U.S. Markets open in 4 hrs 46 mins

Edited Transcript of FEYE earnings conference call or presentation 30-Jul-19 9:00pm GMT

Q2 2019 FireEye Inc Earnings Call

MILPITAS Aug 2, 2019 (Thomson StreetEvents) -- Edited Transcript of FireEye Inc earnings conference call or presentation Tuesday, July 30, 2019 at 9:00:00pm GMT

TEXT version of Transcript

================================================================================

Corporate Participants

================================================================================

* Frank E. Verdecanna

FireEye, Inc. - Executive VP, CFO & CAO

* Kate Patterson

FireEye, Inc. - VP of IR

* Kevin R. Mandia

FireEye, Inc. - CEO & Director

================================================================================

Conference Call Participants

================================================================================

* Andrew James Nowinski

Piper Jaffray Companies, Research Division - Principal & Senior Research Analyst

* Christopher Caleb Speros

Stifel, Nicolaus & Company, Incorporated, Research Division - Associate

* Erik Loren Suppiger

JMP Securities LLC, Research Division - MD & Senior Research Analyst

* Gregg Steven Moskowitz

Mizuho Securities USA LLC, Research Division - MD of Americas Research

* John Gregory Weidemoyer

William Blair & Company L.L.C., Research Division - Associate

* Robbie David Owens

KeyBanc Capital Markets Inc., Research Division - Senior Research Analyst

* Saket Kalia

Barclays Bank PLC, Research Division - Senior Analyst

* Shaul Eyal

Oppenheimer & Co. Inc., Research Division - MD & Senior Analyst

* Sterling Auty

JP Morgan Chase & Co, Research Division - Senior Analyst

* Tal Liani

BofA Merrill Lynch, Research Division - MD and Head of Technology Supersector

================================================================================

Presentation

--------------------------------------------------------------------------------

Operator [1]

--------------------------------------------------------------------------------

Good day, everyone, and welcome to the FireEye Second Quarter 2019 Earnings Results Conference Call. (Operator Instructions) Also, this call is being recorded.

At this time, I would like to turn the call over to Kate Patterson. Please go ahead.

--------------------------------------------------------------------------------

Kate Patterson, FireEye, Inc. - VP of IR [2]

--------------------------------------------------------------------------------

Thank you, Daniel. Good afternoon, and thanks to everyone on the call for joining us today to discuss FireEye's financial results for the second quarter of 2019. This call is being broadcast live over the Internet and can be accessed on the Investor Relations section of FireEye's website at investors.fireeye.com. With me on today's call are Kevin Mandia, FireEye's Chief Executive Officer; and Frank Verdecanna, Executive Vice President, Chief Financial Officer and Chief Accounting Officer of FireEye. After the market closed today, FireEye issued a press release announcing the results for the second quarter of 2019.

Before we begin, let me remind you that FireEye's management will make forward-looking statements during the course of this call, including statements relating to FireEye's guidance and expectations for certain financial results and metrics; FireEye's priorities, initiatives, plans and investments, drivers and expectations for growth; the expansion of FireEye's platform and the benefits, capabilities and availability of new and enhanced offerings including those from our Verodin acquisition; our competitive position, market opportunities and go-to-market strategies and internal alignment along areas of focus. These forward-looking statements involve a number of risks and uncertainties, some of which are beyond our control, which could cause actual results to differ materially from those anticipated by these statements. These forward-looking statements apply as of today, and you should not rely on them as representing our views in the future, and we undertake no obligation to update these statements after the call. For a detailed description of the risks and uncertainties, please refer to our SEC filings as well as our earnings release posted an hour ago. Copies of these documents may be obtained from the SEC or by visiting the Investor Relations section of our website.

Additionally, certain non-GAAP financial measures will be discussed on this call. We have provided reconciliations on these non-GAAP financial measures for the most directly comparable GAAP financial measures in the Investor Relations section of the website as well as the earnings release. I'd also like to point out that we posted the supplemental slides and financial statements on the Investor Relations section of the website. Finally, I want to remind everyone that our 2019 Analyst Day will be held on October 8, during this year's Cyber Defense Summit in Washington, D.C. For those of you who cannot join us in person, a webcast of the event will be accessible on the Investor Relations section of our website.

With that, I'll turn the call over to Kevin.

--------------------------------------------------------------------------------

Kevin R. Mandia, FireEye, Inc. - CEO & Director [3]

--------------------------------------------------------------------------------

Thank you, Kate, and thank you to all the investors, employees, customers and partners joining us on this call. We appreciate your continued interest and support as we continue to transform our company. The second quarter of 2019 marks the 10th straight quarter where we met or exceeded our billings and revenue guidance ranges. Billings was at the high end of our guidance range and revenue exceeded our guidance range. However, our operating income, operating margins and earnings per share were slightly below our guidance ranges. We'll provide you details why we did not meet these expectations but first I'd like to share some highlights from the second quarter.

We posted year-over-year growth in all billings categories. We generated billings of $221 million, a 13% increase year-over-year and a 19% increase excluding a $10 million transaction we had in the second quarter of 2018. Revenue was $218 million, a 7% increase year-over-year. Results were especially strong in our platform, cloud subscriptions and managed services category, with billings growth accelerating 27% from a year ago. Managed Defense had its best ever second quarter and its third highest billings quarter in our history; Threat Intelligence had a very strong quarter growing ARR 20% year-over-year; and Mandiant Services had its second highest billings quarter in our history. Billings for our professional services were $46 million, up 15% year-over-year.

We booked 45 transactions greater than $1 million with customers diversified across vertical markets and geographies, and nearly 2/3 of these million-dollar-plus deals in the second quarter included services or Expertise On-Demand. Our overall transaction volume increased with both Global 2000 customers as well as in the mid-market and we added 261 new customers in the quarter.

From a sales perspective, the first half of 2019 was the best first half in FireEye's history. Our results this quarter, especially the strength of our platform, cloud and Managed Defense category as well as our professional services, show how far we have come as a company over the past 3 years. FireEye has continued to evolve from our origins as a network security product vendor to a comprehensive security platform company. We have been taking actions to build a strong foundation for our future and extend our influence as trusted security advisers. As we transform our company, 2 related but different areas of focus have emerged within FireEye: first, we have products consisting of our advanced detection and protection products, such as network, e-mail and endpoint security; and second, we have platform and solutions that combine our Helix platform, security instrumentation from Verodin, Mandiant Services, intelligence and our Managed Defense offerings. Now I'd like to provide you updates within the context of these 2 areas of focus.

