CyberArk Software Ltd. (NASDAQ:CYBR)
Q4 2015 Earnings Conference Call
February 11, 2016 4:30 PM ET
Erica Smith - Investor Relations
Udi Mokady - Founder, President and Chief Executive Officer
Josh Siegel - Chief Financial Officer
Karl Keirstead - Deutsche Bank
Shaul Eyal - Oppenheimer & Co. Inc.
Jonathan Ho - William Blair & Company
Andrew Nowinski - Piper Jaffray
Erik Suppiger - JMP Securities
Good day, ladies and gentlemen, and welcome to the Q4 2015 CyberArk Software Earnings Conference Call. At this time all participants are in a listen-only mode. Later, we will conduct a question-and-answer session and instructions will follow at that time. [Operator Instructions]. As a reminder, this conference is being recorded.
I’d now like to introduce your host for today’s conference, Ms Erika Smith. Ma’am you may begin.
Thank you. Good afternoon. Thank you for joining us today to review CyberArk’s fourth quarter and full-year 2015 financial results. With me on the call today are Udi Mokady, Chief Executive Officer; and Josh Siegel, Chief Financial Officer. After preliminary remarks, we will open the call up to a question-and-answer session.
Before we begin, let me remind you that certain statements made on the call today may be considered forward-looking statements, which reflect management’s best judgment based on currently available information. I refer specifically to the discussion of our expectations and beliefs regarding our projected results of operations for the first quarter and full-year 2016. Our actual results might differ materially from those projected in these forward-looking statements.
I direct your attention to the risk factors contained in the company’s Annual Report on Form 20-F filed with the U.S. Securities and Exchange Commission and those referenced in today’s press release. CyberArk expressly disclaims any obligation or undertaking to release publicly any updates or revisions to any forward-looking statements made herein.
Additionally, non-GAAP financial measures will be discussed on this conference call. A reconciliation for the most directly comparable GAAP financial measures is also available in our fourth quarter and year-end 2015 earnings press release, which can be found at www.cyberark.com in the Investor Relations section. Also, please note that a webcast of today’s call will be available on our website in the Investor Relations section.
With that, I’d like to turn the call over to our Chief Executive Officer, Udi Mokady. Udi?
Thanks, Erica, and good afternoon, everyone. Thank you for joining the call today. 2015 was another incredible year for CyberArk. Total revenue grew 56% reaching a record $161 million. Our fourth quarter was also a new record with revenues of $51 million, a 42% increase over Q4 last year. We delivered this strong growth and still generated non- GAAP net income of $35 million for the full-year, including nearly $14 million in the fourth quarter.
Cash flow from operations for 2015 was $59 million. Our global team performed exceptionally well, and I’m proud of what we accomplished. Early last year, we outlined our strategy to step up our level of investment, extend our sales and marketing reach, and enhance our product offering, we executed on our plan and our investments delivered record results.
We’re more energized than ever by the momentum in our business and the tremendous Greenfield opportunity in front of us. Our record performance was driven by strong execution and supported by increased awareness of privileged account security as a critical problem that organizations can no longer ignore. Headline breaches like the 2015 – in 2015 like Anthem, the U.S. Office of Personnel Management and VTech continue to highlight the role that unprotected and unmonitored privileged accounts play in Damaging Cyber Attacks.
Customers are moving privileged account security to the top priority list, because of the business imperative to proactively protect intellectual property and customer data ensure business continuity and meet compliance requirements. This dynamic is contributing to our success and we were very pleased to end the year with approximately 2,500 customers, including more than 450 customers organically and nearly 300 net new customers from the Viewfinity acquisition.
The vast majority of our 2015 new business engagements were Greenfield, including 8 of our top 10 largest deals. This gives us confidence that we are still at the beginning of our journey to build a major industry-leading security company. And we had great traction in add-on business with again more than a third of existing customers purchasing additional licenses or new products in 2015.
We saw strong growth across geographies. The Americas our largest region had a great year and a very strong finish in the fourth quarter of 2015. We’re also particularly pleased with our early traction in Asia Pacific region, which more than doubled for the full-year 2015. This region is rich with opportunity and we were pleased to add Vincent Goh, as the Head of Sales for APJ. Vincent has more than 20 years of experience growing and scaling enterprise sales organizations at leading companies like EMC then RSA.
