U.S. Markets closed

Edited Transcript of CYBR earnings conference call or presentation 14-Feb-19 1:30pm GMT

Q4 2018 Cyberark Software Ltd Earnings Call

Petach-Tikva Feb 19, 2019 (Thomson StreetEvents) -- Edited Transcript of Cyberark Software Ltd earnings conference call or presentation Thursday, February 14, 2019 at 1:30:00pm GMT

TEXT version of Transcript

================================================================================

Corporate Participants

================================================================================

* Ehud Mokady

CyberArk Software Ltd. - Founder, Chairman of the Board & CEO

* Erica E. Smith

CyberArk Software Ltd. - VP of Investors Relations

* Joshua Siegel

CyberArk Software Ltd. - CFO

================================================================================

Conference Call Participants

================================================================================

* Andrew James Nowinski

Piper Jaffray Companies, Research Division - Principal & Senior Research Analyst

* Daniel Bartus

BofA Merrill Lynch, Research Division - Research Analyst

* Fatima Aslam Boolani

UBS Investment Bank, Research Division - Associate Director and Equity Research Associate Technology-Software

* Gabriela Borges

Goldman Sachs Group Inc., Research Division - Equity Analyst

* Gray Wilson Powell

Deutsche Bank AG, Research Division - Research Analyst

* Gur Yehudah Talpaz

Stifel, Nicolaus & Company, Incorporated, Research Division - Analyst

* Melissa A. Franchi

Morgan Stanley, Research Division - VP and Research Analyst

* Robbie David Owens

KeyBanc Capital Markets Inc., Research Division - Senior Research Analyst

* Saket Kalia

Barclays Bank PLC, Research Division - Senior Analyst

* Shaul Eyal

Oppenheimer & Co. Inc., Research Division - MD & Senior Analyst

* Ugam Kamat

JP Morgan Chase & Co, Research Division - Analyst

================================================================================

Presentation

--------------------------------------------------------------------------------

Operator [1]

--------------------------------------------------------------------------------

Good morning. My name is James, and I will be your conference operator today. At this time, I'd like to welcome everyone to the CyberArk Fourth Quarter and Year-End Earning Call. (Operator Instructions) Thank you. I'd now like to turn the call over to the Vice President of Investor Relations, Erica Smith. Ms. Smith, please go ahead.

--------------------------------------------------------------------------------

Erica E. Smith, CyberArk Software Ltd. - VP of Investors Relations [2]

--------------------------------------------------------------------------------

Thank you, James. Good morning. Thank you for joining us today to review CyberArk's Fourth Quarter and Full Year 2018 Financial Results.

With me on the call today are Udi Mokady, Chairman and Chief Executive Officer; and Josh Siegel, Chief Financial Officer. After prepared remarks, we will open the call up to a question-and-answer session.

Before we begin, let me remind you that certain statements made on the call today may be considered forward-looking statements, which reflect management's best judgment based on currently available information. I refer specifically to the discussion of our expectations and beliefs regarding our projected results of operations for the first quarter in the full year 2019. Our actual results might differ materially from those projected in these forward-looking statements.

I direct your attention to the risk factors contained in the company's annual report on Form 20-F filed with the U.S. Securities and Exchange Commission and those referenced in today's press release. CyberArk expressly disclaims any obligation or undertaking to release publicly any updates or revisions to any forward-looking statements made herein.

Additionally, non-GAAP financial measures will be discussed in this conference call. A reconciliation for the most directly comparable GAAP financial measures is also available in today's press release, which can be found at www.cyberark.com in the Investor Relations section.

Also a webcast of today's call will be available on our website in the IR section as well. With that, I'd like to turn the call over to our Chairman and Chief Executive Officer, Udi Mokady.

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [3]

--------------------------------------------------------------------------------

Thanks, Erica, and good morning, everyone. Thank you for joining our fourth quarter and year-end conference call. We had a phenomenal record-breaking 2018, executing on all of the strategic goals that we outlined for you early in the year. Through our innovation, we have cemented our leadership position as the industry's global solution provider to secure privileged access from on-premise to the cloud. Where increasingly a critical component of our customer's digital transformation strategies by securing cloud assets and access application credentials and secrets in the DevOps pipeline.

We extended our reach to our partner ecosystem, and we significantly enhanced the efficiency, productivity and consistency of our sales and marketing engine.

Our momentum continue to build throughout the year and in the fourth quarter, we delivered amazing results exceeding our guidance across all measures.

Total revenue reached a record $109 million with growth accelerating to 36%. We were thrilled that our license revenue growth outpaced old revenue and accelerated to 38% in the fourth quarter.

We delivered our best ever non-GAAP operating income of $40 million, and we signed over 250 new logos, the largest number in the company's history ending the year with more than 4,450 customers.

For the full year, revenues reached $343 million, growing 31%. Non-GAAP operating income was $90 million, and we generated a record cash flow from operations of $130 million.

Today's business paradigm dictates that every organization, the insurance company, the retailer, the airline, the utility is a software company. Implementing digital transformation strategies and migrating workloads to the cloud, they are leveraging speed, automation and agility as a competitive advantage. This is causing organizations around the world to rethink security and prioritize impactful initiatives. Escalating privileges of human and nonhuman credentials remains at the center of almost every major attack. In this new more complex environment, privileged accounts are being created and privileged access expanded at unprecedented rate.

Chief Information Security officers are also increasingly talking a security-first approach to solving compliance challenges like GDPR, NIST, Sox and PCI. As a result, awareness and demand for privileged access security has increased across geographies, verticals and from companies of all sizes. In fact, on the 3rd of December 2018, Gartner published its first-ever Magic Quadrant for Privileged Access Management, stating and I quote, "Privileged Access Management is one of the most critical security controls particularly in today's increasingly complex IT environment. Security and risk management leaders must use PAM tools in a long-term strategy for comprehensive risk mitigation."

We were proud that our ability to execute and completeness of vision were recognized by Gartner in the Magic Quadrant as a leader, farthest to the right on the completeness of vision, access and the highest on the ability to execute access. While strong market fundamentals certainly played a factor in our record result this year, our execution and strategic moves, globalizing the team, delivering continuous innovation and simplifying our pricing were among the biggest contributors to our success with revenue growth accelerating in all major theaters.