Our products are well established and have enterprise customers worldwide. Over the past few years, we have dramatically improved our cost structure, delivered new features and functionality, and improved our cross-sell and upsell success within our customer base. This has enabled our products to return to billings growth. We have seen a steady increase of customer adoption of multiple products, and the number of customers with more than one product family increased to 58% from just over 50% a year ago. Adoption of our virtual and cloud solutions is also on the rise, with nearly half of the customers purchasing in the second quarter choosing cloud or virtual solutions.

In Endpoint Security, we added new Linux advanced detection and response or EDR capabilities. We deployed new MalwareGuard machine learning models and made significant performance improvements to overall usability and user experience. We also introduced a new offering that combines our Managed Defense and Endpoint Security in a single SKU, simplifying the purchasing and provisioning to new Managed Defense customers.

I'm also excited about our new innovation architecture, which enables any FireEye team such as consulting or Managed Defense to write custom modular extensions for our Endpoint software on their own. This increases our ability to innovate fast, and we recently released Phase 1 of the innovation architecture and have already released modules into the FireEye Market. And we plan to release a second phase in our partners and customers to begin adding their own custom endpoint modules.

For our Network Security software, our latest releases included virtual NX for AWS environments, which takes advantage of AWS' new VPC port mirroring functionality. We also improved our ability to detect attacks in encrypted traffic, added new intelligence-based context for our alerts and for the first time can now detect web shells and other evidence of compromise on servers, which moves this product well beyond its previous capability to detect attacks mostly against end users. We now offer our complete Network Security detection and analysis capabilities for pure cloud deployments as well as hybrid environments.

In e-mail security, we began implementing the first phase of our new architecture for cloud e-mail designed to address our growth in customers and the increased e-mail volume we are experiencing. The burst in e-mail volume required us to increase our cloud cost beyond our original expectations, and our CFO, Frank, will provide you the additional details in his prepared remarks. We also released our latest e-mail threat report showing a dramatic increase in new variance of impersonation attacks, where attackers emulate a trusted colleague to trick victims into providing credentials or opening an attachment. Our ability to prevent impersonation attacks is an important competitive advantage for our e-mail security solutions.

And finally, we know that success with our products is not just about building great features. Our customers expect to build FireEye capability into the way they work and operate and we cannot just be a black box. Thus, we plan to roll out new developer relations capabilities to show customers how to take advantage of our extensibility and robust APIs. In addition, we are focused on our technical partnership network and I would point you to our FireEye Market to read more about the hundreds of vendor product integrations across our portfolio.

Now our vision and the value we deliver to customers goes beyond the competitiveness of those individual projects I just discussed. With our world-renowned Mandiant expertise, global Threat Intelligence, Helix platform and more recently Verodin, we are delivering a robust platform that significantly improves cyber resilience for our customers. Our platform strategy is simple: to provide a single platform that allows the customer to leverage all of its security technologies from any vendor and overlay our intelligence and expertise to simplify and automate security tests while continuously testing and improving security controls. Adoption of our platform results in more effective and efficient security programs backstopped by Mandiant, Expertise On-Demand with measurable effectiveness delivered from the Verodin platform and the world's best threat intelligence.

With respect to Helix, we continue to see increased engagement as we expand the number of integrations. We have launched our early adopter program for the next generation of the platform and I believe the feedback we are receiving will contribute to a successful launch later this year.

Our recent acquisition of Verodin provides a critical component to our platform and solutions. With the Verodin security instrumentation platform, organizations can test their resiliency against cyberattacks before they are in fact attacked. This delivers our customers a reliable and consistent way to measure cyber risk in a manner that is actionable for front-line technicians yet understandable in the boardroom. We have just completed the first phase of integrating our Threat Intelligence into the Verodin platform, and we will be showcasing this capability at the Black Hat conference next week. In the future, we plan to combine the capabilities of Verodin with Helix's orchestration to also automatically adjust the security infrastructure to defend against the simulated attacks. I believe there's no other technology with the same potential to fundamentally change the way organizations implement, manage and measure their security infrastructure and the effectiveness of their spend.

In order to be as efficient as possible, we are aligning our internal structure at FireEye to reflect our evolution from a Network Security product vendor to a comprehensive security platform company. Accordingly, we are formally creating a new platform and solutions group within FireEye. This group will combine Mandiant Services, our platform engineering, Verodin, Managed Defense and our Threat Intelligence resources into a single organization. I believe this new alignment will accelerate our execution towards the platform and unite the portions of our business that are accelerating in their growth.

We're also establishing a products group, led by our current CTO, Grady Summers. This will consolidate and streamline our products, that is our network, endpoint, e-mail and SIEM offerings, by combining product management, engineering and customer success for these products into a unified, customer-focused team. This group will also be focused on improving release cadence, enhancing our ability to protect cloud workloads and bringing a data-driven approach to bolster renewals while also winning new business. We look forward to discussing the changes we are making at FireEye and updating you on our innovation with more detail at our Analyst Day at the Cyber Defense conference on October 8 of this year.

Now for the past several years, FireEye has been developing a comprehensive security platform for our customers. The momentum in our platform cloud and managed services business is the result of our efforts and I believe we are taking the next steps towards accelerating our growth. I want to thank all the FireEye employees for their continued efforts and focus as we seek to change the security industry.

And now I'd like to turn the call over to CFO, Frank.

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [4]

--------------------------------------------------------------------------------

Thanks, Kevin, and hello to everyone on the call. First, I want to frame my remarks with a few general comments on our business outlook and financial model.

First, as it has for several quarters, our business continues to diversify across customer size, product family, geographic regions and verticals. We continue to add new logo customers in every product family and many of our existing customers are deploying more product families. These healthy demand trends are reflected in the growth in billings, which is a leading indicator as well as in our outlook for our billings and cash flow for the rest of the year.

Second, as in any ratable model, revenue is a lagging indicator because it includes amortization from sales books in prior periods. We were already experiencing a headwind to our revenue growth due to the decline in client sales we experienced a few years ago. Several factors have caused us to reduce our revenue outlook for 2019 by $25 million. This had a cascading effect on our profitability and as a result, we have also reduced our outlook for margins and earnings per share.

That said, I remain confident in our strategy and long-term outlook. We are committed to balanced growth and profitability long term and are continually looking for opportunities to increase our efficiency without jeopardizing growth. You can see the inherent leverage in our business model when you compare operating expenses to billings and calculate cash flow margin on billings. This leverage will become apparent in our revenue base metrics as revenue growth trends catch up to billings.