Our success in the channel contributed to the increase momentum in the business. In 2015, indirect sales represented about 60% of our bookings. We are seeing increased traction with advisory firms, system integrators, and value-added resellers around the world and saw major consulting firms provide executive level influence in large opportunities.
We’re also continuing to build relationships with leading technology partners, where we integrate our products with other technologies to help customers better protect against cyber fronts. As we continue to build market awareness, the channel can create a stronghold for our business and we view this as an important growth engine.
Businesses now understand that organizations operate in a world that assumes that network perimeter has been or will be breached. The breach is almost inevitable. So security strategies need to focus on the attackers next step, which is most often to target privileged accounts, an attacker cannot operate without the credentials of a privileged insider. In this environment, it is becoming well understood that securing and monitoring privileged accounts and credentials is critical to breaking the cyber attack chain.
During 2015, we launched the CISO View industry initiative to provide a firm for the Chief Information Security Officer community to share best practices for building effective cyber security programs. During these discussions, participants called privileged account security, a no brainer. And our recent research confirm that privileged account security is now central to CISOs overall security programs. Participants in this research included global 1000 CISOs from companies like Starbucks, CIBC, McKesson, News UK, ANZ Bank and Lockheed Martin.
There may be no better example of the deep appreciation of the need to secure privileged accounts than our success in the oil and gas industry. Despite being impacted by falling oil prices, multiple oil and gas companies were among the organizations that purchased six and even seven-figured deals for privileged account security from CyberArk in 2015.
As our strong results continue to demonstrate, CyberArk is well-positioned to help our customer solve this problem. Industry experts and we believe current and prospective customers recognize that we have the most comprehensive and robust privileged account security solution in the market. We were honored to again be named the overall leader in KuppingerCole independent research report on Privilege Management that was published in 2015. We shall pass all other vendors and we’re identified as the overall leader, as well as the leader in each of the subcategories has been product leadership, market leadership and innovation.
KuppingerCole named CyberArk as the Gold Standard for Privileged Account Management, a great complement to our team, who works hard to deliver our robust innovative products. We are increasingly seeing our customers implement comprehensive CyberArk programs, not just projects. They are looking beyond Password Vaulting and are initiating enterprise wide privileged account security programs that include privileged session security, session monitoring, application credentials protection and threat detection.
Here are a few 2015 examples of both new and add-on business. We engage with a major healthcare insurance company with an extensive competitive RFP process early in the year and closed the deal in Q4. Our winning proposal included six of our products to help them secure their most critical assets. This was a great win for us, both financially and strategically, because we established CyberArk as a trusted advisor and set the stage for future expansion.
And other interesting example is an airline in the Americas that will secure and monitor those privileged accounts with CyberArk. While displacements represent a small percentage of overall deal volume, in this engagement we were up against a much larger entrenched vendor. The customer turn to CyberArk, because the incumbent solution was process heavy and could not enhance, while delivering the high levels of availability necessary to run the operations. We are excited, because this win has already opened the doors for other security initiatives within this organization. We actually have a lot of success in this vertical, closing three other airlines in various geographies during the fourth quarter.
During the quarter a large pharmaceutical company added licenses for enterprise Password Vault and Privileged Session Manager. This organization became a customer in 2014 and came back in 2015 and signed a seven-figured license deal. It was interesting to see that more than half of the customers that spent over $0.5 million with us in 2014 came back to expand their deployments in 2015. This confirms that large initial deals have significant future growth potential.
Vertical diversity was a key component of our success in 2015. We are pleased with our traction in U.S. federal market, where we continue to sign new business, develop opportunities, and nurture relationships.
The 30-day cyber security spent looks more like first mile of a marathon. And we believe this level of awareness, engagement, and satisfaction will serve us well in the future.
In addition to the government protocol and healthcare, airline and pharmaceutical examples, I mentioned, we close business in a wide range of industries, including hospitality, University, regional hospitals, law firm, airport, steel, mining, and of course, financial services and banking. Our performance in [indiscernible] also clearly demonstrated that the demand and fit of our current solution extends well beyond the top 10,000 organizations. We continue to close deals in midsized organizations, as diverse as regional retail stores, law firms, and fine art institutions. We closed the business with a dozen or so local, regional, or teaching hospitals in 2015.
And as I said before, we are in the very early innings of this market opportunity. And our addressable market is well beyond the 10,000 accounts we talked about previously. We believe that every organization, large or small, regardless of vertical needs to solve their privileged account security problem.
