Sourcefire's Management Presents at UBS Global Technology Conference (Transcript)

| About: Sourcefire, Inc. (FIRE)

Sourcefire, Inc (NASDAQ:FIRE)

UBS Global Technology Conference

November 15, 2012, 2:00 pm ET


Todd Headley – CFO

(Mark Solomon) - CMO


Unidentified Corporate Participant

Our presenter is Sourcefire. I think many of you who follow the company you see a story that's really disrupting the security landscape in a pretty big, big way moving from IPS and the next generation firewall, which (has) significantly (broadened) their (tam).

And I think Todd and (Mark) will talk about this. Todd Headley, CFO, has been with the company for a long time, April 2003. Is that correct?

Todd Headley

Almost 10 years.

Unidentified Corporate Participant

And (Mark Solomon), CMO, (Mark) is going to be able to talk I think a little bit about the positioning and product line, help us put into perspective what's really going on. So thanks for joining us.

(Mark Solomon)

Thank you.

Todd Headley

Well, thanks for inviting us.


Unidentified Corporate Participant

I guess maybe the big question on everyone's mind has just been this expansion. You've had an amazing run in your core (Mark)et and now you've really laid a strategy to move outside and redraw the boundary and it seems like you're getting some really good signs of success (inaudible) MVP as a security earning season given your performance. So you're good at that relative to some of the other companies.

What – just help us. Bring us up to speed on where you're at right now.

Todd Headley

Well, I appreciate you saying that. Sourcefire has been a disruptor in the security industry for as long as I've been here, which is almost 10 years now. And we've been a disruptor because of the level of innovation that we've brought to the equation.

And if you looked at security today, the dynamics really set up well for Sourcfire. Networks are getting a heck of a lot more complicated. And then if you look at the bad guy side of the equation, there are nation states, there's organized crime, there are well paid hackers who are looking for any nook or cranny or crack or crevice to get into a network and exploit it for the digital assets that are just sitting there.

And if you look at the Verizon breech study, there were I believe 855 breeches last year that they looked at. And in 97% of the cases, the actual compromise was not that sophisticated.

So the bad guys actually don't have to work that hard, unfortunately, to break into the networks. So for us, the dynamics set up really well and we think in the security industry you've got to innovate.

You've got to bring true solutions to your customers that work as advertised and I think we have a history of doing that and I think our results for the last few quarters speak to that opportunity and that is we're doing a great job doing competitive replacements relative to the competition and with regard to the incremental capabilities and solutions we've brought to the (Mark)et in terms of next generation firewall and advanced malware protection.

Those are starting to build and resonate and really set us up for the future.

Unidentified Corporate Participant

Maybe if we can talk a little bit about both (NGSW) and its advanced protection, there were a lot of critics that said you were crazy to take on a bunch of elephants after you were a star in your IPS (Mark)et.

You've taken that on. You're already starting to show some signs of success. I don't know if there's an analogy you could put, whether it's we're singing the national anthem, we're in the second innings. Where are you at? You mentioned a couple big wins in (NGSW) but it's still early, right.

Todd Headley

It's still early days. I'm going to pitch it over to (Mark) because he's really smart on the product stuff and I’m the numbers guy. I can frame it this way. The next generation firewall (Mark)et is really the natural evolution of the path that we've been on.

I think when we announced the fact that we were getting in the next generation firewall (Mark)et, people really focused on the firewall word and said, well gee, how can Sourcefire do that?

If you look fundamentally at what a next generation firewall does, it's, like I said, right in our organic roadmap that we've been executing on for a while and we've brought innovation to bear there.

While others on the outside thought, wow, this is a huge sea change for the company, I'll remind them that back in 2004 Gartner had declared intrusion detections systems dead and that was principally what Sourcefire did.

And I remember walking in the office that day to a bunch of long faces and I said what's going on? And they said, well, Gartner's declared what we do irrelevant. And I said, well, are they right? And they said, well, not exactly.

But everything then was about IPS and there were some vendors that emerged onto the scene that were very focused on IPS that got to (Mark)et first from the standpoint of attention, awareness and all of those things.

