Amendment No. 1 to Form F-1
Table of Contents

As filed with the Securities and Exchange Commission on July 9, 2014

Registration No. 333-196991

 

 

 

UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

Washington, D.C. 20549

 

 

Amendment No. 1

to

Form F-1

REGISTRATION STATEMENT

UNDER THE SECURITIES ACT OF 1933

 

 

 

Cyber-Ark Software Ltd.

(Exact Name of Registrant as Specified in its Charter)

 

 

 

State of Israel   7372   Not Applicable

(State or Other Jurisdiction of

Incorporation or Organization)

 

(Primary Standard Industrial

Classification Code Number)

 

(I.R.S. Employer

Identification No.)

Cyber-Ark Software Ltd.

94 Em-Ha’moshavot Road

Park Azorim, P.O. Box 3143

Petach Tikva 4970602, Israel

+972 (3) 918-0000

(Address, including zip code, and telephone number, including area code, of Registrant’s principal executive offices)

 

 

Cyber-Ark Software, Inc.

60 Wells Avenue

Suite 103

Newton, MA 02459

(617) 965-1544

(Name, address, including zip code, and telephone number, including area code, of agent for service)

 

 

Copies to:

 

Colin J. Diamond, Esq.

Joshua G. Kiernan, Esq.

White & Case LLP

1155 Avenue of the Americas

New York, NY 10036

Tel: (212) 819-8200

Fax: (212) 354-8113

 

Dan Shamgar, Adv.

David S. Glatt, Adv.

Meitar Liquornik Geva

Leshem Tal

16 Abba Hillel Silver Rd.

Ramat Gan 5250608, Israel

Tel: +972 (3) 610-3100

Fax: +972 (3) 610-3111

 

Mark T. Bettencourt, Esq.

Michael J. Minahan, Esq.

Gregg L. Katz, Esq.

Goodwin Procter LLP

53 State Street

Boston, MA 02109

Tel: (617) 570-1000

Fax: (617) 523-1231

   Tuvia J. Geffen, Adv.

Naschitz, Brandes, Amir & Co.

5 Tuval Street

Tel Aviv 6789717, Israel

Tel: +972 (3) 623-5000

Fax: +972 (3) 623-5005

 

 

Approximate date of commencement of proposed sale to the public: As soon as practicable after effectiveness of this registration statement.

If any of the securities being registered on this Form are to be offered on a delayed or continuous basis pursuant to Rule 415 under the Securities Act of 1933, check the following box.  ¨

If this Form is filed to register additional securities for an offering pursuant to Rule 462(b) under the Securities Act, check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering.  ¨

If this Form is a post-effective amendment filed pursuant to Rule 462(c) under the Securities Act, check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering.  ¨

If this Form is a post-effective amendment filed pursuant to Rule 462(d) under the Securities Act, check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering.  ¨

 

 

CALCULATION OF REGISTRATION FEE

 

 

Title of Each Class of

Securities to be Registered

  

Proposed
Maximum

Aggregate

Offering Price(1)(2)

  

Amount of

Registration Fee(3)

Ordinary shares, par value NIS 0.01

   $75,000,000    $9,660

 

 

(1) Estimated solely for the purpose of calculating the registration fee pursuant to Rule 457(o) under the Securities Act of 1933.
(2) Includes shares granted pursuant to the underwriters’ option to purchase additional shares.
(3) Previously paid.

 

 

The Registrant hereby amends this Registration Statement on such date or dates as may be necessary to delay its effective date until the Registrant shall file a further amendment which specifically states that this Registration Statement shall thereafter become effective in accordance with Section 8(a) of the Securities Act or until the Registration Statement shall become effective on such date as the Securities and Exchange Commission, acting pursuant to said Section 8(a), may determine.

 

 

 


Table of Contents

The information in this prospectus is not complete and may be changed. We may not sell these securities until the registration statement filed with the Securities and Exchange Commission is effective. This prospectus is not an offer to sell these securities, and we are not soliciting an offer to buy these securities in any jurisdiction where the offer or sale is not permitted.

 

Subject to completion, dated July 9, 2014

Preliminary Prospectus

             Shares

 

LOGO

Ordinary Shares

 

 

This is the initial public offering of Cyber-Ark Software Ltd. Prior to this offering, there has been no public market for our ordinary shares. We are selling                  ordinary shares. The estimated initial public offering price is between $         and $         per share.

We intend to apply to have the ordinary shares listed on the NASDAQ Global Select Market under the symbol “CYBR”.

 

     Per
Share
     Total  

Public offering price

   $                    $                

Underwriting discounts and commissions(1)

   $         $     

Proceeds to us (before expenses)

   $         $     

 

(1) See “Underwriting” for a description of compensation payable to the underwriters.

We have granted the underwriters an option to purchase up to                  additional ordinary shares.

 

 

We are an “emerging growth company” as defined under the federal securities laws and, as such, may elect to comply with certain reduced public company reporting requirements for future filings.

Investing in our ordinary shares involves a high degree of risk. See “Risk Factors” beginning on page 12.

Neither the Securities and Exchange Commission nor any state securities commission has approved or disapproved of these securities or determined if this prospectus is truthful or complete. Any representation to the contrary is a criminal offense.

The underwriters expect to deliver the ordinary shares to purchasers on or about                     , 2014.

 

 

 

J.P. Morgan    Deutsche Bank Securities    Barclays
William Blair    Nomura    Oppenheimer & Co.

                    , 2014


Table of Contents

LOGO


Table of Contents

TABLE OF CONTENTS

 

     Page  

Summary

     1   

Risk Factors

     12   

Special Note Regarding Forward-Looking Statements

     34   

Market and Industry Data

     35   

Use of Proceeds

     36   

Dividend Policy

     36   

Capitalization

     37   

Dilution

     38   

Selected Consolidated Financial Data

     40   

Management’s Discussion and Analysis of Financial Condition and Results of Operations

     43   

Business

     70   

Management

     88   

Principal Shareholders

     114   

Certain Relationships and Related Party Transactions

     117   

Description of Share Capital

     120   

Shares Eligible for Future Sale

     126   

Taxation and Israeli Government Programs Applicable to our Company

     128   

U.S. and Israeli Tax Consequences for our Shareholders

     132   

Underwriting

     140   

Legal Matters

     146   

Experts

     146   

Enforceability of Civil Liabilities

     146   

Where You Can Find Additional Information

     148   

Index to Consolidated Financial Statements

     F-1   

 

 

Neither we nor the underwriters have authorized anyone to provide information different from that contained in this prospectus, any amendment or supplement to this prospectus or in any free writing prospectus prepared by us or on our behalf. Neither we nor the underwriters take any responsibility for, and can provide no assurance as to the reliability of, any information other than the information in this prospectus and any free writing prospectus prepared by us or on our behalf. Neither the delivery of this prospectus nor the sale of our ordinary shares means that information contained in this prospectus is correct after the date of this prospectus. This prospectus is not an offer to sell or the solicitation of an offer to buy these ordinary shares in any circumstances under which such offer or solicitation is unlawful.


Table of Contents

SUMMARY

This summary highlights selected information contained elsewhere in this prospectus. This summary does not contain all the information that you should consider before deciding to invest in our ordinary shares. You should read the entire prospectus carefully, including “Risk Factors” and our consolidated financial statements and notes to those consolidated financial statements, before making an investment decision. In this prospectus, the terms “CyberArk,” “we,” “us,” “our” and “the Company” refer to Cyber-Ark Software Ltd. and its subsidiaries.

Overview

We are a global leader and pioneer of a new layer of IT security solutions that protects organizations from cyber attacks that have made their way inside the network perimeter to strike at the heart of the enterprise. Our software solution is focused on protecting privileged accounts, which have become a critical target in the lifecycle of today’s cyber attacks. Privileged accounts are pervasive and act as the “keys to the IT kingdom,” providing complete access to, and control of, all parts of IT infrastructure, industrial control systems and critical business data. In the hands of an external attacker or malicious insider, privileged accounts allow attackers to take control of and disrupt an organization’s IT and industrial control infrastructures, steal confidential information and commit financial fraud. Our comprehensive solution proactively protects privileged accounts, monitors privileged activity and detects malicious privileged behavior. Our customers use our innovative solution to introduce this new security layer to protect against, detect and respond to cyber attacks before they strike vital systems and compromise sensitive data.

Organizations worldwide are experiencing an unprecedented increase in the sophistication, scale and frequency of cyber attacks. The challenge this presents is intensified by the growing adoption of new technologies, such as cloud computing, virtualization, software-defined networking, enterprise mobility and social networking, which has resulted in increasingly complex and distributed IT environments with significantly larger attack surfaces. Organizations have historically relied upon perimeter-based threat protection solutions such as network, web and endpoint security tools as the predominant defense against cyber attacks, yet these traditional solutions have a limited ability to stop today’s advanced threats. As a result, an estimated 90% of organizations have suffered a cybersecurity breach according to a 2011 survey of approximately 580 U.S. IT practitioners by the Ponemon Institute, a research center focused on privacy, data protection and information security policy. Organizations are just beginning to adapt their security strategies to address this new threat environment and are evolving their approaches based on the assumption that their network perimeter has been or will be breached. They are therefore increasingly implementing new layers of security inside the network to disrupt attacks before they result in the theft of confidential information or other serious damage. Regulators are also continuing to mandate rigorous new compliance standards and audit requirements in response to this evolving threat landscape.

We believe that the implementation of a privileged account security solution is one of the most critical layers of an effective security strategy. Privileged accounts represent one of the most vulnerable aspects of an organization’s IT infrastructure. Privileged accounts are used by system administrators, third-party and cloud service providers, applications and business users, and they exist in nearly every connected device, server, hypervisor, operating system, database, application and industrial control system. Due to the broad access and control they provide, exploiting privileged accounts has become a critical stage of the cyber attack lifecycle. The typical cyber attack involves attackers effecting an initial breach, escalating privileges to access target systems, moving laterally through the IT infrastructure to identify valuable targets, and exfiltrating, or stealing, the desired information. According to Mandiant, credentials of authorized users were hijacked in 100% of the breaches that Mandiant investigated, and privileged accounts were targeted whenever possible.

We have architected our solution from the ground up to address the challenges of protecting privileged accounts and an organization’s sensitive information. Our solution provides proactive protection against cyber attacks from both external and internal sources and allows for real-time detection and neutralization

 

 

1


Table of Contents

of such threats. It can be deployed in traditional on-premise data centers, cloud environments and industrial control systems. Our innovative software solution is the result of over 10 years of research and expertise, combined with valuable knowledge we have gained from working with our diverse population of customers.

Our Privileged Account Security Solution is built on our shared technology platform and consists of several products:

 

    Enterprise Password Vault: proactively protects and manages all privileged accounts across an entire organization

 

    Privileged Session Manager: enables live monitoring and command-line keystroke level recording of privileged sessions, isolates the target asset from malware and establishes a single point of control for all privileged activity

 

    Application Identity Manager: secures application to application interfaces by enabling proactive controls on privileged credentials embedded in applications, service accounts and scripts

 

    On-Demand Privileges Manager: limits the breadth of access of administrative accounts by restricting the use of specified commands and functions

 

    Privileged Threat Analytics: profiles and analyzes individual privileged user behavior and creates prioritized alerts when abnormal activity is detected

As of June 30, 2014, we had over 1,500 customers, including over 35% of the Fortune 100 and approximately 15% of the Global 2000. We define a customer to include a distinct entity, division or business unit of a company. Our customers include leading enterprises in a diverse set of industries, including energy and utilities, financial services, healthcare, manufacturing, retail, technology and telecommunications, as well as government agencies. We sell our solution through a high touch, channel fulfilled hybrid sales model that combines the leverage of channel sales with the account control of direct sales, and therefore provides us with significant opportunities to grow our current customer base. This approach allows us to maintain close relationships with our customers and benefit from the global reach of our channel partners. Additionally, we are enhancing our product offerings and go-to-market strategy by establishing technology alliances within the IT infrastructure and security vendor ecosystem.

Our business has rapidly grown in recent years. During 2011, 2012 and 2013, our revenues were $36.4 million, $47.2 million and $66.2 million, respectively, representing year-over-year growth of 29.8% and 40.1%, in 2012 and 2013, respectively. Our net income for 2011, 2012 and 2013 was $5.9 million, $7.9 million and $6.6 million, respectively. For the three months ended March 31, 2013 and 2014, our revenues were $12.7 million and $17.4 million, respectively. Our net income for the three months ended March 31, 2013 was $0.1 million compared with a net loss of $1.2 million for the same period in 2014.

Industry Overview

The recent increase in sophisticated, targeted security threats by both external attackers and malicious insiders, along with an increase in the attack surface due to the growing complexity and distributed nature of IT environments, have made it extremely challenging for enterprises and governments around the world to protect their sensitive information. These challenges are driving the need for a new layer of security that complements traditional threat protection technologies by securing access to privileged accounts and preventing the exploitation of organizations’ critical systems and data.

Privileged accounts represent one of the most vulnerable aspects of an organization’s IT infrastructure. Privileged escalation is a critical stage of the cyber attack because, if privileged credentials are compromised, the attacker is able to move closer to sensitive data while remaining undetected. Today’s advanced cyber attacks are typically designed to evade traditional threat prevention technologies that are focused on protecting the perimeter from outside breach. Furthermore, compliance requirements continue to become more stringent in response to the complex and evolving threat landscape.

 

 

2


Table of Contents

Challenges in Protecting Privileged Accounts

The increasing sophistication, scale and frequency of advanced cyber attacks challenge traditional cybersecurity methods and create a need for a comprehensive approach to securing privileged accounts from use by external or internal attackers to gain access to and exploit an organization’s confidential data and IT systems. Such an approach must address a range of challenges presented by privileged accounts, including:

 

    traditional security solutions’ limited ability to protect privileged credentials and critical assets from cyber attacks;

 

    insufficient visibility and lack of automation in the management of privileged accounts;

 

    inability to monitor and audit all privileged activity;

 

    inadequate or delayed response time in detecting malicious and high risk behaviors; and

 

    limited scalability of existing point solutions.

Our Solution

Our Privileged Account Security Solution provides organizations with the following benefits:

 

    Comprehensive platform for proactive protection of privileged credentials and target assets from cyber attacks. Our comprehensive solution for privileged account security enables our customers to proactively protect against and automatically detect and respond to in-progress cyber attacks before they strike vital systems and compromise sensitive data. Our unified solution to these previously disparate security needs enables our customers to preemptively remediate vulnerabilities and improve their security effectiveness from a central command and control point.

 

    Automatic identification and understanding of the scope of privileged account risk. Our solution automatically detects privileged accounts across the enterprise and helps customers visualize the resulting compliance gaps and security vulnerabilities. This automated process reduces the time-consuming and error-prone task of manually tracking and updating privileged credentials, thereby decreasing IT operational costs. This enhanced visibility significantly improves the security posture of our customers and facilitates adherence to rigorous audit and compliance standards.

 

    Continuous monitoring, recording and secure storage of privileged account activity. Our solution monitors, collects and records individual privileged session activity down to every mouse click and keystroke. It also provides highly secure storage of privileged session recordings, robust search capabilities and full forensics records to facilitate a more rapid and precise response to malicious activity.

 

    Real-time detection, alerting and response to malicious privileged activity. Our Privileged Threat Analytics product uses proprietary algorithms to profile and analyze individual privileged user behavior and creates prioritized alerts in real-time when abnormal activity is detected. This allows our customers’ incident response teams to investigate and prioritize threatening activity and respond by terminating the active session.

 

    Purpose-built solution, architected for privileged account security. Our Digital Vault offers multiple layers of security including robust segregation of duties, a secure proprietary communications protocol and military-grade encryption. Our Privileged Session Manager product establishes a single point of control for all privileged activity, effectively decreasing the attack surface by providing only proxy-based access to IT assets through our platform.

 

    Scalable and flexible platform that enables modular deployment. Our solution is scalable and flexible to enable deployment in large-scale distributed environments for on-premise, cloud environments and industrial control systems. Our solution enables enterprises to leverage their existing investments with out of the box support for many devices, networks, applications and servers, including web sites and social media.

 

 

3


Table of Contents

Our Market Opportunity

We believe that the security market is in the midst of a significant transition as enterprises are investing in a new generation of security solutions to help protect them against today’s sophisticated and targeted cyber threats from both external attackers and malicious insiders. Gartner estimates that by 2020, 60% of enterprise information security budgets will be allocated to rapid detection and response approaches, up from less than 10% in 2014. Recognizing that traditional perimeter-based threat protection solutions are not sufficient to protect against today’s advanced cyber threats, enterprises are investing in security solutions within the datacenter to protect the inside of their networks. According to a 2012 report by International Data Corporation (IDC), worldwide spending on datacenter security solutions was $10.7 billion in 2011 and is expected to grow to $16.5 billion by 2016, representing a compound annual growth rate of 9.3%. According to the same report, worldwide spending for IT security solutions was $28.4 billion in 2011 and is expected to grow to $40.8 billion in 2016, representing a compound annual growth rate of 7.6%.

We believe that privileged account security is a new, critical layer of security that is benefitting from this transition. Privileged accounts represent one of the most vulnerable aspects of an organization’s IT infrastructure and exist in nearly every connected device, server, hypervisor, operating system, database, application and industrial control system throughout on-premise and cloud-based datacenters. As a result, we believe that an increasing portion of the IT security budget, and specifically datacenter security spend, will be allocated for privileged account security solutions.

Our Competitive Strengths

Our mission is to protect the heart of the enterprise from advanced cyber attacks. We have established a leadership position in protecting high-value data and critical IT assets by securing privileged accounts, and have several key competitive strengths including:

 

    Trusted expert in privileged account security. We are a recognized brand name and a leader in privileged account security, protecting organizations worldwide against external threats that have already penetrated the perimeter, as well as threats that originate from within the perimeter by malicious or careless insiders.

