Qualys (NASDAQ:QLYS) reported first-quarter financial results on Tuesday. The transcript from the company’s first-quarter earnings call has been provided below.
This transcript is brought to you by Benzinga APIs. For real-time access to our entire catalog, please visit https://www.benzinga.com/apis/ for a consultation.
View the webcast at https://edge.media-server.com/mmc/p/ggn7rfoq/
Summary
Qualys reported a 10% year-over-year revenue growth for the first quarter, reaching $175.6 million, with channel partner revenues growing 17% and accounting for 52% of total revenues.
The company is focusing on strategic initiatives, including partnerships with OpenAI and Anthropic to enhance their AI-driven cybersecurity solutions, and a new partnership with Converge Insurance to link cybersecurity strength to business outcomes.
Qualys is expanding its Q Flex beta testing to improve customer adoption of its TTM platform, with plans for a full launch later this year.
The company is forecasting full-year 2026 revenues to be between $721 and $727 million, representing a growth rate of 8 to 9%, and expects EBITDA margins to remain in the mid-40s.
Management highlighted a positive outlook due to increased demand for automated remediation solutions in response to AI-driven cyber threats, with continued investment in sales and marketing to drive growth.
Full Transcript
Ned
Agenda. In addition to a growing list of nearly two dozen certified MROC partners beginning to actively launch new services, we are seeing momentum build across all geographic theaters with a strong focus on AI-native ROC. For example, one of our largest MROC partners is now in the process of bringing a ready AI-native ROC to market powered by our ETM and automated remediation solutions. Additionally, through our Strategic Alliances initiatives, we continue to drive deep technology integrations, co selling opportunities and demand generation programs to drive innovation in security research through the latest Frontier models. We have partnered with OpenAI in their trusted Access for Cyber program and Anthropic in their Cyber Verification program to advance our vulnerability and threat intelligence and allow customers to ingest these findings into ETM for further detection and remediation. On the cyber insurance side, we are also pleased to announce a new strategic partnership with Converge Insurance leveraging the Qualys ETM solution to help their customers demonstrate strong security hygiene and qualify for meaningful premium reduction advancing our vision of tying cybersecurity to business outcome for CISOs, further supporting our growth trajectory in Q1. We continue to expand beta testing of Q Flex designed to help customers accelerate and broaden their adoption of the QUALYS TTM platform based on strong early engagement and positive feedback. We plan to build on this momentum by proactively identifying opportunities to extend QFLEX to select customers and partners with a go live date planned for later this year. And finally, as the federal government seeks to garnish greater efficiency and replace outdated and costly on prem deployments from years past with modern cloud native risk management solutions, we are especially excited to host our third annual federal conference in Washington D.C. towards the end of this month. We have made good progress growing our federal business and advancing our FedRAMP high status with large federal agencies and we continue to believe this market will fuel a new leg of growth for the company over time. In summary, we are pioneering a new category in pre breach risk management by bringing autonomous exploit validation, risk quantification and zero-day remediation together within a single AI driven risk fabric that redefines how enterprises operationalize cyber risk. Complementing Frontier model discovered vulnerabilities Our platform leverages proprietary domain data, real time telemetry and deep operational context using sensors and agents behind the firewalls to continuously discover assets, validate exposures, quantify risk, remediate threats and enforce company specific policies which are unavailable in the public domain. This is driven by over two decades of processing petabytes of structured telemetry combined with industry leading threat intelligence in a closed loop system that compounds across thousands of customer environment every day. Frontier models are powerful and accelerate backpack analysis and triage. However they need to be paired with a highly reliable control plane to consistently enforce accurate policy and compliance outcomes across live hybrid environments. This is where the unique value proposition for Qualys customers live and it requires determin deterministic, auditable, repeatable and trusted execution with effectively zero tolerance for error. With attacks moving at machine speed and increasingly requiring defenses that learn and respond in real time, closed loop agent to agent orchestration governed by policy and harnessed by flexible model choice act as a force multiplier, further enabling precise risk quantification, safer remediation and even faster and more deterministic outcomes at scale. For qualys this means our massive data context, LLM and SLM integration and trusted execution serve as the system of record for pre-breach cyber risk management and translate AI into a packaged ROC automation platform that delivers customers measurable risk reduction, zero-day remediation, govern outcomes and immediate roi. With that I will turn the call over to Jumi to further discuss our first quarter results and outlook for the second quarter and full year 2026.