Before I discuss the details of our Q2 results and our guidance for Q3 and 2019, let me remind you that I'll be referring to non-GAAP metrics except for revenue and operating cash flow. Our non-GAAP measures exclude stock-based compensation, amortization of intangibles, noncash interest expense on our convertible debt and other nonrecurring items.

I also want to remind you that we made a minor change to the billings and revenue breakout categories, changing the name of the cloud subscription and managed services category to platform, cloud subscriptions and managed services, or platform for short. The change reflects the addition of Verodin to this category. There is no impact to historical metrics as Helix was already included in the platform category. For reference, in the appendix in the slides we included, there's a mapping of the product families to each of these categories.

Turning to our Q2 results. Total billings of $221 million were at the high end of our guidance range and increased 13% from Q2 of '18. As expected, our Q2 '19 billings did not include any transactions greater than $10 million. Platform, cloud subscriptions and managed services billings were $63 million for the quarter, up 27% year-over-year on an as-reported basis. ARR for platform, cloud subs and managed services increased 27% year-over-year to $237 million. Billings for our Mandiant professional services were $46 million, an increase of 15% from Q2 of '18. We continued to operate near capacity in this highly strategic portion of our business. Billings for the product and related subscription and support category were $113 million, up 5% year-over-year.

Sales of appliances accounted for approximately 31% of the total product and related category and were up 24% year-over-year. Similar to Q1, we attribute some of the year-over-year strength in appliance sales to the end of life for our older third-generation appliances, which we first introduced in 2012. This created a wave of network and e-mail hardware refreshes with new subscription support contracts for customers still relying on these appliances for advanced security.

Turning to revenue. Consistent with billings growth in platform, cloud subscription and managed services billings we've experienced over the past 2 years, platform, cloud subs and managed services revenue increased 26% year-over-year to a record $57 million. Mandiant professional services revenue of $43.5 million was also a record. This was the fifth consecutive record quarter for Mandiant professional services revenue. Product and related subscription and support revenue decreased about $5 million or 4% from Q2 of '18. The year-over-year decrease reflected the $24 million decline in the opening current deferred revenue balance for this category. As we've discussed in the past, the ratable recognition of product revenue under 606 means that decreases in appliance billings that occurred in 2016 and 2017 are just now flowing through our current deferred revenue and revenue. With performance in our platform and services categories more than offsetting the decline in product and related, total revenue in the quarter was $218 million, an increase of 7% year-over-year. $152 million or 87% of the nonservices revenue was recognized from current deferred revenue from the balance sheet.

Gross margin was 72% in the quarter, down from Q2 '18 gross margin of 75%. The majority of the decline was due to a greater-than-expected increase in hosting cost as we accelerated the migration of our cloud-based products from FireEye internal data centers to a public cloud provider. The move to a public cloud platform provides us with additional real-time flexibility and scalability needed to support our growing cloud business. The decrease in product and platform gross margin was partially offset by an increase in our services gross margin to 53% compared to 50% in Q2 of '18.

Operating expenses declined $2 million sequentially but increased $11 million or about 8% year-over-year. The increase in both operating expense and COGS, both partially driven by improved billing trends, resulted in a small loss for the quarter. However, as a percentage of billings, operating expenses declined from 75% in Q2 of '18 to 72% in Q2 of '19, demonstrating continued leverage in our long-term business model. Our year-over-year expense growth was primarily in research and development and sales and marketing, both areas with the potential to drive future growth and operating leverage. In R&D, we invested in innovation across our product offerings and accelerated the investment in our next-gen security operation platform as we gear up for the expected launch in Q4. Sales and marketing expense was higher year-over-year, reflecting increased commission expense associated with higher sales performance and accelerated growth in new business. Finally, Q2 operating expense included 1 month of Verodin, consistent with the financial impact we outlined on the call we had in May to announce the acquisition. Other income and taxes largely offset each other, resulting in a loss per share of $0.01.

Turning to the balance sheet and cash flow. Growth in our billings and timely collections continue to drive our cash flow performance. We typically enter Q2 with the lowest receivables balance of the year, reflecting Q1 seasonality in billings. As a result, Q2 operating cash flow tends to be the lowest of the year. This seasonal pattern held true this year, and operating cash flow was negative $50 million in the quarter. We continue to maintain a very healthy balance sheet with cash and short-term investments of almost $1 billion even after using $127 million in net cash on the Verodin acquisition. We ended the quarter with receivables of approximately $127 million and DSOs calculated on billings of 52 days. This is slightly better than our target range of 55 to 65 days.

Ending deferred revenue was approximately $913 million, an increase of $7 million sequentially and an increase of $33 million from the end of Q2 of '18. The current deferred and total deferred revenue balances include approximately $3 million of acquired deferred revenue from Verodin. Ending current deferred revenue increased $4 million sequentially and $20 million year-over-year as increases in platform and services deferred revenue offset the continued decline in product and related current deferred revenue. As a side note, you'll see that approximately $114 million of our convertible notes moved into current liabilities. This is the remaining amount of the first tranche of the notes originally issued in 2015. We currently expect that we will redeem these notes for cash in June of 2020.

With this as a background, let's turn now to our outlook for the third quarter and our updated 2019 guidance ranges starting with the year. We are reiterating our 2019 guidance range for billings of $935 million to $955 million, representing year-over-year growth of 10% at the midpoint. We are reducing our 2019 revenue guidance range by $25 million to $865 million to $875 million. There are 3 primary drivers for the decrease and I will provide a little more detail on each of these factors.

First, ARR for the product and related subscription category declined $20 million sequentially in Q2, primarily due to expirations of subscriptions and support attached to our third-generation appliances that were end of life and not refreshed. While many of our large customers refreshed and even expanded their deployments with fifth-generation appliances over the past several quarters, many smaller customers allowed their subscriptions to expire without purchasing new hardware. The estimated decline in product and related ARR reduced our expectation for the second half by approximately $10 million. The good news is that there's less than $3 million in ARR left for the third-generation appliances. We expect product and related ARR to stabilize from here and we believe we can see incremental growth from the new cloud-based Network Security and server-based detection Kevin discussed earlier.