 

    Technology leader driven by vision and focus on innovation. Our history of innovation is the cornerstone of our technology leadership. We pioneered Digital Vault technology and introduced patented technology for application identity management, secure connectivity for remote vendors, integrated privileged activity monitoring, private and public cloud privileged account management and privileged threat analytics.

 

    Global reach driven by direct and indirect sales organization. We have a broadly dispersed global hybrid sales channel as evidenced by our existing customer implementations in 65 countries, a broad network of over 200 channel and technology alliance partners worldwide, and local presence in more than 20 countries.

 

    Strong management team with significant IT security expertise. We have a highly talented management team and a strong research and development organization with significant IT security expertise from past experience in leading IT security companies and Israel’s military technology units.

 

    Corporate culture committed to our customers’ success. Our commitment to our customers’ success is ingrained in our business strategy and is brought to life through constant customer interactions, employee functions and our engaging annual customer conferences attended by hundreds of customers and channel partners.

 

 

4


Table of Contents

Our Growth Strategy

Our goal is to be the global leader in IT security solutions that protect organizations from cyber attacks that

have made their way inside the network perimeter to strike at the heart of the enterprise. The key elements of our strategy to extend our global leadership include:

 

    continue innovating and enhancing our solution;

 

    growing our customer base;

 

    further penetrating our existing customer base;

 

    continuing to expand our global presence by leveraging systems integrators and distribution partnerships; and

 

    selectively pursuing strategic transactions.

Risks Associated With Our Business

Investing in our ordinary shares involves risks. You should carefully consider the risks described in “Risk Factors” beginning on page 12 before making a decision to invest in our ordinary shares. If any of these risks actually occur, our business, financial condition or results of operations would likely be materially adversely affected. In such case, the trading price of our ordinary shares would likely decline, and you may lose all or part of your investment. The following is a summary of some of the principal risks we face:

 

    The IT security market is new and rapidly evolving to address the increasingly challenging cyber threat landscape. If the industry does not develop as we anticipate, our sales will not grow as quickly as expected and our share price could decline.

 

    If we fail to effectively manage our growth, our business and operations will be negatively affected, and as we invest in the growth of our business, we expect our operating and net profit margins to decline in the near-term.

 

    Our quarterly results of operations may fluctuate for a variety of reasons, including our failure to close significant sales before the end of a particular quarter.

 

    Our reputation and business could be harmed based on real or perceived shortcomings, defects or vulnerabilities in our solution or the failure of our solution to meet customers’ expectations.

 

    If we are unable to acquire new customers, our future revenues and operating results will be harmed.

 

    If we are unable to sell additional products and services to our existing customers, our future revenues and operating results will be harmed.

 

    We face intense competition from IT security vendors, some of which are larger and better known than we are, and we may lack sufficient financial or other resources to maintain or improve our competitive position.

 

    If our internal network system is compromised by cyber attackers or other data thieves, public perception of our products and services will be harmed.

 

    We expect to be classified as a passive foreign investment company, or PFIC, for the taxable year ending December 31, 2014. We currently expect that we should not be classified as a PFIC for the following taxable year. You may be subject to adverse U.S. federal income tax consequences if we are classified as a PFIC and you are a U.S. Holder, as defined below, and you do not make certain elections with the IRS. See “U.S. and Israeli Tax Consequences for our Shareholders—Certain United States Federal Income Tax Consequences—Passive Foreign Investment Company Considerations.”

 

 

5


Table of Contents

Corporate Information

We are incorporated under the laws of the State of Israel. Our principal executive offices are located at 94 Em-Ha’moshavot Road, Park Azorim, P.O. Box 3143, Petach Tikva 4970602, Israel, and our telephone number is +972 (3) 918-0000. Our website address is www.cyberark.com. Information contained on, or that can be accessed through, our website does not constitute a part of this prospectus and is not incorporated by reference herein. We have included our website address in this prospectus solely for informational purposes. Our agent for service of process in the United States is Cyber-Ark Software, Inc., located at 60 Wells Avenue, Suite 103, Newton, MA 02459, and our telephone number is (617) 965-1544.

Throughout this prospectus, we refer to various trademarks, service marks and trade names that we use in our business. The “CyberArk” design logo is the property of Cyber-Ark Software Ltd. CyberArk® is our registered trademark in the United States. We have several other trademarks, service marks and pending applications relating to our products. In particular, although we have omitted the “®” and “™” trademark designations in this prospectus from each reference to Cyber-Ark DNA, Inter-Business Vault, Network Vault, Password Vault, Privileged Session Manager and Vaulting Technology, all rights to such trademarks are nevertheless reserved. Other trademarks and service marks appearing in this prospectus are the property of their respective holders.

 

 

6


Table of Contents

The Offering

 

Ordinary shares offered by us

             ordinary shares

 

Ordinary shares to be outstanding after this offering

             ordinary shares

 

Underwriters’ option

We have granted the underwriters an option for a period of 30 days after the date of this prospectus to purchase up to             additional ordinary shares.

 

Use of proceeds

We intend to use the net proceeds from this offering for general corporate purposes, including sales and marketing expenditures aimed at growing our business and research and development expenditures focused on product development. We may also use net proceeds to make acquisitions or investments in complementary companies or technologies, although we do not have any agreement or understanding with respect to any such acquisition or investment at this time. See “Use of Proceeds.”

 

Risk factors

See “Risk Factors” and other information included in this prospectus for a discussion of factors you should carefully consider before deciding to invest in our ordinary shares.

 

Proposed NASDAQ Global Select Market symbol

CYBR

The number of ordinary shares to be outstanding after this offering is based on 24,220,336 ordinary shares outstanding as of June 30, 2014 assuming the conversion of all outstanding preferred shares and warrants to purchase Series B3 preferred shares as of that date. The number of ordinary shares to be outstanding after this offering excludes (1) 4,894,001 ordinary shares reserved for issuance under our share option plans as of June 30, 2014, of which there were outstanding options to purchase 4,470,001 shares at a weighted average exercise price of $1.65 per share, and (2) 15,000 ordinary shares underlying warrants issued to an Israeli non-profit organization with an exercise price of $2.21 per share.

Unless otherwise indicated, this prospectus:

 

    reflects the conversion of all outstanding preferred shares into 16,569,078 ordinary shares, which will occur automatically immediately prior to the closing of this offering;

 

    reflects the issuance of 493,360 ordinary shares upon the exercise immediately prior to the closing of this offering of warrants and the receipt of $0.8 million by us from such exercise;

 

    reflects the adoption of our articles of association, which will occur in connection with the consummation of the offering;

 

    assumes an initial public offering price of $         per ordinary share, the midpoint of the estimated initial public offering price range set forth on the cover page of this prospectus; and

 

    assumes no exercise of the underwriters’ option to purchase up to                  additional ordinary shares from us.

 

 

7


Table of Contents

Summary Consolidated Financial Data

The following tables set forth our summary consolidated financial data. You should read the following summary consolidated financial and other data in conjunction with “Selected Consolidated Financial Data,” “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and our consolidated financial statements and related notes included elsewhere in this prospectus. Historical results are not necessarily indicative of the results that may be expected in the future. Our financial statements have been prepared in accordance with U.S. Generally Accepted Accounting Principles, or U.S. GAAP.

The summary consolidated statements of operations data for each of the years in the three-year period ended December 31, 2013 is derived from our audited consolidated financial statements appearing elsewhere in this prospectus. The summary consolidated statement of operations data for the three months ended March 31, 2013 and 2014 and the summary balance sheet data as of March 31, 2014 are derived from our unaudited interim consolidated financial statements presented elsewhere in this prospectus. In the opinion of management, these unaudited interim consolidated financial statements include all adjustments, consisting of normal recurring adjustments, necessary for a fair statement of our financial position and operating results for these periods. Results for interim periods are not necessarily indicative of the results that may be expected for the entire year.

 

 

8


Table of Contents
     Year ended December 31,     Three months ended
March 31,
 
     2011     2012     2013     2013     2014  
     (in thousands, except share and per share amounts)  

Consolidated Statements of Operations:

          

Revenues:

          

License

   $ 21,125      $ 27,029      $ 38,907      $ 6,702      $ 9,120   

Maintenance and professional services

     15,240        20,179        27,250        6,029        8,275   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Total revenues

     36,365        47,208        66,157        12,731        17,395   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Cost of revenues:

          

License

     899        1,002        1,216        269        628   

Maintenance and professional services

     4,517        5,922        7,860        1,865        2,426   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Total cost of revenues

     5,416        6,924        9,076        2,134        3,054   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Gross profit

     30,949        40,284        57,081        10,597        14,341   

Operating expenses:

          

Research and development(1)

     6,272        7,273        10,404        2,269        3,237   

Sales and marketing(1)

     15,929        22,081        32,840        6,817        9,433   

General and administrative(1)

     3,077        3,297        4,758        965        1,481   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Total operating expenses

     25,278        32,651        48,002        10,051        14,151   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Operating income

     5,671        7,633        9,079        546        190   

Financial income (expenses), net

     (190     4        (1,124     (240     (1,355
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Income before taxes on income

     5,481        7,637        7,955        306        (1,165

Taxes on income (benefit)

     (392     (225     1,320        178        83   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Net income (loss)

   $ 5,873      $ 7,862      $ 6,635      $ 128      $ (1,248
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Basic net income (loss) per ordinary share(2)

   $ 0.43      $ 0.51      $ 0.25      $ (0.15   $ (0.35
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Diluted net income (loss) per ordinary share(2)

   $ 0.26      $ 0.31      $ 0.14      $ (0.15   $ (0.35
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Weighted average number of ordinary shares used in computing basic net income per ordinary share(2)

     4,969,489        6,592,997        6,900,433        6,791,633        7,073,239   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Weighted average number of ordinary shares used in computing diluted net income per ordinary share(2)

     22,791,354        25,245,790        10,765,914        6,791,633        7,073,239   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Basic pro forma net income per ordinary share(3)

       $ 0.34        $ 0.01   
      

 

 

     

 

 

 

Diluted pro forma net income per ordinary share(3)

       $ 0.28        $ 0.01   
      

 

 

     

 

 

 

Weighted average number of shares used in computing pro forma basic net income per ordinary share(3)

         23,963,322          24,135,679   
      

 

 

     

 

 

 

Weighted average number of shares used in computing pro forma diluted net income per ordinary share(3)

         27,828,804          27,783,565   
      

 

 

     

 

 

 

 

 

9


Table of Contents
     As of March 31, 2014  
     Actual      Pro Forma      Pro Forma
As Adjusted(4)
 
     (in thousands)  

Consolidated Balance Sheet Data:

        

Cash, cash equivalents and short-term bank deposits

   $   73,621       $   73,621       $                

Deferred revenue, current and long-term

     32,395         32,395      

Working capital(5)

     51,366         51,366      

Total assets

     94,467         94,467      

Preferred share warrant liability

     3,530         —        

Total shareholders’ equity

     44,731         48,261      

 

     Year ended December 31,      Three months ended
March 31,
 
     2011      2012      2013      2013      2014  
     (in thousands)  

Supplemental Financial Data:

              

Non-GAAP operating income(6)

   $   7,347       $ 7,917       $ 9,482       $ 627       $ 346   

Non-GAAP net income(6)

     7,728         8,322         8,484         209         304   

Net cash provided by operating activities

     9,376         13,657         20,159         3,699         8,751   

 

(1) Includes share-based compensation expense as follows:

 

     Year ended December 31,      Three months ended
March 31,
 
     2011      2012      2013      2013      2014  
     (in thousands)  

Share-based Compensation Expense:

              

Cost of revenues

   $ 70       $ 32       $ 39       $ 7       $ 20   

Research and development

     481         58         73         13         30   

Sales and marketing

     432         81         126         44         42   

General and administrative

     693         113         165         17         64   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Total share-based compensation expense

   $ 1,676       $ 284       $ 403       $ 81       $ 156   

 

(2) Basic and diluted net income per ordinary share is computed based on the weighted average number of ordinary shares outstanding during each period. For additional information, see note 10 to our consolidated financial statements included elsewhere in this prospectus.
(3) Pro forma basic and diluted net income per ordinary share and pro forma weighted average shares outstanding assumes the conversion of all of our outstanding preferred shares into ordinary shares, which will occur upon the closing of this offering, but does not give effect to the issuance of shares in connection with this offering. For additional information on the conversion of the preferred shares see note 7 to our consolidated financial statements included elsewhere in this prospectus.
(4) Pro forma gives effect to (a) the conversion of all of our outstanding preferred shares into ordinary shares, which will occur upon the closing of this offering, and (b) the resulting reclassification of the preferred share warrant liability to additional paid-in capital. Pro forma as adjusted gives effect to (a) the same items as “pro forma,” (b) the issuance of 493,360 ordinary shares upon the exercise immediately prior to the closing of this offering of warrants and the receipt of $0.8 million by us from such exercise, and (c) the issuance and sale of ordinary shares by us in this offering at an assumed initial public offering price of $         per ordinary share after deducting underwriting discounts and commissions and estimated offering expenses payable by us.
(5) We define working capital as total current assets minus total current liabilities.
(6)

Non-GAAP operating income and non-GAAP net income are non-GAAP financial measures. We define non-GAAP operating income as operating income excluding share-based compensation expense. We define non-GAAP net income as net income excluding (i) share-based compensation expense, and (ii) financial expenses resulting from the revaluation of warrants to purchase preferred shares. Because of varying

 

 

10


Table of Contents
  available valuation methodologies, subjective assumptions and the variety of equity instruments that can impact a company’s non-cash expense, we believe that providing non-GAAP financial measures that exclude non-cash share-based compensation expense allows for more meaningful comparisons between our operating results from period to period. In addition, we believe that excluding financial expenses with respect to revaluation of warrants to purchase preferred shares allows for more meaningful comparison between our net income from period to period, as following this offering, the warrants will be exercised and, as a result, will no longer be revalued at each balance sheet date. Each of our non-GAAP financial measures is an important tool for financial and operational decision making and for evaluating our operating results over different periods of time. The following tables reconcile operating income and net income, the most directly comparable U.S. GAAP measure, to non-GAAP operating income and non-GAAP net income for the periods presented:

 

     Year ended December 31,      Three months
ended

March 31,
 
     2011      2012      2013      2013      2014  
     (in thousands)  

Reconciliation of Operating Income to Non-GAAP Operating Income:

              

Operating income

   $ 5,671       $ 7,633       $ 9,079       $ 546       $ 190   

Share-based compensation

     1,676         284         403         81         156   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Non-GAAP operating income

   $ 7,347       $ 7,917       $ 9,482       $ 627       $ 346   
     Year ended December 31,      Three months
ended

March 31,
 
     2011      2012      2013      2013      2014  
     (in thousands)  

Reconciliation of Net Income to Non-GAAP Net Income:

              

Net income (loss)

   $ 5,873       $ 7,862       $ 6,635       $ 128       $ (1,248

Share-based compensation

     1,676         284         403         81         156   

Warrant adjustment

     179         176         1,446         —           1,396   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Non-GAAP net income

   $ 7,728       $ 8,322       $ 8,484       $ 209       $ 304   

For a description of how we use non-GAAP operating income and non-GAAP net income to evaluate our business, see “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Key Financial Metrics.” We believe that these non-GAAP financial measures are useful in evaluating our business because of varying available valuation methodologies, subjective assumptions and the variety of equity instruments that can impact a company’s non-cash expenses, and we believe that providing non-GAAP operating income and non-GAAP net income that exclude share-based compensation expenses and warrant awards allows for more meaningful comparisons between our operating results from period to period.

Other companies, including companies in our industry, may calculate non-GAAP operating and non-GAAP net income differently or not at all, which reduces their usefulness as a comparative measure. You should consider non-GAAP operating income and non-GAAP net income along with other financial performance measures, including operating income and net income, and our financial results presented in accordance with U.S. GAAP.

 

 

11


Table of Contents

RISK FACTORS

This offering and an investment in our ordinary shares involve a high degree of risk. You should consider carefully the risks described below and all other information contained in this prospectus before you decide to buy our ordinary shares. If any of the following risks actually occur, our business, financial condition and results of operations could be materially and adversely affected. In that event, the trading price of our ordinary shares would likely decline and you might lose all or part of your investment.

Risks Related to Our Business and Our Industry

The IT security market is new and rapidly evolving to address the increasingly challenging cyber threat landscape. If the industry does not develop as we anticipate, our sales will not grow as quickly as expected and our share price could decline.

We operate in a new, rapidly evolving industry focused on securing organizations’ IT systems and sensitive business data. Our solution focuses on safeguarding privileged accounts, which are those accounts within an organization that give the user high levels of access, or “privileged” access, to IT systems, infrastructure, industrial control systems, applications and data. To date, the majority of enterprise spend on IT security has been on threat protection products, such as network, endpoint and web security that are designed to stop threats from penetrating corporate networks. Organizations that use these security products may believe that their existing security solutions sufficiently protect access to their sensitive business data. Therefore, they may continue allocating their IT security budgets to these products and may not adopt our solution in addition to such products. Further, a security solution such as ours, which is focused on disrupting cyber attacks by insiders and external perpetrators that have penetrated the organization’s perimeter, is a relatively new technology that has been developed to respond to advanced threats and more rigorous compliance standards and audit requirements. However, advanced cyber attackers are skilled at adapting to new technologies and developing new methods of gaining access to organizations’ sensitive business data. Changes in the nature of advanced cyber threats could result in a shift in IT budgets away from solutions such as ours. In addition, any changes in compliance standards or audit requirements that deemphasize the types of controls, storage, monitoring and analysis that our solution provides would adversely impact demand for our offerings. It is therefore difficult to predict how large the market will be for our solution. If solutions such as ours are not viewed by organizations as necessary, or if customers do not recognize the benefit of our solution as a critical layer of an effective security strategy, then our revenues may not grow as quickly as expected, or may decline, and our share price could suffer.

If we fail to effectively manage our growth, our business and operations will be negatively affected, and as we invest in the growth of our business, we expect our operating and net profit margins to decline in the near-term.

