting that in revenue in accordance with the new 606 under 606 for a term based pricing where the majority of it will be recognized upfront with the contract. And the same as you go as we see with the UCHS.

But for that mid market customer that works with this MSSP partners, it really gives them the fixed flexibility as they engage with the partners who relative to pay as they as go as well and have a subscription base model.

And as a follow-up, Josh for you. Seeing the movement in the Israeli shekel both the first quarter how much of FX deals wins are baked into your guidance for 2018 in terms of the EPS upside? What is your expectations that you had been you had given the guidance back in February?

The guidance that we gave back in February and also the guidance that we are giving is pretty much reflecting the same as the same exchange rate because we were already have set our exchange rate for this year and a hedging program. But that exchange rate is causing more R&D expenses this year compared to last year because this year that shekel has been between the 340 and 360 range where last year it was quite a bit higher. So the reflection in the guidance that I gave in February and now the guidance that I’m giving now for the full-year is reflecting pretty much the same exchange rate on shekel.

Perfect thanks. I appreciate it.

Thank you Ugam.

Thank you. And our next question comes from Melissa Franchi of Morgan Stanley. Your line is open Melissa.

Hi, this is [Angelo Ostria] (Ph) in for Melissa, thanks for taking my question. I just wanted to ask on cash flow, do you might elaborating on your comments, you mentioned hybrid maintenance activity, is this something we should expect going forward and exactly what happened there?

So, our cash flow is seasonal because and also as our maintenance renewals are seasonal, it’s tied into when we do more licenses, is when the increased number of contract start, so obviously Q4 is our biggest quarter for licenses, and so therefore we started a lot of new contracts in Q4 last year in the November, December timeframe, and so that’s why Q1 certainly this Q1 had a seasonally nice uptick.

And it’s not necessarily that our renewal rate is higher than it’s been in the past, we have been experienced over a 90% renewal rate now for many years, and so it just continues to be very high. I think going forward again it will track with our contracts.

The reason we don't give quarterly on this is because it's actually we are not always certain when they renew in the quarter whether it would be for which length contract it will be, if it will be for one year or longer, and so we kind of stick to looking at our cash flow on an annual basis on and so far we are very much on track to be probably in the upper half of our range that we have guided to.

Great. Thank you very much that’s grateful.

Thank you.

And our next question comes from Rob Owens of KeyBanc Capital. Your line is open.

Hey guys its Mike Casado on for Rob Owens. Udi a months ago, AWS released a solution called Secrets Manager, that I believe addresses embedded credentials and applications and services, and I know it seems solution is more addressable to lower end of the market, but I wanted to get your take on any implications both competitively and on the broader industry demand trends?

Absolutely, AWS is a partner of ours and we have been investing a lot in integrations there, and we were also aware of this ahead of time, we actually see it as validations that managing Secrets is a critical risk and we have seen this kind of secret stores across the variety of solutions, but Privileged Accounts Security is broader than that, it shows up in multi-cloud environments, hybrid environments, private cloud of course on premise, containers, orchestration tools.

And so therefore these islands of secrets and credentials and as a security player our role is to be the holistic solutions for enterprises and so again, we don't see it as a competitive today and we see this as an opportunity to be the player that provides the holistic solution. The example I gave earlier of the Global 500 Transportation Companies is exactly that where they have enterprise type environment and expect a security solution.

And then Udi, last quarter you discussed GDPR shaping up as a tailwind. How much would you attribute GDPR drive demand to the result in EMEA now that we are just three weeks away?

We are beginning to see a sense of urgency with capital being deployed on solutions and we did see activity specifically referencing GDPR during the first quarter, but I wouldn’t attribute the great success EMEA has had the last three quarters of strong performance. I see it as a additional tailwind but the opportunity was there and we are seeing a better execution.