Innovation is at the core of everything we do, and our cloud innovations are contributing to our new and add-on business success. As organizations adopt cloud-based computing platforms, they face an increasingly complex environment, where dynamic resource provisioning creates additional challenges to securing and managing privileged accounts.
CyberArk customers benefit greatly from using a single comprehensive privileged account security solution for their on-premise and cloud-based infrastructure and applications. In the fourth quarter, we won a number of deals, including an investment management firm in the U.S. and an insurance organization that had requirements to secure privileged accounts in the cloud.
Also, a software division of the large U.S. conglomerate recently deployed six of our products to manage all of its privileged accounts that are in AWS, as well as at Amazon administrative credentials. The customer was very satisfied with the deployment and in December purchased additional license for privileged session manager, privileged threat analytics, and SSH Key Manager for its cloud environment.
In 2016, CyberArk initiated its M&A program with right success. I’m extremely pleased with the progress we have made with Viewfinity and Cybertinel acquisitions and integrations. Our sales traction with Viewfinity has been strong, and we won a number of deals in the fourth quarter already.
And just last week we announced Viewfinity 5.5, which features the first space of integration into our share technology platform and enhance reporting, along with improvements to our application control capabilities. It was great to see our R&D teams come together so quickly to deliver on this important milestone.
As the leader in the market, we have tremendous opportunity to quickly capture market share, and provide our customers with the critical new layer of privileged account security. In 2016, we plan to continue to invest in sales and marketing across all geographies and build on our success in 2015.
The R&D team is working on a number of exciting product developments that will keep us at the forefront of the innovation curve and strengthened our position as the leader in privileged account security.
Our results in momentum put us in a strong position to execute our strategy in 2016. I’m looking forward to sharing our progress with you in the coming quarters.
With that, let me turn it over to Josh. Josh?
Thanks, Udi. As Udi mentioned CyberArk had another record-setting year in 2015. Before I present the full-year numbers though, I’ll share more details on the record performance we delivered in the fourth quarter. CyberArk generated revenue in the fourth quarter of $51.5 million, up 42% year-over-year ahead of our expectations.
License revenue reached $33 million, or 35% increase over the prior year period, and representing 64% of total revenue. Our strong license growth came from both new and in existing customers, which demonstrates the power of our land and expense strategy.
Maintenance and professional services revenue was $18.4 million, increasing 55% over the prior year period. Our maintenance and professional services revenue was driven by the strength of our license business in our high renewal rate, which was well over 90%, again, in 2015.
Our fourth quarter results did include as well approximately $1.5 million of previously deferred maintenance revenue from the balance sheet, which we – which were related to license deal shift in prior quarters or recognized in the recent fourth quarter.
We had a record booking this quarter, which resulted in a book-to-bill ratio significantly over one-to-one for the fourth quarter. While we do not plan to disclose book-to-bill ratio on a quarterly basis, we did want to provide you with a bit more context about the strength of our bookings and the overall business in the fourth quarter. We continue to be pleased with our performance across all three region.
In the fourth quarter, the Americas grew 39% to $33.2 million, or 65% of total revenue. EMEA revenue grew 43% and reached $15.1 million, or 29% of total revenue and Asia-Pacific Japan grew 66% to $3.2 million, representing 6% of total revenue in the fourth quarter.
As I move through the P&L, I would remind you that all financial results except revenues will be discussed on a non-GAAP adjusted basis, which excludes share-based compensation, acquisition and secondary-related expenses, amortization of intangibles related to acquisition, and the tax effect related to those non-GAAP adjustment.
Non-GAAP gross profit for the fourth quarter was $45.2 million, or an 88% gross margin compared to $31.9 million also an 88% gross margin in the same period last year. We believe our record revenue was fueled by the investments we made across the business and in line with a strategy that we outlined at the beginning of last year.
Looking at our expenses, non-GAAP sales and marketing expenses for the fourth quarter increased 33% year-over-year to $19.4 million. We added to all of our teams across geographies, including direct sales, channel support, customer success, and marketing.
Non-GAAP R&D expense grew 53% year-over-year to $6.3 million. This increase includes expenses added by the acquisition of Viewfinity, which closed in October and a full quarter of expense added from the Cybertinel acquisition.
Non-GAAP G&A expense increased 39% to $4.4 million, as we continue to invest in scaling the business and see increased operating expenses related to being a public company. In total, non-GAAP operating expenses for the fourth quarter were $30 million compared with $21.8 million for the fourth quarter of 2014, representing a 38% increase.