We have experienced significant growth in a relatively short period of time and intend to continue to aggressively grow our business. Our revenues grew from $36.4 million in 2011 to $66.2 million in 2013 and from $12.7 million in the three months ended March 31, 2013 to $17.4 million in the same period in 2014. Our headcount has increased from 170 as of December 31, 2011 to 364 as of March 31, 2014, and we plan to hire additional employees in 2014, particularly in our sales and marketing organization. Our rapid growth has placed significant demands on our management, sales and operational and financial infrastructure, and our growth will continue to place significant demands on these resources. Further, in order to manage our future growth effectively, and in connection with our transition to a public company, we must continue to improve and expand our IT and financial infrastructure, operating and administrative systems and controls and efficiently manage headcount, capital and processes. We may not be able to successfully implement these improvements in a timely or efficient manner, and our failure to do so may materially impact our projected growth rate.

As we invest in the growth of our business, we expect our operating and net profit margins and our operating and net income to decline in the near-term compared to prior periods, primarily as a result of the costs associated with expanding our direct and indirect sales forces, our increased rate of investment in research and development and our increased administrative costs in connection with becoming a public company. We expect

 

12


Table of Contents

that these invested costs will adversely impact our operating and net profit margins since it will take time and resources to train and integrate new sales force members and to comply with public company reporting and regulatory requirements. In addition, costs associated with adding new personnel to our sales force are expensed before their positive impact on our sales is recognized, and even then a significant portion of any revenues that they generate from maintenance and professional services are deferred over the delivery period of those services. A failure to meet market expectations regarding our revenues and profitability could have an adverse effect on our share price.

Our quarterly results of operations may fluctuate for a variety of reasons, including our failure to close significant sales before the end of a particular quarter.

A meaningful portion of our revenues is generated by significant sales to new customers and sales of additional products to existing customers. Purchases of our products and services often occur at the end of each quarter, particularly in the last quarter of the year. In addition, our sales cycle can last several months from proof of concept to delivery of our solution to our customers, and this sales cycle can be even longer, less predictable and more resource-intensive for larger sales. Customers may also require additional internal approvals or seek to test our products for a longer trial period before deciding to purchase our solution. As a result, the timing of individual sales can be difficult to predict. In some cases, sales have occurred in a quarter subsequent to those we anticipated, or have not occurred at all, which can significantly impact our quarterly results and make it more difficult to meet market expectations. Furthermore, even if we close a sale during a given quarter we may be unable to recognize the revenues derived from such sale during the same period due to our revenue recognition policy. See “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Application of Critical Accounting Policies and Estimates—Revenue Recognition.”

In addition to the sales cycle-related fluctuations noted above, our results of operations will continue to vary as a result of a number of factors, many of which are outside of our control and may be difficult to predict, including:

 

    our ability to attract and retain new customers;

 

    our ability to sell additional products to current customers;

 

    changes in customer or channel partner requirements or market needs;

 

    changes in the growth rate of the information security market;

 

    the timing and success of new product and service introductions by us or our competitors or any other change in the competitive landscape of the information security market, including consolidation among our customers or competitors;

 

    a disruption in, or termination of, our relationship with channel partners;

 

    our ability to successfully expand our business globally;

 

    reductions in maintenance renewal rates;

 

    changes in our pricing policies or those of our competitors;

 

    general economic conditions in our markets;

 

    future accounting pronouncements or changes in our accounting policies or practices;

 

    the amount and timing of our operating costs;

 

    a change in our mix of products and services; and

 

    increases or decreases in our expenses caused by fluctuations in foreign currency exchange rates.

Any of the above factors, individually or in the aggregate, may result in significant fluctuations in our financial and other operating results from period to period. These fluctuations could result in our failure to meet

 

13


Table of Contents

our operating plan or the expectations of investors or analysts for any period. If we fail to meet such expectations for these or other reasons, the market price of our ordinary shares could fall substantially, and we could face costly lawsuits, including securities class action suits.

Our reputation and business could be harmed based on real or perceived shortcomings, defects or vulnerabilities in our solution or the failure of our solution to meet customers’ expectations.

Organizations are facing increasingly sophisticated and targeted cyber threats. If we fail to identify and respond to new and increasingly complex methods of attack and update our products to detect or prevent such threats, our business and reputation will suffer. In particular, we may suffer significant adverse publicity and reputational harm if a significant breach occurs generally or if any breach occurs at a high profile customer. Moreover, as our solution is adopted by an increasing number of enterprises and governmental entities, it is possible that attackers will begin to focus on finding ways to defeat our solution. An actual or perceived security breach or theft of our customers’ sensitive business data, regardless of whether the breach or theft is attributable to the failure of our products, could adversely affect the market’s perception of the efficacy of our solution and current or potential customers may look to our competitors for alternatives to our solution. The failure of our products may also subject us to lawsuits and financial losses stemming from indemnification of our partners and other third parties, as well as the expenditure of significant financial resources to analyze, correct or eliminate any vulnerabilities. It could also cause us to suffer reputational harm, lose existing customers or deter them from purchasing additional products and services and prevent new customers from purchasing our solution.

False detection of threats, while typical in our industry, may reduce perception of the reliability of our products and may therefore adversely impact market acceptance of our products. If our solution restricts legitimate privileged access by authorized personnel to IT systems and applications by falsely identifying those users as an attack or otherwise unauthorized, our customers’ business could be harmed. There can be no assurance that, despite testing by us, errors will not be found in existing and new versions of our products, resulting in loss of or delay in market acceptance. In such an event, we may be required, or may choose, for customer relations or other reasons, to expend additional resources in order to help correct the problem.

If we are unable to acquire new customers, our future revenues and operating results will be harmed.

Our success depends on our ability to acquire new customers. The number of customers that we add in a given period impacts both our short-term and long-term revenues. If we are unable to attract a sufficient number of new customers, we may be unable to generate revenue growth at desired rates. The IT security market is competitive and many of our competitors have substantial financial, personnel, and other resources that they utilize to develop products and attract customers. As a result, it may be difficult for us to add new customers to our customer base. Competition in the marketplace may also lead us to win fewer new customers or result in us providing discounts and other commercial incentives. Additional factors that impact our ability to acquire new customers include the perceived need for IT security, the size of our prospective customers’ IT budgets, the utility and efficacy of our existing and new offerings, whether proven or perceived, and general economic conditions. These factors may have a meaningful negative impact on future revenues and operating results.

If we are unable to sell additional products and services to our existing customers, our future revenues and operating results will be harmed.

A significant portion of our revenues are generated from sales to existing customers. Our future success depends, in part, on our ability to continue to sell new licenses and incremental licenses to our existing customers. We devote significant efforts to developing, marketing and selling additional licenses and associated maintenance and support to existing customers and rely on these efforts for a portion of our revenues. These efforts require a significant investment in building and maintaining customer relationships, as well as significant research and development efforts in order to provide product upgrades and launch new products. The rate at which our existing customers purchase additional products and services depends on a number of factors,

 

14


Table of Contents

including the perceived need for additional IT security, the efficacy of our solutions and the utility of our new offerings, whether proven or perceived, our customers’ IT budgets, general economic conditions, our customers’ overall satisfaction with the maintenance and professional services we provide and the continued growth and economic health of our customer base to require incremental users and servers to be covered. If our efforts to sell additional products and services to our customers are not successful, our future revenues and operating results will be harmed.

We face intense competition from IT security vendors, some of which are larger and better known than we are, and we may lack sufficient financial or other resources to maintain or improve our competitive position.

The IT security market in which we operate is characterized by intense competition, constant innovation and evolving security threats. We compete with companies that offer a broad array of IT security products. Our current and potential future competitors include CA, Inc., Dell Inc., International Business Machines Corporation and Oracle Corporation in the access and identity management market, and may also include providers of advanced threat protection solutions such as Hewlett-Packard Company, EMC Corporation, International Business Machines Corporation, FireEye, Inc., Splunk Inc. and Palo Alto Networks, Inc. and other smaller companies that offer point solutions with a more limited range of functionality than our own offerings. Some of our competitors are large companies that have the technical and financial resources and broad customer bases needed to bring competitive solutions to the market and already have existing relationships as a trusted vendor for other products. Such companies may use these advantages to offer products and services that are perceived to be as effective as ours at a lower price or for free as part of a larger product package or solely in consideration for maintenance and services fees. They may also develop different products to compete with our current solution and respond more quickly and effectively than we do to new or changing opportunities, technologies, standards or client requirements. Additionally, from time to time we may compete with smaller regional vendors that offer products with a more limited range of capabilities that purport to perform functions similar to our solution. Such companies may enjoy stronger sales and service capabilities in their particular regions.

Our competitors may enjoy potential competitive advantages over us, such as:

 

    greater name recognition, a longer operating history and a larger customer base;

 

    larger sales and marketing budgets and resources;

 

    broader distribution and established relationships with channel and distribution partners and customers;

 

    greater customer support resources;

 

    greater resources to make acquisitions;

 

    larger intellectual property portfolios; and

 

    greater financial, technical and other resources.

Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources. Current or potential competitors may be acquired by third parties with greater available resources. As a result of such acquisitions, our current or potential competitors might be able to adapt more quickly to new technologies and customer needs, devote greater resources to the promotion or sale of their products and services, initiate or withstand substantial price competition, take advantage of other opportunities more readily or develop and expand their product and service offerings more quickly than we do. Larger competitors with more diverse product offerings may reduce the price of products that compete with ours in order to promote the sale of other products or may bundle them with other products, which would lead to increased pricing pressure on our products and could cause the average sales prices for our products to decline.

In addition, other IT security technologies exist or could be developed in the future by current or future competitors, and our business could be materially and adversely affected if such technologies are widely adopted.

 

15


Table of Contents

We may not be able to successfully anticipate or adapt to changing technology or customer requirements on a timely basis, or at all. If we fail to keep up with technological changes or to convince our customers and potential customers of the value of our solution even in light of new technologies, our business, results of operations and financial condition could be materially and adversely affected.

If our internal network system is compromised by cyber attackers or other data thieves, public perception of our products and services will be harmed.

We will not succeed unless the marketplace is confident that we provide effective IT security protection. We provide privileged account security products, and therefore we may be a more attractive target for attacks by cyber attackers or other data thieves. If we experience an actual or perceived breach of our network or privileged account security in our internal systems, it could adversely affect the market perception of our products and services. In addition, such a security breach could impair our ability to operate our business, including our ability to provide maintenance and support services to our customers. If this happens, our revenues could decline and our business could suffer.

If we do not effectively expand, train and retain our sales force, we may be unable to acquire new customers or sell additional products and services to existing customers, and our business will suffer.

We depend significantly on our sales force to attract new customers and expand sales to existing customers. We generate approximately 50% of our revenues from direct sales. As a result, our ability to grow our revenues depends in part on our success in recruiting, training and retaining sufficient numbers of sales personnel to support our growth, particularly in the United States. During 2013, we increased the number of our sales and marketing personnel from 100 to 135. We expect to continue to expand our sales and marketing personnel significantly and face a number of challenges in achieving our hiring and integration goals. There is intense competition for individuals with sales training and experience. In addition, the training and integration of a large number of sales and marketing personnel in a short time requires the allocation of significant internal resources. We invest significant time and resources in training new sales force personnel to understand our solutions and growth strategy. Based on our past experience, it takes an average of approximately six to nine months before a new sales force member operates at target performance levels. However, we may be unable to achieve or maintain our target performance levels with large numbers of new sales personnel as quickly as we have done in the past. Our failure to hire a sufficient number of qualified sales force members and train them to operate at target performance levels may materially and adversely impact our projected growth rate.

We rely on channel partners, including systems integrators, distributors and value-added resellers, to generate a significant portion of our revenue. If we fail to maintain successful relationships with our channel partners, or if our channel partners fail to perform, our ability to market, sell and distribute our solution will be limited, and our business, financial position and results of operations will be harmed.

In addition to our direct sales force, we rely on our channel partners to sell and support our solution, particularly in Europe and the Asia Pacific region. We expect that sales through our channel partners will continue to account for a significant percentage of our revenue. We generate approximately 50% of our revenues from sales to channel partners and we expect that channel partners will represent a substantial portion of our revenues for the foreseeable future. Our agreements with channel partners are non-exclusive, meaning our partners may offer customers IT security products from other companies, including products that compete with our solution. If our channel partners do not effectively market and sell our solution, or choose to use greater efforts to market and sell their own products and services or the products and services of our competitors, our ability to grow our business will be adversely affected. Our channel partners may cease or deemphasize the marketing of our solution with limited or no notice and with little or no penalty. Further, new channel partners require training and may take several months or more to achieve productivity. The loss of a substantial number of our channel partners, the inability to replace them or the failure to recruit additional channel partners could materially and adversely affect our results of operations. Our reliance on channel partners could also subject us to

 

16


Table of Contents

lawsuits or reputational harm if, for example, a channel partner misrepresents the functionality of our solution to customers or violates laws or our corporate policies. Our ability to grow revenues in the future will depend in part on our success in maintaining successful relationships with our channel partners and training our channel partners to independently sell and install our solution. If we are unable to maintain our relationship with channel partners or otherwise develop and expand our indirect sales channel, or if our channel partners fail to perform, our business, financial position and results of operations could be adversely affected.

If our products fail to help our customers achieve and maintain compliance with certain government regulations and industry standards, our business and results of operations could be materially and adversely affected.

We generate a substantial portion of our revenues from our products and services because they enable our customers to achieve and maintain compliance with certain government regulations and industry standards, and we expect that will continue for the foreseeable future. Examples of industry standards and government regulations include the Payment Card Industry Data Security Standard (PCI-DSS); the Federal Information Security Management Act (FISMA) and associated National Institute for Standards and Testing (NIST) Network Security Standards; the Sarbanes-Oxley Act; Title 21 of the U.S. Code of Federal Regulations, which governs food and drugs industries; the North American Electric Reliability Corporation Critical Infrastructure Protection Plan (NERC-CIP); the German Federal Financial Supervisory Authority (BaFin) Minimum Requirements for Risk Management; and the Monetary Authority of Singapore’s Technology Risk Management Notices. These industry standards may change with little or no notice, including changes that could make them more or less onerous for businesses. In addition, governments may also adopt new laws or regulations, or make changes to existing laws or regulations, that could impact whether our solution enables our customers to maintain compliance with such laws or regulations. If we are unable to adapt our solution to changing government regulations and industry standards in a timely manner, or if our solution fails to expedite our customers’ compliance initiatives, our customers may lose confidence in our products and could switch to products offered by our competitors. In addition, if government regulations and industry standards related to IT security are changed in a manner that makes them less onerous, our customers may view compliance as less critical to their businesses, and our customers may be less willing to purchase our products and services. In either case, our sales and financial results would suffer.

Our model for long-term growth depends upon the introduction of new products. If we are unable to develop new products or if these new products are not adopted by customers, our growth will be adversely affected.

Our business depends on the successful development and marketing of new products. For example, we introduced Privileged Threat Analytics in December 2013. Development and marketing of new products requires significant up-front research, development and other costs, and the failure of new products we develop to gain market acceptance may result in a failure to achieve future sales and adversely affect our competitive position. There can be no assurance that any of our new or future products will achieve market acceptance or generate revenues at forecasted rates or that the margins generated from their sales will allow us to recoup the costs of our development efforts.

Failure by us or our channel partners to maintain sufficient levels of customer support could have a material adverse effect on our business, financial condition and results of operations.

Our customers depend in large part on customer support delivered through our channel partners or by us to resolve issues relating to the use of our solution. However, even with our support and that of our channel partners, our customers are ultimately responsible for effectively using our solution and ensuring that their IT staff is properly trained in the use of our products and complementary security products. The failure of our customers to correctly use our solution, or our failure to effectively assist customers in installing our solution and providing effective ongoing support, may result in an increase in the vulnerability of our customers’ IT systems and sensitive business data. Additionally, if our channel partners do not effectively provide support to the

 

17


Table of Contents

satisfaction of our customers, we may be required to provide support to such customers, which would require us to invest in additional personnel, which requires significant time and resources. We may not be able to keep up with demand, particularly if the sales of our solution exceed our internal forecasts. To the extent that we or our channel partners are unsuccessful in hiring, training and retaining adequate support resources, our ability and the ability of our channel partners to provide adequate and timely support to our customers will be negatively impacted, and our customers’ satisfaction with our products will be adversely affected. Accordingly, our failure to provide satisfactory maintenance and technical support services could have a material and adverse effect on our business and results of operations.

If we do not successfully anticipate market needs and enhance our existing products or develop new products that meet those needs on a timely basis, we may not be able to compete effectively and our ability to generate revenues will suffer.

Our customers operate in markets characterized by rapidly changing technologies and business plans, which require them to adapt to increasingly complex IT infrastructures that incorporate a variety of hardware, software applications, operating systems and networking protocols. As our customers’ technologies and business plans grow more complex, we expect them to face new and increasingly sophisticated methods of attack. We face significant challenges in ensuring that our solution effectively identifies and responds to these advanced and evolving attacks without disrupting the performance of our customers’ IT systems. As a result, we must continually modify and improve our products in response to changes in our customers’ IT and industrial control infrastructures.

We cannot guarantee that we will be able to anticipate future market needs and opportunities or be able to develop product enhancements or new products to meet such needs or opportunities in a timely manner, if at all. Even if we are able to anticipate, develop and commercially introduce enhancements and new products, there can be no assurance that enhancements or new products will achieve widespread market acceptance.

Our product enhancements or new products could fail to attain sufficient market acceptance for many reasons, including:

 

    delays in releasing product enhancements or new products;

 

    failure to accurately predict market demand and to supply products that meet this demand in a timely fashion;

 

    inability to interoperate effectively with the existing or newly introduced technologies, systems or applications of our existing and prospective customers;

 

    inability to protect against new types of attacks or techniques used by cyber attackers or other data thieves;

 

    defects in our products, errors or failures of our solutions to secure privileged accounts;

 

    negative publicity about the performance or effectiveness of our products;

 

    introduction or anticipated introduction of competing products by our competitors;

 

    installation, configuration or usage errors by our customers;

 

    easing or changing of regulatory requirements related to security; and

 

    reluctance of customers to purchase products incorporating open source software.

