Sourcefire's Management Present at Citi Technology Conference (Transcript)

| About: Sourcefire, Inc. (FIRE)

Sourcefire, Inc. (NASDAQ:FIRE)

Citi Technology Conference Call

September 04, 2012, 09:45 am ET




[Technical Difficulty]

number of years in Europe, it always take time. There is always some level of lumpiness that comes with that sort of period. But we’re reaching a point of maturity right now in that part of the business and I add to that sort of the macro opportunity in securities, the maturity of our business, the time and territory and echo Marty's point, we're seeing quite the opposite. It is very, very strong for us today.

Unidentified Analyst

Okay good deal. And then if I look over the last say four, five quarters your growth rate has accelerated you know 35 plus percent I think traditionally kind of more of a 20s growth rate. Maybe you can just walk people through what you see as the drivers in the last four five quarters that's enabled that growth rate to go higher.

Unidentified Company Representative

Well we have a number of drivers since (inaudible) right now. First of, we ever knew FirePOWER platform I guess, it is not officially new anymore. It is been in market for about as long as we've seen this increased growth.

So that's certainly a driver. The FirePOWER platform is really one of the top performing security platforms out there, that allows you to -- you know really bring together some powerful security technology on a device that will scale with your business, we can scale it up, we can scale it down.

So it’s a -- that's a big driver I think the threat environment, you know people are very focused on it. You don't have to look very far to find cyber security, you know compromises in the news. We had you know Saudi Aramco was in the news recently and we had RSA in the news last year. We've had you know company after company getting big press around compromises. So with that happening, people aren't shy about taking a serious look at their security posturing deciding on what's new.

We have our expanded product mix which gives people you know more to talk about with us, with our advanced malware prevention technologies, our next-generation firewall technologies. So being a multi product company, that's helping and of course me have our channel expansion. We've been investing heavily in the channel and so it's showing results. So all those things together are really giving us a lot of ability to see some strong growth in the market place.

Unidentified Analyst

And if you were to kind of pick those apart, did you give those in any particular orders?

Unidentified Company Representative

Those were in no particular order.

Unidentified Analyst

If you were to order them, how would you order them?

Unidentified Company Representative

I would say the awareness of the threat these days and the FirePOWER platform are kind of one and two interchangeably. The interesting thing for me is that you don’t have to, I have never been a real fan of going in and giving people a scare sale. Right it’s easy to scare people with security, you just go and say, geez look what happened to this guy because he didn’t invest properly or that’s an easy case to make.

I have never felt that, that it was really necessary because it felt like by the time people were talking to me, they already knew enough to be very concerned. So, I think what’s happening now is that it’s become such a globally recognized problem that everybody is thinking, geez I really got to get on top of this and then Sourcefire comes out with its new platform that’s lighting up in our space and our network based security technology space, it's lighting up the board with its – total cost [ownership] is fantastic. It’s got the best performance numbers in the industry, the things that we do with it were at the top of the industry as well.

So you put all that together and you've got a very compelling case for, hey here is a device, that’s going to solve a lot of or address -- I don’t know about solve, security is a hard problem -- address a lot of the problems that you have with security and it has very cost of ownership and it has got a really strong company behind it.

And I think that really helps drive it as well and then you've got the channel that has this top tier device to sell and then you have the expanded story and I would say the expanded story is helping to push things along. This is something that people want to see when they are buying this -- can these guys be more than just my PS vendor or are these going to solve this problem and like I have to go find five other vendors to solve these other problems. They are seeing us expand the scope of what we can do and that helps drive buying fine behavior. These guys say hey, Sourcefire is really good at is core and I expect especially as they mature over time, they are going to be really good at the other things they have decided to take on.

I might echo to that. There is a subtle point there and I will give it a technical description and it's the quality of what we do is really, really high and so if you think about problem space, this is a really difficult problem detecting attacks. If you are detecting the attack, what can you do about it.

If an attack gets through, how do you clean it up, what do you do after the attack, very, very sophisticated hard problem to solve. So to over use a phrase that is over used, we are best of breed at what we do, but there is interesting third-party validation of our claims. It is one thing for me to come in and say we are the fastest performing platform, we have the highest levels of detection.