Our revenue outperformance and increased productivity from all of our teams allowed us to deliver the strong bottom line results also ahead of our expectation. Non-GAAP operating income was $15.2 million compared to $10.1 million in the fourth quarter of last year. Even with our increased investments, our non-GAAP operating margin still expanded to 30% compared to 28% in the prior year period.
Non-GAAP net income was $13.8 million, or $0.39 per diluted share for the fourth quarter of 2015 compared to $7.2 million, or $0.21 per diluted for the fourth quarter of 2014.
Now, I’ll turn to our results for the full-year of 2015. Total revenue increased 56%, reaching a $160.8 million compared to $103 million in 2014. The license revenue portion was a $100.1 million, increasing 63%– $100.1 million, increasing 63% year-on-year. While maintenance and professional services revenue increased 46% over last year, reaching $16.7 million.
We showed consistent year-on-year split among our three regions. For the year, the Americas represented 61% of total revenue, or $97.3 million, while EMEA represented 31% of total revenue, or $50.6 million. The Asia Pacific Japan region more than doubled and reached $12.9 million, or approximately 8% of total revenue. We’re seeing across all the regions that customers are taking a strategic not tactical approach to privileged account security, which we believe has contributed to increasing the number of deals over $100,000.
In 2015, we did 450 transactions over $100,000 compared to 270,000 – 270 deals last year, that’s an increase of 66%. Strong vertical market distribution was a hallmark of our business in 2015. Financial service is benefiting from having our largest installed base was again our largest segment, generating about 36% of bookings in 2015.
Our healthcare and pharmaceutical vertical, however, more than doubled and represented 16% of our bookings, and our professional services and our media verticals each also more than doubled during the year. We had a strong year in government with a meaningful contribution from the U.S. Fed market, and in total, our government vertical increased by 45%, and represented 7% of the total bookings. I was pleased to see that seven different verticals, each represented 5% or more of our business.
Our annual revenue outperformance contributed to our stronger than anticipated non-GAAP operating income of $43.6 million in 2015, and the expansion of our operating margin to 27%. This is an increase from $22 million and a 21% operating margin in 2014. Our non-GAAP net income was $35.3 million, or $1 per diluted share in 2015 compared to $15.8 million, or $0.53 per diluted share in 2014.
Turning to our balance sheet. As of December 31, we had $238.3 million in cash, cash equivalents, and short-term deposits compared with $177.2 million as of December 31, 2014. We also saw a 69% increase in our total deferred revenue to $54.4 million compared to $32.2 million at the end of 2014. This increase in deferred revenue was primarily driven by new support in maintenance contracts as well as strong renewals.
At year end, just over 85% of total deferred revenue was related to maintenance contract, which compares to approximately 75% of total deferred revenue being maintenance contracts at the end of second and third quarters of 2015. But I would point out that at today’s level it is roughly the same level at just above 85% of total deferred revenue of December 31, 2014, the same as when we entered into the first quarter a year ago.
On cash flow, we generated $59.2 million in cash flow from operations compared with $23.2 million in the prior year. We ended 2015 with 644 employees compared to 430 at the end of 2014, of which 294 are in sales and marketing, up from 202 at the end of 2014.
Before I share guidance for the first quarter and full-year 2016, let me remind you that our guidance does not consider any potential impact to financial and other income and expense associated with foreign exchange gains or losses, as we do not try to estimate future movements in foreign currency rates.
For the first quarter guidance of 2016, we expect total revenue of $42.5 million to $43.5 million, or 31% growth at the midpoint of the range. Given the strength of our license revenue in 2015, we currently expect the maintenance and professional services revenue portion to be in the range of $18 million to $19 million in the first quarter.
We expect non-GAAP operating income to range between $6.9 million to $7.7 million in non-GAAP net income per diluted share of $0.15 to $0.16. This assumes $35.9 million weighted average diluted shares.
For the full-year guidance in 2016, we expect total revenue in the range of $205 million to $207 million, or a growth of approximately 28% at the midpoint. We expect non-GAAP operating income to be in the range of $39.7 million to $41.3 million and non-GAAP net income per diluted share of $0.83 to $0.86. This assumes $36.3 million weighted average diluted shares.