The Americas revenue growth rate accelerated from 20% in 2017 to 26% in 2018, EMEA from 20% to 37% and APJ growth accelerated from 30% to 47% in 2018. All geographies performed exceptionally well. A number of 7-figure add-on deals in the fourth quarter demonstrated the impact of our strategy. We were the only vendor who provided a leading bank in EMEA with a battle-tested global Privileged Access Security program that complemented its cloud-first strategy in Azure.

With our new licensing, we simplified the customer's buying journey and solve the critical paying point, providing visibility into unmanaged, unauthorized privileged access across its on-premise and cloud environments with threat analytics.

A Global 2000 insurance company began with enterprise vault in the U.K. in 2015. Because of our team's deep privileged access domain expertise, the customer is standardizing on CyberArk across all data centers in the Americas, EMEA and APJ. With the simplicity of Version10, the customer was up and running quickly after closing the deal.

A top 5-lifetime value customer significantly expanded its CyberArk program in Q4. The customer is adding Endpoint Privilege Manager for credential theft blocking and Conjur to secure application development in Pivotal Cloud Foundry and AWS. Both solutions help address its #1 priority: to quickly and measurably reduce risk across the enterprise.

Our strategy also contributed to our record number of new logos. In a competitive rip and replace deal, a large European manufacturing company chose CyberArk because of our global scalability and support. We increasingly see organizations who bought privileged access security for compliance turn to CyberArk to implement holistic, scalable privileged access programs.

As part of its cloud-first strategy, a leading SaaS company has deployed CyberArk in AWS. After an extensive POC, we won unanimous cross-functional support from information security, identity and access management and the application developers. With Core PAS and Conjur, the organization will realize material security and operational efficiencies from centralized control and a single pane of glass into human users, machine identities, production applications and application development.

We saw Application Identity Manager and Conjur as key differentiators this year, as CIOs and CISOs look to strike the balance between flexibility, growth and risk mitigation. In fact, AIM and Conjur were included in 6 of our top 10 deals this year.

Innovation is critical to our long-term strategy. In 2018, we again set the standard and redefined privileged access security being first to market with new and enhanced solutions that automate and drive efficiency for security and operational teams. We accelerated the pace of our innovation, enriching our core privileged access security solution with 8 new versions that included key functionality like streamlined workflows, just-in-time access, automated discovery, onboarding of privileged accounts and simplified deployment.

We introduced enhanced protection in AWS, Google Cloud Platform and Azure as well as DevOps and containerized platforms to strengthen our customer security as they execute their digital transformation strategies. In addition, we launched Privileged Session Manager for cloud, which secures cloud administrators and privileged business users who are often targeted by attackers.

We also empowered our customers to deploy or access CyberArk anywhere on-premise, in the cloud or as a service with CyberArk Privilege Cloud and our MSSP solution. And our labs team is leveraging extensive experience to analyze the latest hacker threats and help inform our product roadmap decisions.

Another example from earlier in 2018 is the CyberArk marketplace, the industry's broadest and deepest portfolio of integrations for privileged access security. Customers have a trusted platform to easily access and deploy integrations across their entire technology stack, including security, IT operations, cloud, DevOps and robotic process automation software.

Our advisory, value-added reseller and technology partner ecosystem also played a key role in our results with about 67% of our revenue coming from indirect channel, up from 61% in the full year 2017. Deals influenced by advisory firms likely PWC, Deloitte, KPMG and Accenture increased by more than 85% in 2018.

Our partners understand that a best of breed approach to mission critical security projects like digital transformation and identity improves the customer's overall security posture. As we look at the year ahead, our primary focus is to deliver innovation and drive long-term sustainable growth.

We are in a great field market and have tremendous opportunity to expand our relationships with our more than 4,400 customers. As a result, our major strategic initiatives for 2019 include: Increasing enterprise customer penetration in new and add-on business, formalizing our motion in the midmarket, driving adoption of our application and privileged endpoint solutions and delivering critical innovation and expanding our solutions across on-premise and cloud to automate, simplify and better protect our customers. 2018 was an amazing record-setting year, and I'm very proud of our team. Our results strengthen our conviction that we are in the early stages of our opportunity and that momentum in the privileged access security market is accelerating.

As we move into 2019, we are in a strong position to continue to build an enduring leader in cyber security, and I'm incredibly excited about the opportunity in front of us.

With that, let me turn it over to Josh to discuss our record results. Josh?

--------------------------------------------------------------------------------

Joshua Siegel, CyberArk Software Ltd. - CFO [4]

--------------------------------------------------------------------------------

Yes. Thanks, Udi. Before we began reviewing the quarter, I wanted to remind everyone that our fourth quarter and year-end results reflect the modified retrospective approach to disclosure for accounting standard 606.

As you have heard from Udi already, we delivered another quarter of outstanding results, capping off a record year.

In the fourth quarter, we generated $109.1 million in revenue, accelerating growth to 36% year-on-year. Our outperformance in the fourth quarter was driven by strong execution coupled with broad-based demand and greater-than-expected year-end budget flush. License revenue reached a record $66.8 million with year-on-year growth accelerating to 38%.

In the fourth quarter, license revenue represented 61% of total revenue, that's up slightly from the 60% in the fourth quarter of 2017. Maintenance and professional services revenue increased by 33% to $42.3 million and represented 39% of total revenue. The professional services revenue associated with this line was $7.7 million or 7% of total revenue.

The Americas reached another record of $60.9 million in revenue and growth accelerating also significantly to 40% in the fourth quarter.

EMEA also reached a record of $41.6 million in the fourth quarter and growing 28% year-on-year.

We are also pleased to see the Asia-Pacific Japan region grow by 56% year-on-year to $6.5 million in revenue for the quarter.

We had a strong demand across verticals in the fourth quarter with manufacturing, telecom, IT services and software, retail and pharmaceuticals, all of them growing faster than 50%.

As I move through the P&L, all line items will be discussed on a non-GAAP basis. Please see the full GAAP to non-GAAP reconciliation in the tables of our press release.

Gross profit for the quarter was $98.2 million, increasing our gross margin to 90% compared to $70.6 million or an 88% gross margin in the same period last year. We continue to experience higher utilization of our professional services team, resulting in the improved gross margin for the quarter. On the expense side, our priority continues to be to invest in innovation, growth and scaling the organization.

