FireEye: Why Did Goldman Sachs Flip So Fast?

| About: FireEye, Inc. (FEYE)
This article is now exclusive for PRO subscribers.


Helix and growing cyber segments are raising bullish sentiments for FEYE.

Back-to-back notes by Bank of America and Goldman Sachs are raising hopes about the near-term trend towards a renewed growth narrative.

Is the growth narrative accommodative of the profitability playbook?

Image result for fireeye helix

Bank of America recently raised the bullish sentiment on FireEye (NASDAQ:FEYE) when it upgraded its rating from Neutral to Buy.

Chart FEYE data by YCharts

According to Tal Liani of Bank of America:

"… We identify three key drivers for growth, serving as potential catalysts for the stock: There are 6,000 appliances that are due for a refresh, representing $200mn of market opportunity. New products: Cloud MVX Smart Grid, Helix, enhancements to FireEye-as-a-Service and the next gen endpoints. Third, improvements to its go-to-market, recently adding new sales leadership, removing sales capacity constraints, and substantially reducing the channel partner conflict. We think the Street largely ignores management’s guidance for growth resumption in 2H17, which is an opportunity for a positive surprise."

Now, while all the above is true, all still boils down to execution, the competitive landscape, and timing. These bullish signals have been around before the warning from Gabriela Borges of Goldman Sachs.

According to her note:

The Street “continues to underestimate the challenges associated with transitioning from high-end hardware-based security products to a broader subscription/services portfolio” whilst competition is “high,”

The note ended with a downgrade from $15 to $10.

The bearish narrative has played out to perfection in recent months, and the two theses (Goldman Sachs and Bank of America) established a bearish and bullish bar for FEYE until the Goldman Sachs thesis turned 360 again.

In a new note by Goldman Sachs:

Street 2017 product revenue and billings estimates have been materially reset, with a mix shift to recurring revenue occurring faster than we expected, and increased detail on the pricing model for Helix. We believe the introduction of Helix, an advanced analytics platform, addresses many of FireEye’s previous challenges by reducing total cost of ownership (TCO) by 33-50%, and streamlining the company’s go-to-market under its new head of sales. As the new model comes into focus, we expect more consistent execution and FCF generation.

The Goldman Sachs price target is back to $15. That was fast given that Helix is still in beta.

What is the new product refresh truly worth?

The average analyst revenue estimate for FY 2017 is $766M. Out of that, we expect product revenue to come in at 10-15% percent of revenue. The reason for this is based on two trends.

Firstly, the low-hanging fruits have been picked. If Palo Alto Networks' (NYSE:PANW) recent performance is anything to go by, it’s a strong indicator that focusing sales effort on appliance sales will be a risky bet. The bulk of the so-called Fortune 500 companies, which are mostly security-conscious, already have a vendor they are loyal to. In most cases, they have more than one and are now planning to cut down on spending by reducing the number of security appliances on their networks, a strategy which was counterintuitive from the get-go, given that more security appliances equal increased likelihood that we have a flawed box which can be pawned by attackers. Essentially, the security appliances could themselves be used as backdoors into networks they are meant to protect.

The second driver for the reduced outlook on product growth is based on the mix shift into cloud-based security offerings. Given that FireEye has recently released a more robust cloud-based solution called Helix, some customers might be hesitating to refresh and rather opt to try out Helix, which will simplify their network security configuration going forward.

As a result, whatever multiples expansion signal for a bullish valuation akin to what Bank of America has proposed should be sought for in attached and not attached subscriptions. These include FaaS (FireEye as a service), iSIGHT Intelligence and Cloud MVX. These subscriptions represent the fastest growing security segments in 2017 encompassing SIEM, threat intelligence, mobile and cloud security.

Deal sizes will be driven by the desire for CISOs to cut down on excess spend as they seek a more simplified security architecture. Deal sizes were down in 2016, and I expect the flattish allocation to security spend to continue in 2017 as attacks move from state sponsored and ransomwares to more geopolitical-driven campaigns.

The downward trend in deal sizes will drive the need for a more retentive go-to-market strategy. With renewal rate at +90%, it is important that FEYE keeps its customer base as it transitions to a subscription-based model where it can easily upsell as against the headwinds from OPEX, which will be required to land new logos given the near-term vision to be FCF positive by the end of the year.

As a result, I think the growth narrative will not be accommodative of the profitability story given the significant OPEX required to keep and increase market share.


Going by the bullish price target of $18, FEYE will have a P/S multiple of 4.17 using shares outstanding of 177.51M and the average FY17 revenue estimate of $766M.

However, that is assuming renewed growth, which cancels out the profit narrative. FEYE’s debt and net cash position are not accommodative of significant artificial growth inflation via an acquisition and the mix shift towards more mid-size and low-end deals means the growth story hovers around its ability to upsell to existing clients. In short, the near-term growth trend is not supportive of significant multiples expansion since product growth (projected to decline) drives subscription growth and billings growth are currently lagging revenue growth.


The previous Goldman Sachs bearish thesis might play out for one or two more quarters before we witness a significant resurgence in the growth narrative. In the absence of a major cyber-attack or data breach, I expect the sentiment towards cyber security stocks to continue to trend towards more margins compression as investors digest the fading growth narrative of big players like Palo Alto. Therefore, I see FEYE trading in a narrow valuation range until the back half of the year when product refresh becomes accretive towards growth and FCF yield.

I reiterate my HOLD rating with a price target of $15 based on an acquisition at a reasonable premium.

Disclosure: I/we have no positions in any stocks mentioned, and no plans to initiate any positions within the next 72 hours.

I wrote this article myself, and it expresses my own opinions. I am not receiving compensation for it (other than from Seeking Alpha). I have no business relationship with any company whose stock is mentioned in this article.