Investor Presentation
SecurityandCompliancefortheDigitalTransformation
Sumedh Thakar, President and CEO
Joo Mi Kim, CFO
May 7, 2024
Safe harbor
This presentation includes forward-looking statements within the meaning of the federal securities laws. Forward-looking statements generally relate to future events or our future financial or operating performance. Forward-looking statements in this presentation include, but are not limited to, the following list:
- our business and financial performance and expectations for future periods, including the rate of growth of our business and market share gains;
- our expectations regarding our Qualys Enterprise TruRisk Platform and the benefits and capabilities of our platform;
- our expectations regarding the growth, benefits and market acceptance of the Qualys Enterprise TruRisk Platform;
- our total addressable market;
- our expectations regarding the timing of future products and features;
- the benefits of our new and upcoming products, features, integrations, collaborations and joint solutions;
- our strategy and our business model and our ability to execute such strategy;
- our guidance for revenues, EBITDA margin, capital expenditure, GAAP EPS and non-GAAP EPS for the second quarter and full year 2024; and
- our expectations for the number of weighted average diluted shares outstanding and the GAAP and non-GAAP effective income tax rate for the second quarter and full year 2024.
Our expectations and beliefs regarding these matters may not materialize, and actual results in future periods are subject to risks and uncertainties that could cause actual results to differ materially from those projected. These risks include:
- our ability to continue to develop platform capabilities and solutions;
- the ability of our platform and solutions to perform as intended;
- customer acceptance and purchase of our existing solutions and new solutions;
- real or perceived defects, errors or vulnerabilities in our products or services;
- our ability to retain existing customers and generate new customers;
- the budgeting cycles and seasonal buying patterns of our customers, and the length of our sales cycle;
- the general market, political, economic and business conditions in the United States as well as globally;
- our ability to manage costs as we increase our customer base and the number of our platform solutions;
- the cloud solutions market for IT security and compliance not increasing at the rate we expect;
- competition from other products and services;
- fluctuations in currency exchange rates;
- unexpected fluctuations in our effective income tax rate on a GAAP and non-GAAP basis;
- our ability to effectively manage our rapid growth and our ability to anticipate future market needs and opportunities; and
- any unanticipated accounting charges.
These additional risks include those set forth in our filings with the Securities and Exchange Commission, including our latest Form 10-Q and 10-K. The forward-looking statements in this presentation are based on information available to us as of today, and we disclaim any obligation to update any forward-looking statements, except as required by law. We also remind you that this presentation will include a discussion of GAAP and non-GAAP financial measures. The non-GAAP financial measures are not intended to be considered in isolation or as a substitute for results prepared in accordance with GAAP. The GAAP financial measures, and a reconciliation of the non-GAAP financial measures discussed in this presentation to the most directly comparable GAAP financial measures are included in the appendix of this presentation.
2
Investment highlights
Industry-leading cloud security and compliance platform for comprehensive risk management
Multiple levers of recurring revenue growth
Scalable business model and industry- leading profitability
Uniquely positioned to capitalize on stack consolidation and cloud transformation
3
Challenges of measuring and reducing risk
With every tool measuring risk differently, what are the top 10 Risks?