Our R&D grew 23% year-on-year to $13.2 million or 12% of total revenue. Sales and marketing for the quarter increased 7% year-on-year to $36.5 million or 33% of total revenue and G&A expense increased 41% to $8.7 million or 8% of total revenue.

In total operating expenses increased 15% in the fourth quarter to $58.4 million compared with $50.9 million for the same period last year.

Our revenue outperformance and disciplined investments drove strong leverage again in the fourth quarter. Operating income and margin both reached a record of $39.8 million and a 36% operating margin, a strong increase from operating income of $19.7 million or a 24% operating margin in the year-ago period.

Net income was $33.4 million or $0.89 per diluted share for the fourth quarter of this year, more than doubling from $15 million or $0.41 per diluted share for the fourth quarter of last year.

Now let me summarize our strong results for the full year of 2018. Total revenue for the year was again ahead of guidance, reaching $343.2 million with growth accelerating to 31% compared to $261.7 million in 2017.

License revenue for the year was $192.5 million with growth accelerating to 30% year-on-year and representing 56% of total revenue. In 2018, 60% of licensed revenue was generated from existing customers, purchasing additional licenses and approximately 40% of revenue from new customers, consistent with the revenue mix that we saw in 2017.

On a product side, AIM and Conjur together represented about 10% licensed revenue for the year, and our Endpoint Privilege Manager represented about 8% of licensed revenue for 2018.

Maintenance and professional services revenue increased 32% over last year reaching $150.7 million and representing 44% of total revenue. The professional services revenue associated with this line was $26.7 million or 8% of total revenue, very consistent with the prior year.

Again in 2018, our renewal rate was over 90%, which was -- we tribute to mission-critical nature of our solution and our strong customer service.

As Udi mentioned earlier, growth accelerated across all geography for the year. The Americas generated $205.5 million in revenue, growing 26% and representing 60% of total revenue. EMEA revenue grew by 37% in 2018, reaching $112.1 million or approximately 33% of total revenue.

Asia-Pacific Japan grew 47% to $25.6 million or 7% of total revenue.

For the full year, our business was also well diversified across industries with 10 verticals representing 5% or more of the business.

Banking was again our largest segment representing 30% of the business in 2018 compared to 29% in 2017. Global government was 11%, an increase from 10% in 2017 and manufacturing was 10% consistent with the 10% last year.

During the year deals over $100,000 increased to 868 from 659, that's growth accelerating to 32% of those -- on those deals from 27% in 2017. We also had 133 deals over $500,000 compared to 92 deals over $500,000 in 2017.

We were pleased to see healthy growth for these larger deals, not only in Americas but also across EMEA and APJ which demonstrated that privileged access security is moving up on the list of priorities for CISOs globally, as Udi mentioned earlier.

Our gross margin for the year was 88% compared to 86.5% in 2017, which was ahead of our expectations due to the higher utilization of our Professional Services team as we have discussed throughout the year.

While we continue to make strategic investments in growth and innovation, our strong P&L demonstrates the efficiency of our operations.

For the full year, R&D represented 14% of total revenue consistent with the 14% last year. Sales and marketing represented 39% of total revenue and G&A represented 8.5% of total revenue, resulting in record operating income of $90.5 million in 2018 or a 26% operating margin which was ahead of our guidance and a strong increase from the $51.9 million or a 20% operating margin in 2017.

One of our goals for 2018 was to drive growth while improving productivity and efficiency of our investments we delivered in 2018.

Our net income was $76.5 million or $2.06 per diluted share in 2018, increasing nicely from $41.9 million or $1.16 per diluted share in 2017.

Our effective tax rate for the year was 19.5%. We ended the year with 1,146 employees worldwide compared to 1,015 at the end of 2017 and that includes 541 employees in sales and marketing at year-end, up from 491 at December 31, 2017.

We generated record cash flow from operations in 2018 of $130 million or a 38% cash flow margin. This compared with $81 million in cash flow in the full year of 2017 or a 31% cash flow margin. Our stronger-than-expected cash flow from operations was driven primarily by improved linearity throughout the quarters and the year and outperformance in bookings while maintaining a disciplined approach to investments.

Turning to the balance sheet. We had $451 million in cash and cash equivalent deposits, marketable securities at December 31, that's an increase from $330 million at the end of 2017. Deferred revenue for the full year increased 42% to $150 million at year-end.

Moving on to our guidance for the first quarter of 2019 and the full year. As a reminder, our guidance does not consider any potential impact to financial, other income and expenses associated with foreign exchange gains or losses as we do not try to estimate future movements in foreign currency rates.

So for the first quarter of 2019, we expect total revenue to be in the range of $91 million to $93 million or a 28% growth at the midpoint of the range.

We expect non-GAAP operating income to range from $18.5 million to $20 million and non-GAAP net income per diluted share of $0.39 to $0.42. This assumes 38.2 million weighted average diluted shares and a tax rate of approximately 21%.

We are initiating our guidance for the full year of 2019. We expect total revenue for the -- in the range of $411 to $415 or growth of approximately 20% at the midpoint. We expect the mix of license in maintenance and professional services revenue in 2019 to be between approximately 54% to 56% from license revenue and the balance of 46% to 44% coming from the maintenance and professional services revenue.

We expect our gross margin to be between 87% to 88% for the full year. We expect non-GAAP operating income to be in the range of $92.5 million to $95.5 million and non-GAAP net income per diluted share of $1.94 to $2. This assumes 38.5 million weighted average diluted shares.

Our guidance for the full year assumes an effective tax rate of approximately 21% for 2019.

We typically experienced a sequential revenue decline into the first quarter, moderate sequential growth into the second quarter and then into the third quarter and Q4 is our largest quarter of the year.

On the expense side, we typically see a step up in expenses in the third quarter as a result of seasonal employee expenses as well as our marquis Americas customers event.

We also wanted to provide you with a bit more color on some line items for 2019. We expect total capital expenditures to be in the range of $6 million to $8 million, which represents approximately 2% of revenue at the midpoint of range.

As we look at the full year of 2019, we expect our cash flow from operations margin to run between 5 to 10 percentage points higher than our non-GAAP net income margin. We recommend analysts to evaluate our cash flow on an annual basis, given that our cash flow from operations can vary quarterly based on seasonality of the business and taxes. We do not plan to provide quarterly updates on guidance for cash flow from operations.

