FireEye (NASDAQ:FEYE) introduced a clever security product a few years ago to protect against unknown attacks with a low false positive rate. Its idea was to redirect suspicious traffic (high false positive rate) to a farm of virtual machines. If any of the virtual machines got infected, the traffic was flagged as an attack, resulting in a low false positive rate. This is a paradigm shift from existing products that could only check for known attacks with a low false positive rate. This article looks at some facts that have not been covered in the post-Q3 FireEye articles so far.
Q3 billings miss
FireEye reported a slowdown in billings growth in the latest quarter. Some of this was attributed to an extension in contract length. Billings are revenue plus change in deferred revenue. Therefore, billings depend on contract length. If a customer wants a long contract, it will result in greater billings.
For example, a five-year contract at $20 per year will result in billings of $100. A three-year contract at $25 per year will result in billings of $75. Even though the three-year contract shows lower billings, it yields higher revenue of $25 per year.
FireEye had a large deal in Q3 of 2014 with a contract length of five years. FireEye's management said that this resulted in the average contract length of 34 months in Q3 of 2014. The contract length in Q3 of 2015 was 30 months. Thus, the contract length itself accounts for a 13% fall in billings (34/30 = 13.33%). In other words, if we normalize for the contract length, we would have 13% more in billings. The billings issue has been quoted in the media without much reference to the volatility of the contract length. This is the CFO's quote from the earnings release:
We believe this was due to a combination of macroeconomic factors, as well as the growing pains of a new organization. Additionally, the third quarter of 2014 included a large, five-year transaction that extended the average contract length to 34 months. This created a difficult year-over-year comparison and impacted our year-over-year billings growth rate as the average contract length declined to approximately 30 months in the third quarter of 2015," added Berry.
CFO very bullish
FireEye's new CFO said something very bullish in his first earnings call as CFO. This is the excerpt from the Q&A (emphasis mine):
Gur Talpaz - Stifel, Nicolaus & Co., Inc.
Great. Thanks for taking my questions. Can you talk a bit about the growth in product subscription billings? Was there any noticed slowdown here in FireEye as a Service? Or is the growth decel really sort of optical issue due largely to the tough government comp from last year? And then maybe going one step further, could you offer sort of any view into normalized growth if we ex out the impact of that one or two large contracts?
Michael J. Berry - Chief Financial Officer & Senior Vice President
So, Gur, yeah, so the big issue in Q3 was the comparison to the big deal last year. So that's why product subscriptions only grew 15% in the quarter. I would encourage you to look at the year-to-date number. So that's 43% on a billings perspective. Even more importantly you see that in the quarter product subscriptions grew by 64% and 74% year-to-date. So without giving you more as you call the normalized run rate, I'd encourage you to look at those numbers. I think that's more indicative of the future than Q3.
This is the revenue table from the earnings release:
Two negative analysts and one positive one
Earlier this month, analysts from Wedbush and Piper Jaffray downgraded FireEye resulting in a sharp selloff. Last month, a Citigroup analyst was positive on FireEye.
The Wedbush analyst noted that he had limited visibility and talked to 12 resellers. He acknowledged that the reseller conversations did not indicate what would happen with the majority of FEYE's revenue. Most of the company's revenue comes from its direct salesforce. FireEye has 300 customers in the Fortune 500 and 650 in the Global 2000. That means, if we exclude the Fortune 500 from the Global 2000, FireEye has 350 customers in the remaining 1,500 companies. This shows that FEYE has naturally focused on the largest customers and has not yet moved down to the smaller ones (where resellers would dominate). FireEye has the majority of the Fortune 500 as customers, and is probably finding it more fruitful to get them to buy more for their vast, worldwide networks. This is something that the Wedbush analyst cannot find out about, and to be fair, has clearly acknowledged.
FireEye's CEO alluded to the complaints from the channel that Wedbush refers to i.e. making a lower-end product for channel sales and incentivizing those distributors to sell it:
We've got to get sharper against the competition. I think some of the opportunities we have with our MVX architecture can really drive at product segmentation that enables us to go after the good enough with an entry product that can really compete, but allow upsell to our more advanced subscriptions. We have to get focused on that, make sure we incent the channel properly to drive that behavior and really go after it.
FireEye's latest MVX product release in Q4 has three times the analysis speed of the previous product. That might be an opportunity for product segmentation.
I found the Piper Jaffray analyst's note confusing:
7% of respondents said they planned to work with FireEye vs. 25% a year ago. FireEye was the primary vendor for 7% of CIOs and the secondary vendor for 10%, up from 5% and 8% a year ago.
The most relevant number in my opinion would be how many CIOs in the Fortune 500 responded to this Piper Jaffray survey.
Since FireEye is focused on the Fortune 500, it is the opinion of Fortune 500 CIOs that is important (FEYE had 34 deals larger than $1 million in Q3).
In contrast, a Citigroup survey of 51 CIOs last month turned up "exceptional strength" for FireEye, causing the Citi analyst to upgrade FireEye. So it appears that the Citigroup CIO survey went to a whole different set of CIOs. The Citigroup survey result seems to be a complete contrast to the Piper Jaffray survey. Again, the most relevant fact would be what Fortune 500 CIOs think. For instance, if a big bank likes FireEye, they will gradually deploy it in their thousands of branches instead of all at once. That is why the opinion of those big customers matters; if they like the product, they will buy more and more gradually over time.
Operating losses overblown in my opinion
The critical numbers for a company like FireEye are revenue, revenue growth rate and gross margins. This is what an acquirer would look for. Most of the expenses for a company like FEYE are due to the salesforce required to sell to the thousands of enterprise customers. A large acquirer would pare away the acquiree's salesforce because they have their own. Therefore, I believe the operating losses caused by high SG&A are a minor issue.
This is different from valuing a company in the Dow Jones Industrial Average. Very few tech companies have the kind of profits that can pay dividends. Most tech companies are valued based on what they would be worth to an acquirer. For example, Cisco (NASDAQ:CSCO) bought Sourcefire at 141 times EBITDA. An acquirer can distribute an acquired product through their existing salesforce at negligible incremental cost.
Even assuming a modest 30% revenue growth rate, FireEye is trading at three times 2016 revenues of $816 million. My guess is that the growth rate would be higher than that. I base my guess on what the CFO says, because unlike the Wedbush or Piper Jaffray analysts, the CFO does not have to speculate.
Another thing nobody seems to have brought up is whether the release of the 3x speed product in Q4 caused customers to postpone any purchases in Q3.
Possible catalysts are FireEye's Q4 earnings release on February 11, and the January 28 earnings calls of Checkpoint (NASDAQ:CHKP) and Fortinet (NASDAQ:FTNT). The entire cybersecurity sector has fallen sharply this year, with FireEye down even more on a percentage basis. FEYE has fallen 34% in just 10 trading days this year, from an intra-day high of $22.48 on January 5 to an intra-day low of $14.82 on January 19. If the earnings releases of the sector are healthy, FireEye looks like a good buy in my opinion.
Disclosure: I am/we are long FEYE.
I wrote this article myself, and it expresses my own opinions. I am not receiving compensation for it (other than from Seeking Alpha). I have no business relationship with any company whose stock is mentioned in this article.
Additional disclosure: I own FireEye stock and also call options. I might sell some or all of my positions at any time. Please do your own due diligence and also get an investment adviser. I am not an investment adviser. Nothing I write should be interpreted as investment advice.