But as you can see, we were an IPS company. We did a little bit of coding behind the four walls there and came out with a very compelling innovative IPS solution and, over time, it's been extremely disruptive.

And we think the same thing's happening in the next generation firewall (Mark)et. The requirement there is for a very strong and robust IPS to be included as part of that framework, application control and, of course, the firewall.

Frankly, we wish they would have called it next generation packet inspection or next generation thread awareness. It probably would have leveled the playing field a little bit and would have made more sense to investors out there in terms of our entry into that (Mark)et.

(Mark Solomon)

And the only thing I'll add is if you look at it from a customer perspective, they're just having trouble on their network, in securing their network. So you can call it a next generation firewall, you can call it a next generation IPS, you can call it they just have a malware problem.

What Sourcefire has been able to do is we brought the (Mark)et in April of 2011 the fire platform, which became the single answer to any network security question or problem that a customer has and that fire power platform is an appliance that you put on your network. It's part of your infrastructure.

Then you can turn functionality on and off via licensing. The fire power comes with the best (inaudible) IPS to start with. We believe that you have to start from the threat and take a threat-centric approach to security, so you get that with fire power and then you can turn on the control license to become a next gen firewall. You can add another license for advanced malware protection.

And you can manage all of your fire power devices through a single management console to address all of the network security needs.

Unidentified Corporate Participant

Just following on the advanced malware, we've gotten a good dose of APT for beginners here this week and all the security companies are talking about advanced persistent threats and the evolution of what's going on, some of these attacks.

It seems like a whole host of security companies are releasing incremental features that are paid for for advanced malware. Why should I pay extra for this as a customer and why – why do you think you can actually separately price this out?

(Mark Solomon)

So security in the past has been a layered approach, the defense and depth per se. If you actually go back in time – we actually did this study – and look at the changing attack vectors and the changing nature of threats, it actually happens in about a five year cycle and guess what? We're in the beginning of a new one, which we're calling advanced malware and advanced persistent threat.

So there are new techniques being utilized by the bad guys which require some additional functionality on your network as well as on your devices. And Sourcefire has come out with an approach where you can have the advanced malware protection as an additional license on the network.

We also have the fire ramp product for devices that can create a complete solution to actually get greater visibility into your environment and be able to protect your environment better.

Todd Headley

And we think customers are going to pay for a solution that actually works. At the end of the day, we've had a couple of recent partner and customer summits in both the US and Europe and (Mark) likes to ask them a standard question like why did you select Sourcefire?

And the candid response is your stuff just works. And I think that's the biggest endorsement. The difference between product and technology, customers get a checkbook out and they pay you for a product that works.

Unidentified Corporate Participant

Just so – I want to make sure we understand the mechanics of this. So I believe fire power is a little less than 25% of your base today. Is that a fair …

Todd Headley

Yes, so if you look at the fire power platform, less than a quarter of our install base is currently running fire power.

Unidentified Corporate Participant

And so you can take that and you can also take some of these advanced solutions. So when you start to look at from today versus a year ago, there is a lot of incremental cross sell.

So if you had a, let's say, $100,000 deal a year ago, with all of these new solutions, where can I come out of if I'm a customer and I’m taking all of these solutions? Is there an easy way to think of this?

Todd Headley

Yes, to try to put it in terms, if you had a $100,000 deal a year ago, that's probably $125,000 today if you get all of the items that (Mark) just talked about in terms of the control license to make it a next generation firewall and the advanced network protection.

Again, the firewall capability is turned on. It's about a 10% uplift in price and the advanced malware protection is a 20% uplift. That is on a subscription basis, however, so that will come into revenues ratably over the subscription period.

But we definitely think there's going to be a little bit of an ASP boost. We know we're not the low-cost provider in the industry but I think when you look at the robustness of the solution and how we get rated by third-party analysts in terms of the testing, there is a premium to be had there for a Sourcefire solution.

Unidentified Corporate Participant

And just correct me if I'm wrong. Advanced malware, that's now shifting. Is that correct?

(Mark Solomon)

Yes, both the devices and we just announced earlier this week the advanced malware protection fire power which will be actually order now shipping early December.