Fundamentals for privileged access security continue to be robust. And as a result, our priority for 2019 is to strengthen the organization to generate sustainable growth over the long term while staying true to our operating principle of delivering profitability through disciplined investments.

As Udi mentioned, our key areas of focus in 2019 are sales and marketing and R&D. We had a great 2018 and the team delivered against all of its objectives. As a result of our execution, we are entering 2019 with strong momentum and are looking forward to the year ahead. I will now turn the call over to the operator for Q&A.

================================================================================

Questions and Answers

--------------------------------------------------------------------------------

Operator [1]

--------------------------------------------------------------------------------

(Operator Instructions).

And your first question comes from the line of Saket Kalia from Barclays Capital.

--------------------------------------------------------------------------------

Saket Kalia, Barclays Bank PLC, Research Division - Senior Analyst [2]

--------------------------------------------------------------------------------

Udi, maybe just to start with you. I think it's pretty clear in the results, but I just want to make sure this question is asked. Did you feel like you saw higher win rates, that is higher competitive win rates of the quarter, or do you have any other anecdotal observations from the quarter related to competitive disruption?

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [3]

--------------------------------------------------------------------------------

Sure, Saket, and thank you. Yes, absolutely, I think we indicated in the last several months that we're seeing disruption with our competitors, primarily with the roll ups by private equity. They create disruption in existing customers. They definitely create disruption in -- for them in active sales processes and yes, so we saw an increase in our win rate, I would say consistently throughout the year. It was one of our strategic objectives into 2018. And of course, cementing our market leadership with the Magic Quadrant by Gartner, the first to report and others kind of made it very clear and with the growing demand was a great setup for '18 and beyond.

--------------------------------------------------------------------------------

Saket Kalia, Barclays Bank PLC, Research Division - Senior Analyst [4]

--------------------------------------------------------------------------------

Got it. That's really helpful. Josh, maybe for my follow-up for you. You talked -- you gave some helpful metrics just around big deals and how they did in '18 versus '17. Maybe just to dig a little bit deeper in them. Can you talk about the average deal sizes that you saw here in 2018? And how you, sort of, factor that into your guide for 2019, anecdotally?

--------------------------------------------------------------------------------

Joshua Siegel, CyberArk Software Ltd. - CFO [5]

--------------------------------------------------------------------------------

Yes. So we actually saw our average deal size pretty consistent within what we've seen over the last several years in the same range. We did see our add-on business trend up a bit and our new business in line with what we've seen over the last few years. And one of the way we look at 2019 is really consistent with that. We -- in our guide, we believe that we expect to see a similar trend in where our average deal size are and continued growth in -- relative to our business in the larger deals.

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [6]

--------------------------------------------------------------------------------

And Saket, just to add to my previous answer, I mentioned the private equity disruption into the competitive base but we also had CA acquired by Broadcom and that was also a very, very significant competitive disruption.

--------------------------------------------------------------------------------

Operator [7]

--------------------------------------------------------------------------------

And your next question comes from the line of Melissa Franchi from Morgan Stanley.

--------------------------------------------------------------------------------

Melissa A. Franchi, Morgan Stanley, Research Division - VP and Research Analyst [8]

--------------------------------------------------------------------------------

So it sounds like you benefited from a number of drivers in Q4. I'm wondering if you could help us pass through what was most significant. Was it the fact that the market itself is accelerating just because there is greater awareness, or do you think it's more your execution and the ability to capitalize on that opportunity?

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [9]

--------------------------------------------------------------------------------

Melissa, Udi here, and thank you. Absolutely it's execution against growing market fundamentals. And so I think we've outlined throughout 2018 some of our strategic initiatives around globalizing the sales force, the services team simplifying our products continuously, multiple releases that really show the customers our approach to more simplification and automation, the simplicity in our prices. And that execution, and of course, coupled with the innovation and being first to market with the innovative sides of DevOps and Privilege for cloud. But couple that with the growing demand environment with Privilege really rising up to a key priority, we talked about how Privileged Access security has been rising up as one of the major things CISOs need to do if they want to reduce dramatic risk in various industry reports and the growing awareness around that. And couple that with digital transformation where it's very clear that okay, your job and the security team's job is not just to protect the business but also enable out the digital transformation that's going to drive growth. We really need to take chunks of risk off and Privileged Access Security is a major thing there. So that's -- so I didn't rate them for you, but I would say a strong execution, delivered execution against growing market fundamentals.

--------------------------------------------------------------------------------

Melissa A. Franchi, Morgan Stanley, Research Division - VP and Research Analyst [10]

--------------------------------------------------------------------------------

Got it. That's helpful. And then just a follow-up for Josh. Josh, you mentioned a better-than-expected Q4 budget flush, I believe, in your commentary. Do you feel well, I guess, first, what you think is driving that better-than-expected budget flush and do you feel like there are any deals that may be got pulled forward into Q4 that you anticipated in 2019?

--------------------------------------------------------------------------------

Joshua Siegel, CyberArk Software Ltd. - CFO [11]

--------------------------------------------------------------------------------

Yes. I think with regard to budget flush, it's something as enterprise vendor we see every year, it's just hard for us to gauge whether or not the enterprises are going to move some of their flush to us or to our competitors. And I think it really dovetails with what Udi just said, is that, we basically -- we're seeing enterprises using it with us and because of the dynamics of where Privileged Access Security is on their priority list. And so I think it's coming from there. It's -- deals are -- a lot of these things are in our pipeline at some form or fashion and then can get executed in the fourth quarter. In terms of any -- seeing enterprises move things in unnaturally, we did not really see that in the fourth quarter.

--------------------------------------------------------------------------------

Operator [12]

--------------------------------------------------------------------------------

And your next question comes from the line of Shaul Eyal from Oppenheimer.