It is another thing for Gartner to continuously put us in the right hand quadrant for third party testers, to put as the fastest and the best performing, what that translates to, to me is the phone rings at Sourcefire. Now I don't want to oversell that, but the phone rings. When there is a tough problem in the space to solve, companies tend to call us. We are on the shortlist.

Unidentified Analyst

I guess one thing to kind of dig into on the market side, I guess if I look at the IEC stats, whatever market share counter you choose to look at. You guys are not the largest in the IPS space or even for sure the network security space. And I am wondering in the IPS space, there is only one or two vendors that are growing it appears. Everybody else is shrinking. First I am wondering is that market overall growing and then secondly in the network security space, we have similar situation. We have guys like CISCO that don’t really appear to growing, but I guess I am trying to get a sense of everybody hears you know security threats and all that and it does seem to be a pretty big mixed picture there in terms of growth. So first it is addressing the IBF side and then the broader market?

Unidentified Company Representative

Well in the IPS side, if you look at the data comes out of the Gartner, IDC, and there are few others that we put that as well. What you see is forecasted growth overtime. And what we see in the marketplace when we’re looking at competitive deals is that there are a number of market share donors out there. So we were not the biggest IPS vendor on the planet by far; but you know, we're comfortable with that because that gives us a lot of opportunities to continue to grow and it gives us a lot of really show for we do. We’re very effective and very popular especially at the top-tier companies. We always sort of form to medium-to-large enterprises and that’s because we address their problems very effectively. So I think that when you look at kind of our market share. We’re really, we are comfortable and we want to continue to expand which is why we're going down the strategic route that we are but you got this, the market mix as it stands out right now, Cisco falls out of bed in morning and they get 20% market share, by nature of who they are.

Now they are donors out there, the tipping points of the world or the IFSs of the world this is now IBM, guys who have been acquired recently are very much our market share donors even as well. When we run into them in the field, we usually, the customers are looking to really expand their capabilities and those vendors just don’t seem to, they seem to lost a step over the last several years and that’s where we have a lot of success typically when we’re going into a deal where we got to displace somebody. I think day-to-day, our day-to-day competition is something like [MACD] but really in terms of whether or not the markets is growing, we believe that it is and the industry analysts agree with us. And as far as you know the way the market share is going, it’s certainly going to up is going to McAfee and we think the UTM and NGFW vendors are picking up especially picking up more as well.

Unidentified Company Representative

I think some other aspects to, this is a little bit like the movie you saw before I’ve seen this movie, I've actually seen in Sourcefire; for those of who have a longer memory of this space they used to only be an IDS market that’s IPS Intrusion Detection became an IPS market in the same voice that's going on right now with Next-Gen Firewall and IPS, the Next-Gen IPS in UTM where is the market is one market is getting smaller and one getting bigger that same conversation happened in the mid-2000 is going from IDS to IPS.

What we did successfully in that transition as we transitioned some of the technology to provide IPS functionality but the need for IDS didn’t go away. The market continues to grow and factor a lot of customers today that deploy just an IDS mode. So that requirement didn’t go away.

So if you look at you know, what really is the job of an IPS. The job of an IPS is to do high quality threat detection. If I am being attacked, I want to be able to detected and do something about it. So for me the relevant question is, is that requirement getting smaller or larger. I am going to make the argument that's requirement is not going away, it’s getting bigger.

Unidentified Analyst

No, I agree. I guess the source of the question, where we go next is, is to where it will end up? Where is it end up coming? So you mentioned that next generation firewalls interest in lot of excitement in the market around, they kind of reinvention to firewall. I am wondering, if you could just describe the people you know you had new products at the market to think about nine months that ---

Unidentified Company Representative

No, it could be shift in December.

Unidentified Analyst

Okay, so that product there is checkpoint has their product that’s evolved, how [often] that’s kind of used on the block with a firewall, how are you selling your product your next generation firewall product is, you have I think you have a few handful of customers now at this point and what are you seeing so far?

Unidentified Company Representative

Well in the early going, we are seeing that it’s selling kind of into our traditional fire. So across all geos, across all verticals and right now it’s in the early phases. So it’s kind of picking up steam and we are doing an enterprise sell, right. So it’s an enterprise system sell which has enterprise sell cycles. So with all that [cavi] I think out of the way, it’s interesting because as John said the way that we are selling is the way that most people are selling next generation firewalls right now which is coming in behind an existing firewall and delivering application control.