If we fail to anticipate market requirements or fail to develop and introduce product enhancements or new products to meet those needs in a timely manner, it could cause us to lose existing customers and prevent us from gaining new customers, which would significantly harm our business, financial condition and results of operations.

 

18


Table of Contents

If our products do not effectively interoperate with our customers’ existing or future IT infrastructures, installations could be delayed or cancelled, which would harm our business.

Our products must effectively interoperate with our customers’ existing or future IT infrastructures, which often have different specifications, utilize multiple protocol standards, deploy products from multiple vendors and contain multiple generations of products that have been added over time. If we find errors in the existing software or defects in the hardware used in our customers’ infrastructure or problematic network configurations or settings, we may have to modify our software so that our products will interoperate with our customers’ infrastructure and business processes. In addition, to stay competitive within certain markets, we may be required to make software modifications in future releases to comply with new statutory or regulatory requirements. These issues could result in longer sales cycles for our products and order cancellations, either of which would adversely affect our business, results of operations and financial condition.

Our research and development efforts may not produce successful products or enhancements to our solution that result in significant revenue or other benefits in the near future, if at all.

We expect to continue to dedicate significant financial and other resources to our research and development efforts in order to maintain our competitive position. For example, in 2013, we increased our dedicated research and development personnel by 36% compared to 2012. However, investing in research and development personnel, developing new products and enhancing existing products is expensive and time consuming, and there is no assurance that such activities will result in significant new marketable products or enhancements to our products, design improvements, cost savings, revenues or other expected benefits. If we spend significant time and effort on research and development and are unable to generate an adequate return on our investment, our business and results of operations may be materially and adversely affected.

We are subject to a number of risks associated with global sales and operations.

Business practices in the global markets that we serve may differ from those in the United States and may require us to include non-standard terms in customer contracts, such as extended payment or warranty terms. To the extent that we enter into customer contracts that include non-standard terms related to payment, warranties, or performance obligations, our results of operations may be adversely impacted.

Additionally, our global sales and operations are subject to a number of risks, including the following:

 

    greater difficulty in enforcing contracts and managing collections, as well as longer collection periods;

 

    higher costs of doing business globally, including costs incurred in maintaining office space, securing adequate staffing and localizing our contracts;

 

    fluctuations in exchange rates between the U.S. dollar and foreign currencies in markets where we do business;

 

    management communication and integration problems resulting from cultural and geographic dispersion;

 

    risks associated with trade restrictions and foreign legal requirements, including any importation, certification, and localization of our platform that may be required in foreign countries;

 

    greater risk of unexpected changes in regulatory practices, tariffs, and tax laws and treaties;

 

    compliance with anti-bribery laws, including, without limitation, compliance with the U.S. Foreign Corrupt Practices Act and the UK Anti-Bribery Act;

 

    heightened risk of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of, or irregularities in, financial statements;

 

    reduced or uncertain protection of intellectual property rights in some countries;

 

19


Table of Contents
    social, economic and political instability, terrorist attacks and security concerns in general; and

 

    potentially adverse tax consequences.

These and other factors could harm our ability to generate future global revenues and, consequently, materially impact our business, results of operations and financial condition.

If we are unable to adequately protect our proprietary technology and intellectual property rights, our business could suffer substantial harm.

The success of our business depends on our ability to protect our proprietary technology, brands and other intellectual property and to enforce our rights in that intellectual property. We attempt to protect our intellectual property under patent, trademark, copyright and trade secret laws, and through a combination of confidentiality procedures, contractual provisions and other methods, all of which offer only limited protection.

As of April 30, 2014, we had two issued patents in the United States and ten provisional or pending U.S. patent applications. We also had one patent issued and seven applications pending for examination in non-U.S. jurisdictions, and two pending Patent Cooperation Treaty patent applications, which are counterparts of our U.S. patent applications. We may file additional patent applications in the future. The process of obtaining patent protection is expensive and time-consuming, and we may not be able to prosecute all necessary or desirable patent applications at a reasonable cost or in a timely manner all the way through to the successful issuance of a patent. We may choose not to seek patent protection for certain innovations and may choose not to pursue patent protection in certain jurisdictions. Furthermore, it is possible that our patent applications may not issue as granted patents, that the scope of our issued patents will be insufficient or not have the coverage originally sought, that our issued patents will not provide us with any competitive advantages, and that our patents and other intellectual property rights may be challenged by others or invalidated through administrative processes or litigation. In addition, issuance of a patent does not guarantee that we have an absolute right to practice the patented invention. Our policy is to require our employees (and our consultants and service providers that develop intellectual property included in our products) to execute written agreements in which they assign to us their rights in potential inventions and other intellectual property created within the scope of their employment (or, with respect to consultants and service providers, their engagement to develop such intellectual property), but we cannot assure you that we have adequately protected our rights in every such agreement or that we have executed an agreement with every such party. Finally, in order to benefit from the protection of patents and other intellectual property rights, we must monitor and detect infringement and pursue infringement claims in certain circumstances in relevant jurisdictions, all of which are costly and time-consuming. As a result, we may not be able to obtain adequate protection or to effectively enforce our issued patents or other intellectual property rights.

In addition to patents, we rely on trade secret rights, copyrights and other rights to protect our unpatented proprietary intellectual property and technology. Despite our efforts to protect our proprietary technologies and our intellectual property rights, unauthorized parties, including our employees, consultants, service providers or customers, may attempt to copy aspects of our products or obtain and use our trade secrets or other confidential information. We generally enter into confidentiality agreements with our employees, consultants, service providers, vendors, channel partners and customers, and generally limit access to and distribution of our proprietary information and proprietary technology through certain procedural safeguards. These agreements may not effectively prevent unauthorized use or disclosure of our intellectual property or technology and may not provide an adequate remedy in the event of unauthorized use or disclosure of our intellectual property or technology. We cannot assure you that the steps taken by us will prevent misappropriation of our intellectual property or technology or infringement of our intellectual property rights. In addition, the laws of some foreign countries where we sell our products do not protect intellectual property rights and technology to the same extent as the laws of the United States, and these countries may not enforce these laws as diligently as government agencies and private parties in the United States. Based on the 2013 report on intellectual property rights protection and enforcement published by the Office of the United States Trade Representative, such countries included Ukraine (designated a priority foreign country) and Chile, China, India, Indonesia, Russia and Thailand (designated as priority watch list countries).

 

20


Table of Contents

Moreover, the IT security industry is characterized by the existence of a large number of relevant patents and frequent claims and related litigation regarding patent and other intellectual property rights. In particular, leading companies in the IT security industry have extensive patent portfolios. From time to time, third-parties have asserted and may assert their patent, copyright, trademark and other intellectual property rights against us, our channel partners or our customers. Successful claims of infringement or misappropriation by a third-party could prevent us from distributing certain products or performing certain services or could require us to pay substantial damages (including, for example, treble damages if we are found to have willfully infringed patents and increased statutory damages if we are found to have willfully infringed copyrights), royalties or other fees. Such claims also could require us to cease making, licensing or using solutions that are alleged to infringe or misappropriate the intellectual property of others, to expend additional development resources to attempt to redesign our products or services or otherwise to develop non-infringing technology, to enter into potentially unfavorable royalty or license agreements in order to obtain the right to use necessary technologies or intellectual property rights, and to indemnify our partners and other third parties, including our customers and channel partners whom we typically indemnify against such claims. Even if third parties may offer a license to their technology, the terms of any offered license may not be acceptable, and the failure to obtain a license or the costs associated with any license could cause our business, results of operations or financial condition to be materially and adversely affected. In some cases, we indemnify our channel partners and customers against claims that our products infringe the intellectual property rights of third parties. Defending against claims of infringement or being deemed to be infringing the intellectual property rights of others could impair our ability to innovate, develop, distribute and sell our current and planned products and services. If we are unable to protect our intellectual property and technology and ensure that we are not violating the intellectual property rights of others, we may find ourselves at a competitive disadvantage to others who need not incur the additional expense, time and effort required to create the innovative products that have enabled us to be successful to date.

Prolonged economic uncertainties or downturns could materially adversely affect our business.

Our business depends on our current and prospective customers’ ability and willingness to invest money in IT security, which in turn is dependent upon their overall economic health. Negative economic conditions in the global economy, including conditions resulting from financial and credit market fluctuations, could cause a decrease in corporate spending on information security software. We generated 39.0% of our revenues from Europe, the Middle East and Africa in 2013. Continuing economic challenges throughout Europe and other parts of the world may cause our customers in those locations to reevaluate decisions to purchase our solution or to delay their purchasing decisions, which could adversely impact our results of operations due to the importance of that region to us.

In addition, a significant portion of our revenues is generated from customers in the financial services industry, including banking and insurance. Negative economic conditions may cause customers generally and in that industry in particular to reduce their IT spending. Customers may delay or cancel IT projects, choose to focus on in-house development efforts or seek to lower their costs by renegotiating maintenance and support agreements. To the extent purchases of licenses for our software are perceived by customers and potential customers to be discretionary, our revenues may be disproportionately affected by delays or reductions in general IT spending. If the economic conditions of the general economy or industries in which we operate worsen from present levels, our results of operation could be adversely affected.

If we are unable to hire, retain and motivate qualified personnel, our business will suffer.

Our future success depends, in part, on our ability to continue to attract and retain highly skilled personnel. Our inability to attract or retain qualified personnel or delays in hiring required personnel, particularly in sales and engineering, may seriously harm our business, financial condition and results of operations. Any of our employees may terminate their employment at any time. Additionally, two of our U.S. executive officers have not signed non-compete agreements with us. Competition for highly skilled personnel is frequently intense, especially in Israel, where we are headquartered. Further, a number of our employees are substantially vested in significant share option plans, and the ability to exercise those options and sell their shares in a public market

 

21


Table of Contents

after the closing of this offering may result in a larger than normal turn-over rate. In addition, to the extent we hire personnel from competitors, we may be subject to allegations that they have been improperly solicited or divulged proprietary or other confidential information.

We rely significantly on revenues from maintenance and support contracts, which we recognize ratably over the term of the associated contract and, to a lesser extent, from professional services contracts, which we recognize as services are delivered, and downturns in sales of these contracts are not immediately reflected in full in our quarterly operating results.

Maintenance and support and professional services revenues accounted for 41.2% of our total revenues in 2013. Sales of maintenance and support and professional services may decline or fluctuate as a result of a number of factors, including the number of product licenses we sell, our customers’ level of satisfaction with our products and services, the prices of our products and services, the prices of products and services offered by our competitors or reductions in our customers’ spending levels. If our sales of maintenance and support and professional services contracts decline, our revenues or revenue growth may decline and our business will suffer. We recognize revenues from maintenance and support contracts ratably on a straight-line basis over the term of the related contract which is typically one year and, to a lesser extent, three years, and from professional services as services are performed. As a result, a meaningful portion of the revenues we report each quarter results from the recognition of deferred revenues from maintenance and support and professional services contracts entered into during previous quarters. Consequently, a decline in the number or size of such contracts in any one quarter will not be fully reflected in revenues in that quarter, but will negatively affect our revenues in future quarters. Accordingly, the effect of significant downturns in maintenance and support and professional services contracts would not be reflected in full in our results of operations until future periods.

We are exposed to fluctuations in currency exchange rates, which could negatively affect our financial condition and results of operations.

Our functional and reporting currency is the U.S. dollar and we generate a majority of our revenues in U.S. dollars. In 2013, the majority of our revenues were denominated in U.S. dollars and the remainder primarily in euros and British pounds sterling. In 2013, the substantial majority of our cost of revenues and operating expenses were denominated in U.S. dollars, New Israeli Shekels (NIS) and the remainder primarily in euros and British pounds sterling. Our NIS-denominated expenses consist primarily of personnel, rent and other overhead costs. Since a significant portion of our expenses is incurred in NIS, any appreciation of the NIS relative to the U.S. dollar would adversely impact our net loss or net income, if any. We estimate that a 10% increase or decrease in the value of the NIS against the U.S. dollar would have decreased or increased our net income by approximately $1.6 million in 2013. To protect against the increase in value of forecasted foreign currency cash flow resulting from expenses paid in NIS during the year, we have instituted a foreign currency cash flow hedging program. We hedge portions of the anticipated payroll of our Israeli employees denominated in NIS for a period of one to twelve months with forward contracts and other derivative instruments. We expect that the majority of our revenues will continue to be generated in U.S. dollars for the foreseeable future and that a significant portion of our expenses will continue to be denominated in NIS. We cannot provide any assurances that our hedging activities will be successful in protecting us in full from adverse impacts from currency exchange rate fluctuations. In addition, since we only hedge a portion of our foreign currency exposure, our results of operations may be adversely affected due to the impact of currency fluctuations on the unhedged aspects of our operations. See “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Quantitative and Qualitative Disclosure About Market Risk—Foreign Currency Risk.”

A portion of our revenues is generated by sales to government entities, which are subject to a number of challenges and risks.

A portion of our revenues is generated by sales to U.S. and foreign federal, state and local governmental agency customers, and we may in the future increase sales to government entities. Sales to government entities

 

22


Table of Contents

are subject to a number of risks. Selling to government entities can be highly competitive, expensive and time consuming, often requiring significant upfront time and expense without any assurance that we will complete a sale. Government demand and payment for our products and services may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our products. Finally, for purchases by the U.S. government, the government may require certain products to be manufactured in the United States and other high cost manufacturing locations, and we may not manufacture all products in locations that meet the requirements of the U.S. government.

We may acquire other businesses, which could require significant management attention, disrupt our business, dilute shareholder value, and adversely affect our results of operations.

As part of our business strategy and in order to remain competitive, we may acquire or make investments in complementary companies, products or technologies. However, we have not made any acquisitions to date, and as a result, our ability as an organization to acquire and integrate other companies, products or technologies in a successful manner is unproven. We may not be able to find suitable acquisition candidates, and we may not be able to complete such acquisitions on favorable terms, if at all. If we do complete acquisitions, we may not ultimately strengthen our competitive position or achieve our goals, and any acquisitions we complete could be viewed negatively by our customers, analysts and investors. In addition, if we are unsuccessful at integrating such acquisitions or the technologies associated with such acquisitions, our revenues and results of operations could be adversely affected. Any integration process may require significant time and resources, and we may not be able to manage the process successfully. We may not successfully evaluate or utilize the acquired technology or personnel, or accurately forecast the financial impact of an acquisition transaction, including accounting charges. We may have to pay cash, incur debt or issue equity securities to pay for any such acquisition, each of which could adversely affect our financial condition or the value of our ordinary shares. The sale of equity or issuance of debt to finance any such acquisitions could result in dilution to our shareholders. The incurrence of indebtedness would result in increased fixed obligations and could also include covenants or other restrictions that would impede our ability to manage our operations.

We are subject to governmental export and import controls that could subject us to liability in the event of non-compliance or impair our ability to compete in international markets.

We incorporate encryption capabilities into certain products and these products are subject to U.S. export control requirements. We are also subject to Israeli export controls on encryption technology since our product development initiatives are primarily conducted in Israel. If the applicable U.S. or Israeli requirements regarding the export of encryption technology were to change or if we change the encryption means in our products, we may need to satisfy additional requirements in the United States or Israel. There can be no assurance that we will be able to satisfy any additional requirements under these circumstances in either the United States or Israel. Furthermore, various other countries regulate the import of certain encryption products and technology, including import permitting and licensing requirements, and have enacted laws that could limit our ability to distribute our products or could limit our customers’ ability to implement our products in those countries.

We are also subject to U.S. and Israeli export control and economic sanctions laws, which prohibit the shipment of certain products to embargoed or sanctioned countries, governments and persons. Our products could be exported to these sanctioned targets by our channel partners despite the contractual undertakings they have given us and any such export could have negative consequences, including government investigations, penalties and reputational harm. Any change in export or import regulations, economic sanctions or related legislation, shift in the enforcement or scope of existing regulations, or change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential customers with international operations. Any decreased use of our products or limitation on our ability to export or sell our products would likely adversely affect our business, financial condition and results of operations.

 

23


Table of Contents

In addition, in the future we may be subject to defense-related export controls. For example, currently our solution is not subject to supervision under the Israeli Defense Export Control Law, 5767-2007, but if it was used for purposes that are classified as defense-related or if it falls under “dual-use goods and technology” as referred to below, we could become subject to such regulation. In particular, under the Israeli Defense Export Control Law, 5767-2007, an Israeli company may not conduct “defense marketing activity” without a defense marketing license from the Israeli Ministry of Defense (MOD) and may be subject to a requirement to obtain a specific license from the MOD for any export of defense related products and/or knowhow. The definition of defense marketing activity is broad and includes any marketing of “defense equipment,” “defense knowhow” or “defense services” outside of Israel, which includes “dual-use goods and technology,” (material and equipment intended in principle for civilian use and that can also be used for defensive purposes, such as our cybersecurity solutions) that is specified in the list of Goods and Dual-Use Technology annexed to the Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies, if intended for defense use only, or is specified under Israeli legislation. “Dual-use goods and technology” will be subject to control by the Ministry of Economy if intended for civilian use only. In December 2013, regulations under the Wassenaar Arrangement included for the first time a chapter on cyber-related matters. We believe that our products do not fall under this chapter; however, in the future we may become subject to this regulation or similar regulations, which would limit our sales and marketing activities and could therefore have an adverse effect on our results of operations. Similar issues could arise under the U.S. defense/military export controls under the Arms Export Control Act and the International Traffic in Arms Regulations.

Our use of open source software could negatively affect our ability to sell our software and subject us to possible litigation.