Unidentified Corporate Participant

When you think about the different end (Mark)ets you're in right now – government's been a big one, commercial and the international business, they're all on their different trajectory. But maybe starting with federal, you had an OK flush. I don't think anyone had a great flush, what they would have like to have seen.

But maybe just put in perspective what you're seeing. It is an important vertical. Obviously there are important milestones for a company that we (pastor) recently, so sequestration, the election, all of the things.

Todd Headley

So the federal government for Sourcfire has been a high teen, approaching 20% from a customer standpoint. They're an important customer but that's not the majority of our business.

What we saw this year versus a year ago was a more normalized spending trend in the federal government. So there definitely was a flush in Q3. We think we were extremely well positioned to benefit from that flush and ultimately that's what we saw when all the dust settled.

A year ago what you had happen was procurement was all but shut down for the first seven months of the fiscal year and then when it opened up there was a huge flush. It was, frankly, over exaggerated. And, again, we benefitted there.

What that ultimately made was a little bit more difficult compare for us in Q3 but we did demonstrate a little bit of growth and on our Q3 earnings call we talked about next calendar year that fed, we believe, will show growth versus 2012.

And I think that's a little bit of a sea change when you think back about five quarters when we saw shrinking budgets from an IT perspective and we all speculated that that would have to impact cyber security spending.

Ultimately it didn't feel like it impacted cyber security spending, at least not with regard to Sourcefire's opportunity. So we've been able to grow. But when you look at our growth overall, leading the charge is our international growth. Again, it's off the smaller base but that's going to be above the norm.

If you look at our US commercial business, which is about 45% to 50% of our business when looked at on an annualized basis, that's been growing at the overall growth rate and then fed has been a little bit south of there.

Certainly if fed returned to a really normalized spending environment where they actually spent what they need and want to on cyber security, we could see some phenomenal growth there. But we don't think that's going to happen in the near term.

Things like sequestration and other things could result in a little bit of lumpiness with regard to how our federal business comes in. But we think when you look at us a year from now we're going to have growth in fed. It may be modest but there'll be growth there.

Unidentified Corporate Participant

Everyone's obviously devastated by the loss of John and he put in a pretty amazing distribution network. You guys have grown 150% I believe in your channel expansion just over the last couple of years.

So from a perspective, is your goal to make the channel partners more – give more yield from the current base or are you going to keep adding more? How do you think about …

Todd Headley


Todd Headley

So one of John's hall(Mark)s and legacies is he always told us as the CEO he was here to disrupt the status quo. And I would describe us as being a channel friendly company prior to his arrival.

And when he go there, he said, guys, we have to make a commitment to the channel. They are more than capable of selling our products and we need to engage with them and have them act more on our behalf to get a lot of leverage out of them.

So when we started the channel program back in 2010, we had less than 200 partners. Today we're over 700. And even if we cut off new channel partner adds today, we think through training and certification and just general overall support in the various (Mark)ets in which they operate, we could get two to three x the capacity out of them.

But we're still adding partners, albeit at probably a slower clip than we did say earlier this year and certainly last year.

This is not a quantitative game; it’s a qualitative one because we know we could extend a lot of time, money and effort churning partners that ultimately don't want to behave in a manner that our channel program dictates.

And certainly we have behaviors that we told the partners that we'll conduct ourselves on that are very meaningful to them. We'll protect them on the leads they register with us. We'll give them more margin participation. We will spend our nickel on helping them get trained and certified.

So it's been a very positive program. We'll continue to add partners. We don't have a number in mind in terms of what that ultimate goal should be. What we are being mindful of is saturation and that is if we are truly saturated in an area we'll focus in another area because there's a ton of opportunity for us to expand our program all around the globe.

Frankly, there's opportunity to expand in terms of people on our own payroll that do (bales) and other go-to-(Mark)et activities.

Unidentified Corporate Participant

A lot of the channel guys want diversity for their clients so they can give them different choices and they've obviously put you on the list. Is there anything you have to give them to get them moving?

You mentioned better margin. Is that something upfront you're having to give them to get them comfortable and over time then maybe that margin differential can go away?