What we do expect is that GDPR will continue into 2018 and beyond the this coming May deadline and that will have until that extent beyond 2018 and into 2019 especially with the mandatory breach disclosures, because when you start disclosing breaches you discover that the infection may have happened in a very mundane way.

But the progression of the attack is privileged credentials and you can’t really secure the environment without Privileged Access Security. So we see ourselves as a seller of any enterprise that wants to be secure and therefore compliant but I would still label it as a tailwind.

Much helpful. Thanks Udi.

Thank you.

And your next question comes from Shaul Eyal of Oppenheimer. And your line is open.

Good afternoon guys. Congrats on the strong quarter as well as the guidance. Udi, I want to start with the high end question. I believe everyone participating at RSA this year let the conference with the feeling that identity and access management really seeing its lowing days as we speak. And yes, it has been around for the past 15 years even more than that maybe in different forms of shape. What is that that has changed over the course of the past few quarters, maybe even year or 18 months that is pushing identity and access management into the limelight?

Thanks Shaul for the warm words and on the quarter. I think what we are seeing is become very clear for organizations that the layers the design to keep just the bad guys out and just trading and that thing of parameters securities for so many years or just trying to curtail the next nowhere are important, but the attacker makes it into the environment a sophisticated determined attacker. And it used to be perceived this oh, this was the retailer who didn’t have strong, didn’t have security but you see financial services in the past and you have seen governments.

So a focused attacker makes it in. and therefore two security officers are taking a different view with the working assumption that sophisticated attacker will come in or will start from within as in the cases of insider threat. And when you look there you look at okay, once in, how do you progress an attack and what you try to do, you're trying to behave like an employee, you are trying to behave like an insider.

And then our role obviously is you are not going to get very far as a regular employee, you want to be the strongest and to have the strongest access and have that really pop up privilege account security in the priority and also our partner in the identity governments and in access.

Thank you for that Udi. And maybe on Vaultive, so you acquired it just a few weeks before, completed in the quarter, strategically speaking and I’m using an analogy here by acquiring Conjur you are addressing the DevOp arena what arena are you covering with Vaultive specifically as it relates to your cloud activities, seems to be another small tuck in acquisitions as you guys have done in the past in a very sound way?

Yes, it’s a great question. And I think you can feel my excitement about this acquisition because it really just as you said, just like our Conjur helps us really extend applications side of our business to the cloud and to modern infrastructure. Vaultive really comes into help securing the SaaS, software-as-a-service and infrastructure-as-a-service side of our customers.

They are all feeling that a lot of - back to identity a lot of the most important things and workloads that are being managed by humans are done by SaaS administrators, by infrastructure-as-a-service, the cloud council administrators and privileged business users that are doing administrative path.

And so they look to us to give them a wider protection and extend our offering there, the beauty here is that it's also important to make it very easy for the user and an transparent and native, so provide the security but with the native cloud tools and Vaultive really brings that to the table and we actually have working demos as a partner even before the acquisition and are now really working quickly to integrate into our offering.

Thank you for that. Good luck.

Thanks Shaul.

And our next question comes from Jonathan Ho of William Blair. Your line is open.

I just wanted to start out with your commentary around the midmarket, it sounds like you are making some inroads there, I just wanted to get a sense of maybe how much this is contributing to the overall growth and has there been much of an impact from Version10 in terms of targeting that market?

I think we continued to talk about the midmarket because it is part of the of the opportunity, but the high-end of the market is really where we see growth in the enterprise, but with so much cross verticals so vertically diverse enterprises and governments is where we are see the growth and the midmarket is something we see more of the long term opportunity and that's why we view to address that more and more with our channel partners and through the managed service providers.

And then just going back maybe the DevOps question how large driven opportunity do you see this and are you just seeing set of broad interest across your customer base how should we think about the potential for DevOps maybe relative to some of the other product suites that you are selling today?