We use open source software and expect to continue to use open source software in the future. Some open source software licenses require users who distribute or make available as a service open source software as part of their own software product to publicly disclose all or part of the source code of the users’ software product or to make available any derivative works of the open source code on unfavorable terms or at no cost. We may face ownership claims of third parties over, or seeking to enforce the license terms applicable to, such open source software, including by demanding the release of the open source software, derivative works or our proprietary source code that was developed using such software. These claims could also result in litigation, require us to purchase a costly license or require us to devote additional research and development resources to change our software, any of which would have a negative effect on our business and results of operations. In addition, if the license terms for the open source code change, we may be forced to re-engineer our software or incur additional costs.

Our use of third-party software and other intellectual property may expose us to risks.

Some of our products and services include software or other intellectual property licensed from third parties, and we otherwise use software and other intellectual property licensed from third parties in our business. This exposes us to risks over which we may have little or no control. For example, a licensor may have difficulties keeping up with technological changes or may stop supporting the software or other intellectual property that it licenses to us. There can be no assurance that the licenses we use will be available on acceptable terms, if at all. In addition, a third party may assert that we or our customers are in breach of the terms of a license, which could, among other things, give such third party the right to terminate a license or seek damages from us, or both. Our inability to obtain or maintain certain licenses or other rights or to obtain or maintain such licenses or rights on favorable terms, or the need to engage in litigation regarding these matters, could result in delays in releases of new products, and could otherwise disrupt our business, until equivalent technology can be identified, licensed or developed.

 

24


Table of Contents

Risks Related to Our Ordinary Shares and the Offering

Our share price may be volatile, and you may lose all or part of your investment.

The initial public offering price for the ordinary shares sold in this offering will be determined by negotiation between us and representatives of the underwriters. This price may not reflect the market price of our ordinary shares following this offering and the price of our ordinary shares may decline. In addition, the market price of our ordinary shares could be highly volatile and may fluctuate substantially as a result of many factors, including:

 

    actual or anticipated fluctuations in our results of operations;

 

    variance in our financial performance from the expectations of market analysts;

 

    announcements by us or our competitors of significant business developments, changes in service provider relationships, acquisitions or expansion plans;

 

    changes in the prices of our products and services;

 

    our involvement in litigation;

 

    our sale of ordinary shares or other securities in the future;

 

    market conditions in our industry;

 

    changes in key personnel;

 

    the trading volume of our ordinary shares;

 

    changes in the estimation of the future size and growth rate of our markets; and

 

    general economic and market conditions.

In addition, the stock markets have experienced extreme price and volume fluctuations. Broad market and industry factors may materially harm the market price of our ordinary shares, regardless of our operating performance. In the past, following periods of volatility in the market price of a company’s securities, securities class action litigation has often been instituted against that company. If we were involved in any similar litigation we could incur substantial costs and our management’s attention and resources could be diverted.

There has been no prior public market for our ordinary shares, and an active trading market may not develop.

Prior to this offering, there has been no public market for our ordinary shares. An active trading market may not develop following completion of this offering or, if developed, may not be sustained. The lack of an active market may impair your ability to sell your ordinary shares at the time you wish to sell them or at a price that you consider reasonable. The lack of an active market may also reduce the fair market value of your ordinary shares. An inactive market may also impair our ability to raise capital by selling our ordinary shares and may impair our ability to acquire other companies by using our ordinary shares as consideration.

If we do not meet the expectations of equity research analysts, if they do not publish research or reports about our business or if they issue unfavorable commentary or downgrade our ordinary shares, the price of our ordinary shares could decline.

The trading market for our ordinary shares will rely in part on the research and reports that equity research analysts publish about us and our business. The analysts’ estimates are based upon their own opinions and are often different from our estimates or expectations. If our results of operations are below the estimates or expectations of public market analysts and investors, our share price could decline. Moreover, the price of our ordinary shares could decline if one or more securities analysts downgrade our ordinary shares or if those analysts issue other unfavorable commentary or cease publishing reports about us or our business.

 

25


Table of Contents

Following the closing of this offering, a small number of significant beneficial owners of our shares will have a controlling influence over matters requiring shareholder approval, which could delay or prevent a change of control.

Following the closing of this offering, the largest beneficial owners of our shares, entities and individuals affiliated with Jerusalem Venture Partners and The Goldman Sachs Group, Inc., each of which currently beneficially owns more than 10.0% of our outstanding shares, will beneficially own in the aggregate     % of our ordinary shares or     % if the underwriters exercise their option to purchase additional ordinary shares. As a result, these shareholders individually could exert significant influence, and if they were to act together could exert a controlling influence, over our operations and business strategy and would have sufficient voting power to control the outcome of matters requiring shareholder approval. These matters may include:

 

    the composition of our board of directors which has the authority to direct our business and to appoint and remove our officers;

 

    approving or rejecting a merger, consolidation or other business combination;

 

    raising future capital; and

 

    amending our articles of association which govern the rights attached to our ordinary shares.

This concentration of ownership of our ordinary shares could delay or prevent proxy contests, mergers, tender offers, open-market purchase programs or other purchases of our ordinary shares that might otherwise give you the opportunity to realize a premium over the then-prevailing market price of our ordinary shares. This concentration of ownership may also adversely affect our share price.

As a foreign private issuer, we are permitted, and intend, to follow certain home country corporate governance practices instead of otherwise applicable SEC and NASDAQ Stock Market, or NASDAQ, requirements, which may result in less protection than is accorded to investors under rules applicable to domestic U.S. issuers.

As a foreign private issuer, in reliance on Rule 5615(a)(3) of the NASDAQ Listing Rules, which permits a foreign private issuer to follow the corporate governance practices of its home country, we will be permitted to follow certain Israeli corporate governance practices instead of those otherwise required under the corporate governance standards for U.S. domestic issuers. Following the listing of our ordinary shares on the NASDAQ Global Select Market, we intend to follow Israeli home country practices solely with regard to the quorum requirement for shareholder meetings. As permitted under the Israeli Companies Law, our articles of association to be effective upon the closing of this offering will provide that the quorum for any meeting of shareholders shall be the presence of at least two shareholders present in person, by proxy or by a voting instrument, who hold at least 25% of the voting power of our shares instead of 33 1/3% of our issued share capital. We may in the future elect to follow Israeli home country practices with regard to other matters such as the formation and composition of the compensation and nominating and corporate governance committees, separate executive sessions of independent directors and the requirement to obtain shareholder approval for certain dilutive events (such as for the establishment or amendment of certain equity-based compensation plans, issuances that will result in a change of control of the company, certain transactions other than a public offering involving issuances of a 20% or more interest in the company and certain acquisitions of the stock or assets of another company). Accordingly, our shareholders may not be afforded the same protection as provided under NASDAQ corporate governance rules. Following our home country governance practices as opposed to the requirements that would otherwise apply to a United States company listed on NASDAQ may provide less protection than is accorded to investors of domestic issuers. See “Management—Corporate Governance Practices.”

As a foreign private issuer we will not be subject to the provisions of Regulation FD or U.S. proxy rules and will be exempt from filing certain Exchange Act reports.

In addition, as a foreign private issuer, we will be exempt from a number of requirements under U.S. securities laws that apply to public companies that are not foreign private issuers. In particular, we will be

 

26


Table of Contents

exempt from the rules and regulations under the United States Securities Exchange Act of 1934, as amended, or the Exchange Act, related to the furnishing and content of proxy statements, and our officers, directors and principal shareholders will be exempt from the reporting and short-swing profit recovery provisions contained in Section 16 of the Exchange Act. In addition, we will not be required under the Exchange Act to file annual and current reports and financial statements with the SEC as frequently or as promptly as U.S. domestic companies whose securities are registered under the Exchange Act and we will generally be exempt from filing quarterly reports with the SEC under the Exchange Act. We will also be exempt from the provisions of Regulation FD, which prohibits the selective disclosure of material nonpublic information to, among others, broker-dealers and holders of a company’s securities under circumstances in which it is reasonably foreseeable that the holder will trade in the company’s securities on the basis of the information. Even though we intend to comply voluntarily with Regulation FD, these exemptions and leniencies will reduce the frequency and scope of information and protections to which you are entitled as an investor.

We are not required to comply with the proxy rules applicable to U.S. domestic companies, including the requirement applicable to emerging growth companies to disclose the compensation of our Chief Executive Officer and other two most highly compensated executive officers on an individual, rather than an aggregate, basis. Nevertheless, a recent amendment to the Israeli Companies Law will require us, after we become a public company, to disclose in the notice of convening an annual general meeting the annual compensation of our five most highly compensated officers on an individual basis, rather than on an aggregate basis, as was previously permitted for Israeli public companies listed overseas. This disclosure will not be as extensive as that required of a U.S. domestic issuer. We intend to commence providing such disclosure, at the latest, in the annual proxy statement for our 2015 annual meeting of shareholders, which will be filed under cover of a Form 6-K and we may elect to provide such information at an earlier date.

We would lose our foreign private issuer status if a majority of our directors or executive officers are U.S. citizens or residents and we fail to meet additional requirements necessary to avoid loss of foreign private issuer status. Although we have elected to comply with certain U.S. regulatory provisions, our loss of foreign private issuer status would make such provisions mandatory. The regulatory and compliance costs to us under U.S. securities laws as a U.S. domestic issuer may be significantly higher. If we are not a foreign private issuer, we will be required to file periodic reports and registration statements on U.S. domestic issuer forms with the SEC, which are more detailed and extensive than the forms available to a foreign private issuer. We would also be required to follow U.S. proxy disclosure requirements, including the requirement to disclose more detailed information about the compensation of our senior executive officers on an individual basis. We may also be required to modify certain of our policies to comply with good governance practices associated with U.S. domestic issuers. Such conversion and modifications will involve additional costs. In addition, we would lose our ability to rely upon exemptions from certain corporate governance requirements on U.S. stock exchanges that are available to foreign private issuers.

We are an “emerging growth company” and we cannot be certain whether the reduced requirements applicable to emerging growth companies will make our ordinary shares less attractive to investors.

We are an “emerging growth company,” as defined in the Jumpstart Our Business Startups Act of 2012 effective on April 5, 2012, or the JOBS Act, and we may take advantage of certain exemptions from various requirements that are applicable to other public companies that are not emerging growth companies. Most of such requirements relate to disclosures that we would only be required to make if we cease to be a foreign private issuer in the future. Nevertheless, as a foreign private issuer that is an emerging growth company, we will not be required to comply with the auditor attestation requirements of Section 404 of the Sarbanes-Oxley Act of 2002, or the Sarbanes-Oxley Act, for up to five fiscal years after the date of this offering. We will remain an emerging growth company until the earliest of: (a) the last day of our fiscal year during which we have total annual gross revenues of at least $1.0 billion; (b) the last day of our fiscal year following the fifth anniversary of the completion of this offering; (c) the date on which we have, during the previous three-year period, issued more than $1.0 billion in non-convertible debt; or (d) the date on which we are deemed to be a “large accelerated filer”

 

27


Table of Contents

under the Exchange Act. When we are no longer deemed to be an emerging growth company, we will not be entitled to the exemptions provided in the JOBS Act discussed above. We cannot predict if investors will find our ordinary shares less attractive as a result of our reliance on exemptions under the JOBS Act. If some investors find our ordinary shares less attractive as a result, there may be a less active trading market for our ordinary shares and our share price may be more volatile.

The market price of our ordinary shares could be negatively affected by future sales of our ordinary shares.

After this offering, there will be              of our ordinary shares outstanding. Sales by us or our shareholders of a substantial number of ordinary shares in the public market following this offering, or the perception that these sales might occur, could cause the market price of our ordinary shares to decline or could impair our ability to raise capital through a future sale of, or pay for acquisitions using, our equity securities. Of our issued and outstanding shares, all the ordinary shares sold in this offering will be freely transferable, except for any shares acquired by our “affiliates,” as that term is defined in Rule 144 under the U.S. Securities Act of 1933, as amended, or the Securities Act. Following completion of this offering,     % of our outstanding ordinary shares (or     % if the underwriters exercise their option in full) will be considered restricted shares and will be held by our affiliates. Such securities can be resold into the public markets in the future in accordance with the requirements of Rule 144, including volume limitations, manner of sale requirements and notice requirements. See “Shares Eligible for Future Sale.”

We, our executive officers and directors, and the holders of substantially all of our outstanding ordinary shares, have agreed with the underwriters that, subject to limited exceptions, for a period of 180 days after the date of this prospectus, we and they will not directly or indirectly offer, pledge, sell, contract to sell, grant any option to purchase or otherwise dispose of any ordinary shares or any securities convertible into or exercisable or exchangeable for ordinary shares, or in any manner transfer all or a portion of the economic consequences associated with the ownership of ordinary shares, or cause a registration statement covering any ordinary shares to be filed except for the ordinary shares offered in this offering, without the prior written consent of the designated representatives of the underwriters, who may, in their sole discretion and at any time without notice, release all or any portion of the shares subject to these lock-up agreements.

At any time following the closing of this offering, subject, however, to the 180-day lock-up agreement entered into with the underwriters, the holders of          of our ordinary shares are entitled to require that we register their shares under the Securities Act for resale into the public markets. All shares sold pursuant to an offering covered by such registration statement will be freely transferable. See “Certain Relationships and Related Party Transactions—Registration Rights.”

In addition to our current shareholders’ registration rights, as of June 30, 2014, we had granted options to purchase 4,470,001 shares under our share option plans and had an additional 424,000 available for future grant. Following this offering, we intend to file a registration statement on Form S-8 under the Securities Act registering the shares under our share option plans. Shares included in such registration statement will be available for sale in the public market immediately after such filing, subject to vesting provisions, except for shares held by affiliates who will have certain restrictions on their ability to sell.

You may be subject to adverse United States federal income tax consequences if we are classified as a Controlled Foreign Corporation.

Each “Ten Percent Shareholder” (as defined below) in a non-U.S. corporation that is classified as a “controlled foreign corporation,” or a CFC, for U.S. federal income tax purposes generally is required to include in income for U.S. federal tax purposes such Ten Percent Shareholder’s pro rata share of the CFC’s “Subpart F income” and investment of earnings in U.S. property, even if the CFC has made no distributions to its shareholders. A non-U.S. corporation generally will be classified as a CFC for U.S. federal income tax purposes if Ten Percent Shareholders own, directly or indirectly, more than 50% of either the total combined voting power

 

28


Table of Contents

of all classes of stock of such corporation entitled to vote or of the total value of the stock of such corporation. A “Ten Percent Shareholder” is a U.S. person (as defined by the U.S. Internal Revenue Code of 1986, as amended, or the Code) who owns or is considered to own 10% or more of the total combined voting power of all classes of stock entitled to vote of such corporation. The determination of CFC status is complex and includes attribution rules, the application of which is not entirely certain.

We believe that we may have been a CFC for the taxable year ended December 31, 2013 and that we were a CFC prior to this offering in the current taxable year. Additionally, it is possible that following this offering, a shareholder treated as a U.S. person for U.S. federal income tax purposes will acquire, directly or indirectly, enough shares to be treated as a Ten Percent Shareholder after application of the constructive ownership rules and, together with any other Ten Percent Shareholders of the company, cause the company to be treated (or continued to be treated) as a CFC for U.S. federal income tax purposes. Holders should consult their own tax advisors with respect to the potential adverse U.S. tax consequences of becoming a Ten Percent Shareholder in a CFC.

We expect to be classified as a passive foreign investment company for 2014, and our U.S. shareholders may suffer adverse tax consequences as a result.

Generally, if for any taxable year 75% or more of our gross income is passive income, or at least 50% of the average quarterly value of our assets (which, assuming we were a non-publicly traded CFC for the year being tested, may be measured by the adjusted tax basis of our assets or, if we were a publicly traded CFC or not a CFC, the total value of our assets may be measured in part by the market value of our ordinary shares, which is subject to change) are held for the production of, or produce, passive income, we would be characterized as a passive foreign investment company, or PFIC, for U.S. federal income tax purposes. Our status as a passive foreign investment company may also depend on how quickly we utilize the cash proceeds from this offering in our business. Based on our belief that we were a CFC prior to this offering in the current taxable year and on certain estimates of our gross income and gross assets, our intended use of proceeds of this offering, and the nature of our business, we expect to be classified, and you should assume our company will be classified, as a PFIC for the taxable year ending December 31, 2014. Because the total value of our assets may be measured in part by the market value of our ordinary shares in 2015, we expect that we should not be classified as a PFIC for the taxable year ending December 31, 2015. However, because PFIC status is based on our income, assets and activities for the entire taxable year, it is not possible to determine whether we will be characterized as a PFIC for the 2014 or 2015 taxable year until after the close of the year. There can be no assurance that we will not be considered a PFIC for any taxable year. Our characterization as a PFIC could result in material adverse tax consequences for you if you are a U.S. investor, including having gains realized on the sale of our ordinary shares treated as ordinary income, rather than a capital gain, the loss of the preferential rate applicable to dividends received on our ordinary shares by individuals who are U.S. holders, and having interest charges apply to distributions by us and the proceeds of share sales. If we are characterized as a PFIC, certain elections may be available that would alleviate some of the adverse consequences of PFIC status and result in an alternative treatment of our ordinary shares. However, such elections could result in you recognizing taxable income in a taxable year with respect to our shares in excess of any distributions that we make to you in that year, thus giving rise to so-called “phantom income” and to a potential out-of-pocket tax liability. For each year in which we are a PFIC and our ordinary shares are “regularly traded” on a “qualified exchange,” a U.S. investor may be able to avoid certain adverse tax consequences by making an election to “mark-to-market” our ordinary shares each taxable year and recognize ordinary income pursuant to such election based upon increases in the value of the ordinary shares. However, a mark-to-market election with respect to us does not apply to any equity interests in our PFIC subsidiaries and a “U.S. Holder” (as defined in “U.S. and Israeli Tax Consequences for our Shareholders—Certain United States Federal Income Tax Consequences”) generally will continue to be subject to the PFIC rules with respect to its indirect interest in any investments held by us that are treated as equity interests in a PFIC for U.S. federal income tax purposes. We will use commercially reasonable efforts to make available to U.S. Holders the information necessary for U.S. holders to make qualified electing fund elections if we are classified as a PFIC. See “U.S. and Israeli Tax Consequences for our Shareholders—Certain United States Federal Income Tax Consequences—Passive Foreign Investment Company Considerations.”