Second, we now expect the amount of upfront revenue to be less than we originally forecasted. Upfront revenue is a relatively small amount in any given quarter, typically 5% to 10% of the product and related category. There are a number of puts and takes here but at a summary level, we expect less upfront term licenses for our FireEye Security Orchestrator, or FSO, since it will be sold exclusively as part of Helix and we also expect less upfront revenue from management appliances with the availability of the Helix platform. We estimate the impact of this revised forecast to be about $5 million to $10 million in the second half.

The third item is related to the decrease -- third item is related to the increase in the mix of appliance billings, which we also believe is partially related to the end of life of the older third-generation appliances. A higher mix of appliance lengthens the revenue recognition period to 48 months compared to a more subscription-heavy mix at an average duration of 24 to 26 months. Additionally, customers tend to purchase multiyear subscription when buying new appliance hardware, and we believe that the surge in appliance sales in Q2 was a factor in the expansion of the average contract length for the product and related subscription and support. Overall, the increase in ACL combined with the higher mix of appliances accounted for about $5 million to $10 million of the estimated decrease.

With lower revenue, we now expect gross margin of approximately 73% and an operating margin of breakeven to 1% for the year. This translates into earnings per share in the range of $0 to $0.04. With the same billings range but higher costs associated with our migration to the public cloud infrastructure, we are reducing our cash flow outlook by $10 million to a range of $85 million to $105 million. At the midpoint, our updated operating cash flow guidance implies a year-over-year increase of more than 50% and a cash flow margin of 10% on our expected 2019 billings. Our expectation for CapEx remains the same at $40 million to $50 million. While we are not guiding to 2020 at this time, I do expect our CapEx to decline next year as we've completed all our major planned facility moves and our move to the public cloud will reduce capital investments in our data center equipment.

For Q3, we expect billings in the range of $245 million to $255 million, which implies year-over-year growth of approximately 14% at the midpoint. From a linearity perspective, this range implies 26% to 27% of our expected annual billings will be booked in Q3, consistent with historical annual linearity for the third quarter. We expect revenue in the range of $217 million to $221 million, implying approximately 3% year-over-year growth at the midpoint. This reflects a $23 million decrease in current deferred revenue in the product and related category as we continue to work through the long tail of the impact of ratable recognition of appliances.

Given this revenue range, we expect gross margin of approximately 72% and operating margin between breakeven and 2%. This implies operating expenses will be flat to down slightly compared with Q2. The decrease in outlook for OpEx is primarily related to the lower payroll taxes in Q3 as more employees hit maximum withholding amounts. We also expect interest income to offset interest expense and cash taxes of between $1.5 million and $2 million. Both are consistent with prior quarters. This yields earnings per share of plus $0.01, plus or minus $0.01, based on a weighted average diluted share count of approximately 218 million shares. Operating cash flow is expected to be in the range of $15 million to $25 million, about equal to operating cash flow in Q3 of '18 at the midpoint. Reflecting similar receivable balances for collection and relatively flat expenses on a year-over-year basis, we expect CapEx of about $10 million. That concludes my prepared remarks.

We'll now take your questions. Operator?

================================================================================

Questions and Answers

--------------------------------------------------------------------------------

Operator [1]

--------------------------------------------------------------------------------

(Operator Instructions) And our first question comes from Gur Talpaz with Stifel.

--------------------------------------------------------------------------------

Christopher Caleb Speros, Stifel, Nicolaus & Company, Incorporated, Research Division - Associate [2]

--------------------------------------------------------------------------------

This is actually Chris Speros on for Gur. Kevin, normalized, the billings growth of 20% is encouraging. Can you talk about the degree to which adoption of Expertise On-Demand contributed to growth in Q2 and how the pace of adoption has progressed versus your internal targets?

--------------------------------------------------------------------------------

Kevin R. Mandia, FireEye, Inc. - CEO & Director [3]

--------------------------------------------------------------------------------

Yes. I think Expertise On-Demand is meeting our expectations. I think Chris, what we have to do to see the kind of growth I want to see there is embed it into all our technologies. Right now it's available in the cloud, Helix that we have, where you can press a button and interact with our experts. But when I say embed, I mean you're inside our Endpoint technology. You're looking at something you don't understand and there's a big red button there that says, "Hey, click here to get a forensic review. Click here to get help." So we're working on that path and I expect to see more growth as our tech embeds Expertise On-Demand into it.

While we did see and what I did mention in my direct remarks was about 2/3 of our million-dollar-plus deals have services and Expertise On-Demand in it. Now I want to reiterate that the Expertise On-Demand, the whole goal of that isn't to sell more services. It's that's the kind of product I want to buy. I've done my thousands of hours of sitting inside a security tech, and every time you have a question, you don't want a bouncing paperclip. You just want to hit a button and get somebody with real expertise at scale that solves problems for dozens if not hundreds of companies at your fingertips.

So right now I still think it's early stages. We have the back-end complete. What I mean by that is when you make a request to FireEye for Expertise On-Demand, it's almost like an all-points bulletin. Whether you e-mail or call or click on the chat in Helix, it's -- we're trying to get a triage so that you get the right expert when you need them most. So our intel folks are involved. The Mandiant Services folks are involved. We have a team called TORE, which is, I think, threat operations reverse engineering. We have an advanced practices team for detection. We just go and find the right expert. That's a well-oiled machine inside of FireEye now, and now it's the tech getting these -- I call them buttons. I'm sure I'm oversimplifying it, but just making a way for our customers inside our products that seemly communicate with our experts is what we're trying to do with our next-gen Helix and with the future releases of our products.

So that's the long answer to your short answer of it was within my expectations of how it did. I mean I think that it takes off when it's really truly embedded in our technology.

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [4]

--------------------------------------------------------------------------------

That said, Chris, we did see a very nice sequential growth and we did almost double our customers on Expertise On-Demand. So it did kind of meet our plan where we were expecting to, but pretty good metrics there.

--------------------------------------------------------------------------------

Christopher Caleb Speros, Stifel, Nicolaus & Company, Incorporated, Research Division - Associate [5]

--------------------------------------------------------------------------------

That's great color. And Frank, with all the moving pieces in the model that have more or less led to the top line guide down and the effects on profitability in the second half of the year, do you believe that Verodin can still contribute $70 million into billings and be accretive to both operating income and cash flows in 2020?

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [6]

--------------------------------------------------------------------------------

So a couple of things, Chris. One is that the guide down was only on revenue. Again, the leading indicator of billings was we reiterated guidance there. And as far as Verodin goes, Verodin actually is slightly better than we expected on both billings and revenue in the quarter. FireEye still met our expectations on a stand-alone basis, but I think as we look at Verodin throughout the remainder of 2019 and for 2020, we feel very good with the guidance we gave out in May.