Sure. I would put it this way, every single customer meeting, every prospect or existing customer is seeing this evolution happen because there is a very clear explanation of adopting DevOps helps their business promote their top line because the faster you can release applications you are going to grow faster than your competitors, so actually across every vertical we are finding that they are either dipping their toes or there is an effort within the organization going into this and then security has two options.

They can see this train go by where - they are going to be the factor vulnerabilities built into their modern cloud infrastructure or they can actually provides a sec into the DevOps and creates a secure DevOps and the chief security officers are smart and they are getting it.

And we are seeing them wanting to touch both sides, provide a solution that keeps the company secure but do it in a way that doesn't disrupt the fast pace of developments. So I really believe it's across the board and on the enterprise side.

Thank you.

Thank you.

And our next question comes from Gur Talpaz of Stifel. Your line is open.

I wanted to ask about Vaultive and Conjur, but I want to ask about it from a different angle. Udi I want to understand are you starting to see your efforts here in the cloud and in DevOps serving as a point of differentiation versus competition and bake-off even for companies that may have not made the migration to the cloud yet or haven’t really gone in that direction, but are looking to go to do so in the future.

Absolutely yes, I think the level we engage with our customers and we put a lot of emphasis in our customer is really think partnership and think securing for the long-term. And as we discussed a privileged access security program units are not already in DevOps. They can see it coming in.

So even if they have to do and many of them still doing, what we call core privileged access security of securing credentials in their server environment domain controllers and really all the important things to block and attacker have not yet jump on the DevOps wagon. They want to know that the solution will take them there, and can take them on the journey.

And the same thing goes for securing the SaaS and the IS side of administration so absolutely we are seeing it as helping that but further breakaway we have always been the innovator in the space and further breakaway with our competitive differentiation. And in this case it’s really an enabler of digital transformation. So there's always justification to the business to go there.

That’s helpful. And maybe a quick follow-up, you talked about the push to multitenant fee and consumption based pricing for MSPs. How important do you think that architectural change and that pricing change is as far as driving or reducing some of the restriction points as part as go to market with the MSPs and SMBs?

Yes, the reason we invested in that is exactly some of them are existing CyberArk partners that were either reselling or taking on one-off hosting and engagements for their customers. A lot of customers especially as you go down market one to upload the effort to their experts that can take it. And in orders with them to operate with ease they won a multitenant environment that they can operate in an efficient way. And so there is a clear alignment there and we are helping the partner reduce their total cost of ownership of the solution.

Thanks Udi.

Thanks Gur.

And our next question comes from Howard Smith of First Analysis. Your line is open.

Thank you for taking my question. Congratulations on a strong start to the year. I wanted to dig into your kind of your work with your partners, specifically some of your integration partners and your training that they have, where are we in terms of them really been able to shoulder the bulk of the load without you in terms of implementation? And then I have a follow-up.

Yes, thanks Howard. I think we are making great progress, this time we did put up the number of how many certified CyberArk engineers are out there, but of course with every month that passes there are more of them out there. I think the greatest progress has been with the advisory firms really getting a lot of their staff trained and having the ability to take on a large part of the work, but we also partner with smaller VARs and national VARs.

And the approach we take is if they don't have the full certified staff, we at least augment them with CyberArk consultants to lead the way, so there is the partnering. I mean the most important side here is the customer and that’s the most important thing from our perspective, so go out with a partner, and make sure that either they have the staff trained and ready or we will augment them and put our experts in the field with the partners to ensure customer success.

And then I assume that the more people are trained and the more visibility you have with successful implementations with that with those partners, the easier it is for them to recommend you, etc. but I'm curious if you're seeing either in regards to success from that, or otherwise changes in the competitive set and the competitors as you approach a particularly the Greenfield opportunities?

And I would add also to the truth I mean is that with Version10 and so not only do we have more and more staff out there that can deploy CyberArk, we really simplify it, and add a lot of automation into not just the user experience that is managing CyberArk on a day-to-day basis, but also the installation implementation and the onboarding of privileged accounts after deployment. And so that combination is really helping us go after the Greenfield and we absolutely have a lot of reference that come in from happy customers and as we mentioned a big increase in the influence from the advisory firms recommending CyberArk.