 

29


Table of Contents

Prospective U.S. investors should consult their own tax advisers regarding the potential application of the PFIC rules to them. Prospective U.S. investors should refer to “U.S. and Israeli Tax Consequences for our Shareholders — Certain United States Federal Income Tax Consequences” for discussion of additional U.S. income tax considerations applicable if we are treated as a PFIC.

You will experience immediate and substantial dilution in the net tangible book value of the ordinary shares you purchase in this offering.

The initial public offering price of our ordinary shares substantially exceeds the net tangible book value per share of our ordinary shares immediately after this offering. Therefore, if you purchase our ordinary shares in this offering, you will suffer, as of                     , 2014, immediate dilution of $         per ordinary share or $         per ordinary share if the underwriters exercise their option in full, in net tangible book value after giving effect to the sale of             ordinary shares in this offering at an assumed public offering price of $         per ordinary share, the midpoint of the estimated initial public offering price range set forth on the cover page of this prospectus, less underwriting discounts and commissions and the estimated expenses payable by us. If outstanding options to purchase our ordinary shares are exercised in the future, you will experience additional dilution. See “Dilution.”

We have broad discretion over the use of proceeds we receive in this offering and may not apply the proceeds in ways that increase the value of your investment.

Our management will have broad discretion in the application of the net proceeds from this offering and, as a result, you will have to rely upon the judgment of our management with respect to the use of these proceeds. Our management may spend a portion or all of the net proceeds in ways that not all shareholders approve of or that may not yield a favorable return. The failure by our management to apply these funds effectively could harm our business.

We have not yet determined whether our existing internal controls over financial reporting systems are compliant with Section 404 of the Sarbanes-Oxley Act, and we cannot provide any assurance that there are no material weaknesses or significant deficiencies in our existing internal controls.

Pursuant to Section 404 of the Sarbanes-Oxley Act and the related rules adopted by the SEC and the Public Company Accounting Oversight Board, starting with the second annual report that we file with the SEC after the consummation of this offering, our management will be required to report on the effectiveness of our internal control over financial reporting. In addition, once we no longer qualify as an “emerging growth company” under the JOBS Act and lose the ability to rely on the exemptions related thereto discussed above, our independent registered public accounting firm will also need to attest to the effectiveness of our internal control over financial reporting under Section 404. We have not yet commenced the process of determining whether our existing internal controls over financial reporting systems are compliant with Section 404 and whether there are any material weaknesses or significant deficiencies in our existing internal controls. This process will require the investment of substantial time and resources, including by our Chief Financial Officer and other members of our senior management. In addition, we cannot predict the outcome of this determination and whether we will need to implement remedial actions in order to implement effective control over financial reporting. The determination and any remedial actions required could result in us incurring additional costs that we did not anticipate. Irrespective of compliance with Section 404, any failure of our internal controls could have a material adverse effect on our stated results of operations and harm our reputation. As a result, we may experience higher than anticipated operating expenses, as well as higher independent auditor fees during and after the implementation of these changes. If we are unable to implement any of the required changes to our internal control over financial reporting effectively or efficiently or are required to do so earlier than anticipated, it could adversely affect our operations, financial reporting and/or results of operations and could result in an adverse opinion on internal controls from our independent auditors.

 

30


Table of Contents

Risks Relating to Our Incorporation and Location in Israel

Our headquarters, research and development activities and other significant operations are located in Israel and, therefore, our results may be adversely affected by political, economic and military instability in Israel.

Our headquarters and principal research and development facilities are located in Israel. In addition, the majority of our key employees, officers and directors are residents of Israel. Accordingly, political, economic and military conditions in Israel may directly affect our business. Since the establishment of the State of Israel in 1948, a number of armed conflicts have taken place between Israel and its neighboring countries. In recent years, these have included hostilities between Israel and Hezbollah in Lebanon and Hamas in the Gaza strip, both of which resulted in rockets being fired into Israel causing casualties and disruption of economic activities. In addition, Israel faces threats from more distant neighbors, in particular, Iran. Our commercial insurance does not cover losses that may occur as a result of an event associated with the security situation in the Middle East. Although the Israeli government is currently committed to covering the reinstatement value of direct damages that are caused by terrorist attacks or acts of war, we cannot assure you that this government coverage will be maintained, or if maintained, will be sufficient to compensate us fully for damages incurred. Any losses or damages incurred by us could have a material adverse effect on our business. Any armed conflict involving Israel could adversely affect our operations and results of operations.

Further, our operations could be disrupted by the obligations of personnel to perform military service. As of March 31, 2014, we had 167 employees based in Israel, certain of which may be called upon to perform up to 54 days in each three year period (and in the case of non-officer commanders or officers, up to 70 or 84 days, respectively, in each three year period) of military reserve duty until they reach the age of 40 (and in some cases, depending on their specific military profession up to 45 or even 49 years of age) and, in certain emergency circumstances, may be called to immediate and unlimited active duty. Our operations could be disrupted by the absence of a significant number of employees related to military service, which could materially adversely affect our business and results of operations.

Several countries, principally in the Middle East, restrict doing business with Israel and Israeli companies, and additional countries may impose restrictions on doing business with Israel and Israeli companies whether as a result of hostilities in the region or otherwise. In addition, there have been increased efforts by activists to cause companies and consumers to boycott Israeli goods based on Israeli government policies. Such actions, particularly if they become more widespread, may adversely impact our ability to sell our products.

The tax benefits that are available to us require us to continue to meet various conditions and may be terminated or reduced in the future, which could increase our costs and taxes.

We were granted Approved Enterprise status under the Israeli Law for the Encouragement of Capital Investments, 1959, referred to as the Investment Law. We had elected the alternative benefits program, pursuant to which income derived from the Approved Enterprise program is tax-exempt for two years and enjoys a reduced tax rate of 10% to 25% for up to a total of eight years, subject to an adjustment based upon the foreign investors’ ownership. We were also eligible for certain tax benefits provided to Benefited Enterprises under the Investment Law. In March 2013, we notified the Israel Tax Authority that we apply the new tax regime under the Investment Law instead of our Approved Enterprise and Benefited Enterprise. As of 2013 we are eligible for certain tax benefits provided to Preferred Enterprises under Investment Law. If we do not meet the conditions stipulated in the Investment Law, any tax benefits may be canceled and we may be required to refund the amount of the benefits, in whole or in part, including interest and CPI linkage. Further, in the future these tax benefits may be reduced or discontinued. If these tax benefits are reduced, cancelled or discontinued, our Israeli taxable income would be subject to regular Israeli corporate tax rates. The standard corporate tax rate for Israeli companies in 2013 was 25.0% and was increased to 26.5% for 2014 and thereafter. Additionally, if we increase our activities outside of Israel through acquisitions, for example, our expanded activities might not be eligible for inclusion in future Israeli tax benefit programs. See “Taxation and Israeli Government Programs Applicable to our Company—Law for the Encouragement of Capital Investments, 5719-1959.”

 

31


Table of Contents

We may become subject to claims for remuneration or royalties for assigned service invention rights by our employees, which could result in litigation and adversely affect our business.

We enter into agreements with our employees pursuant to which such individuals agree that any inventions created in the scope of their employment or engagement are assigned to us or owned exclusively by us, depending on the jurisdiction, without the employee retaining any rights. A significant portion of our intellectual property has been developed by our employees in the course of their employment for us. Under the Israeli Patent Law, 5727-1967, or the Patent Law, inventions conceived by an employee during the scope of his or her employment with a company are regarded as “service inventions,” which belong to the employer, absent a specific agreement between the employee and employer giving the employee service invention rights. The Patent Law also provides that if there is no such agreement between an employer and an employee, the Israeli Compensation and Royalties Committee, or the Committee, a body constituted under the Patent Law, shall determine whether the employee is entitled to remuneration for his or her inventions. Recent decisions by the Committee and the Israeli Supreme Court have created uncertainty in this area, as the Supreme Court held that employees may be entitled to remuneration for their service inventions despite having specifically waived any such rights. Further, the Committee has not yet determined the method for calculating this Committee-enforced remuneration. Although our employees have agreed that any rights related to their inventions are owned exclusively by us, we may face claims demanding remuneration in consideration for such acknowledgement. As a consequence of such claims, we could be required to pay additional remuneration or royalties to our current and/or former employees, or be forced to litigate such claims, which could negatively affect our business.

Provisions of Israeli law and our articles of association may delay, prevent or otherwise impede a merger with, or an acquisition of, us, even when the terms of such a transaction are favorable to us and our shareholders.

Israeli corporate law regulates mergers, requires tender offers for acquisitions of shares above specified thresholds, requires special approvals for transactions involving directors, officers or significant shareholders and regulates other matters that may be relevant to such types of transactions. For example, a tender offer for all of a company’s issued and outstanding shares can only be completed if the acquirer receives positive responses from the holders of at least 95% of the issued share capital. Completion of the tender offer also requires approval of a majority of the offerees that do not have a personal interest in the tender offer, unless at least 98% of the company’s outstanding shares are tendered. Furthermore, the shareholders, including those who indicated their acceptance of the tender offer (unless the acquirer stipulated in its tender offer that a shareholder that accepts the offer may not seek appraisal rights), may, at any time within six months following the completion of the tender offer, petition an Israeli court to alter the consideration for the acquisition. See “Description of Share Capital—Acquisitions under Israeli Law” for additional information.

Our articles of association provide that our directors (other than external directors) are elected on a staggered basis, such that a potential acquirer cannot readily replace our entire board of directors at a single annual general shareholder meeting.

Furthermore, Israeli tax considerations may make potential transactions unappealing to us or to our shareholders whose country of residence does not have a tax treaty with Israel exempting such shareholders from Israeli tax. For example, Israeli tax law does not recognize tax-free share exchanges to the same extent as U.S. tax law. With respect to mergers involving an exchange of shares, Israeli tax law allows for tax deferral in certain circumstances but makes the deferral contingent on the fulfillment of a number of conditions, including, in some cases, a holding period of two years from the date of the transaction during which sales and dispositions of shares of the participating companies are subject to certain restrictions. Moreover, with respect to certain share swap transactions, the tax deferral is limited in time, and when such time expires, the tax becomes payable even if no disposition of the shares has occurred.

 

32


Table of Contents

It may be difficult to enforce a judgment of a U.S. court against us, our officers and directors or the Israeli experts named in this prospectus in Israel or the United States, to assert U.S. securities laws claims in Israel or to serve process on our officers and directors and these experts.

We are incorporated in Israel. The majority of our directors and executive officers, and the Israeli experts listed in this prospectus reside outside of the United States, and most of our assets and most of the assets of these persons are located outside of the United States. Therefore, a judgment obtained against us, or any of these persons, including a judgment based on the civil liability provisions of the U.S. federal securities laws, may not be collectible in the United States and may not be enforced by an Israeli court. It also may be difficult for you to effect service of process on these persons in the United States or to assert U.S. securities law claims in original actions instituted in Israel. Israeli courts may refuse to hear a claim based on an alleged violation of U.S. securities laws reasoning that Israel is not the most appropriate forum in which to bring such a claim. In addition, even if an Israeli court agrees to hear a claim, it may determine that Israeli law and not U.S. law is applicable to the claim. If U.S. law is found to be applicable, the content of applicable U.S. law must be proven as a fact by expert witnesses, which can be a time consuming and costly process. Certain matters of procedure will also be governed by Israeli law. There is little binding case law in Israel that addresses the matters described above. As a result of the difficulty associated with enforcing a judgment against us in Israel, you may not be able to collect any damages awarded by either a U.S. or foreign court. See “Enforceability of Civil Liabilities” for additional information on your ability to enforce a civil claim against us and our executive officers or directors named in this prospectus.

Your rights and responsibilities as a shareholder will be governed by Israeli law which differs in some material respects from the rights and responsibilities of shareholders of U.S. companies.

The rights and responsibilities of the holders of our ordinary shares are governed by our articles of association and by Israeli law. These rights and responsibilities differ in some material respects from the rights and responsibilities of shareholders in U.S.-based corporations. In particular, a shareholder of an Israeli company has a duty to act in good faith and in a customary manner in exercising its rights and performing its obligations towards the company and other shareholders, and to refrain from abusing its power in the company, including, among other things, in voting at a general meeting of shareholders on matters such as amendments to a company’s articles of association, increases in a company’s authorized share capital, mergers and acquisitions and related party transactions requiring shareholder approval. In addition, a shareholder who is aware that it possesses the power to determine the outcome of a shareholder vote or to appoint or prevent the appointment of a director or executive officer in the company has a duty of fairness toward the company. There is limited case law available to assist us in understanding the nature of this duty or the implications of these provisions. These provisions may be interpreted to impose additional obligations and liabilities on holders of our ordinary shares that are not typically imposed on shareholders of U.S. corporations.

 

33


Table of Contents

SPECIAL NOTE REGARDING FORWARD-LOOKING STATEMENTS

We make forward-looking statements in this prospectus that are subject to risks and uncertainties. These forward-looking statements include information about possible or assumed future results of our business, financial condition, results of operations, liquidity, plans and objectives. In some cases, you can identify forward-looking statements by terminology such as “believe,” “may,” “estimate,” “continue,” “anticipate,” “intend,” “should,” “plan,” “expect,” “predict,” “potential,” or the negative of these terms or other similar expressions. The statements we make regarding the following matters are forward-looking by their nature:

 

    our expectations regarding revenues generated by our hybrid sales model;

 

    our expectations regarding our operating and net profit margins;

 

    our expectations regarding significant drivers of our future growth;

 

    our plans to continue to invest in research and development to develop technology for both existing and new products;

 

    our plans to invest in sales and marketing efforts and expand our channel partnerships;

 

    our plans to hire additional new employees;

 

    our plans to leverage our global footprint in existing industry verticals to further expand our market share;

 

    our plans to pursue incremental sales by further expanding our customer success team;

 

    our expectations regarding our tax classifications;

 

    our expectations regarding the controlling shareholder status of Jerusalem Venture Partners following this offering; and

 

    our plans to pursue strategic acquisitions.

The preceding list is not intended to be an exhaustive list of all of our forward-looking statements. The forward-looking statements are based on our beliefs, assumptions and expectations of future performance, taking into account the information currently available to us. These statements are only predictions based upon our current expectations and projections about future events. There are important factors that could cause our actual results, levels of activity, performance or achievements to differ materially from the results, levels of activity, performance or achievements expressed or implied by the forward-looking statements. In particular, you should consider the risks provided under “Risk Factors” in this prospectus.

You should not rely upon forward-looking statements as predictions of future events. Although we believe that the expectations reflected in the forward-looking statements are reasonable, we cannot guarantee that future results, levels of activity, performance and events and circumstances reflected in the forward-looking statements will be achieved or will occur. Except as required by law, we undertake no obligation to update publicly any forward-looking statements for any reason after the date of this prospectus, to conform these statements to actual results or to changes in our expectations.

 

34


Table of Contents

MARKET AND INDUSTRY DATA

Unless otherwise indicated, information contained in this prospectus concerning our industry and the markets in which we operate, including our general expectations, market position, market opportunity and market size, is based on information from various sources, including Gartner, Inc. (Gartner), IDC, Mandiant and Verizon Communications Inc. (Verizon), on assumptions that we have made that are based on those data and other similar sources and on our knowledge of the markets for our products and services. This information involves a number of assumptions and limitations, and you are cautioned not to give undue weight to such estimates. While we believe the market position, market opportunity and market size information included in this prospectus is generally reliable, such information is inherently imprecise. In addition, projections, assumptions and estimates of our future performance and the future performance of the industry in which we operate is necessarily subject to a high degree of uncertainty and risk due to a variety of factors, including those described in “Risk Factors” and elsewhere in this prospectus. These and other factors could cause results to differ materially from those expressed in the estimates made by the independent parties and by us.

The Gartner Report described herein, (the Gartner Report) represents data, research opinion or viewpoints published, as part of a syndicated subscription service, by Gartner, and are not representations of fact. The Gartner Report speaks as of its original publication date (and not as of the date of this prospectus) and the opinions expressed in the Gartner Report are subject to change without notice. The Gartner Report referenced is Market Guide for Endpoint Detection and Response Solutions, dated May 13, 2014.

 

35


Table of Contents

USE OF PROCEEDS

We estimate that our net proceeds from this offering will be approximately $        million, or approximately $         million if the underwriters exercise in full their option to purchase additional ordinary shares, based upon an assumed initial public offering price of $        per ordinary share.

We estimate that the net proceeds to us from this offering, after deducting underwriting discounts and estimated offering expenses, will be approximately $        million (or approximately $         million if the underwriters exercise their option in full), assuming the shares are offered at $        per ordinary share, which is the midpoint of the estimated offering price range set forth on the cover page of this prospectus.

A $1.00 increase (decrease) in the assumed initial public offering price of $         per ordinary share would increase (decrease) the net proceeds to us from this offering by approximately $        million, assuming the number of shares offered by us as set forth on the cover page of this prospectus remains the same and after deducting the underwriting discounts and commissions. Similarly, each increase (decrease) of 100,000 shares in the number of ordinary shares offered by us would increase (decrease) the net proceeds to us from this offering by approximately $        million, assuming that the assumed initial public offering price remains the same, and after deducting the underwriting discounts and commissions.

The principal purposes of this offering are to obtain additional working capital, to create a public market for our ordinary shares and to facilitate our future access to the public equity markets. We intend to use the net proceeds from this offering for general corporate purposes, including sales and marketing expenditures aimed at growing our business and research and development expenditures focused on product development. Although we have not allocated specific portions of the net proceeds to specific uses, we expect that a significant portion of such expenditures will relate to hiring additional sales and marketing and research and development personnel. We may also use net proceeds from this offering to make acquisitions or investments in complementary companies or technologies, although we do not have any agreement or understanding with respect to any such acquisition or investment at this time. We do not currently have specific plans or commitments with respect to the net proceeds from this offering and, accordingly, are unable to quantify the allocation of such proceeds among the various potential uses. We will have broad discretion in the way that we use the net proceeds of this offering.