--------------------------------------------------------------------------------

Operator [7]

--------------------------------------------------------------------------------

And our next question comes from Saket Kalia from Barclays Capital.

--------------------------------------------------------------------------------

Saket Kalia, Barclays Bank PLC, Research Division - Senior Analyst [8]

--------------------------------------------------------------------------------

Frank, maybe just to start with you. Can you just talk about the renewal rate on attached subscription and support? I know you talked to some of the generational change there in appliances and how that affected some ARR there this quarter but generally speaking, how do you think about the renewal rate on that attached subscription and support line going forward?

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [9]

--------------------------------------------------------------------------------

Sure. I think we'll see stabilization of it. I think in the second quarter, we did see a $20 million sequential decline in ARR for the product and related, but again, the primary driver of that was the fact that we did end of life the third-generation appliances. So customers really only had the option of refreshing those appliances, which did force some nonrenewals. The really good news here is there's only $3 million left in our ARR relating to the third-generation appliances. So I don't think we see that impact going forward.

--------------------------------------------------------------------------------

Saket Kalia, Barclays Bank PLC, Research Division - Senior Analyst [10]

--------------------------------------------------------------------------------

Okay. That's helpful. Kevin, maybe for you. You touched on this in your prepared comments just about realigning the company into platform and products. As you look out, I don't know, a year from now, what are the sort of benefits you'd like to see from that realignment? And what sort of potential synergies could you gain from kind of separating those, that platform group and that product group?

--------------------------------------------------------------------------------

Kevin R. Mandia, FireEye, Inc. - CEO & Director [11]

--------------------------------------------------------------------------------

Yes. By the way, we've been on that transformation, Saket, since I got the job 3 years ago. I think we're doing a great job stabilizing our core products. At the same time frame, we took it under our wing, saying, "Hey, we've got to build a platform and we've got to find a way to decouple our intel and get it into the platform and we've got to" -- we basically -- I wanted to create what I called at the time Security as a Service, a different way to transact and different way to do business with us. And we're still building that. And the bottom line is I'd look at this business and we're managing it. I kept thinking we're stabilizing core products but we've got to invent something new and bring that to market, overlays our intel, decouples our detection from our spoke products. It enables Expertise On-Demand. It powers security instrumentation.

All those things, that's a new product for us that we started building back in -- we started adding to it but we started focusing on it back in 2016. We've gotten Helix first gen out and then we've done a full, inorganic and organic refresh to that product with the X15 purchase so that we can combine big data with our data scientists, with the command center that we call our security operations with our orchestration. So bottom line, work in progress.

By aligning the groups, you almost look at how they go to market. We have spoke products that go to market one way, Endpoint competes against Endpoint. Network competes against firewall and cloud, and e-mail competes against e-mail stuff. But then we have this platform that quite frankly operates independently of the spokes. It's more spoke agnostic. With Verodin, it's really going to be spoke agnostic. It's generally going to run the attacks and give you, "Here's the results of it," and it's not going to favor FireEye spoke products over anybody else's. It's going to be honest, it's going to have integrity and it's going to be real. And that's the same for Expertise On-Demand. I mean we don't need to just leverage data from our products to help our customers. On a daily basis, we're solving the most complex security problems and we're using a lot of tech besides FireEye tech. It's whatever's been in the infrastructure of our customers for the last 5 to 10 years. We've got to rely on that as well.

So the goal of this company has always been to go from spoke network security sandbox company to a genuine comprehensive security platform company, where what I believe every customer wants to buy is very simply they want somebody to backstop their capabilities and be there when you need them and at the same time frame, simplify, integrate and test your security architecture. Let's just align the groups that way and get them functioning more aligned with how we go to market. So we put Grady Summers, our CTO, in charge of our, what I call core products, network, endpoint, e-mail and SIEM and then get the expertise part of the business working more with Verodin in the platform, spokes, spoke agnostic and let them run.

--------------------------------------------------------------------------------

Operator [12]

--------------------------------------------------------------------------------

And our next question comes from Sterling Auty with JPMorgan.

--------------------------------------------------------------------------------

Sterling Auty, JP Morgan Chase & Co, Research Division - Senior Analyst [13]

--------------------------------------------------------------------------------

As I just try to think about this simply, billings is revenue plus the change in deferred revenue. You reiterated billings but the revenue is going down. So that means that the deferred revenue contribution in the back half of the year has to be stronger. What's the -- we focus on end of life of third gen. What's the thing that's coming in much stronger than what you originally thought when you gave the billings guide initially to now?

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [14]

--------------------------------------------------------------------------------

Well, there are 2 things there on the positive side. So I did say Verodin a little bit better than expectations in the second quarter. The other major thing is our cloud -- our platform and cloud subscription and managed services grew really nicely, and so we're now seeing the impact of that growth on the billing side over the last couple of years. We had -- in the second quarter, we had 27% year-over-year growth in that category.

--------------------------------------------------------------------------------

Sterling Auty, JP Morgan Chase & Co, Research Division - Senior Analyst [15]

--------------------------------------------------------------------------------

Okay. And then the follow-up is when you were thinking about the end of life, was this always the plan in terms of the timing of the end of life in terms of third gen? And what is it that really took you guys by surprise to see the magnitude of it, the change?

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [16]

--------------------------------------------------------------------------------

So this was the timing of the end of life. I think what comes by surprise is really the expected number of refreshes was less than we saw in previous end-of-life processes. So we basically end of life-d it at the very end of Q1 and the beginning of Q2 and so that really, we anticipated some activity in Q2 that just didn't happen. And again, it was primarily focused on smaller customers but ultimately, that impact has a pretty significant impact for the back half of the year.

--------------------------------------------------------------------------------

Operator [17]

--------------------------------------------------------------------------------

And our next question comes from Gregg Moskowitz with Mizuho.

--------------------------------------------------------------------------------

Gregg Steven Moskowitz, Mizuho Securities USA LLC, Research Division - MD of Americas Research [18]

--------------------------------------------------------------------------------

So getting back to platform business and as you mentioned, it was up 27% reported. It was also up 65% if you back out the 8-figure deal from a year ago. So my question here is how broad-based the growth was in Q2 as well as if you could speak to the sustainability of significant double-digit growth in the platform category going forward.