Disparate Security Tools | |
SaaS | Code |
IT / IOT | Vuln Management |
Applications | Public Cloud |
Data
Disparate Measurement Tools
Qualitative
Severe / Critical | Category 1,2,3 etc.. |
Urgent / Low | Medium / High |
Pass / Fail |
Quantitative
10, 50, 100 | 1-5 |
CVSS
1-10
4
Extending the security eco system
Multiple siloed tools send endless alerts
Network
Exposures
Cloud
Misconfiguration
Excessive IAM
Permissions
Application
Vulnerabilities
Suspicious
Behavior
API
out-
of-the-box connectors
CSV
file uploads
REST
APIs
Qualys Enterprise
TruRisk Platform
Aggregates and Normalizes
Siloed Data Points
Discovers, Quantifies, and
Prioritizes Risk
Integrated, Actionable, and
Automated Risk Reduction
and Remediation
Collects, unifies and correlates risk factors with threat and business context to holistically measure risk
Communicates risk and insights in terms of business impact
Seamlessly recommends and comprehensively reduces cyber and business risk
5
The Enterprise TruRisk Platform
End-to-End Cyber Risk Management
Qualys TruRisk™
A natively integrated single agent, single source of truth
Discover all assets,
including external assets with business context
Asset
Management
Detect and prioritize vulnerabilities, misconfigurations
according to TruRisk
Vulnerability &
Configuration
Management
Remediate cyber risk
with automated patching and intelligent workflows
Risk
Remediation
Monitor, detect, respond and prevent
threats with risk and business context
Threat
Detection
Response
Enforce and report on compliance, audit-
ready
Compliance
AI/ML
PLATFORM SERVICES
1st Party | API | LIGHTWEIGHT | SENSORS | 3rd Party | |||
OSS | Data | ||||||
AGENT | |||||||
APPLICATIONS | OPERATING SYSTEMS | CLOUD / CONTAINERS / VMs | IT / WORKSTATIONS / SERVERS | IOT | EXTERNAL DEVICES | ||
6
Asset Management | Vulnerability | Remediation | Threat Detection | TotalCloud | |
The Enterprise TruRisk Platform
Cybersecurity Asset Management
Discover All Assets
Get inside-out and outside-in visibility of all assets with an attackers view of the network
Get Complete Asset Context & Visibility
Add business context, tags, enhance visibility by seamlessly integrating with CMDB's, Third Party & ITSM solutions, bring business context into asset criticality for managing risk
Identify Security Gaps
Detect EOL/EOS software, unmanaged assets, unauthorized software, missing business critical software, evaluate cyber risk per subsidiary, inventory open-source software, packages & libraries
7
Asset Management | Vulnerability | Remediation | Threat Detection | TotalCloud |
The Enterprise TruRisk Platform
VMDR
Measure Cyber Risk
Quantify risk across vulnerabilities, assets, and groups of assets helping organizations proactively reduce risk exposure and track risk reduction over time with Qualys TruRisk
Communicate Cyber Risk
Communicate risk across different teams, business units and geographic locations by leveraging dashboards, reports and ITSM tools
Reduce Risk Faster
Unify security and IT threat response paths for faster remediation with seamless integration between ITSM tools and path management solutions. Automate and orchestrate operational tasks with Qualys Qflow
8
Asset Management | Vulnerability | Remediation | Threat Detection | TotalCloud |
The Enterprise TruRisk Platform
Advanced Remediation
Eliminate Cyber Risk
Deploy the right remediation or mitigations based on Qualys research, Qualys TruRisk, and 25+ threat feeds
Save time and reduce MTTR
Leverage smart automation, ensure software is always up-to-date, mitigate new weaponized vulns automatically before patches are deployed, leverage virtual patching capabilities
Consolidate IT-Security Stack
Work with your SCCM, rollback mitigation when patch deployed, link
ITOps and SecOps workflows with one tool
9
Asset Management | Vulnerability | Remediation | Threat Detection |
The Enterprise TruRisk Platform
Threat Detection and Response
Protect Against Zero-day threats
Leverage behavior & AI/ML-based antivirus to thwart exploits, ransomware, phishing attacks, and zero-days
Unify VM, Patching, and Endpoint Security
Correlate endpoint threats to identify vulnerabilities actively exploited in your environment with integrated patch management
Automate & Orchestrate
Comprehensive endpoint (EDR) and Cloud Detection and Response with enterprise integrations (i.e., SIEM, ITSM, CMDB)
TotalCloud
10
Attachments
- Original Link
- Original Document
- Permalink
Disclaimer
Qualys Inc. published this content on 07 May 2024 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 07 May 2024 20:22:49 UTC.