We wanted to also provide you with a bit of color on our cash flow. Over the last two years cash flow from operations has been in the range of approximately 5 and 15 percentage points higher than our non-GAAP net income margin. On an annual basis, given that our support contracts are typically paid 12 or more months in advance, we continue to expect our cash flow from operations to fall within this historic range. We recommend analysts use this metric to evaluate our cash flow on an annual basis, given that our cash flow from operations can vary quarterly depending on a number of factors, including general seasonality, the portion of deferred revenue related to license deals, as well as the timing of paying various tax obligations.
As a result, we do not plan to provide quarterly updates on a cash flow from operations on that on a quarterly basis. In 2016, we also expect capital expenditures to be in the range of $4 million to $5 million, which represents approximately 2% of revenue at the midpoint of the range. Based on a strong return of investments in 2015, we plan to expand our sales organizations across geographies, and direct sales, customer success channels, and to enhance our marketing programs.
We also plan to invest in R&D to continue to deliver innovation, which we believe will extend our leadership position in privileged account security. To support the business as we scale, we plan to make targeted investments in G&A as well. We believe that these investments in 2016 are critical for us to capitalize on the significant Greenfield opportunity for privileged accounts, and that we can make these incremental investments, while still delivering solid, operating, and cash flow margins.
I’m proud of our team’s performance in 2015 that allowed me to share these very strong results with you. I’m looking forward to another successful year at CyberArk.
I will now turn the call over to the operator for QA. Operator?
[Operator Instructions] Our first question from Karl Keirstead from Deutsche Bank. Your line is open.
Thank you. I’ve got one for Udi and one for Josh. Congratulations on the strong results both of you. Udi, one of your CEO appears again on the tape after the close suggesting that 2016 cybersecurity spend overall should slow, given that where you’ve moved beyond the emergency breach related phase of spending.
And I’m wondering I suspect you are all seeing a lot of clients yourself in the fourth quarter. What do you see out there, Udi? And as your guidance for 28% growth in 2016, does that reflect the assumption of any kind of a slowing growth profile? And then maybe I’ll wait for you and ask a follow-up for Josh. Thanks.
Sure. Thank you, Karl. So you are right. I think Q4 was one of my record mileage quarters visiting a lot of customers around the world. And I can tell you that we are not seeing that. We’re seeing a very healthy demand. And what we are providing is a proactive layer of security. So it doesn’t have to do with an emergency response to a specific breach.
We’ve been very consistent on that, and our customers are being very strategic in bringing this proactive security layer. That is the – one of the few measurable security measures that they can take. So we’re not seeing that. And I can also note that it’s the – anything we said on guidance has to do with our prudence of our visibility and how we believe is the right operating model to put in forward, so it does not apply to us.
Good. Thank you, Udi. And then, Josh, one of the numbers I want to focus on is the short-term deferred revenues, which at $37 million was actually down sequentially from 3Q, which we rarely see. Was part of that due to license DR runoffs into reported license and how do we square the fact that short-term DR was down sequentially with your statement that bookings were at a record level? Thank you.
Yes. So first of all, the answer is absolutely that’s what happened. As you know, we’ve been carrying since really Q2 and Q3 deferred revenues licenses that kind of a higher level than usual was we talked about it being at about 25% of the deferred revenue – total deferred revenue number.
And, in fact, when we ended the year, it was closer to 85% of the total deferred revenue being related to licenses. So, clearly, we did get some runoff on a net basis of – from the deferred revenues. We anticipated a portion – a large portion of that to come off. We didn’t – as we don’t always know the entire amount that will come off in each quarter.
We had a little bit more come up than we had actually – that we had actually guided for as well. But I would point it out and I tried to make this point in the prepared remarks that a couple of things. And one is that the 85% level of support contracts as a percentage of deferred revenue is the same level that we entered into 2015 with where we were able to present the strong year that we had in 2015.
And the reason why we also want to provide the color on the book-to-bill. When we talk about book-to-bill, it’s around – the bookings received for orders and that doesn’t necessarily go into the deferred revenue, if we haven’t shifted yet.
Got it. Okay. Thank you both for that color. Congrats.
Great. Thanks, Karl.
Our next question comes from Shaul Eyal from Oppenheimer. Your line is open.
Thank you. Hi, good afternoon, guys. Congrats also [indiscernible] results and outlook. Udi, in the press release you talk about privileged accounts management solution as they must have new layer of enterprise security. And indeed the past few quarters indicates that is the trend. From a big picture perspective, do you think – do you feel that your customers are beginning to get the method, or should we be in a way thinking of privileged accounts management the same way we started about this five already moved and 15 or so years ago?