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [19]

--------------------------------------------------------------------------------

Yes. So there are 2 things on that. I think we had -- we really had a great quarter across the whole category. I think if you look at each of the individual components of that, they really had strong quarters. We had 20% ARR growth in the intel side. We had really strong Managed Defense quarter as well. And then just across, if you look at Verodin, it was a nice contribution, obviously the first initial contribution to the quarter. And our expectation is consistent with our long-term model in that we expect that growth -- that group and category to be the accelerating billings and revenue component. So we do believe it's sustainable.

--------------------------------------------------------------------------------

Gregg Steven Moskowitz, Mizuho Securities USA LLC, Research Division - MD of Americas Research [20]

--------------------------------------------------------------------------------

All right. Great. And then as a follow-up...

--------------------------------------------------------------------------------

Kevin R. Mandia, FireEye, Inc. - CEO & Director [21]

--------------------------------------------------------------------------------

And Gregg, just a little color on that. There's just tons of relevance there. When you look at what all the security practitioners want right now, the #1 question I get in every boardroom or even talking to [CSOs] is how good am I, how good do I need to be at security. You test it and that Verodin platform is totally relevant. And then Frank mentioned in his direct remarks. You may have missed it. I think it was the fifth quarter in a row Mandiant Services had its record revenue quarter. That's 5 quarters in a row and that's not just because we respond to breaches. Most people think, "Wow, Mandiant, that's what they do for a living. They just respond to every breach that matters." But when you respond to every breach that matters, it makes you exceptional at the strategic consulting aspects of it as well and then our Threat Intelligence is relevant. There's a day in my career when -- I always thought maybe attribution doesn't matter. Right now when you're compromised or being attacked and you know it, the first thing you want is the context as to who might it be and what might the risks be. So just the relevance of what -- and I can keep going but I'll stop so we can address everybody's questions and get the models right, but the relevance inside that category is high and that's why I feel very confident that we can grow it at market rates or above.

--------------------------------------------------------------------------------

Gregg Steven Moskowitz, Mizuho Securities USA LLC, Research Division - MD of Americas Research [22]

--------------------------------------------------------------------------------

Okay. That's really good perspective. And then just one other -- one follow-up ahead just on duration. So you guys spoke to and saw actually a significant increase in average term length for your product and subscription billings and you talked about kind of more of an appliance mix shift. What are you assuming with respect to average contract length for the second half of the year as part of your billings guidance?

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [23]

--------------------------------------------------------------------------------

So Gregg, I think we'd assumed it would be a little bit more normalized to the previous few quarters. So I think overall in the recurring subscription and support in that 24 to 26 area, the product and related had ticked up to 29 months. I think you will see that come back down probably to the 24 to 26 months.

--------------------------------------------------------------------------------

Operator [24]

--------------------------------------------------------------------------------

And our next question comes from Shaul Eyal with Oppenheimer.

--------------------------------------------------------------------------------

Shaul Eyal, Oppenheimer & Co. Inc., Research Division - MD & Senior Analyst [25]

--------------------------------------------------------------------------------

Despite the reduced outlook, I think one of the questions investors have in mind specifically today in light of the Capital One sizable breach that we reported earlier, did you guys get a call on the incident response side of the equation?

--------------------------------------------------------------------------------

Kevin R. Mandia, FireEye, Inc. - CEO & Director [26]

--------------------------------------------------------------------------------

We wouldn't be able to comment to that. We have an NDA with all our customers. We've been in the business for 20 years to help people solve complex problems quietly and discreetly, and we're going to stay in that business.

--------------------------------------------------------------------------------

Shaul Eyal, Oppenheimer & Co. Inc., Research Division - MD & Senior Analyst [27]

--------------------------------------------------------------------------------

Fair enough. And do you think that some of the issues, the billings healthy but revenue outflow down, does it have to be with the super competitive arena? Clearly, there are some new market entrants playing to an extent in your domain as well. Could that be part of the reason?

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [28]

--------------------------------------------------------------------------------

I think I'm sure some of the pressure on the renewals on the end-of-life appliances has to do with the competitive landscape on the network and e-mail side. Those -- the nonrenewals were pretty much focused primarily on those 2 areas. But I think if you look at our continued innovation in those areas, as there become new entrants in those markets, our products get more competitive as well and that's why you're seeing a lot of new business in network and e-mail as well.

--------------------------------------------------------------------------------

Operator [29]

--------------------------------------------------------------------------------

And our next question comes from Rob Owens with KeyBanc Capital Markets.

--------------------------------------------------------------------------------

Robbie David Owens, KeyBanc Capital Markets Inc., Research Division - Senior Research Analyst [30]

--------------------------------------------------------------------------------

I think you might have answered part of it but you had mentioned earlier that this was activity on smaller customers, and it does feel like [$25 million] is a lot of smaller customers or a lot of activities. So those were mainly competitive losses then in your opinion? Or are these folks that may transition over to subscription services? Maybe help me out a little bit.

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [31]

--------------------------------------------------------------------------------

Yes. I think some of them, obviously on the e-mail side, have transitioned over to our e-mail cloud solution, but we did have -- if you look at the non-renewals, they were primarily smaller customers but absolutely, there was a handful of larger customers as well. And again, I think the good news and the end of this is there's really only $3 million left of the ARR as of June 30. So we just don't think we can see that big of an impact going forward.

--------------------------------------------------------------------------------

Kevin R. Mandia, FireEye, Inc. - CEO & Director [32]

--------------------------------------------------------------------------------

Yes. Rob, this is Kevin speaking. When I noticed the renewal pressure on FireEye's Network Security, it's primarily at the smaller customers and it's an option to go to a cloud-based service or a firewall module.

--------------------------------------------------------------------------------

Robbie David Owens, KeyBanc Capital Markets Inc., Research Division - Senior Research Analyst [33]

--------------------------------------------------------------------------------

And Kevin, when you look at the longer-term vision of spoke and then kind of the IP in the spoke-agnostic side, do you think that vision is built out? Are there other capabilities, other spokes you want to add in or other thing on the -- other capabilities on the agnostic side?

--------------------------------------------------------------------------------

Kevin R. Mandia, FireEye, Inc. - CEO & Director [34]

--------------------------------------------------------------------------------

Yes. When I think about it, Rob, I just try to oversimplify what is unique, differentiated for FireEye. We know more about the threat actors than anybody based on what? About 200 threat analysts that speak 32 languages in 19 different countries in a global capacity and nearly 400 incident responders that are at -- very near capacity at all times. So we see when all safeguards, technology people and process fail, and I think our true IP should be spoke and vendor agnostic. It's nice to have the spokes so we can put our own stuff into it, but at the same timeframe, we provide a lot more value to our customers if we can get our platform to overlay what we know about the threat actors on a daily basis into their infrastructure regardless of the spokes that they use.

