Cyber security company Proofpoint (NASDAQ: PFPT) that specializes in email security recently reported its second quarter results that surpassed market expectations. However, unlike most other cyber security companies, its stock is down 23% over the last year.
Proofpoint’s Financials Proofpoint’s Q2 revenues grew 21% to $258.4 million, ahead of the market’s forecast of $253 million. GAAP net loss for the second quarter of 2020 was $(22.6) million compared to a GAAP net loss of $(28.9) million. Non GAAP EPS of $0.51 was also significantly better than the market’s forecast earnings of $0.39 per share.
Overall demand was quite strong in the quarter with continued momentum in its email security offerings and strong performance from emerging services like Email Fraud Defense (EFD), Cloud App Security Broker (CASB), Security Awareness Training (PSAT), and Insider Threat Management (ITM) solutions.
Billings grew 8% to $250 million. Subscription revenues grew 20.9% to $254.9 million. Hardware and services revenues declined 3% to $3.5. It maintained its ARR renewal rate at over 90%.
International revenue increased to 21% of total revenue and grew 28%.
Proofpoint had cash, cash equivalents, and short-term investments of $973.3 million.
For the third quarter, Proofpoint forecast revenues of $260-$262 million with an EPS of $0.37-$0.40. The market was looking for revenues of $244.3 million with an EPS of $0.36.
Proofpoint has also updated its 2020 guidance. It is expecting a decline of 5% in new and add-on business due to the COVID-19 crisis and its impact on the global economy, and more specifically, on roughly 20% of its customers operating in the highly impacted industries. It now expects revenues of $1.035-$1.037 billion compared to previous guidance of $1.06-$1.067 billion. GAAP net loss is expected to be in the range of $(198.8) million to $(189) million. Non-GAAP net income is expected to be in the range of $106 million to $110 million, or $1.64 to $1.70 per share compared to previous guidance of EPS of $1.42-$1.48.
Proofpoint’s Product Upgrades
Work-from-home mandates following the pandemic outbreak have generated interest in its ITM offerings that ensure end-to-end protection around the employees of an organization, irrespective of where they are collaborating from. Proofpoint recently released the cloud-based version of its ITM offering in June. It enables customers to seamlessly redirect endpoint sensors to communicate and store the data collection and analytics directly in the cloud instead of a centralized on-premise server. It leads to accelerated incident response and broader unified visibility across user activity, data interaction, and threat information.
Based on this cloud-based ITM capability, Proofpoint recently launched its people-centric enterprise data loss protection (DLP) offering, which integrates DLP across email, cloud, and the endpoint. It allows enterprises to quickly respond to data loss resulting from negligent, compromised or malicious users.
The Nexus People Risk Explorer is another people-centric offering that provides a unified view of vulnerable, attacked, and privileged users. Proofpoint also released its Cloud App Security Broker (Proofpoint CASB) IaaS and DLP functionality that will expand its IaaS resource and account protection, discovery, and governance, a capability often referred to as Cloud Security Posture Management CSPM.
Proofpoint has leveraged its $255 million acquisition of ObserveIT last year to provide its ITM customers with additional visibility into their systems. The service runs on the endpoint and communicates to a central and on-premise server, allowing security teams to detect, investigate, and prevent insider threat incidents, all by delivering real-time alerts and insights into user activity.
Early this month, Proofpoint announced multiple people-centric innovations to its Proofpoint Security Awareness Training platform to help organizations with security training and enhance user experience.
Proofpoint depends on partnerships with CrowdStrike, CyberArk, Okta, Palo Alto Networks, and Splunk for providing complementary solutions and taking on bigger rivals like Microsoft and Cisco. It had several wins this quarter that were influenced by these integrations.
Proofpoint recently expanded its partnership with CyberArk, a leading provider of privileged access management (PAM) capabilities. The enhanced integration of Proofpoint Targeted Attack Protection with CyberArk’s Privileged Access Security Solution will allow organizations to identify their very attacked people (VAPs), apply additional security policies to their high-risk users with privileged access, and remediate phishing attempts. It features a combination of layered defenses that are focused on stopping threats before they reach users and apply policies and controls that ensure privilege accuracy.
Rather than depend on partnerships, Proofpoint should go for an acquisition of a capital-efficient startup that would complement its offerings. Leading vendor PAM vendor Thycotic is a good candidate. Thycotic recently acquired Onion ID to provide PAM solutions for IaaS, SaaS and databases, a market currently underserved by most PAM providers. Founded in 1996, Washington-based Thycotic has raised $4.5 million so far in venture funding and was recently named as a Leader in the 2020 Gartner Magic Quadrant for PAM.
Proofpoint’s stock is trading at $103.57 with a market capitalization of $5.9 billion. It touched a 52-week high of $133.58 in October last year and a 52-week low of $83.81 in March.