Yes, Shaul, thanks. First of all thank you. I definitely would compare it to the firewall market market in those early days where it was very clear that you have to put a firewall market on please before you can connect to the then emerging Internet. So it’s a very similar trajectory where there is growing – ever-growing awareness that since the breaches will make it on the inside. And since they have to fill credentials, you have to put this layer in place.
And so we’re seeing that continue to grow that we still have sales cycles with education, but we are seeing much more awareness on Chief Information Security officer level. You saw that folks that attended our survey talked about it as a no-brainer layer just to put in place and definitely considered a must-have to put in place. The more our customers are becoming strategic. They are actually refereeing it to the CyberArk program and that’s a CyberArk project, because it’s something it’s the layer that they need to take deep and wide across the – their enterprise.
Got it. And one for Josh, how would the [indiscernible] trends during the month of the quarter was a typical fourth quarter? Was it a big front-end loaded this specific quarter?
I think on revenues it was actually a very much – is very much in line. We typically will see 50% in the first two months and 50% in the third-month. What I would say is, when we talk about getting orders though was – there was a pretty big hockey stick in December.
Got it. Fair enough. Thank you.
Thank you, Shaul.
Our next question comes from Jonathan Ho from William Blair. Your line is open.
Guys, let me echo my congratulations on the strong quarter. Just to start out with the Viewfinity, can you talk a little bit about how that business performed relative to your expectations, and how much of a driver the synergies on costs how can be for the business in 2015?
Great. So as I mentioned in our notes is, it was a very, very smooth integration. And we basically closed the deal in October and already has deals going on in Q4. And actually strong growth where on that product line, we’ve seen ourself doubling from previous years, when we were reselling a product to the team. We have the opportunity in January to really launch it to the full sales kick up that we do. And then we can see that it’s an integral part of the privileged account security message.
And they are taking it to market as we speak even with a strong start of pipeline into the year. With version 5.5, we actually already had this integrated into the platform. And so our sales teams can position it as a part of the privileged account security platform and allows us to expand privilege to the endpoint.
Got it. And then just when we think about sort of the nick of balance between investments and showing profitability. I just wanted to get a sense from you guys. Do you feel like 2016 is like 2015, where there is just a lot of pent-up demand. I mean, I just want to get a sense for how you’re looking at this, as you look at the opportunities and sort of the trade-offs in 2016?
Yes, I think, I will start here, Jonathan, thanks for joining the call. I think the way we’re looking at 2016 is pretty similar to the way we were looking at 2015. And in that way we are not just looking at one year, we are actually looking at multiple years. We are looking at 2016 and 2017 and beyond, because we really feel like we are in the early innings of this Greenfield opportunity.
So you’re talking about still trying to be aggressive on the investment side. But in the CyberArk way, where we know how to do it and still provide very strong operating model behind that investment with profitability and cash flow generation. So we are going into 2016 similar to how we wanted to 2015.
Great. Thank you.
Our next question comes from Andrew Nowinski from Piper Jaffray. Your line is open.
Okay, congrats on a nice quarter. Just a quick housekeeping question for Josh and then one for Udi. If you look at your operating margin, Josh, versus your guidance in each of the four quarters in 2015, it look like you consistently guided pretty conservatively and delivered a significant outperformance. So is it fair to assume that your guidance for operating margin Q1 is just as conservative as it has been historically?
Historically, our operating guidance – our operating margin has outperformed really almost dollar per dollar on the outperformance on the top line. We had a discipline in the company to get a maximize efficiency and execution out of our sales and marketing teams, keep meaning that we kept within our budget, our OpEx plan budget, and we exceeded our revenue line.
So, to that extent, I wouldn’t say the margin was conservative. We just outperformed on the top line and it flowed through in the bottom. Being a software company with 86%, 85% to 87% gross margins on any given quarter, we expect similarly that if we outperform on the top line a good portion of that would flow through to the bottom line as well this year.
Got it. Make sense. And then, Udi, the federal government budget proposal came onto the just as spending on cybersecurity will increase by 35% year-over-year. And they highlighted a focus on se authentication some other technologies that fit into your markets. So I’m just wondering how you view that proposal and how you feel about your position within the federal government market specifically whether you need to accelerate investments there?
Great, Andrew. I think as we alluded in our Q3 earnings it was a record for us in the federal market and we saw a great growth. But we also didn’t see just be a sprint and stop, but a lot of pipeline being built with a lot of long-term projects and programs opening up. So this recent announcement just set light on what we’ve been seeing even in the Cyber Sprint privileged account security was one of the top three or three or four only measures that were listed in there.