Okay. Thank you.

Thanks Howard.

And our next question comes from Daniel Bartus of Bank of America. Your line is open.

Hey guys thanks for taking my questions. I just had two follow-ups related to the potential of Conjur mainly. So first I was wondering when you look at the deals you have done lately where customers go all in, in those cases how big piece of the revenue this Conjur represent, how high can that get? And then when you look at Conjur mailing about 10% revenue last year, I was just wondering what’s your view for it maybe 2018, 2019 just ballpark how do you see that evolving as a piece?

Yes. I wouldn’t say it is still a very strategic but still an early CyberArk offering, so we have few customers that are in and all-in mode, and so the opportunity is there, but it's definitely a seven-figure type opportunity within an enterprise it’s just like we have talked about seven-figure and high seven-figure opportunity with our Application Identity Manager for management for more legacy type applications that are strategic focus and it’s the same thing applies to when they take your applications into cloud and DevOps.

But enterprises really see the combination. They want our applications they measure with Conjur. They want the same solution for or holistic solution for their legacy applications and Conjur. We are not going to separate that when we talk about that but we are seeing that be of significant contribution to our revenue.

Got it. Thanks guys.

Thank you.

And our next question comes from Ken Talanian of Evercore. Your line is open.

Hi guys thanks for taking the question. I was wondering if you could give us a sense for where your EMEA pipeline stands today relative to last quarter?

Yes, I think basically we are seeing growth in the EMEA pipeline each quarter and its bigger than it was last quarter, and certainly significantly bigger than it was a year ago Q1.

Great.

And here maybe I will emphasize that we were very pleased with the EMEA performance over the last three quarters and in the first quarter I can really emphasize as the UK and Germany which are really strategic market for us, performed particularly well. And of course we are seeing that translate to pipeline offer.

Okay. And I guess as the follow-up, just thinking more broadly. Could you give us a sense for the portion of quota bearing sales reps that are new to the firm versus last quarter.

I wanted to be able to give that information right up after that, but I will tell you that we did finish sales and marketing organization at just over 500 people out of the 1053 March 31.

Okay, great. Thank you very much.

Thank you.

And our next question comes from Catharine Trebnick from Dougherty. Your line is open.

Zack Turcotte on for Catharine Trebnick. First, a just first a clarification. You mentioned some seven figure deal top pharmaceutical manufacturing companies as well as two of the top of 15 banks. These are all add on deals.

Those were examples of add on deals, yes.

Okay. And then the other one just going back to geographic split again. really a strong quarter for EMEA. I know you mentioned some organizational changes impacting that. I was wondering what impact your channel partners are having both in EMEA as well as your international expansion in general. And if there is anything in particular you would distribute the record quarter in APJ region.

I think as a trend we are really seeing that we are trending in the right direction of more and more impact of the channels both big split across all regions and we track that closely. And again it was 60% of the bigger pie in the quarter. So we are very pleased with that. And so it applies really across the board.

There is obviously more work and we are continuously investing and enabling the channel and also the product specification really helps. And on the APJ outside we also emphasize that some of the contribution were large government deals. I would say continued execution but getting that diversity that we saw in other region across verticals also happen in the APJ region.

Got it. Thank you.

Thank you.

And our next question comes from Alex Henderson of Needham and Company. Your line is open.

Hey Josh good afternoon, Dan Park on for Alex, thanks for taking my questions. So, seems like OpEx is likely to consolidate a bit as a result of the recent acquisition and increased success based investments, at what point do you expect your sort of decelerated investments a bit and achieve some more operating leverage?