--------------------------------------------------------------------------------

Shaul Eyal, Oppenheimer & Co. Inc., Research Division - MD & Senior Analyst [13]

--------------------------------------------------------------------------------

Udi, Josh, thank you for this transparency with respect to Conjur and the other tuck-in acquisition you mentioned. I want you actually go and revisit the Conjur acquisition you guys have done, if I'm not mistaken, a little less than 3 years ago. Talk to us about the trends you're seeing within the DevOps IT security arena. I think CyberArk was actually amongst the first company or maybe I'd even say the pioneers on the security front that triggered the cycle of a small tuck-in acquisitions focusing on the DevOps. What's happening on that front? And if Conjur was I think part of the 10% of overall license revenue? Where could we be seeing that by the end of 2019 or even 2020?

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [14]

--------------------------------------------------------------------------------

Yes. Thanks, Shaul, Udi here, and thanks for the warm words. We acquired Conjur in May of '17 as you mentioned, and I would say a very strategic acquisition for us in our play in the digital transformation for our customers. And first of all, as innovators, we were the first and probably still the only Privileged Access Security vendor with capabilities to extend all the way to the DevOps cycle and give the organization Chief Security Officer a holistic approach to on-premise, cloud and the DevOps environment.

I would say that it's almost every customer right now is going through the discussions of migrating their applications -- either migrating to the cloud or just adopting DevOps as the methodology to accelerate application development. And so it became a really unnatural piece of our Application Identity Management business to deal with this migration no matter where the customer is on the cycle. And hence, as Josh indicated, it was 10% of license revenue and behaving as a growth engine for us and very strategic in customer decisions to select CyberArk because they know that we can take that journey with them. I would say 2019, we're not putting something specific in terms of numerical but it's a major initiative for us. We continuously trained our sales force and our channels to be able to, I would say, expand from core privileged access security that grew and was really the reason for the outperformance in 2018 to our growth engines which include in Conjur and also EPM.

--------------------------------------------------------------------------------

Shaul Eyal, Oppenheimer & Co. Inc., Research Division - MD & Senior Analyst [15]

--------------------------------------------------------------------------------

Got it, got it. And we think about the go-to-market and you're growing channel partners relation, do you see anyone specific or a handful or a number of strategic guys that have been doing a little better pushing your products out there, whether it's in the U.S., whether it's in Europe, or, Udi, pretty much a status quo from what we have been seen throughout 2017 and 2018?

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [16]

--------------------------------------------------------------------------------

I would say -- yes, absolutely. I would say the continuum of just progress and -- is what we indicated on the advisory side, advisory firms and just growing the amount of deals that they are influencing with us as we mentioned. And the other end of it is the fact that they are growing their business and really training teams and putting people to help identify these opportunities and help customers go through privileged access security program. So I would say advisory firms. I'm also personally very pleased to really see CyberArk move up the chain in major value-added resellers as key revenue producers for them. And that's a win-win. The more we get high up there as from top 15 to top 10 to top 5. In some cases, revenue producers for value-added resellers around the world, the more they continue to invest in the various phases of the sales cycle and so that has been a positive trajectory. I think very much in line with our revenue growth is also the growing importance of how we're perceived in the VAR channel. And then the third element is the technology partnerships. We talk a lot about the C3 Alliance. We've really increased the amount of partner integrations, collaborations in the field. Customers really appreciate the ongoing innovation and the fact that they have a marketplace. They can find these connections to other investments they make.

--------------------------------------------------------------------------------

Operator [17]

--------------------------------------------------------------------------------

And your next question comes from the line of Fatima Boolani from UBS.

--------------------------------------------------------------------------------

Fatima Aslam Boolani, UBS Investment Bank, Research Division - Associate Director and Equity Research Associate Technology-Software [18]

--------------------------------------------------------------------------------

Either for Udi or Josh, you both mentioned that investment priorities for next year will be focused in the sales and marketing arena and the R&D arena specifically. So I actually wanted to get more specificity on what you mean on the sales and marketing side. Is it greater sales capacity? Is it more overlays? Just trying to better understand that dynamic as I look at your financial result and they are well in excess of the medium-term targets that you set at Analyst Day. So just wanted to kind of reconcile sort of what's changed and what specific area you're looking to invest in '19? And a follow-up if I may.

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [19]

--------------------------------------------------------------------------------

Sure, Fatima. Udi here, I'll start. I think as indicated with some of the 2019 elements we're seeing that the enterprise businesses is definitely our prime market and is very much greenfield both for new business but also, as Just Josh indicated, a lot of add-on opportunities. Another element that we're adding in the year is really increasing, I would say, our muscle and the ability to go into midmarket. And so it's, I would say, still early but that would be another area of investment for our go-to-market.

And as we go, I would say, and for the prior question and with this we also continue to invest in the channel. We really see this as a strategic piece for us, and it's also the theme that's supporting and enabling and training and selling with the channel.

On top of that, of course, as the market leader and finally after many years of market education, we have the Magic Quadrant and acquisition there. It's also opportunity to -- on the marketing, further on the marketing up pedal and take this to market and all of this in a cross geographic manner. I mean we're very proud with the diversification we have as a key strength, kind of, 60% -- a rough -- 60%, 30%, 10% between the theaters, and the diversity on the verticals and so to push all of that to old markets.

--------------------------------------------------------------------------------

Fatima Aslam Boolani, UBS Investment Bank, Research Division - Associate Director and Equity Research Associate Technology-Software [20]

--------------------------------------------------------------------------------

And actually quick follow-up on the midmarket focus. How should we think about potential for any pricing changes or any pricing tweaks because the appetite in this market is a little bit different? Funding posture in this market is a little bit different than the enterprise. And then along those lines, I think one of your peers is sort of going through a subscription transition with a predominantly perpetual license model. So how do you guys think about or discount or manage for a changing appetite for what traditionally is a perpetual license product for you and any pricing implication that may result as you push harder into midmarket?

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [21]

--------------------------------------------------------------------------------

Sure, sure, absolutely. So I would say we really prepared for it and we seated it in 2018 with the pricing simplification and in bracket, of course, the ongoing product simplification and that was already kind of geared into addressing or preparing to address the midmarket and the abilities for an easier way to scope the solution and to identify and to be able to accommodate smaller deal sizes for that market.

Although I have to continuously emphasize, enterprises are major market and midmarket being a new muscle.

With regards to model switch, no model switch. We're seeing that most of our customers want to own our solution and definitely be in the enterprise. They view this as mission critical. And although, we've had options to buy this in subscription. Primarily the enterprise customers want to own it.