This is the thing that people really spending on next gen firewalls, the driver of buying them in many cases is people want to get control of their applications and they want it to be able to start dictating how applications are used in their environment, so I don’t want my guys on Facebook all day long or Gmail is okay because it’s got two-factor authentication, Hotmail is not okay because it doesn’t; those sort of things being able to differentiate between the apps is really powerful policy enforcement capability that’s in this state today.

So, you have people buying for the [application] control and then maybe they want the IPS, maybe they want the firewall, maybe they are planning to swap off their existing firewalls, we have heard several customers who are thinking want to buy the application control now and I want to replace my firewalls in two years when end of [life] that sort of things.

So there is a lot of buyers that are buying kind of based on that criteria and around the kind of large question how we are selling it, you go in there you are not really looking to displace the existing firewall vendor most of the time. You are looking to cooperate with them, be behind them slight backup for the capabilities that they don’t have and in our case bring in our expertise and intrusion prevention and threat management as well.

Unidentified Analyst

John just curious if you, a year out, can you beat the bushes partnerships and what is going on strategically in the space. I mean is this being viewed by the industry the next generation firewall evolution has in this all of the new problem and security and the new solution.

I am wondering on the scale of what you have seen over time, how big of an evolution is this, is this evolutionary in the industry? Is it kind of evolutionary step that we see many times with different types of [taxes] have come long and need countermeasure?

Unidentified Company Representative

I think it is an evolutionary kind of activity. We need to be careful when you look at next gen firewall in my opinion as a segment and you know, I have seen this so many times over the years in this security space, with the next new hot thing is going to solve all the problems like the so called silver bullet and also look at with some level of skepticism at the claims that drifting is going to own and dominate the market, there is going to be one winner. Winner takes all in this space. Right, so I think the next gen firewall evolution is legitimate, it’s real; there is some functionality there that’s being offered up that is necessary for today’s environment. But is it the only thing that‘s going to dominate the landscape? I don’t think so. I think you are going to continue the need to provide some levels of protection before an attack, during an attack and after an attack and if you looking at what a next-gen firewall does as an example, it only provides certain levels at certain phases in the attack lifecycle. So, it's legitimate, it's real, companies like Sourcefire that play in the space, I think have a great opportunity, but is it going to own and change the landscape for everyone, remove all of the issues, it's not going to happen. It just won't.

Unidentified Analyst

Okay, I was going to ask one more question here and then put your thinking caps out there and the audience will take your questions after this one. On the anti-malware side, you've introduced FireAMP and I think about the same time a little bit before, the (inaudible). Could you talk about, I guess at a high level, it is an anti-malware solution, you are going after potentially the same dollars that say Symantec or McAfee is you know, tracking down viruses on PCs and I am wondering is this really now a convergence of the malware space and where you have potentially markets coming together that haven’t been together in the past?

Unidentified Company Representative

In terms of whether or not the markets are coming together, I think that from the standpoint of a person who actually has a problem solved. So I’ve got hackers in my environment and they've embedded themselves with malware. Great example, last year was US Airforce ground control stations, they manage their Predator Drones flying all over the world, got infected with malware. And it was in the papers and then a few days later it was back in the papers and said they tried to get the malware out and they couldn't get it out.

And they ended up putting [WinX] in all the infected systems that was there. That was their ultimate anti-malware strategy. So the problem was they couldn't characterize the attack. They had no visibility into what the attacker had done post getting into their environment.

So their answer was just basically tear up the parking lot and repave it because they had a (inaudible) and so when you look at the malware space, you look at the problem that people have and how attacks are happening these days. So many attacks don’t come in the form of a guy busting in you webserver, your mail server and then spreading out from there.

They come in the form of, you get an email from Corporate HR, said hey here is your bonus plan and you know open the excel spreadsheet, click, click, you are owned and now they have your credentials and then they wait for somebody for my (inaudible) log in the inner machine. Then they get their credentials and it is off the [raises] and they infect your entire environment, before we saw that say a couple of years ago.