Hi Dan this is Josh. I think that this year is still a year where we are investing for growth and as we see the market opportunity ahead of us with the type of top line growth opportunities we are really focused on positioning ourselves to get that growth. So at this point the guidance for the year indicates the leverage that we have in fact that we were glad to be able to increase the guidance for the year and reflecting a 19% operating margin, which will already show some leverage in the model compared to the first quarter into the back half of the year and so I think you'll see some of your answer there.

Okay great and as a follow-up, what was the FX impact your Q1 results and do you think this could even be a tailwind in the back half of the year given the recent strengthening of shekel related to the dollar?

So, we had an impact of about 400k, more less income so the negative impact of about net income of $400,000 for the year I mean for the quarter and I think as we see the change in shekel that will help us a little bit, but as I said earlier in the call we are pretty much already we are focused on the rates that it's been over the last couple quarters as we try to plan this well in advance, so the increased or the weakening of the shekel that we have seen in the last week or so may have some small impact but it won’t be material.

Okay, great. Thanks for your time.

And our next question comes from Gabriela Borges of Goldman Sachs. Your line is open.

Good afternoon, congrats on the good results. I wanted to ask about Application Identity Manager, so a little bit of commentary earlier on eight out of 10 deals including AIM and Conjur, so the question is how do you guys think about intersecting the cloud migration opportunity, with some of the work you are with system integrators, how has that progressed maybe year ago in terms of CyberArk getting to the conversation around AIM?

Yes, so thanks you Gabriela. I think especially those system integrators that have a digital transformation of a business initiative and they are smart to do that are great partners for us with the entire offering but definitely with AIM and Conjur because this is the opportunity for customers to get it right before they start rolling applications in the fast-paced DevOps and we are seeing that, again a lot of the business drivers are security but the advisory firms and system integrators have the opportunity also to make that as part of their advisory and services for cloud migration and digital transformation.

That makes sense. And the follow for Josh is on the incremental margin that you realized in 1Q off of the revenue. So the question is, if you are in a position where you are able to outperform on revenue and all the quarters this year how are you thinking dropping that to the bottom line versus maybe reinvesting. thanks

Thanks Gabriela. I think we feel pretty good about beats on the top line with a good portion of it going to the bottom line like we saw in the first quarter. And I think we have seen that typically in the past and in many quarters from our results. I don't want to commit now but I would say that we would like to, and we would plan for having some of the top line going to the operating income.

Thanks for the color.

And our last question comes from Michael Kim of Imperial Capital. Your line is open Michael.

Hi guys. Could you talk a little bit more about the add on sales and that security and primarily by multi product adoption. What are they purchasing or see the expansion. And earlier in the call you talked about some roughly about 20% penetration, so I’m curious for the more material or older customer cohort where you are seeing that customer penetration reach.

Yes. So in terms of the add on business is very diverse. The conversations we are having with customers is really to think strategically and to think programmatically. And as we guide that we help them just get a better security posture and sometime it is more seats as you called it and more licenses of existing products around Core Privilege Account Security.

And many of them have come to us early years more compliance driven and have a little pockets of CyberArk but really didn’t take a program that secures them. And we are passionate about really helping them protect this attack factor. And then in many it combines with across into the add on EPM Endpoint Privilege Manager to really secure privilege on the inside and Conjur.

Got it and just really quickly on EPM. Are you seeing acceleration in standalone opportunities, subsequent to those standalone deals are you seeing that circle back to the corporate account security suits?

Yes, I think it's really a variety, because we discuss our programs with customers we don't really accelerate the EPM as a standalone. We have deals where it had been the case. But as part of the program it can be an add-on business or it can be the place where the customer wants to start.

Got It great. Thanks very much.

Thank you.

And I would now like to turn the call back over to Udi Mokady for closing remarks.

Thank you. Our success is based on our deep relationships with customers, partners and the contribution by our great global team. Thank you all for contributing to our very strong first quarter. We appreciate everyone dialing in tonight and we will speak with you during the quarter. Thank you.

And ladies and gentlemen this concludes today's conference. Thank you for your participation and have a great day.