Check Point Software - Solid Performance, Familiar Worries

| About: Check Point (CHKP)
This article is now exclusive for PRO subscribers.


Check Point has boosted its top-line growth, but expansions of its R&D and sales efforts are draining the near-term margin leverage away.

Platforms like SandBlast are exciting, but the fast-follower strategy means the question of what comes next will never go away.

A deal for CyberArk would be intriguing, but CHKP as is seems undervalued below the mid-to-high $80s.

The more things change, the more they stay the same for Check Point Software Technologies (NASDAQ:CHKP). While this Israeli IT security company still has a leading presence in enterprise IT security and margins that many CEOs could only dream of, a segment of the investing world remains steadfast that the company is doomed to lose share to Palo Alto (NYSE:PANW), Fortinet (NASDAQ:FTNT), and other relative newcomers over time.

To be fair, Check Point has lost market share ... but the erosion seen in recent years has been less than the bears predicted. What's more, while Check Point's "fast follower" strategy means it will always arrive after the party has started, the company seems to have a credible platform for advanced threat detection, endpoint security, and cloud. The shares aren't dramatically undervalued, but they do trade below fair value, and I still think this is a quality idea in the tech space.

Basically On Target With Q4 Results

There's not too much to say about Check Point's fourth-quarter results, as the company produced financials that didn't include many surprises (and very few big ones).

Revenue rose 9%, with product revenue up more than 7%, blade subscriptions up 22%, and other software revenues (updates, maintenance, etc.) up 5%. Gross margin ticked up a bit (about 40bp on a GAAP basis) with those higher blade revenues, but non-GAAP operating income growth (up 6%) trailed revenue as the company continues to invest in what management hopes will be growth-building efforts in sales and R&D. Reported sales and marketing expense increased more than 21% this quarter while R&D expense was up close to 17%.

Billings slightly exceeded expectations with more than 8% growth while deferred revenue was up 16%.

Can It Follow Fast Enough?

Check Point's operating philosophy isn't to blaze new trails, but to watch what's going on in the IT security space and be a "fast follower". In threat emulation, for example, the company followed FireEye (NASDAQ:FEYE) and it has been an increasingly meaningful part of the business. The problem, though, is that while Palo Alto wasn't first here either, it has leapfrogged CHKP and serious rivals FEYE for the title of best-in-class.

Now, we'll see what happens with the company's efforts in segments like endpoint security. It acquired Lacoon about a year ago to help build this business, but will rivals like FireEye, Carbon Black, or Bromium outmaneuver them? I believe that Check Point has established a reputation for doing enough to stay relevant with its customer base (many of which include large enterprises which aren't necessary rapid/early adopters), but it won't quell the concerns on the company's future market share and relevance.

To that end, I'd also note that Fortinet and Palo Alto both outspend Check Point on R&D despite generating about 60% of its revenue. Innovation isn't always about the absolute number of dollars spent in R&D, but I do think the company is likely to continue to increase its R&D spending if it wants to regain some revenue momentum. I should also note, though, that CHKP has a history of doing small tuck-in deals of companies that aren't too far removed from the start-up stage; I think you can argue that this is in some respects similar to "back-dating" R&D spending.

CyberArk - Will It Or Won't It?

A few weeks ago, there was a lot of buzz over the rumor that Check Point was bargaining with CyberArk (NASDAQ:CYBR) on an acquisition of this much smaller (less than one-tenth the size of CHKP in revenue terms) Israeli security firm.

This would be a marked shift in Check Point's strategy, given that any deal would likely cost it over $1 billion. That said, it's an interesting asset. Where most security companies focus on keeping the company safe from attacks that come outside of the network, CyberArk focuses on securing the privileged accounts that are assigned to IT admins. These are popular targets for hackers, because if you can get access, you can pretty much bypass all of a network/company's security efforts. It likely also doesn't hurt that CyberArk is also an Israeli company and that may make it easier for Check Point to get the clearances it needs to do the deal (unlike the attempt to acquire Sourcefire long ago that was blocked by the U.S. government).

I realize that the history of adding value through large acquisitions is not good for tech (or any industry, really), but this seems like a move that would at least be worth serious consideration.

Emerging Opportunities Among Rampant Competition

Check Point believes it has the growth drivers for the coming years. The company has spent to significantly increase its sales capacity, though I think a skeptic can argue that Check Point's biggest issue isn't that it's not good at selling, but doesn't have the best technology to sell.

To that latter point, the new R80 platform does mark at least an incremental improvement. SandBlast, the company's advanced threat protection platform, may be more than just an incremental player. The sandboxing concept isn't new, but Check Point's approach doesn't run in a virtual environment. Instead, this product uses the CPU-level threat detection capabilities it acquired with the Hyperwise deal back in early 2015 and it seems to offer a unique way (thus far) of isolating and inspecting files that could contain malicious content, including a threat extraction process that should neutralize that malicious content. I think this is pretty interesting in light of the comments that Palo Alto has made in the past regarding how many/most IT security companies focus on detection/containment/mitigation and not prevention; if SandBlast works as advertised, it keeps the bad code from getting into the system to begin with.

I'm looking for Check Point to grow revenue at a long-term rate of around 5%, which I believe is around the middle to low end of most projections for the long-term enterprise IT market growth. Although Check Point has indeed been losing share to the likes of Palo Alto and Fortinet in firewalls (as have Cisco (NASDAQ:CSCO) and Juniper (NYSE:JNPR)), I'm encouraged by the steps management is taking. At a minimum, I think it will slow the overall erosion in CHKP's security market share.

I believe the software blade model will be good for gross margins, allowing a high-80%'s long-term margin, though with some erosion (around 50bp to 100bp) over time. I do believe that the company is past the point of peak margins (55.6% in 2012 and 57.3% in 2005), as I think it will have to maintain R&D spending at or above 9% of revenue and sales and marketing spending at/above 21.5% for the long term. Even so, I think the company can still generate 5% annualized adjusted free cash flow growth, supporting a fair value of about $85 today. I likewise calculate that a high teens ROE should merit a price/book multiple of around 4.5x, which supports a high-$80s fair value.

The Bottom Line

The investment theses and outlooks between Check Point, Palo Alto, Fortinet, and CyberArk are startlingly different. Palo Alto and Fortinet are fierce up-and-comers disrupting the market and posting stellar growth. CyberArk is growing very well too, but isn't nearly big enough to really be considered disruptive to the likes of Check Point, Cisco, and Palo Alto. Then there's Check Point - the established leader fighting hard to keep what it has and stay on or near the leading edge.

I still like CHKP as a company, and I think the valuation is decent. Whether or not decent is enough for you is your decision.

Disclosure: I/we have no positions in any stocks mentioned, and no plans to initiate any positions within the next 72 hours.

I wrote this article myself, and it expresses my own opinions. I am not receiving compensation for it (other than from Seeking Alpha). I have no business relationship with any company whose stock is mentioned in this article.