They need to put more controls over privileged users. They need to enforce strong authentication actually leads customers to use privileged account security to eliminate our access, that is not through to factor, and we’re a good way to help the government sector do that.
So we are investing in it. Our plan was assuming continued demand in it and everything Josh alluded to has to do with investing and going after this vertical in the U.S. And actually in the long-term, we’re also going after it from a global perspective, because while some countries are behind, but we’re seeing the public sector worldwide also wake up to this.
Great, thanks. Keep up the good work.
Thank you, Andrew.
Our next question comes from Erik Suppiger from JMP Securities. Your line is open.
Yes, congratulations. First, just a clarification, you had said that $1.5 million came out of the deferred revenue account. Can you just be more specific, was that the license revenue that came off. It would appear have been a larger piece that I would have expected?
Yes, so there were two things that came off as a deferred revenues. What we alluded to in the – with regard to support maintenance, there was about a $1.5 of support and maintenance contracts that was part of the deferred going into the quarter. And that was related to a bunch of licenses that were also on the deferred that were recognized in the fourth quarter, because if we defer the license, let’s say in Q2, where you can’t recognize the maintenance until you actually you recognize the license. So when we recognize the license that we may have delivered in Q2 now in Q4, we also got a catch-up on those six months worth of maintenance. And that catch-up over those deals amounted to a $1.5 million in support contracts.
There was a much larger component of license contract that came out of deferred, those are correct?
Yes. Then – so in addition to maintenance contracts that came out of deferred catch-up and regular, there was also licenses that every quarter there were licenses that come out of deferred. But I gave you the statistics where at the end of Q3, where we were 75% where we were 25% of the total deferred revenue was licenses at the end of Q4 was 15% of total deferred revenue was licenses. So there was a net flow from the licenses into revenue in Q4.
And the other thing I pointed out was that was basically where we ended at the end of December was the same level that we ended a year ago at the end of 2014, that’s where we entered 2015 with about 15% of the total deferred being licenses. And then during the year, it went up and down based on various inflows and outflows of license deals as every quarter occurs.
Okay. Cisco reported yesterday and noted a pause in January. And I noticed your March quarter outlook, as I think a larger seasonal downtick, is there an element, but you had said that you see demand is very strong, is there an element of a pause in terms of your outlook for the March quarter that is consistent with what Cisco was seeing?
No, I don’t think we look our pipeline and our visibility based on what we are seeing and where we are looking at a 31% year-on-year growth at the midpoint for guidance on Q1, which we think is a strong start to the year and we don’t see necessarily any unusual or pause or anything different. Last this quarter Q4 was a quite that was a record quarter. Q4 as well of 2014 was also a huge record quarter for us. So I think it’s a bit difficult to know that the –being reduced from last quarter whether, compared to a year-ago I’m not sure yet is a real trend, but we feel like we have good visibility, we talked about our book-to-bill, for the fourth quarter being significantly greater than one for the year and so we are going into the first quarter with solid differed revenue and good backlog on bookings. And as well as the visibility on the pipeline.
Okay. And then my last question is just how much you’ve talked about the CISO being much more aware than they had been maybe as much as a year or more ago? But how much of your business now is driven by selling into the operations area where you are providing privileged account management for IT versus how much of it is driven by security?
So I think that even historically we always touch both sides, because at the end of the day and that’s part of the beauty is that our solutions are used by the secure the IT layer, and are actually in many cases are making it easier for the IT operations to perform what they need to do. So it’s mostly security driven, but it involves IT operation I think what we’re – what I was alluding to is that we just moved up the chain from it was the director of security was aware that this the Chief information security officer is aware and CIOs are aware of the importance of the privileged account security layer. As I mentioned earlier, there’s a lot of education, both Sony and some office to personal management to the – what happens both region, and how important is to put this in place. So in the sales cycle, we involve security, but we’d also serving the IT operations.
All right, great. Let me – expanding on that. How often is the privileged account deployed largely just for the IT users versus the more business user?
So, I think the beauty is that the use of the software is most often for the IT user in terms of when they need to perform IT operations and come in with privileged access. But behind the scenes the way to suffer has deployed and privileged accounts recover are all pieces of the infrastructure. So it basically applies to every application potentially every server, every desktop. Viewfinity is our – is the solution that really expanded to all business users, where we allow them to transparently benefit from running, at least, privilege, and of course, this is a new and exciting part to our business?