DIVIDEND POLICY

We have never declared or paid any cash dividends on our ordinary shares. We do not anticipate paying any cash dividends in the foreseeable future. We currently intend to retain future earnings, if any, to finance operations and expand our business. Our board of directors has sole discretion whether to pay dividends. If our board of directors decides to pay dividends, the form, frequency and amount will depend upon our future operations and earnings, capital requirements and surplus, general financial condition, contractual restrictions and other factors that our directors may deem relevant. The distribution of dividends may also be limited by Israeli law, which permits the distribution of dividends only out of retained earnings or otherwise upon the permission of an Israeli court.

 

36


Table of Contents

CAPITALIZATION

The following table sets forth our cash, cash equivalents and short-term bank deposits, and total capitalization as of March 31, 2014, as follows:

 

    on an actual basis;

 

    on a pro forma basis to give effect to (a) the conversion of all of our outstanding preferred shares into ordinary shares, which will occur upon the closing of this offering, and (b) the resulting reclassification of the preferred share warrant liability to additional paid-in capital; and

 

    on a pro forma as adjusted basis to give effect to (a) the same items as “pro forma,” (b) the issuance of 493,360 ordinary shares upon the exercise immediately prior to the closing of this offering of warrants and the receipt of $0.8 million by us from such exercise, and (c) the issuance and sale of ordinary shares by us in this offering at an assumed initial public offering price of $         per ordinary share after deducting underwriting discounts and commissions and estimated offering expenses payable by us.

You should read this information in conjunction with our consolidated financial statements and the related notes appearing at the end of this prospectus and the “Management’s Discussion and Analysis of Financial Condition and Results of Operations” section and other financial information contained in this prospectus.

 

     As of March 31, 2014  
         Actual              Pro Forma              Pro Forma    
    As Adjusted    
 
     (in thousands, except share and per share amounts)  

Cash, cash equivalents and short-term bank deposits

   $ 73,621       $ 73,621       $                
  

 

 

    

 

 

    

 

 

 

Ordinary shares, par value NIS 0.01 per share; 31,785,000 shares authorized, actual and pro forma,             shares authorized, pro forma as adjusted; 7,131,273 shares issued and outstanding, actual; 24,193,711 shares issued and outstanding, pro forma;             shares issued and outstanding, pro forma as adjusted

     17         59      

Preferred shares, par value NIS 0.01 per share; 18,215,000 shares authorized, actual; zero shares authorized, pro forma and pro forma as adjusted; 15,958,290 shares issued and outstanding, actual; zero shares issued and outstanding, pro forma and pro forma as adjusted

     41         —        

Additional paid-in capital

     35,017         38,546      

Accumulated other comprehensive income

     82         82      

Retained earnings

     9,574         9,574      
  

 

 

    

 

 

    

 

 

 

Total shareholders’ equity

     44,731         48,261      
  

 

 

    

 

 

    

 

 

 

Total capitalization

   $ 118,352       $ 121,882       $                

A $1.00 increase (decrease) in the assumed initial public offering price of $         per ordinary share, would increase (decrease) the as adjusted amount of each of cash and cash equivalents, additional paid-in capital, total equity and total capitalization by approximately $        million, assuming that the number of ordinary shares offered by us, as set forth on the cover page of this prospectus, remains the same and after deducting underwriting discounts and commissions and estimated offering expenses payable by us.

 

37


Table of Contents

DILUTION

If you invest in our ordinary shares in this offering, your ownership interest will be immediately diluted to the extent of the difference between the initial public offering price per share and the pro forma as adjusted net tangible book value per ordinary share after this offering. Our net tangible book value as of March 31, 2014 was $12.78 per ordinary share.

Consolidated net tangible book value per ordinary share was calculated by:

 

    subtracting the deferred issuance cost balance, warrants presented at fair value and our consolidated liabilities, except the deferred revenues balance, from our consolidated tangible assets; and

 

    dividing the difference by the number of ordinary shares outstanding.

After giving effect to the sale of ordinary shares that we are offering at an assumed initial public offering price of $         per ordinary share, after deducting underwriting discounts and commissions and estimated offering expenses payable by us, our net tangible book value on an adjusted basis as of                     , 2014 would have been $         per ordinary share. This amount represents an immediate decrease in net tangible book value of $         per ordinary share to our existing shareholders and an immediate increase in net tangible book value of $         per ordinary share to new investors purchasing ordinary shares in this offering. We determine dilution by subtracting the as adjusted net tangible book value per ordinary share after this offering from the amount of cash that a new investor paid for an ordinary share.

The following table illustrates this dilution:

 

Assumed initial public offering price per ordinary share

      $                

Net tangible book value per ordinary share as of March 31, 2014

   $                   

Increase per ordinary share attributable to this offering

     
  

 

 

    

Pro forma as adjusted net tangible book value per ordinary share after this offering

     
     

 

 

 

Dilution per ordinary share to new investors in this offering

      $                

A $1.00 increase (decrease) in the assumed initial public offering price of $         per ordinary share would increase (decrease) our pro forma as adjusted net tangible book value by $         million, or $         per share, and the pro forma dilution per share to investors in this offering would be $         or $         per share for a $1.00 increase (decrease), respectively, assuming that the number of shares offered by us, as set forth on the cover page of this prospectus, remains the same, and after deducting underwriting discounts and commissions and estimated offering expenses payable by us. Each increase of 1.0 million shares in the number of shares offered by us would increase our pro forma as adjusted net tangible book value by approximately $         million, or $         per share, and the pro forma dilution to investors in this offering would be $         per share, assuming that the assumed initial public offering price remains the same, and after deducting underwriting discounts and commissions and estimated offering expenses payable by us. Similarly, each decrease of 1.0 million shares in the number of shares offered by us would decrease our pro forma as adjusted net tangible book value by approximately $         million, or $         per share, and the pro forma dilution to investors in this offering would be $         per share, assuming that the assumed initial public offering price remains the same, and after deducting underwriting discounts and commissions and estimated offering expenses payable by us.

If the underwriters exercise their option to purchase additional ordinary shares in full in this offering, the as adjusted net tangible book value after the offering would be $         per ordinary share, the decrease in net tangible book value per ordinary share to existing shareholders would be $         and the increase in net tangible book value per ordinary share to new investors would be $         per ordinary share, in each case assuming an initial public offering price of $         per ordinary share.

 

38


Table of Contents

The following table summarizes, as of March 31, 2014 the differences between the number of ordinary shares purchased from us, the total consideration paid to us in cash and the average price per ordinary share that existing shareholders paid, on the one hand, and new investors are paying in this offering, on the other hand. The calculation below is based on an assumed initial public offering price of $         per ordinary share before deducting underwriting discounts and commissions and estimated offering expenses payable by us.

 

     Shares Purchased     Total Consideration     Average Price
Per Share
 
     Number    Percent     Amount      Percent    

Existing shareholders

               $                             $                

New investors

            
  

 

  

 

 

   

 

 

    

 

 

   

Total

        100        100  

The foregoing tables and calculations exclude (1) 4,596,487 ordinary shares reserved for issuance under our share option plans as of March 31, 2014, of which there were options to purchase 4,446,670 ordinary shares at a weighted average exercise price of $1.51 per share, and (2) 15,000 ordinary shares underlying warrants issued to an Israeli non-profit organization with an exercise price of $2.21 per share.

To the extent any of these outstanding options is exercised, there will be further dilution to new investors. To the extent all of such outstanding options had been exercised as of March 31, 2014, the as adjusted net tangible book value per ordinary share after this offering would be $         , and total dilution per ordinary share to new investors would be $        .

If the underwriters exercise their option to purchase additional shares in full:

 

    the percentage of ordinary shares held by existing shareholders will decrease to approximately     % of the total number of our ordinary shares outstanding after this offering; and

 

    the number of shares held by new investors will increase to                     , or approximately     % of the total number of our ordinary shares outstanding after this offering.

 

39


Table of Contents

SELECTED CONSOLIDATED FINANCIAL DATA

The following tables set forth our selected consolidated financial data. You should read the following selected consolidated financial data in conjunction with “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and our consolidated financial statements and related notes included elsewhere in this prospectus. Historical results are not necessarily indicative of the results that may be expected in the future. Our financial statements have been prepared in accordance with U.S. GAAP.

The selected consolidated statements of operations data for each of the years in the three-year period ended December 31, 2013 is derived from our audited consolidated financial statements appearing elsewhere in this prospectus. The consolidated balance sheet data as of December 31, 2011 is derived from our audited consolidated financial statements that are not included in this prospectus. The summary consolidated statement of operations data for the three months ended March 31, 2013 and 2014 and the summary balance sheet data as of March 31, 2014 are derived from our unaudited interim consolidated financial statements presented elsewhere in this prospectus. In the opinion of management, these unaudited interim consolidated financial statements include all adjustments, consisting of normal recurring adjustments, necessary for a fair statement of our financial position and operating results for these periods. Results for interim periods are not necessarily indicative of the results that may be expected for the entire year.

 

     Year ended December 31,     Three months ended March 31,  
     2011     2012     2013     2013     2014  
     (in thousands, except share and per share amounts)  

Consolidated Statements of Operations:

          

Revenues:

          

License

   $ 21,125      $ 27,029      $ 38,907      $ 6,702      $ 9,120   

Maintenance and professional services

     15,240        20,179        27,250        6,029        8,275   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Total revenues

     36,365        47,208        66,157        12,731        17,395   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Cost of revenues:

          

License

     899        1,002        1,216        269        628   

Maintenance and professional services

     4,517        5,922        7,860        1,865        2,426   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Total cost of revenues(1)

     5,416        6,924        9,076        2,134        3,054   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Gross profit

     30,949        40,284        57,081        10,597        14,341   

Operating expenses:

          

Research and development(1)

     6,272        7,273        10,404        2,269        3,237   

Sales and marketing(1)

     15,929        22,081        32,840        6,817        9,433   

General and administrative(1)

     3,077        3,297        4,758        965        1,481   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Total operating expenses

     25,278        32,651        48,002        10,051        14,151   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Operating income

     5,671        7,633        9,079        546        190   

Financial income (expenses), net

     (190     4        (1,124     (240     (1,355
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Income before taxes on income

     5,481        7,637        7,955        306        (1,165

Taxes on income (benefit)

     (392     (225     1,320        178        83   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Net income (loss)

   $ 5,873      $ 7,862      $ 6,635      $ 128      $ (1,248
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Basic net income (loss) per ordinary share(2)

   $ 0.43      $ 0.51      $ 0.25      $ (0.15   $ (0.35
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Diluted net income (loss) per ordinary share(2)

   $ 0.26      $ 0.31      $ 0.14      $ (0.15   $ (0.35
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Weighted average number of ordinary shares used in computing basic net income per ordinary share(2)

     4,969,489        6,592,997        6,900,433        6,791,633        7,073,239   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

 

40


Table of Contents
     Year ended December 31,      Three months ended March 31,  
     2011      2012      2013      2013      2014  
     (in thousands, except share and per share amounts)  

Weighted average number of ordinary shares used in computing diluted net income per ordinary share(2)

     22,791,354         25,245,790         10,765,914         6,791,633         7,073,239   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Basic pro forma net income per ordinary share(3)

         $ 0.34          $ 0.01   
        

 

 

       

 

 

 

Diluted pro forma net income per ordinary share(3)

         $ 0.28          $ 0.01   
        

 

 

       

 

 

 

Weighted average number of shares used in computing pro forma basic net income per ordinary share(3)

           23,963,322            24,135,679   
        

 

 

       

 

 

 

Weighted average number of shares used in computing pro forma diluted net loss per ordinary share(3)

           27,828,804            27,783,565   
        

 

 

       

 

 

 

 

     As of December 31,      As of March 31,  
     2011      2012      2013      2013      2014  
     (in thousands)  

Consolidated Balance Sheet Data:

              

Cash, cash equivalents and short-term bank deposits

   $ 33,353       $ 45,995       $ 65,561       $ 49,669       $ 73,621   

Deferred revenue, current and long-term

     9,302         15,068         24,478         17,310         32,395   

Working capital(4)

     29,026         41,448         51,740         41,004         51,366   

Total assets

     47,654         64,379         89,724         65,435         94,467   

Preferred share warrant liability

     512         688         2,134         688         3,530   

Total shareholders’ equity

     30,290         38,494         45,846         38,809         44,731   
     Year ended December 31,      Three months ended
March 31,
 
     2011      2012      2013      2013      2014  
     (in thousands)  

Supplemental Financial Data:

              

Non-GAAP operating income(5)

   $ 7,347       $ 7,917       $ 9,482       $ 627       $ 346   

Non-GAAP net income(5)

     7,728         8,322         8,484         209         304   

Net cash provided by operating activities

     9,376         13,657         20,159         3,699         8,751   

 

(1)    Includes share-based compensation expense as follows:

 

       

     Year ended December 31,      Three months ended
March 31,
 
     2011      2012      2013      2013      2014  
     (in thousands)  

Share-based Compensation Expense:

              

Cost of revenues

   $ 70       $ 32       $ 39       $ 7       $ 20   

Research and development

     481         58         73         13         30   

Sales and marketing

     432         81         126         44         42   

General and administrative

     693         113         165         17         64   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Total share-based compensation expense

   $ 1,676       $ 284       $ 403       $ 81       $ 156   

 

(2) Basic and diluted net income per ordinary share is computed based on the weighted average number of ordinary shares outstanding during each period. For additional information, see note 10 to our consolidated financial statements included elsewhere in this prospectus.

 

41


Table of Contents
(3) Pro forma basic and diluted net income per ordinary share and pro forma weighted average shares outstanding assumes the conversion of all of our outstanding preferred shares into ordinary shares, which will occur upon the closing of this offering, but does not give effect to the issuance of shares in connection with this offering. For additional information on the conversion of the preferred shares, see note 7 to our consolidated financial statements included elsewhere in this prospectus.
(4) We define working capital as total current assets minus total current liabilities.
(5) Non-GAAP operating income and non-GAAP net income are non-GAAP financial measures that we define as operating income and net income adjusted, respectively, to remove the impact of share-based compensation. The following table reconciles operating income and net income, the most directly comparable U.S. GAAP measure, to non-GAAP operating income and non-GAAP net income for the periods presented:

 

     Year ended December 31,      Three months ended March 31,  
     2011      2012      2013      2013      2014  
     (in thousands)  

Reconciliation of Operating Income to Non-GAAP Operating Income:

              

Operating income

   $ 5,671       $ 7,633       $ 9,079       $ 546       $ 190   

Share-based compensation

     1,676         284         403         81         156   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Non-GAAP operating income

   $ 7,347       $ 7,917       $ 9,482       $ 627       $ 346   

 

     Year ended December 31,      Three months
ended March 31,
 
     2011      2012      2013      2013      2014  
     (in thousands)  

Reconciliation of Net Income to Non-GAAP Net Income:

              

Net income (loss)

   $ 5,873       $ 7,862       $ 6,635       $ 128       $ (1,248

Share-based compensation

     1,676         284         403         81         156   

Warrant adjustment

     179         176         1,446         —           1,396   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Non-GAAP net income

   $ 7,728       $ 8,322       $ 8,484       $ 209       $ 304   

For a description of how we use non-GAAP operating income and non-GAAP net income to evaluate our business, see “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Key Financial Metrics.” We believe that these non-GAAP financial measures are useful in evaluating our business because of varying available valuation methodologies, subjective assumptions and the variety of equity instruments that can impact a company’s non-cash expenses and we believe that providing non-GAAP operating income and non-GAAP net income that excludes share-based compensation expenses and warrant awards allows for more meaningful comparisons between our operating results from period to period.

Other companies, including companies in our industry, may calculate non-GAAP operating and non-GAAP net income differently or not at all, which reduces their usefulness as a comparative measure. You should consider non-GAAP operating income and non-GAAP net income along with other financial performance measures, including operating income and net income, and our financial results presented in accordance with U.S. GAAP.

 

42


Table of Contents

MANAGEMENT’S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND

RESULTS OF OPERATIONS

The following discussion should be read in conjunction with our consolidated financial statements and the related notes included elsewhere in this prospectus. This discussion contains forward-looking statements that are subject to known and unknown risks and uncertainties. Actual results and the timing of events may differ significantly from those expressed or implied in such forward-looking statements due to a number of factors, including those set forth in the section entitled “Risk Factors” and elsewhere in this prospectus. You should read the following discussion in conjunction with “Special Note Regarding Forward-Looking Statements” and “Risk Factors.”

Overview

We are a global leader and pioneer of a new layer of IT security solutions that protects organizations from cyber attacks that have made their way inside the network perimeter to strike at the heart of the enterprise. Our software solution is focused on protecting privileged accounts, which have become a critical target in the lifecycle of today’s cyber attacks. Privileged accounts act as the “keys to the IT kingdom,” providing complete access to, and control of, all parts of IT infrastructure, industrial control systems and critical business data. In the hands of an external attacker or malicious insider, privileged accounts allow attackers to take control of and disrupt an organization’s IT and industrial control infrastructures, steal confidential information and commit financial fraud. Our comprehensive solution proactively protects privileged accounts, monitors privileged activity and detects malicious privileged behavior. Our customers use our innovative solution to introduce this new security layer to protect against, detect and respond to cyber attacks before they strike vital systems and compromise sensitive data.

We have a history of innovation. We started operations in 1999 with the vision of protecting high-value business data and pioneered our Digital Vault technology, which is the foundation of our platform. That same year, we began offering our first product, the Sensitive Information Management Solution (previously called the Sensitive Document Vault), which provides a secure platform through which our customers’ employees can share sensitive files. We believe our early innovation in vaulting technology enabled us to evolve into a company that provides a comprehensive security solution built for privileged accounts. In 2005, we introduced our Privileged Account Security Solution, which has become our leading offering and reflects our emphasis on protecting privileged accounts across an organization. Our Privileged Account Security Solution is built on our shared technology platform and consists of several products: Enterprise Password Vault, Privileged Session Manager, Application Identity Manager, On-Demand Privileges Manager and Privileged Threat Analytics.