So I think that's the road that we've been on for 3 years, takes time to build it and I'm going to try to accelerate us more into that platform and spoke agnostic portion as well as -- we'll have the spokes. We need them. When you look at what we do in our incident responses, almost 99% of the time, we need our Endpoint to do the forensics. We do at scale. But I just think our true IP is that knowledge of what's going on right now and what that knowledge can bring us to help customers instrument -- are they vulnerable to those attacks, aka Verodin? And if they are, how can we orchestrate so that they're not. And we see what the results of these attacks look like in everybody's tech. And again, we do hundreds of red teams every year and I still feel that all that knowledge, it's just spoke agnostic. That's led to our customers getting more value from it.

--------------------------------------------------------------------------------

Operator [35]

--------------------------------------------------------------------------------

And our next question comes from Tal Liani with Bank of America.

--------------------------------------------------------------------------------

Tal Liani, BofA Merrill Lynch, Research Division - MD and Head of Technology Supersector [36]

--------------------------------------------------------------------------------

I want to go back to some of the early questions that were asked and I'm thinking about it in simple terms. I'm focusing mostly on the gross margin. What I'm trying to understand -- and I give you the background for my question. The biggest risk for your company is that you have so much legacy business still in the installed base with very high maintenance revenues of all the contracts. And then when these roll off, the renewal is at much, much lower revenues just because the competition right now, competitive landscape, is very different from 2 years, 3 years ago. So the contract size is going to be smaller if you don't sell anything else and the maintenance renewal is also going to be -- or lower revenues, and these are almost 100% margin revenues that are going away, just the incremental margin. So the question is how much of what I said explains what happened this quarter to margins? And how much of it is not?

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [37]

--------------------------------------------------------------------------------

So very little, Tal. I think if you look at the current quarter decrease in gross margin, the primary driver of that was the fact that we absolutely moved all our cloud traffic from our internal data centers to a public cloud provider. And we did it very quickly in the quarter and so that we're basically double paying both our internal data centers in the quarter plus from some pretty significant cloud costs. And so that will normalize a little bit because we're optimizing on the cloud side, but we're also being able to eventually turn off those data centers. So I think it's more of a short-term impact, but the overall -- if you look at our discounting over time, even though the landscape is more competitive, we've been able to continue to keep our pricing and discounting in line.

--------------------------------------------------------------------------------

Tal Liani, BofA Merrill Lynch, Research Division - MD and Head of Technology Supersector [38]

--------------------------------------------------------------------------------

Got it. So how long -- and I apologize if you said it before, how long does it take you to turn off, if I can call it this way, your private data center and migrate everything to public cloud?

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [39]

--------------------------------------------------------------------------------

Yes. So the migration to public cloud is almost entirely done on the actual product and solution side. We actually -- if we look at the next few quarters, I think it's going to take us at least throughout the remainder of this year to get completely out of those related data centers. So I think that's why you see it in the operating margin guidance for 2019, but I think we'll be able to normalize that for 2020.

--------------------------------------------------------------------------------

Tal Liani, BofA Merrill Lynch, Research Division - MD and Head of Technology Supersector [40]

--------------------------------------------------------------------------------

So if nothing happens, nothing else happens and you enter 2020 by -- just by the fact that you decommissioned the current data center, do you think -- and again, nothing else happened in terms of mix, et cetera, mix of product. So I don't want to assume any other improvement. So if only that happens, will you be able to go back to your margin structure that you had before? Or does this have -- the public cloud has some inherent lower margin that you'll have to compensate or you'll have to offset in a different way?

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [41]

--------------------------------------------------------------------------------

No. I think our belief is that with the right optimization in the public cloud, we can get margin similar to our internal operating data center costs. And that's kind of what our model would show. There is obviously a level of optimization you need to do as you move that traffic over and as you partition and then work with a different cloud provider and -- but I think that's our original kind of thought process there.

--------------------------------------------------------------------------------

Tal Liani, BofA Merrill Lynch, Research Division - MD and Head of Technology Supersector [42]

--------------------------------------------------------------------------------

So when you say that you believe that in 2020 you'll be able to get back to this margin level, do you assume anything else or you're only assuming optimization of the public cloud?

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [43]

--------------------------------------------------------------------------------

Optimization and then also getting out of the current data centers that we're still paying on.

--------------------------------------------------------------------------------

Operator [44]

--------------------------------------------------------------------------------

And our next question comes from Erik Suppiger with JMP Securities.

--------------------------------------------------------------------------------

Erik Loren Suppiger, JMP Securities LLC, Research Division - MD & Senior Research Analyst [45]

--------------------------------------------------------------------------------

I was just wondering about your Endpoint business. How is the competitive dynamics around that? And what is the pricing environment for the Endpoint these days?

--------------------------------------------------------------------------------

Kevin R. Mandia, FireEye, Inc. - CEO & Director [46]

--------------------------------------------------------------------------------

Yes. Frank and I are both jumping to answer that question. As the guy who wrote our original Endpoint road map back in 2004, right now, our Endpoint is primarily strongest when you have to do deep dive forensics at scale. And it has an open API. So it's also strongest when you have security experts as part of your team as the customer writing to interact with our APIs. I can -- when you look at -- there's like a next-gen Endpoint coming out and they're all taking market from what we call the legacy Endpoints. So the business grew year-over-year. We still -- I've said this many times. Every Endpoint evolves from different places but we're just really, really strong as an EDR Endpoint and we're backing into -- as I call it, you've got to start somewhere niche and you expand. We are backing into endpoint protection. We've done that for Windows and we're expanding that into Mac and Linux over time. But from a forensic standpoint, we work on Mac, Linux, Windows and that's our strength.

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [47]

--------------------------------------------------------------------------------

And I haven't seen a lot of -- and the pricing really hasn't seemed to change much over the past few quarters. I think a year ago, I think it took a leg down but over the past few quarters, we really haven't seen much price pressure there.

--------------------------------------------------------------------------------

Operator [48]

--------------------------------------------------------------------------------

And our next question comes from Andrew Nowinski with Piper Jaffray.