Very good. Thank you.
Our next question comes from [indiscernible] from Evercore ISI. Your line is open.
Hi, thanks for taking my question, and congrats on the quarter. One thing I wanted to ask is, are you seeing any increases in initial deal size?
Hi. We are seeing – what we are seeing is more products being bought. And in terms of new customers we’re seeing it pretty much – it’s been growing kind of each year. And also with regard to existing customers, we are coming back, they’re taking larger chunks. Overall, we’re seeing more products coming in, in terms of deal size. We’re still, I would say, on average, roughly around a 100 K on – 100 K plus on average deal size hasn’t moved dramatically up. But what we’re seeing is a bigger pace of new customers and also existing customers continue to come back to us at the same pace of, at least, 30% of them.
And along with that, I mean, when you look forward, do you expect sort of a lifetime value from those customers that are coming on to remain roughly the same. And does that change as you start to get to involve with systems integrators, for example?
But we see the value of each customer going up each year, because first of all, we keep adding new products all the time and they’re coming back and buying those products. And if we think about kind of the footprint that customers are coming and taking CyberArk product, again, we talked about an increase of our over 100 K deals of 66% last year. And I think the year before that it was the increase also of around 70%. So we’re definitely seeing customers coming back and taking a lot more real estate in CyberArk products.
Okay, great. Thanks, guys.
[Operator Instructions] Our next question comes from Catharine Trebnick from Dougherty & Company. Your line is open.
Hi. Thanks for taking my question. This is Jack on the line for Catharine. One quick question for Udi. Can you provide some color on the competitive landscape. Are there any specific competitors you’re seeing competitive backups? And have you seen any signs of price competition in this space?
So actually that we haven’t seen any change in the competitive landscape. I think in this past year, we even increased our leadership and the gap. We’ve opened up, of course, it was measured by IDC. And as I mentioned KuppingerCole report that really put us as the market leader out there. So I think it’s still what we see is the mix where you have the large platform at any legacy at any access management vendors, and then point vendors with limited capabilities, where we have been continually expanding the platform and opening up gaps organically and inorganically.
Great. Thanks and congrats on a great quarter.
Thank you. Thanks, Jack.
And I’m showing no further questions at this time. I would like to turn the call back over to Mr. Udi Mokady for closing remarks.
Thank you very much. I’m very proud of our team for delivering such a strong year. I wanted to thank our wonderful partners, customers, and employees who contribute everyday to the success of CyberArk. And thank you all for joining us this evening. Thank you.
Ladies and gentlemen, thank you for your participation in today’s conference. This concludes the program. You may all disconnect. Everyone have a great day.
Copyright policy: All transcripts on this site are the copyright of Seeking Alpha. However, we view them as an important resource for bloggers and journalists, and are excited to contribute to the democratization of financial information on the Internet. (Until now investors have had to pay thousands of dollars in subscription fees for transcripts.) So our reproduction policy is as follows: You may quote up to 400 words of any transcript on the condition that you attribute the transcript to Seeking Alpha and either link to the original transcript or to www.SeekingAlpha.com. All other use is prohibited.
THE INFORMATION CONTAINED HERE IS A TEXTUAL REPRESENTATION OF THE APPLICABLE COMPANY'S CONFERENCE CALL, CONFERENCE PRESENTATION OR OTHER AUDIO PRESENTATION, AND WHILE EFFORTS ARE MADE TO PROVIDE AN ACCURATE TRANSCRIPTION, THERE MAY BE MATERIAL ERRORS, OMISSIONS, OR INACCURACIES IN THE REPORTING OF THE SUBSTANCE OF THE AUDIO PRESENTATIONS. IN NO WAY DOES SEEKING ALPHA ASSUME ANY RESPONSIBILITY FOR ANY INVESTMENT OR OTHER DECISIONS MADE BASED UPON THE INFORMATION PROVIDED ON THIS WEB SITE OR IN ANY TRANSCRIPT. USERS ARE ADVISED TO REVIEW THE APPLICABLE COMPANY'S AUDIO PRESENTATION ITSELF AND THE APPLICABLE COMPANY'S SEC FILINGS BEFORE MAKING ANY INVESTMENT OR OTHER DECISIONS.
If you have any additional questions about our online transcripts, please contact us at: firstname.lastname@example.org. Thank you!