Jumi
Thanks Ned and good afternoon. Before I start, I’d like to note that except for revenues, all financial figures are non GAAP and growth rates are based on comparisons to the prior year period unless stated Otherwise. Turning to first quarter results, revenues grew 10% to 175.6 million. The channel continued to increase its contribution, making up 52% of total revenues compared to 49% a year ago. Revenues from channel partners grew 17% outpacing direct, which grew 3%. As a result of our strategic emphasis on leveraging our partner ecosystem to drive growth, we expect this trend to continue. By geo, 15% growth outside the US was ahead of our domestic business which grew 6%. US and international revenue mix was 55% and 45% respectively. In Q1. As expected, there was no meaningful movement in our net dollar expansion rate, closing the quarter at 104%, slightly up from 103% last quarter. More importantly, we’d like to turn to a new metric that we plan to disclose going forward on a quarterly basis. Net dollar expansion rate of customers with prior year purchase of ETM or CSAM subscriptions. We believe that this metric is currently the best indicator of success of our ETM strategic initiatives. With ETM innovation having stemmed from strong customer demand, we anticipate ETM adoption to drive higher net dollar expansion rate. However, given that ETM adoption is still in its early stages, we have decided to include CSAM customers in this cohort so that the metric has more weight to it. In addition, as a reminder, ETM is essentially an upgrade from csam, so we believe that this is an appropriate baseline to track and measure going forward. In Q1, the net dollar expansion rate of ETM CSAM cohort was 107%. As more customers move into this cohort, we hope to see consistent and meaningful improvement to our overall net dollar expansion rate and thereby driving accelerated revenue growth. Moving on to product mix, our differentiated new products continue to drive growth. First, ET and C STEM combined made up 11% of total bookings and 14% of new bookings on an LTM basis in Q1, up from last year’s 8% and 9% respectively. Next, patch management made up 8% of total bookings and 15% of new bookings on an LTM basis in Q1. This compares to 7% and 16% respectively in Q1 of last year. Lastly, total cloud made up 5% of total LTM bookings in Q1, unchanged from a year ago. We believe that these differentiated products combined will increase contribution to bookings in 2026, given our opportunity to increase market share and maximize share of wallet. Reflecting our scalable and sustainable business model, adjusted EBITDA for the first quarter of 2026 was 83.3 million, representing a 47% margin. Same as last year, operating expenses in Q1 increased by 8% to $67.5 million, driven by investments in sales and marketing, which grew 17%. With this strong performance, EPS for the first quarter of 2026was 1.95 per diluted share and our free cash flow was $93.6 million, representing a 53% margin compared to 67% in the prior year. In Q1, we continue to invest the cash we generated from operations back into Qualys, including 1.7 million on capital expenditures and 53.9 million to repurchase 505,000 of our outstanding shares. Since commencing our share repurchase program In February of 2018, we’ve repurchased 11.2 million shares and returned 1.3 billion in cash to shareholders. As of the end of the quarter, we had $306.6 million remaining in our share repurchase program. With that, let us turn to guidance. Starting with revenues for the full year 2026, we now expect revenues to be in the range of 721 to $727 million, which represents a growth rate of 8 to 9%. This compares to prior guidance of 717 to 725 million. For the second quarter of 2026 we expect revenues to be in the range of 177.5 to 179.5 million, representing a growth rate of 8 to 9 percent. While we believe our approach to pre breach cyber risk management provides some insulation amidst ongoing macro volatility, this guidance continues to assume no material change in our net dollar expansion rate with moderate growth contribution from new business in 2026. Shifting to profitability guidance for the full year 2026 we expect EBITDA margin to be in the mid-40s, implying mid teens increase in operating expenses and free cash flow margin in the low 40s. We expect full year EPS to be in the range of 7.44 to 7.65. From the prior range of 7.17 to 7.45. For the second quarter of 2026 we expect EPS to be in the range of 1.73 to 1.80. Our planned capital expenditures in 2026 are expected to be in the range of 8 to 12 million and for the second quarter of 2026 in the range of 1.2 to 3.2 million. As the impact of the macroeconomy is still unfolding, we are closely monitoring the business environment and adjusting our priorities accordingly. That said, considering the long term growth opportunities ahead of us and our industry leading margins implying further room for investment, we intend to continue to responsibly align our product and marketing investment to focus on high impact initiatives aimed at driving more pipeline, accelerating our partner program, expanding our federal vertical. As a percentage of revenues, we expect to prioritize an increase in investments in sales and marketing with more modest increases in engineering and gna. With that Sumed and I would be happy to answer any of your questions.