And then they're able to run it anywhere. They can run it in the cloud and install it in the cloud. For midmarket, they have the opportunity to buy it as a subscription or as TBL, but we're going to see that as a gradual infusion of our revenue and not any change and so that's how I would present that.

--------------------------------------------------------------------------------

Operator [22]

--------------------------------------------------------------------------------

Your next question comes from the line of Daniel Bartus from Bank of America Merrill Lynch.

--------------------------------------------------------------------------------

Daniel Bartus, BofA Merrill Lynch, Research Division - Research Analyst [23]

--------------------------------------------------------------------------------

First on new logos. Just curious if you could discuss how much of the business now is greenfield versus rip and replace? And just maybe how that changed over the course of 2018 from what you saw?

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [24]

--------------------------------------------------------------------------------

I would say it's -- we still primarily see this as greenfield in all markets including, kind of, the enterprise space and definitely across all theaters. There are truly new geographies like Latin America but the -- but we still view in all theaters and in all customer sizes that it's still a primarily greenfield opportunity and even within the customer base that we're -- we didn't put up a new number on penetration rates. But we have a lot of add-on to do with our customers as we take them to -- from a project to program.

--------------------------------------------------------------------------------

Daniel Bartus, BofA Merrill Lynch, Research Division - Research Analyst [25]

--------------------------------------------------------------------------------

Okay. And then if I could just ask quickly on GDPR as well and getting a little bit more color there. Just how important of a driver was that in 2018 if you can try to parse that out a little bit? And is -- does that continue into 2019? Are you guys expecting any, kind of, slowdown related to that?

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [26]

--------------------------------------------------------------------------------

Yes, sure. So I'll continue with that. I would say that it wasn't a big contributor to results in the fourth quarter or in the year. We did see some deal kind of site GDPR as one of the factors, but it wasn't a driving force. I view that as a positive because it actually means that it's another kind of an ongoing drumbeat of a tailwind that will push us further and not just a seasonal. The -- and as we've indicated that what GDPR can also create and we're hearing more and more about companies that are being fined, not just the well-known players, but even smaller companies that are being fined on privacy issues and that's going to further maybe accelerate awareness. And of course, if there will be big breach disclosures, we can see that again being a stronger driver like we've seen in other regions. It is interesting to see that GDPR is cited not just in Europe but also by multinational companies that have European customers. So it's -- I think it's here to stay as an ongoing additional tailwind driver. But the main driver for us and the important one is the ability to really reduce a big amount of risk for our customers.

--------------------------------------------------------------------------------

Operator [27]

--------------------------------------------------------------------------------

Your next question comes from the line of Robbie Owens from KeyBanc Capital Markets.

--------------------------------------------------------------------------------

Robbie David Owens, KeyBanc Capital Markets Inc., Research Division - Senior Research Analyst [28]

--------------------------------------------------------------------------------

I don't think I've ever been called Robbie on a call, but I'll take it. Want to focus a little bit on privacy, especially domestically where the conversation does seem to be intensifying. And whether or not that's starting to resonate within the customer base as we're looking to get ahead? Or could that be a GDPR situation where everyone's going to play catch-up?

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [29]

--------------------------------------------------------------------------------

Robbie, Rob, right? We can do a new trend here, but I think what we're seeing is Chief Security Officers really viewing and being very smart about, okay, I have other elements to deal with like privacy growing, the upcoming California regulation, which GDPR like, just like you said, and being brought up in the U.S. And -- but on the other hand they have -- they need to reduce risk because they're trying to protect the organization. And I would say that's a trend we're seeing. We even talk about it sometimes in various panels and events that these CISOs are looking at -- let's do the -- let's couple these things, let's reduce risk while meeting compliance requirements. And for us, that's really a home run.

--------------------------------------------------------------------------------

Robbie David Owens, KeyBanc Capital Markets Inc., Research Division - Senior Research Analyst [30]

--------------------------------------------------------------------------------

And when you go into competitive replacement situations, can you give a little bit more context around what that customer's consuming. Is it broader deployment of privilege? Obviously, you've got a better application stack than I'm sure what you're going and replacing. But just to understand how you're taking more wallet share, I guess, within similar customers that are looking to your solution versus having competitors that might be 5 to 10 years old.

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [31]

--------------------------------------------------------------------------------

Yes. No, absolutely. I think there are a couple of flavors there. I think the most exciting one is when we see a customer with one of the solutions that are -- one of our competitors that are -- and they're not considered innovative, and they understood that this is a big strategic risk remover from them and they take a broader look and they see, okay, who's going to take us on the roadmap for the full -- like you said, for the full stack, take us all the way from mainframe to cloud and DevOps and just raise their head and call us or we call them and choose us strategically. Because they understood that the layer is strategic and a big part of it is our innovation on their cloud assets and on their DevOps pipeline and also scalability. They want to take this wide. They need a scalable solution. It's not enough if they selected another vendor for compliance reasons in a point area.

The other thing is it has to do with the lack of innovation on and disruption that I mentioned earlier. Companies being acquired like the CA acquisition, a lot of resumes out there from the security teams or the PE rollups where the customer is -- kind of knows where the trend is going. There's not going to be innovation. The attackers are innovating, so I need to partner with the company that's investing in innovation and is here for the long run. So I would say a competitive disruption that is causing them as that and then there's the customers that are really going global, going wide across their environments and kind of the ability to execute. The ability for us to take a customer that has offices in Singapore, France and New York and maybe -- and also a team in India and give them a full solution ability to support them and the ability to scale with them. But those are some examples there and kind of indicate the -- that beyond the greenfield, we also have the rip and replace opportunity.

--------------------------------------------------------------------------------

Operator [32]

--------------------------------------------------------------------------------

Your next question comes from the line of Andrew Nowinski from Piper Jaffray.

--------------------------------------------------------------------------------

Andrew James Nowinski, Piper Jaffray Companies, Research Division - Principal & Senior Research Analyst [33]

--------------------------------------------------------------------------------

I just had a few questions on the new per user pricing model that you introduced in early 2018. So with normal sales cycle, I guess in the 6- to 9-month range, I was wondering if this is the first quarter where you saw an impact from that new pricing model. Because this is the most upside that we've seen in any of the previous quarters.

