A recent GM Insights report estimates the global endpoint security market to grow to more than $7.5 billion by 2024 driven by the rising adoption of Bring-Your-Own-Devices (BYOD) in organizations. Waltham, Massachusetts-based Carbon Black (Nasdaq: CBLK) is a leading player in this industry.
Carbon Black’s Offerings
Carbon Black was founded in 2002 by Ben Johnson, Michael Viscuso, and Todd Brennan. It was initially known as Bit9 and was set up to provide next-generation endpoint security solutions. Its predictive cloud platform continuously captures, records, and analyzes unfiltered endpoint data to help deliver security capabilities to its customers. Its solutions help customers predict, prevent, detect, respond to, and remediate cyber attacks before they result in damaging data breach.
Endpoints range from personal devices such as desktops, laptops and mobile phones to enterprise devices such as servers, virtual machines, cloud workloads, ATMs, point of sale systems, and many more. These devices, whether physical or virtual, store sensitive data and perform critical operations for the organization and end users. Carbon Black’s proprietary platform uses unfiltered data from these endpoints and deploys a data shaping technology that smooths bursts of endpoint data activity, optimizes bandwidth demands, compresses data, and delivers a graph-like custom model for endpoint data for further analysis. Its stream processing technology, then evaluates and classifies a continuously updated series of events to identify risk and viable solutions to attacks. Its customers include enterprises and government agencies spread across multiple industries.
Carbon Black’s Financials
Carbon Black earns revenues through a subscription and license fee model for its product and by providing other support services. It has seen strong financial growth in the recent past. Revenues have grown from $70.6 million in 2015 to $116.2 million in 2016 and to $162 million in 2017. Increasing revenues have not, however, translated to profits as the company continues to invest in growth related activities. Net losses came in at $38.7 million in 2015, $44.6 million in 2016, and $55.8 million in 2017.
More recently, Carbon Black reported third quarter revenues of $53.4 million, growing 29% over the year. Loss from Operations during the quarter grew to $18.1 million compared with loss of $13.7 million reported a year ago. Non-GAAP loss came in at $0.20 per share. The market was looking for revenues of $52.7 million and a loss of $0.25 per share.
By segment, subscription, license, and support revenues grew 32% to $50.8 million, and services revenues fell 17% to $2.6 million.
It continued to grow its customer base and ended the quarter with 4,625 customers, compared with 3,335 a year ago. Growth of customers who licensed at least one cloud product grew to 2,450, compared to 1,170 a year ago.
For the current quarter, Carbon Black expects revenues of $55.3-$55.8 million with a loss of $0.25-$0.24 per share. It expects to end the year with revenues of $208.1-$208.6 million and a loss of $1.21-$1.20 per share.
Carbon Black’s Growth
During the last quarter, Carbon Black introduced its newest product CB ThreatHunter. CB ThreatHunter leverages its incident response tool and extends that capability to the cloud with added functionality including a more powerful search, improved threat intel matching, and elastic cloud scalability. By accessing the unfiltered endpoint data, CB ThreatHunter provides security teams with improved visibility into potential threats across their environments.
Last year, it also released CB LiveOps, a service that extends core functionality of its platform to empower organizations to ask questions of all endpoints, take remedial action in real-time, and simplify operational reporting. With CB LiveOps, security teams can perform in-depth investigations, conduct remote remediation, and perform on-demand vulnerability assessments, within a single solution.
Besides product expansion, Carbon Black is also expanding into newer markets. Recently, the company announced plans to grow in the Japanese market by adding in-country hosting to help organizations to meet data privacy requirements and use the CB Predictive Security Cloud (PSC). Carbon Black will also launch its first user group in the country. The group will focus on building a community of security professionals for collaboration on cyber security issues.
Carbon Black has been growing steadily for more than 16 years. During this period it, has added several smaller companies to its fold. Its last acquisition was held in 2016 when it acquired another endpoint security service provider Confer for an undisclosed sum. Confer Technologies had raised $25 million prior to the acquisition and had patented technology that used enterprise-wide telemetry and data science to analyze, adapt, and eliminate manual processes, and facilitated an intelligent and efficient approach to securing the enterprise.
Prior to Confer, Carbon Black had acquired two other companies in 2015 – VisiTrend and Objective Logistics. VisiTrend offered interactive visualization solutions for data analytics and had raised $1.3 million prior to the acquisition. Objective Logistics helped drive sales and improve guest experience in several service industries and had raised $9 million prior to the acquisition.
Carbon Black went public last year when it raised $152 million by selling 9 million shares at $19 each. Prior to the listing, Carbon Black had raised $192 million at undisclosed valuation from investors including Highland Capital Partners, Hone Capital, Kleiner Perkins, Accomplice, Sequoia Capital, Evolution Equity Partners, Founders Circle Capital, and .406 Ventures. At the time of listing, the company was valued at $1.3 billion.
Carbon Black’s stock is currently trading at $13.87 with a market capitalization of $970.5 million. It has fallen from the peak of $35 that it was trading at in June last year. The stock is recovering from the low of $11.80 in December last year.
The company has acquired smaller startups which are on the bootstrapping-to-exit route to grow its portfolio and service capabilities. The security space is perpetually full of startups. What do you think are the gaps in Carbon Black’s product portfolio and what smaller startups do you think can fill up these gaps? Is Carbon Black’s quest to move from $200 million to $500 million revenue level going to happen largely organically, or with a strong focus on acquisitions?
The endpoint security market itself has quite a few competitors for Carbon Black. Players like Bitdefender, Druva, Endgame, and LogMeIn compete in a similar market and have all received recognition from the industry.
Bitdefender has received several accolades in both Forrester Wave and Gartner Magic Quadrant reports. It continues to make significant investments into its offerings. Last year, it purchased RedSocks, a security analytics vendor, to add more capabilities to its cybersecurity solutions.
Druva specializes in cloud security, backup and disaster recovery, and the digital cloud perimeter. It also made an acquisition last year when it added CloudRanger, an Amazon Web Services backup and disaster recovery company to its portfolio. The acquisition suggests that Druva is working on incorporating backup into endpoint security.
Endgame was ranked a visionary in the Gartner quadrant and is known for building the first macOS endpoint protection against unknown threats.
Finally, LogMeIn offers one of the most diverse endpoint security solutions by providing a comprehensive endpoint management and security solution that includes anti-virus, patch management, proactive alerts, software inventory, and computer health monitoring.
Carbon Black has focused on next-generation endpoint security and threat research. It has a strong community bond through its Cb Connect network. It will need to continue to nurture this niche to successfully battle the growing competition.
This segment is a part in the series : Cloud Stocks