Todd Headley

Well, the margin differential is relative to the plan that Sourcefire had prior to the induction of our new channel program in 2010. I think we're on par with other security vendors in terms of margin participation. I don't think we've had to sweep the pot on a temporary basis or a sustainable basis in order to attract the partners.

So when I look at that, I think we're now more on a level playing field in that regard. Most partners make a lot more money selling services around the technology that they provide their customers.

And if you look at Sourcefire relative to who we compete with, we have a very small professional services and training group that's ultimately focused on the training and certification of our partners, not in actually big revenue dollars where we're trying to keep all of those people busy, have a couple dozen people that do professional services.

And so we actually want our partners to do the services. They make a much better margin there. And so we think we're uniquely positioned to benefit from that mind share that we're not going to compete for them for some better margin dollars on these accounts.

Unidentified Corporate Participant

Has the landscape changed at all as of late when you've shifted and gone out? Is it core IPS now to (NGSW)? Is there – it seems (inaudible) or (CheckPoint), are these guys more or is it the same from what you were saying because it seems like even (CheckPoint)'s talked about deep bundling IPS in their product suite and just selling IPS standalone as (inaudible)?

Todd Headley

No, in the core IPS (Mark)et, (defensive grade) IPS, the competition, the traditional MacAfee, HP, IBM, but as customers frankly get a little more confused and they're like do I want IPS, do I want next gen firewall, then that's when we do see other players like (inaudible) or (CheckPoint) (inaudible) that come into play.

But the reality is that if you look at our first half of this year, between (inaudible), (CheckPoint) and (Ordinet), we saw them at about 10% of qualified opportunity. So we really are serving a different (Mark)et.

We are a high fidelity, big enterprise, government play when they're more of the mid (Mark)et and SMB and we do have a small area of overlap but not big right now. We see that change a little bit but not too much.

Unidentified Corporate Participant

Is there – when you guys stack up your (NGSW) versus the others, is there something that stands out for a customer where they're like, I get it. This is very clear. It's hard for all of us because we just see the flies. But is there something nice that's really …

(Mark Solomon)

Yes, so I boiled down security into two main attributes, innovation and trust. And innovation, we've been innovating for the last 13 years but really has accelerated innovation this last year.

And the trust piece comes from products that just work, as Todd mentioned. But it's also from third-party validation. So (MSS Labs) has been doing reports on different (Mark)ets. We've been participating in the IPS test over the last several years and we have consistently been at the top in both security effectiveness and also now with the fire power platform in performance as well.

(MSS) just released next gen firewall report earlier this quarter. We announced our entry into next gen firewall in Q4 2010. We delivered our first product in Q4 2011 and Q4 of this year, through the (MSS) desk, we were ranked the number one next gen firewall in terms of security effectiveness and performance.

So from a comparative standpoint, you can listen to us all you would like. We're the best for visibility and performance.

Todd Headley

Or go to consumer reports …

(Mark Solomon)

Right, or you can go to a third party who does an independent bake off and you can see the results that they put out.

Todd Headley

I think it boils down to this, the one thing. We're a very threat centric company. Our philosophy is no matter how much money you spend on hardening your network environment and all these policies and controls, threats are going to get through and when a threat gets through it can do a lot of damage.

So you really need great detection capability and frankly even remediation capability. We call this the threat continuum, the before, during and after phases. And Sourcefire is designed from a go-to-(Mark)et standpoint. That's why in all three of those (Mark)ets now that we have a next generation firewall capability.

We obviously have an IPS capability and with the advanced malware protection, we're adding a level of visibility and control that helps you in the during phase as well as the after phase.

Our advanced malware protection can actually identify who patient zero is for that malware, where else it's propagated to, what other malware is invited to the party because that's the typical attribute of malware. You don't just get one thing. You get a lot of things.

And in a couple of mouse clicks, we can help the customer remediate it off the network, actually get the crowbar out and pry the bad guy off of there.

The competition today doesn't have that capability. When you get to that after phase, you're calling in a company to do deep forensics to figure out how bad the compromise was and you hope like heck you're not going to end up on the front page of the Wall Street Journal.