You know this is how attacks are happening these days. So is it the convergence of the market or is it you know the need that the users have you know recognizing that need and getting solutions out there that are effective. FireAMP you know isn't just an end point technology. We released it in the last year, we released FireAMP for end points, FireAMP for mobile. We just released virtual FireAMP and we have network FireAMP coming out. I don't think we're going to call it that, but that's especially what it is.

Because this advanced mailer problem is that all phases of the environments that we are trying to protect today, it is on your mobile devices. It is on your endpoints, it is own your network trying to talk out to its controllers, it's all over the place.

So being able to do something about this, comprehensively one backend, looks at all the data, gives you all the reporting gives you the ability to remediate to control to have the visibility into it. It's extremely powerful, so we didn't go do this because we thought, geez there is a big market over here and we're going to go grab it.

We did it because we said geez, you know people are having significant you know compromises of their environment. They are being comprehensively compromised by attackers and they have no way to understand the scope of the compromises or to give them back out, in fact going to back to that point of this concept of the threat continuing before, during and after.

So much security money is spent on the before problem, policy enforcement and scoping the attackers and things like that, that's firewall, that's next generation firewalls, application control, patch management, (inaudible) management, the follow on that before side. In the during and after phases of the threat continuing, where I have got an attacker active in my environment now within there is embedded mailer in my environment that I can’t find. People under invest in those areas.

If you look at FireAMP, FireAMP is a technology that stretches across all three phases that can help you manage your environment before an attacker comes in, help you recognize an attack and prevent it when it’s happening and gives you the tools to scope it and be able to get it back out.

So, we see this as a logical progression of security technologies and bringing these advanced malware protection capabilities across the board, everything that we do is really important and the fact that there happens to be a very large market there that’s in high need of a high (inaudible) solution is great for us because we feel like we have really got a good handle on this.

Question-and-Answer Session

Unidentified Speaker

Got it. Alright I am going to pause here a second. If anybody in the audience has a question, go ahead and signal and I will bring around the microphone.

Unidentified Analyst

Hi, you guys touched on channel expansion as a source of growth. Are you guys at a point now where you have enough distribution or can there still be a driver for growth going forward?

Unidentified Company Representative

No, it can and should be a driver for growth. I would like to use an analogy that John Burris, our CEO used when he started really our channel initiatives and the experience base was back when he was at Citrix and when he started at Citrix, they had some small number of channel partners. I don't recall the exact number, but it was a small number and at the time everybody screened were over distributed, too many partners.

I can’t add anymore. I think by the time, he left they were approaching at 10,000 plus or minus channel partners. So I think the opportunity to continue to expand the channel exists. I don’t think you are ever really done especially as we broaden our product portfolio. But I will be careful about using a simple count of the number of partners as sort of evidence that you hit your milestone or you hit the target.

I have had the question, how many channel partners do you want to have and we really don’t have an answer to that. What we do focus on though is trying to expand our footprint and outreach and what we have opportunities to add partners that reach that goal we will do that. There is a tremendous investment in our company right now going into what we describe as the channel enablement. And while we don’t publicly call out a lot of statistics, we manage the business, the statistics inside the company.

So we look at things like how many of our partners are trained, how many are certified, how many are technically certified. How many have gone out on hunting expeditions or technical expeditions with our FBs side by side and the goal is to get partners that are independent or as independent as possible. We are seeing tremendous progress on those fronts and we will continue those investments.

Unidentified Analyst

Maybe it is a follow on to that, just in general around investing in the business that I think nobody argues what the growth rates are impressive and you've kind of held the line in profitability, see margins come up a bit. How are you thinking about, we have had at the chart now and say if you grow this fast, margins are going to go up this much, if you grow this fast, it will really go up, go up more. How are you thinking about kind of the magnitude of that growth margin trade off and where you are

[Technical Difficulty]

evidence that you hit your milestones, you have hit the target. I had the question how many channel partners do you want to have? And we really don’t have any answer to that. What we do focus on is trying to expand our footprint and our reach and what we have opportunities to add partners that we expect goal we will do that. So it’s a tremendous investment in our company right now going into what we describe as channel enablement and while we don’t publicly call out a lot of statistics, we manage the business, the statistics inside the company. So we look at things like how many of our partners are trained? How many are certified? How many are technically certified? How many have gone out on hunting expeditions or technical expeditions without our own (inaudible) side-by-side and the goal is to get partners that are independent or as independent as possible. We are seeing tremendous progress for most runs, we will continue those investments.