--------------------------------------------------------------------------------

Andrew James Nowinski, Piper Jaffray Companies, Research Division - Principal & Senior Research Analyst [49]

--------------------------------------------------------------------------------

I want to ask you a question on your e-mail cloud. So it sounds like the increasing cloud hosting class may have been mostly related to your e-mail solutions. So can you just give any color on whether your solutions are now being used as a primary e-mail solution versus just a helper? And then which vendors are you displacing?

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [50]

--------------------------------------------------------------------------------

So I think in a lot of cases, we're still a second line of defense because we really just started being able to be a first line of defense in early 2019. So yes, that process is still going. I think we are winning deals as the first line of defense and I think in a lot of cases, there's the legacy kind of e-mail vendors in that scenario. But I think we continue to innovate on the e-mail product. We continue to grow that overall business both on the on-premise and cloud side.

--------------------------------------------------------------------------------

Andrew James Nowinski, Piper Jaffray Companies, Research Division - Principal & Senior Research Analyst [51]

--------------------------------------------------------------------------------

Okay. And then just a clarification with regard to your billings. I know you said you had higher-than-expected commission costs for your cloud hosting part and we certainly saw the strong cloud billings growth, but your total billings only came in toward the high end of the range. So if your cloud billings are more in line with what you're expecting, would total billings still have been within your guided range?

--------------------------------------------------------------------------------

Frank E. Verdecanna, FireEye, Inc. - Executive VP, CFO & CAO [52]

--------------------------------------------------------------------------------

So I think, Andrew, what you're focusing on is the higher commission I referred to was the fact that if you look at the mix of new business versus renewals, we had a heavier mix of new business, which has a much higher commission rate than we pay on renewal business. And so we were over our plan on new business, under on renewal, and so that had an impact on commission expense.

--------------------------------------------------------------------------------

Operator [53]

--------------------------------------------------------------------------------

And our final question comes from Jonathan Ho with William Blair & Company.

--------------------------------------------------------------------------------

John Gregory Weidemoyer, William Blair & Company L.L.C., Research Division - Associate [54]

--------------------------------------------------------------------------------

This is John Weidemoyer for Jonathan. I have a question on Helix. Can you talk about the -- can you give some color on the select availability release in the second quarter? Give some further color on the reception there.

--------------------------------------------------------------------------------

Kevin R. Mandia, FireEye, Inc. - CEO & Director [55]

--------------------------------------------------------------------------------

Yes. This is Kevin speaking. I spoke about we have about 1/2 dozen customers right now using it for many different use cases. I spoke to the architect today on how that was going. It's a very flexible platform. All installs are going very, very well. The amount of use cases we're solving is exceptionally broad right now. The good news on that is that every time we solve a use case, we've got a playbook that's portable with other customers. The less than good news on that is, my god, people are using this thing to solve a whole lot of problems we didn't foresee in the first place. But we have a very dynamic platform, and I'll reiterate this was built on the X15 platform. We did that acquisition over 1.5 years ago because what I learned is we have a lot of security expertise but we're not a bunch of big data jockeys, so we had to buy a big data platform.

We put our orchestration capabilities into the big data platform and then created a front end to it called command center. Marketing did not bless that name yet, but we call it command center, which is almost like a security operations platform. We've put all of the 3 together. I left my notes on the results back in the office but the good news, it's up, it's running, it's ingesting data from all over the place to include even the Internet. One use case that we thought was pretty cool is a customer is using the next-gen Helix, to literally scrape Pastebin for keywords every single day and seeing if certain keywords pop up in Pastebin so they know if they have a problem or not. I really haven't heard of any product that does anything like that. You'd have to have engineers go code that yourselves.

So the use case is very -- I'm happy with where it's at. You can never go fast enough, right? I mean at the end of the day, I'll say on the call I'm happy where it's at. 5 minutes after this call, I'll be walking down the hall telling engineers, "I want it now. I want it faster." So -- but the installs are going well. And we have our best SEs and engineers working on it right now and I'm very pleased with what I'm seeing.

--------------------------------------------------------------------------------

John Gregory Weidemoyer, William Blair & Company L.L.C., Research Division - Associate [56]

--------------------------------------------------------------------------------

Okay. That's helpful color. And just last question, the internal structure change. My impression on the way you described it was it was mostly -- that it wasn't really moving people around so much like engineers and such but it's more a management, having management oversight at particularly strategic points to direct the focus of your release note folks to get them to match your strategic initiatives. Did I misinterpret it? Is there a whole lot of cycle of underlying people or in which way -- is it management?

--------------------------------------------------------------------------------

Kevin R. Mandia, FireEye, Inc. - CEO & Director [57]

--------------------------------------------------------------------------------

Well, it's management and there are some people moving underneath. I mean you always do organizational changes to get alignment for a cause and a purpose, that simple. And the reason we're doing this one is to accelerate the platform. We've worked years to stabilize a bunch of products, stabilize renewal rates, show some steady growth there but every time I assess this business, I want to accelerate the platform and that's -- it's time to do that. And you take incremental steps along the way. So we've had it ongoing. It's not like we're just, "Hey, this quarter, we're now focused on it." We've taken incremental changes every 6 months to a year to focus more on the platform and the parts of our business that are accelerating the growth. If I put it under different groups, it's -- you just get better focus, that simple. So that's the #1 reason we did this: accelerate growth to the platform. And by the way, the prior move was, let's have a platform-first mentality in a decentralized way, and I just want to centralize it in -- [and haul].

--------------------------------------------------------------------------------

Operator [58]

--------------------------------------------------------------------------------

Ladies and gentlemen, this concludes our question-and-answer session for today's call. I would now like to turn the call back over to Kevin Mandia for any closing remarks.

--------------------------------------------------------------------------------

Kevin R. Mandia, FireEye, Inc. - CEO & Director [59]

--------------------------------------------------------------------------------

Yes. Thank you very much folks for your interest in our company. Our transformation is not defined by a single 90-day performance. I believe we are proving our transformation and that we will continue on our path to provide our customers a single platform that implements Security as a Service, overlays our intelligence, decouples our detection and our IP from our spoke products over time, enables Expertise On-Demand, and powers security instrumentation. I believe the organizational changes that we've made within FireEye will improve our pace of innovation and deliver and execute. Thank you very much for your time and I look forward to speaking to you in 90 days.

--------------------------------------------------------------------------------

Operator [60]

--------------------------------------------------------------------------------

Ladies and gentlemen, thank you for participating in today's conference. This concludes today's program and you may all disconnect. Everyone, have a wonderful day.