--------------------------------------------------------------------------------

Joshua Siegel, CyberArk Software Ltd. - CFO [34]

--------------------------------------------------------------------------------

In terms of sales cycle, no, I think we're still -- we're very much on a 2 to 3 quarter average sales cycle. And I say average because we see deals coming in and it takes 4 to 6 quarters even or even longer.

For new deals in particular, and for add-ons it could be as fast as 1 quarter and also as long as 4 or 5 quarters. And the new pricing what that's done is, well it hasn't necessarily shortened the sale cycle. It just made a much more, what I would call, quality sales cycle of 2 to 3 quarters and that content of the discussion and the negotiation and the sales process is around the product. It's around how to best set it up. It's around devising, Udi mentioned, the project or program theme that we always take with every enterprise, it's around, okay, this is how we start the process but let's also talk about what's going to happen over the next couple of years. And it's -- with the simpler pricing, it allows them to really forecast their own budgeting needs really easily and also to really scope out quickly, not what their immediate needs are, but also going forward. So it's not necessarily shortening the cycle, but it makes the cycle less painful for the customer, which is always good. And also we get more content out of it.

--------------------------------------------------------------------------------

Andrew James Nowinski, Piper Jaffray Companies, Research Division - Principal & Senior Research Analyst [35]

--------------------------------------------------------------------------------

Got it. And then you mentioned that add-on sales trended up in Q4, I believe, or is that -- I'm not sure if that was a 2018 metric. But were most of those add-on sales for those customers leveraging your new pricing model? Or are they still purchasing more on a à la carte basis?

--------------------------------------------------------------------------------

Joshua Siegel, CyberArk Software Ltd. - CFO [36]

--------------------------------------------------------------------------------

So actually, a lot of -- and I don't have the statistic of what percent, most of them were still on the à la carte. But we did have a nice sample -- a nice group of customers that, as when they brought -- as they came on board they actually converted onto the new pricing model. So as part of their add-on there, we were able to say, okay, let's just not add more EPV users, let's already also give you PSM monitoring and threat analytics content to the users that you have. So the other thing that it helped do was be able to have more focus on the Endpoint Privilege Manager and on the AIM and Conjur product. So 63% of all of our customers are now on the new pricing.

--------------------------------------------------------------------------------

Andrew James Nowinski, Piper Jaffray Companies, Research Division - Principal & Senior Research Analyst [37]

--------------------------------------------------------------------------------

63%. And then just real quick, did the U.S. government shutdown have any impact on your quarter?

--------------------------------------------------------------------------------

Joshua Siegel, CyberArk Software Ltd. - CFO [38]

--------------------------------------------------------------------------------

I would say that some minor impact on Q4 federal sales. But overall, really minor and of course, we did overachieve on many other fronts and U.S. Fed had a very strong first 9 months. I think as we indicated the diversification in the government business was so strong that as a vertical it actually grew more than 40% -- global government grew more than 40% in the year. And that's really because Federal is a big part of that but also state and local, all European countries, countries in Asia, Canada and others really contributed to that. So it's a fast-growing vertical and the impact on the Federal team, specifically, was minor but there was some in Q4.

--------------------------------------------------------------------------------

Operator [39]

--------------------------------------------------------------------------------

And your next question comes from the line of Sterling Auty from JP Morgan.

--------------------------------------------------------------------------------

Ugam Kamat, JP Morgan Chase & Co, Research Division - Analyst [40]

--------------------------------------------------------------------------------

This is actually Ugam Kamat on for Sterling Auty. So in your prepared remarks, Udi, you mentioned that add-on business constituted around 60% of the license revenue. As we try to assess our models for 2019, just wanted to get a qualitative commentary on how much runway do you think still exists within the existing customers? And how much upsell opportunity is still left within those?

--------------------------------------------------------------------------------

Joshua Siegel, CyberArk Software Ltd. - CFO [41]

--------------------------------------------------------------------------------

Yes. It's a great question, thanks, this is Josh. Yes, I did mention in this year for 2018, 60% of our revenues -- of our license revenue came from existing customers which was very similar to what it was or identical to what it was in 2017 as well. So it's the second year in a row, we're at about 60-40 mix. And we look at kind of going forward, we actually still believe that we're in the first half with our customer base with our 4,500 -- 4,400 customers that we have. Obviously, there's a handful of that are much -- that are higher than 1/2 but the majority of our customers we believe that we have a long runway and a big market to fill.

--------------------------------------------------------------------------------

Ugam Kamat, JP Morgan Chase & Co, Research Division - Analyst [42]

--------------------------------------------------------------------------------

Got you. And as a follow-up the industry vertical concentration has remained fairly consistent, I would say, over 2017. Any particular programs that you're planning in 2019 to increase the vertical concentration beyond, say banking, government and manufacturing? And if yes, what is the vertical that you think would be the most promising one?

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [43]

--------------------------------------------------------------------------------

I would say that -- this is Udi. I would say that the vertical diversification is one of our major strength. I mean more than 10 verticals were over 5% of the business and I think -- and Josh in his prepared remarks has kind of indicated growth across multiple versus -- vertical. So that -- I would say the trend has increased diversity and there's no longer an industry that we think is on standby. I mean we used to say that a couple years ago about healthcare or manufacturing and in different cycles we've seen them join the bandwagon.

It's been become very clear and it's a top 10 -- it's a #1 on the top 10 priority list from Gartner on how do you reduce risk and it doesn't apply -- it's not a vertical specific. And so we're -- it's really one of our strengths, vertical diversification across the world. And so you -- it's kind of a multiplier of diversification and then you can multiply it by another diversity which is we address the cloud journey no matter where the customer is on that cloud journey.

--------------------------------------------------------------------------------

Operator [44]

--------------------------------------------------------------------------------

And your next question comes from the line of Gabriela Borges from Goldman Sachs.

--------------------------------------------------------------------------------

Gabriela Borges, Goldman Sachs Group Inc., Research Division - Equity Analyst [45]

--------------------------------------------------------------------------------

Udi, I wanted to follow up on some of your comments on Privileged Access moving up as a priority suspend in the context of what we've seen over the last 5 years because the last time I remember we saw a step up in priority was around 2014. And now it feels like we're seeing a little bit of a resurgence and awareness in the Gartner Magic Quadrant formally coming out, et cetera. So just a little bit of color on what you think is driving the resurgence? And how important is it? Is there a positive impact from Gartner having put together the Magic Quadrant formally? Does that impact the way you seeing the pipeline?