OPERATOR
Thank you. As a reminder to ask a question, please press star 11 on your telephone and wait for your name to be announced. To withdraw your question, please press star 11. Again, the first question will come from Patrick Colville, Wiscosia Bank. Your line is open.
Patrick Colville (Equity Analyst)
Thank you very much for taking my question. Sumed and Jimmy, in your prepared remarks, I mean I think you did a really good job of conveying why Risk quantification I guess. Testing whether an asset is exploitable with a runtime context, the ability to patch and revalidate all make qualys at low risk of AI disruption in the enterprise. But what I want to ask though is there’s a lot of hype around anthropic Claude Mythos OpenAI GPT-4.5 Cyber are they leading to more inbounds? And if so, how will those inbounds and that kind of surge of interest translate into the financial model in 2026? Yeah, that’s a great question. And I think our customers who are in this day in and day out, they understand pretty well that this is going to lead to more disclosures of patches and vulnerabilities from multiple vendors that they use. And I think the challenge is going to be more about on the positive side, I think these models are helping companies get better with finding these vulnerabilities themselves versus waiting for attackers to find them. But it also means that they’re going to lead to more patches being announced by multiple vendors that the customers will have to deploy. And I think the challenge is going to be more that once the patches come out, attackers leveraging AI can reverse engineer those patches and find the exploits. And so it really becomes a game of how quickly can you apply the patch that the vendor is giving in a matter of hours and not wait for days and weeks as it happens right now. And that’s where a lot of the conversations that we have had with our customers, we’re seeing a lot of CISOs customers reaching out to understand how our patch management capability and the remediation capability and exploit validation capability is really going to be helpful for them because they all need to provide an update to their board in terms of how they are going to fight against AI induced attacks that are coming from these models getting better. And the response cannot be we are going to do more manual remediation. They need to have a response that anchors themselves in fighting autonomous AI attacks with autonomous remediation. And they see us as a trusted vendor having deployed 150 million patches already and 40 million of those already fully autonomously deployed. And so a lot of those conversations are positive right now, but of course it’s in the early stage and we need to work through to see how they take out the conversations, how they go back to their boards to their IT teams, partner with the IT team so happy with the activity, but a little too early right now to talk about how the impact is going to be on the pipeline and outlook. As Jumi said, we’re not considering any change from where we are right now in terms of the guidance, but we are happy to see the engagement that we are seeing from the inbounds that we’re getting from customers trying to understand how Qualys can respond to this. Very clear. Can I just touch on that point? So I mean Jumi, you Very kindly last quarter provided us a soft guidance for 7 to 8% current billings growth in 2026 is the point you were trying to make in the prepared remarks. That remains the case. So no change to that level even with the strong 1Q performance and I guess the positive vibes that sumed were just talking to.
Jumi
Yes, that’s correct. I think that if you take a Look at our Q1 performance, it was a solid start to the year. We’re very pleased with the Q1 outlook as well as what we anticipate for the rest of the year. However, we don’t see any material kind of meaningful change for the full year today. So given that the baseline still remains a 7 to 8% for the current billings for the full year.
Patrick Colville (Equity Analyst)
All right, thank you so much.
OPERATOR
Thank you. And our next question will come from Roger Boyd with ubs. Your lines open.
Roger Boyd (Equity Analyst)
Thanks for taking my questions. Sumed it was a strong quarter from a new customer ad perspective and particularly for one Q which is typically seasonally a little bit lower. Can you just talk about what’s working right from a new logo perspective and then everything you just kind of mentioned from a patch management remediation standpoint, to what degree is that sort of impacting the new customer conversation? Any metrics you can give around attach rate of patch management …
This post was originally published here