It's a really bad problem today. We intend to play in all three elements of the threat continuum. But for us, again, it's a very threat centric approach. It's not a controls and policies approach to this solution.

Unidentified Corporate Participant

In the commercial business, how much does it help that you're helping secure a lot of divisions of the government that we never hear of? Is that something that you can play up or not?

Todd Headley

We do. It's very influential. The US government are thought leaders. Frankly, it also helps us with foreign-friendly governments because behind closed doors they share a lot of information.

So we have cleared personnel who are in meetings who are talking about the extent of the problem, the current solutions, what's working, what's not working. It certainly helps us to be that well positioned at the table to understand where -- the direction that this thing is going.

It helps us innovate. Frankly, our open source communities that we foster give us a tremendous amount of intelligence as well as to what's happening on real-world networks that we think helps us keep our innovation engine going.

Unidentified Corporate Participant

You've had overall acceleration in revenue, at least for the fiscal year, if our forecast is right for the full year. So you've had pretty good acceleration in the tougher days where you've seen others decel. Are you thinking about the payoff for continued high growth in the margin or do you feel like now you can get continued good growth with stead margin improvement – just high level thoughts?

(Mark Solomon)

We traced the acceleration and revenue back to the introduction of fire power last April. We think it has accelerated hardware refresh cycles where we've gotten into accounts where we've called on that account for a couple years but it was held by a competitor. But once they saw the results and performance of the fire power platform, we got invited in and then won that account.

And so there has been an acceleration. And as we've articulated, less than 25% of our install base is running on fire power. So there's a huge opportunity just to upgrade and take care of the …

Unidentified Corporate Participant

You have to be on fire power to get next gen and malware as well?

Todd Headley

That is correct.

(Mark Solomon)

That is correct.

Unidentified Corporate Participant

So it's a prerequisite. So you've got to go.

Todd Headley

Right, and so – and fire power now also gets invited – gets us invited to a number of other opportunities. So, again, people are picking up the third party testing results and are saying, let's bring these Sourcefire guys in here and see what's going on and we're winning certainly more than our fair share of those opportunities.

So for us, we've seen growth accelerate. What we're trying to do is balance that out. At the end of the day, we look at ourselves in the mirror and we realize we're still a pretty small public company even though we've been public 5.5 years.

And we have a huge (Mark)et opportunity in front of us. It's at least three x larger than the (Mark)et opportunity we had say two years ago. It could be as high as seven x. And what we want to do is grow into that in a thoughtful way, which means you've got to invest back in the business.

It goes without saying but what we want to do is be very thoughtful and balance that out. So we've told investors we don't take any backwards steps with regard to margin expansion but don't put expectations that we're going to expand wildly because I want to make sure we invest in the business to continue to grow that top line, capture more (Mark)et share, get our brand name out there, really set us up for the future.

We have every aspiration of becoming a $1 billion revenue company in the future. We've talked very candidly in past meetings about being able to double the top line every three years and we're on trajectory again to do that this year.

All it takes is 25% growth year-over-year to do that. And we don't see the opportunity slowing down for us provided we continue to innovate. And so we think the prospects look pretty good. We want to invest into that and think of it more modestly in terms of margin expansion and we've got to be mature.

Let's say in excess of $0.5 billion in revenue, maybe pushing $700 million that you'll see a lot more expansion there.

Unidentified Corporate Participant

(Mark), thank you, appreciate it.

Todd Headley

Thank you.

(Mark Solomon)

Thank you.

Copyright policy: All transcripts on this site are the copyright of Seeking Alpha. However, we view them as an important resource for bloggers and journalists, and are excited to contribute to the democratization of financial information on the Internet. (Until now investors have had to pay thousands of dollars in subscription fees for transcripts.) So our reproduction policy is as follows: You may quote up to 400 words of any transcript on the condition that you attribute the transcript to Seeking Alpha and either link to the original transcript or to All other use is prohibited.


If you have any additional questions about our online transcripts, please contact us at: Thank you!

About this article:

Tagged: , Security Software & Services,
Error in this transcript? Let us know.
Contact us to add your company to our coverage or use transcripts in your business.
Learn more about Seeking Alpha transcripts here.