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [46]

--------------------------------------------------------------------------------

Yes. I would say that it's -- I would put it as a continuing and that it's been climbing up there and at some point it got into a critical mass to the point where you have customers talking, you have partners talking, you have -- and you have successful risk reduction projects out there with CyberArk being in 50% of the Fortune 500, that the awareness has really gotten there. The Chief Security Officer, I think you had a process of -- definitely if you take a 5-year progression from some -- and some Chief Security Officers understood that the attacker will become -- a focus attacker can make it to the inside of the organization or to the cloud environments with a focused attack. And therefore I really have to strengthen my core and prevent lateral movement. And on the progression it really moved up where they -- when they are looking to -- they're going to be attacked, they're going to be infected. How do I really reduce risk? How do I prevent a network takeover? How do I prevent a cloud takeover? It really moved up there. The mirror image is that is really the analysts -- and per your question, the analysts really moving in up in their recommendations, I mean the industry analysts and we referred them in the past to the top 10 list that the Gartner put up and they listed Privileged Access Security as the #1 there in risk reduction. And of course, the Magic Quadrant coming out in December for the first time about the space. And that definitely will help drive further awareness, especially to markets that -- or verticals that were waiting for this kind of assurance that you have to do this and this is how we rate the vendors. There's more security technologies out there. There's the digital transformation. And so there's also proliferation of credentials. And so the problem is only getting bigger. And that also answers a part of why it grew so big. How do I lower risk and still enable digital transformation and we're a big part of it.

--------------------------------------------------------------------------------

Operator [47]

--------------------------------------------------------------------------------

And your next question comes from the line of Gur Talpaz from Stifel.

--------------------------------------------------------------------------------

Gur Yehudah Talpaz, Stifel, Nicolaus & Company, Incorporated, Research Division - Analyst [48]

--------------------------------------------------------------------------------

So Udi, in April this year you took the product multitenant and you initiated a broader push into MSSP. Can you talk a bit about what you seeing since that time frame and I think in terms of the broader context, how you think about that in relation to a bigger push into the midmarket that you're planning for this year?

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [49]

--------------------------------------------------------------------------------

Yes. Thanks, Gur. I think we strategically wanted to really enable customers to have different flavors of how they adopt CyberArk. We still see the majority want to secure the keys to the kingdom on premise. We've invested in the -- to give customers the ability to also install and have the CyberArk work for them in their cloud provider of choice. And I've given some examples of you can install us and we've been installed and customers using us for their Azure, AWS, Google cloud. And on that same front, we also wanted to give customers the ability to, kind of, outsource the management part of the solution to third-party providers, and therefore launched the MSSP version. We have several partners that jumped on board. Some of them are also -- have the capability to both resell and be an MSSP provider. I would say still it's still an early part in the revenue contribution but it's -- it really strengthens our leadership position. And like you said, will be an important avenue as we go further midmarket. So I would say it's still early but it's part of our strength. It's really the ability to capture various appetites with the same solution. So our team can really stay focused on -- in terms of R&D efforts but provide the ability to consume it in the different flavors.

--------------------------------------------------------------------------------

Gur Yehudah Talpaz, Stifel, Nicolaus & Company, Incorporated, Research Division - Analyst [50]

--------------------------------------------------------------------------------

Okay. That's helpful. And maybe just one last quick question. Given the success in acquisitions like Conjur, Vaultive and Viewfinity, how do you think about potential for further M&A, whether this year, just kind of looking beyond and any sort of areas you think you could push into or spend into that you could look at?

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [51]

--------------------------------------------------------------------------------

Thank you. I think even as indicated in the various reports, CyberArk leads not just in the ability to execute and going global with our partners and team, but also in the innovation side and some -- a lot of it has been organic but we also, like you said, may have made some very important nonorganic acquisitions over the last couple of years. So we definitely -- we feel like we lead the space by far and let's really focus on what is needed to secure our customers. And on that front, we have the CyberArk labs that are really investigating how are modern day attacks progressing, what's the point of no return in attack. And it's all coming back most often to credentials and lateral movement and either back toward solutions or more solutions on that front. But we would also be very open minded if we need to pick up other technologies to better secure our customers. We actually have a new VP of Corporate Development that reports to me that is working. His name is Clarence Hinton that is working on further honing our captive capabilities with no time pressure, just as an additional discipline in the company on top of all the work we do organically.

--------------------------------------------------------------------------------

Operator [52]

--------------------------------------------------------------------------------

And your next question comes from the line of Gray Powell from Deutsche Bank.

--------------------------------------------------------------------------------

Gray Wilson Powell, Deutsche Bank AG, Research Division - Research Analyst [53]

--------------------------------------------------------------------------------

I'll be quick. So the Analyst Day last year, you mentioned that if you're growing at a 20% pace then operating margin should be in the 17% to 21% rate. So you just closed out a strong 2018. You guided 2019 to 20% revenue growth and a 23% operating margin. So should we be rethinking that, that medium-term margin framework?

--------------------------------------------------------------------------------

Joshua Siegel, CyberArk Software Ltd. - CFO [54]

--------------------------------------------------------------------------------

This is Josh. No, I think we're not touching that medium-term framework. I mean right now, we're going into 2019 with a lot of momentum, and we have visibility to how we're looking at the year. And at this point, we're still looking -- we're pleased with the guidance we're able to give, but we're not necessarily changing our medium-term outlook where we want to be prepared. We see a long runway of growth opportunity because of the Greenfield opportunity and because of our installed base that's still also with long runway. So we're not changing that.

--------------------------------------------------------------------------------

Operator [55]

--------------------------------------------------------------------------------

And with that, I'd like to turn the call back over to Udi for some closing remarks.

--------------------------------------------------------------------------------

Ehud Mokady, CyberArk Software Ltd. - Founder, Chairman of the Board & CEO [56]

--------------------------------------------------------------------------------

All right, thank you very much. I want to thank our customers, partners and our dear employees who contributed to CyberArk's record results in 2018. Thank you, everyone, for joining our call today. Thank you.

--------------------------------------------------------------------------------

Operator [57]

--------------------------------------------------------------------------------

This concludes today's conference call. You may now disconnect.