Unidentified Analyst

May be as a follow-on to that, just in general around investing in the business fees, I think nobody argues with the growth rates are impressive and you kind of held the line of profitability, seem like margins come up a bit and how are you thinking about we had for the chart now and say that growth is fast, margins are going to grow up this much, grow this fast, it is go up more. How are you thinking about the magnitude that growth margin trade off and where you are

[Technical Difficulty]

we feel like we're extremely well position right now to take advantage of this and so we don’t want to miss the opportunity. And situation we’ve actually take the margins down potentially to accelerate that growth.

Unidentified Company Representative

Never say never. We have made sort of we set expectations that we're not going to step back. If you look at the history of the company, we actually have higher margins in prior years, right and that was a mistake. We look back on it, we shouldn’t have been that profitable as weird as it sounds. We should have invested more heavily in the business because the opportunity was in front of us but we do have a responsibility to our shareholders. We don’t anticipate taking a step backwards but we're not going to ramp up the margin expansion in this business and as we see revenue opportunities, we see the opportunity on the revenue side expanding. We’re going to continue the investment back into the business and if we get criticize for that, I suppose that you know, that’s the penalty

[Technical Difficulty]

we’ll pay but we think it’s the right think to do

[Technical Difficulty]

we have to be a little bit careful because if you look at the history, last year we had seven continuing resolution, a budget flush did not happen until literally the end of the federal fiscal year and Sourcefire had a huge Q3 what would have been a Q4 fiscal year last year, so huge numbers.

If you look at the quarter-over-quarter compare the share versus last year, you likely not to see tremendous growth. We think we can achieve similar numbers. But we are not likely going to see tremendous growth because the comparison [isn’t] realistic. When we play the settlement annualized basis for 2012, we still see the opportunity expand in federal business by at least 5% to 6%. So that business continues to grow, could there be a budget flush, could we see something bigger, I wish I had a crystal ball up here, we start the crystal ball back for those who had been involved in that kind of business. You might see the project but you might not back to see money, and you might see the money but you might raise the clock until the end of September whether not it comes out or not.

Looking forward the election year, we're going to cautious in trying to predict that I don't think we're any smarter than anybody else right now in trying to predict what can happen. What I can say is our visibility to project our relationships with the US federal government and other friendly government is very, very strong pipelines are really good.

Unidentified Company Representative

Any of the audience questions?

Unidentified Analyst

I am going to get one more and then we are going to wrap up. So, just on M&A you did an acquisition to sort of bring in some of the technology ramps and you have generally been had a very healthy pipeline of organic product development in Sourcefire. I am just wondering how do you look at M&A, should we expect that we might see another deal like you did to bring in new product or where we are on that?

Unidentified Speaker

John is our head of our Corporate Development. So I will turn it over to him.

Unidentified Company Representative

Yeah I think I see the clock ticking but the simple word is discipline. We are going to continue to be very, very disciplined in this space. It doesn’t mean that we will or won’t do a transaction. We look at things all the time. I think if we would have characterized opportunities smaller feels better than larger. We feel very good about the organic growth of our business, if we were to do no other acquisitions. Having said that, we continue to look at things literally on a daily basis and we see the right thing that fits our strategy, technology at the right price, what position to be able to move on something, but we will be disciplined.

Unidentified Analyst

Great. Well Marty and John thanks a lot for coming. Thank you all for coming to the event and look forward to seeing you throughout the week.

Copyright policy: All transcripts on this site are the copyright of Seeking Alpha. However, we view them as an important resource for bloggers and journalists, and are excited to contribute to the democratization of financial information on the Internet. (Until now investors have had to pay thousands of dollars in subscription fees for transcripts.) So our reproduction policy is as follows: You may quote up to 400 words of any transcript on the condition that you attribute the transcript to Seeking Alpha and either link to the original transcript or to All other use is prohibited.


If you have any additional questions about our online transcripts, please contact us at: Thank you!

About this article:

Tagged: , Security Software & Services,
Error in this transcript? Let us know.
Contact us to add your company to our coverage or use transcripts in your business.
Learn more about Seeking Alpha transcripts here.