We derive our revenues from licensing our cybersecurity software, selling maintenance and support contracts, and providing professional services to the extent requested by customers. Our license revenues consist primarily of revenues from sales of our Privileged Account Security Solution. Our customers typically purchase one year and, to a lesser extent, three years, of maintenance and support in conjunction with their initial purchase of our products. Thereafter, they can renew such maintenance and support for additional one or three-year periods.

We seek to foster long-term relationships with our customers. We have a significant opportunity to generate additional revenue from our existing customers by helping them identify and address gaps in their current privileged account security strategy. Our platform provides our customers flexibility to initially deploy one or more of our products for a single use case and then expand usage over time to address more use cases, to add incremental licenses for more users or systems or to license additional products from our comprehensive platform. We measure the perpetual license maintenance renewal rate for our customers over a 12-month period, based on a dollar renewal rate of contracts expiring during that time period. Our perpetual license maintenance renewal rate is measured three months after the 12-month period ends to account for late renewals. Our renewal rate for each of the years ended December 31, 2011, 2012 and 2013 was over 90%. Our key strategies to maintain our renewal rate include focusing on the quality and reliability of our product updates and our technical support services.

 

43


Table of Contents

We sell our products directly and through a global network of channel partners, including distributors and resellers, who then sell to their end customers. In 2013, we generated slightly more than half of our revenues through sales made by our global network of channel partners, with the balance being generated through our direct sales force. We refer to end customers as our customers throughout this prospectus. We believe that our hybrid sales model, which combines the leverage of channel sales with the account control of direct sales, will continue to play an important role in the growth of our customer base. Our hybrid sales model has aided our global growth by allowing us to partner with local distributors while being able to use our direct sales team in locations where that approach is advantageous to our business.

We market and sell our solution to organizations in a variety of industries and geographies. As of June 30, 2014, we had over 1,500 customers, including over 35% of the Fortune 100 and approximately 15% of the Global 2000. We define a customer to include a distinct entity, division or business unit of a company. The growth of our business and our future success depend on our ability to expand our customer base and increase our sales to existing customers, which depend on many factors, including our ability to expand our sales force, introduce new products and grow our relationships with channel partners. While each of these areas presents significant opportunities for us, they also pose important challenges and risks that we must successfully address in order to sustain the growth of our business and improve our results of operations. Additionally, the IT security market in which we operate is characterized by intense competition, constant innovation and evolving security needs, each of which may impact our ability to grow our business.

We have experienced strong growth over the last several years, as evidenced by a compound annual growth rate in revenues of 34.9% from 2011 to 2013. We have also increased our number of employees and subcontractors from 170 as of December 31, 2011 to 364 as of March 31, 2014. We intend to continue to aggressively grow our business to meet the needs of our customers and to pursue opportunities in new and existing verticals, geographies and products. We intend to continue to invest in the development of our sales and marketing teams, with a particular focus on expanding our channel partnerships and solidifying relationships with existing customers. We also plan to continue to invest in research and development in order to continue to develop technology for both existing and new products.

During the years ended December 31, 2011, 2012 and 2013, our revenues were $36.4 million, $47.2 million and $66.2 million, respectively, representing year-over-year growth of 29.8% and 40.1% in 2012 and 2013, respectively, and with maintenance and professional services comprising over 40% of our revenues each year. Our net income for the years ended December 31, 2011, 2012 and 2013 was $5.9 million, $7.9 million and $6.6 million, respectively. For the three months ended March 31, 2013 and 2014, our revenues were $12.7 million and $17.4 million, respectively. Our net income for the three months ended March 31, 2013 was $0.1 million compared with a net loss of $1.2 million for the same period in 2014.

Key Financial Metrics

We monitor several key financial metrics to help us evaluate growth trends, establish budgets, measure the effectiveness of our sales and marketing efforts and assess operational efficiencies. The key financial metrics that we monitor are as follows:

 

     Year ended
December 31,
     Three months ended
March 31,
 
     2011      2012      2013      2013      2014  
    

(in thousands)

 

Revenues

   $ 36,365       $ 47,208       $ 66,157         $12,731       $ 17,395   

Non-GAAP operating income(1)

     7,347         7,917         9,482         627         346   

Non-GAAP net income(1)

     7,728         8,322         8,484         209         304   

Net cash provided by operating activities

     9,376         13,657         20,159         3,699         8,751   

Total deferred revenues (as of period-end)

     9,302         15,068         24,478         17,310         32,395   

 

(1) For a reconciliation of non-GAAP operating income to operating income and of non-GAAP net income to net income, the nearest comparable GAAP measures, see “Summary—Summary Consolidated Financial Data.”

 

44


Table of Contents

Revenues. We derive our revenues from licensing our cybersecurity software, selling maintenance and support contracts, and providing professional services to the extent requested by customers. We review our revenues generally to assess the overall health of our business and our license revenues in particular to assess the adoption of our software and our growth in the markets we serve.

We consider our license revenues to be particularly important in assessing our results of operations because license fees, particularly from new customers, impact both our short-term and long-term revenues. New customers impact our revenues favorably in the short-term because we recognize substantially all license fees immediately upon delivery. New customers contribute significantly to our revenues in the long-term because the size of our maintenance and support contracts is directly related to our licenses revenues, but revenues from maintenance and support contracts are recognized on a straight-line basis over the term of the related contract. This fact, coupled with the high renewal rate for our maintenance and support contracts, means that a meaningful portion of the revenues we report each period are recognized from deferred revenues generated by maintenance and support contracts entered into during previous quarters.

The amount that a customer pays for a license can vary from a few thousand dollars to many millions of dollars depending on its scope. We generally license our products on a price per user or price per server basis; however, our license agreements with a small number of our largest customers do not contain any limit on the number of users or servers in recognition of the size of the overall agreement. We also license certain of our products based on the number of concurrent sessions monitored or endpoints secured. As a result, we do not track, and are unable to track, the amount of license revenues we generate on a per user or per server basis. We do, however, maintain internal price guidelines for different size transactions and, since our cost of license revenues is negligible, we generate incremental profit from every license. Although we are focused on growing our customer base, we also do not focus on the exact number of customers that we add in a given period because our revenues are also a function of the size of initial sales to new customers and the size of upsells to existing customers. We seek to grow the number of large transactions that we enter into because they better leverage our operating expense base, and particularly our sales and marketing expenses, and also generate larger maintenance and support contracts to drive future revenues and margins.

Because the size of our maintenance and support contracts is directly related to our licenses revenues and because the rates that we charge for professional services fluctuate very little, the drivers of changes in these sources of revenues have to date been volume-based. Historically, there has been little fluctuation in price when we renew a contract for maintenance and support or for professional services. While the demand for professional services is expected to increase as our customer and license base grows, we expect that our channel partners will increase the amount of such services that they provide. Therefore, while we expect an increase in the dollar amount of our professional services revenue, we do not expect our professional services revenues to increase materially as a percentage of total revenues.

See “—Components of Statements of Operations—Revenue” for more information.

Non-GAAP Operating Income and Non-GAAP Net Income. Non-GAAP operating income and non-GAAP net income are non-GAAP financial measures. We define non-GAAP operating income as operating income excluding share-based compensation expense. We define non-GAAP net income as net income excluding (i) share-based compensation expense, and (ii) financial expenses resulting from the revaluation of warrants to purchase preferred shares. Because of varying available valuation methodologies, subjective assumptions and the variety of equity instruments that can impact a company’s non-cash expense, we believe that providing non-GAAP financial measures that exclude non-cash share-based compensation expense allow for more meaningful comparisons between our operating results from period to period. In addition, we believe that excluding financial expenses with respect to revaluation of warrants to purchase preferred shares allows for more meaningful comparison between our net income from period to period, as following this offering, the warrants will be exercised and, as a result, will no longer be revalued at each balance sheet date. Each of our non-GAAP financial measures is an important tool for financial and operational decision making and for evaluating our own operating results over different periods of time. In particular, these financial measures reflect our operating expenses, the

 

45


Table of Contents

largest of which is currently sales and marketing. Accordingly, we assess the effectiveness of our sales and marketing efforts in part by considering whether increases in such expenditures are reflected in increased revenues and increased non-GAAP operating income and non-GAAP net income. The material factors driving changes in these financial measures are discussed under the subheading “Revenues” within “—Comparison of Period to Period Results of Operations.”

Net Cash Provided by Operating Activities. We monitor net cash provided by operating activities as a measure of our overall business performance. Our net cash provided by operating activities is driven in large part by net income and from up-front payments for maintenance and support contracts and professional services. Monitoring net cash provided by operating activities enables us to analyze our financial performance as it includes our deferred revenues and removes the non-cash effects of certain items such as depreciation and share-based compensation expense, thereby allowing us to better understand and manage the cash needs of our business. Substantially all of the increase in our net cash provided by operating activities has been from growth in our net income (as adjusted for non-cash items) and in our deferred revenues. The material factors driving changes in our net income and our deferred revenues (which are driven by growth of our license revenues) are discussed under “—Comparison of Period to Period Results of Operations.”

Total Deferred Revenues. Our total deferred revenues consist of amounts that have been paid but that have not yet been recognized as revenues because they do not meet the applicable criteria. The substantial majority of our deferred revenues consist of the unrecognized portion of upfront payments associated with maintenance and support contracts and, to a lesser extent, professional services. The remaining balance of our deferred revenues consists of payments for licenses that could not yet be recognized. We monitor our total deferred revenues because it represents a significant portion of revenues to be recognized in future periods. Substantially all of the increase in our total deferred revenues has been from growth in our maintenance and support contracts which, in turn, is driven by growth of our license revenues. The material factors driving changes in our license revenues are discussed under “—Comparison of Period to Period Results of Operations.”

Components of Statements of Operations

Revenues

Our revenues are comprised of the following:

 

    License Revenues. License revenues are generated from sales of perpetual licenses for our cybersecurity software: Privileged Account Security Solution and Sensitive Information Management Solution.

 

    Privileged Account Security Solution—The substantial majority of our license revenues have been from sales of our Privileged Account Security Solution. Customers can purchase Enterprise Password Vault, Privileged Session Manager, Application Identity Manager, On-Demand Privileges Manager and Privileged Threat Analytics. We license our Enterprise Password Vault to our customers based on the number of privileged account users. We offer customers the choice of licensing our Privileged Session Manager based on the number of devices secured or the number of concurrent sessions it monitors. We license our Application Identity Manager and On-Demand Privileges Manager to our customers based on the number of servers that it protects. We introduced our Privileged Threat Analytics product in late December 2013. We license our Privileged Threat Analytics to customers based on the number of protected endpoints, such as servers, desktops, databases or mobile devices.

 

    Sensitive Information Management Solution—We generate additional license revenues through sales of our Sensitive Information Management Solution, our first product to market. Customers license the Sensitive Information Management Solution based on the permitted number of users of the software.

 

    Maintenance and Professional Services Revenues. Maintenance revenues are generated from maintenance and service contracts purchased by our customers in order to gain access to the latest software enhancements and updates on an if and when available basis and to telephone and email technical support. We also offer professional services focused on both deployment and training our customers to fully leverage the use of our products.

 

46


Table of Contents

Geographic Breakdown of Revenues

The United States is our biggest market, with the balance of our revenues generated from the EMEA region and the rest of the world, including North and South America (excluding the United States) as well as countries in the Asia Pacific region of the world. The following table sets forth the geographic breakdown of our revenues by region for the periods indicated:

 

     Year ended December 31,     Three months ended March 31,  
     2011     2012     2013     2013     2014  
     ($ in thousands)  

United States

   $ 17,772         48.9   $ 26,178         55.4   $ 32,041         48.4   $ 6,280         49.3   $ 10,300         59.2

EMEA

     14,168         38.9        14,148         30.0        25,796         39.0        4,941         38.8        5,039         29.0   

Rest of World

     4,425         12.2        6,882         14.6        8,320         12.6        1,510         11.9        2,056         11.8   
  

 

 

    

 

 

   

 

 

    

 

 

   

 

 

    

 

 

   

 

 

    

 

 

   

 

 

    

 

 

 

Total revenues

   $ 36,365         100.0   $ 47,208         100.0   $ 66,157         100.0   $ 12,731         100.0   $ 17,395         100.0
  

 

 

    

 

 

   

 

 

    

 

 

   

 

 

    

 

 

   

 

 

    

 

 

   

 

 

    

 

 

 

Cost of Revenues

Our total cost of revenues is comprised of the following:

 

    Cost of License Revenues. Cost of license revenues consists of shipping costs associated with delivery of our software, personnel costs related to delivery and license payments to third-party software vendors. We expect the absolute cost of license revenues to increase as our license revenues increase.

 

    Cost of Maintenance and Professional Services Revenues. Cost of maintenance and professional services revenues is primarily comprised of personnel costs for our global customer support organization. Personnel costs associated with customer support consist of salaries, benefits, bonuses and share-based compensation. We expect the absolute cost of maintenance and professional services revenues to increase as our customer base grows and as we hire additional professional services and technical support personnel.

Gross Profit and Gross Margin

Gross profit is total revenues less total cost of revenues. Gross margin is gross profit expressed as a percentage of total revenues. Our gross margin has historically fluctuated slightly from period to period as a result of changes in the mix of license revenues and maintenance and professional services revenues and we expect this pattern to continue.

Operating Expenses

Our operating expenses are classified into three categories: research and development, sales and marketing and general and administrative. For each category, the largest component is personnel costs, which consists of salaries, employee benefits (including commissions and bonuses) and share-based compensation expense. Operating expenses also include allocated overhead costs for facilities and foreign currency hedging contracts gains and losses. Allocated costs for facilities primarily consist of rent, depreciation and office maintenance and utilities. Operating expenses are generally recognized as incurred. We expect personnel and all allocated costs to continue to increase in absolute dollars as we hire new employees and add facilities to continue to grow our business. We expect operating margins and operating income to decline in the near term compared to prior periods as we further increase our headcount to support the future growth of our business and incur public company expenses.

Research and Development. Research and development expenses consist primarily of personnel costs attributable to our research and development personnel and consultants as well as allocated overhead costs. We expense research and development expenses as incurred. We expect that our research and development expenses will continue to increase in absolute dollars and, in the near term, as a percentage of revenues as we increase our research and development headcount to further strengthen our technology platform and invest in the development of both existing and new products.

 

47


Table of Contents

Sales and Marketing. Sales and marketing expenses are the largest component of our operating expenses and consist primarily of personnel costs, including variable compensation, as well as marketing and business development costs, product certifications, travel expenses and allocated overhead costs. We expect that sales and marketing expenses will continue to increase in absolute dollars and, in the near term, as a percentage of our revenues as we plan to expand our sales and marketing efforts globally. We expect sales and marketing expenses to be our largest category of operating expenses.

General and Administrative. General and administrative expenses consist primarily of personnel costs for our executive, finance, human resources, legal and administrative personnel. General and administrative expenses also include external legal, accounting and other professional service fees. We expect that general and administrative expense will increase in absolute dollars and, in the near term, as a percentage of revenues as we grow and expand our operations and prepare to operate as a public company, including higher legal, corporate insurance, investor relations and accounting expenses, and the additional costs of achieving and maintaining compliance with the Sarbanes-Oxley Act and related regulations.

Financial Income (Expenses), Net

Financial income (expenses), net consists of interest income, foreign currency exchange gains or losses and warrant liability expenses. Interest income consists of interest earned on our cash, cash equivalents and short-term bank deposits. We expect interest income to vary depending on our average investment balances and market interest rates during each reporting period. Foreign currency exchange changes reflect gains or losses related to transactions denominated in currencies other than the U.S. dollar. Warrant liability changes relate to our preferred share warrants. Our preferred share warrants are classified as a liability on our consolidated balance sheets and, as such, are remeasured to fair value each period with a corresponding expense from the adjustment recorded as financial income (expenses), net. We will continue to record adjustments to the fair value of these warrants until they are exercised or expire, at which time the warrants will no longer be remeasured at each balance sheet date. Immediately prior to the completion of this offering, all of our preferred share warrants will be exercised and we will no longer record any financial expenses in respect of them on our statement of operations. As of the most recent reporting period, we did not have any indebtedness for borrowed amounts.

Taxes on Income

The standard corporate tax rate in Israel for 2014 and thereafter is 26.5% and was 24.0%, 25.0% and 25.0% for 2011, 2012 and 2013, respectively.

As discussed in greater detail below under “Taxation and Israeli Government Programs Applicable to our Company,” we have received various tax benefits under the Investment Law. Under the Investment Law, our effective tax rate to be paid with respect to our Israeli taxable income under these benefits programs is 16.0%.

Under the Investment Law and other Israeli legislation, we are entitled to certain additional tax benefits, including accelerated depreciation and amortization rates for tax purposes on certain assets, deduction of public offering expenses in three equal annual installments.

Our non-Israeli subsidiaries are taxed according to the tax laws in their respective jurisdictions of organization. Due to our multi-jurisdictional operations, we apply significant judgment to determine our consolidated income tax position.

 

48


Table of Contents

Comparison of Period to Period Results of Operations

The following tables set forth our results of operations in dollars and as a percentage of revenues for the periods indicated:

 

     Year ended December 31,     Three months ended
March 31,
 
     2011     2012     2013     2013     2014  
     (in thousands)  

Revenues:

          

License

   $ 21,125      $ 27,029      $ 38,907      $ 6,702      $ 9,120   

Maintenance and professional services

     15,240        20,179        27,250        6,029        8,275   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Total revenues

     36,365        47,208        66,157        12,731        17,395   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Cost of revenues:

          

License

     899        1,002        1,216        269        628   

Maintenance and professional services

     4,517        5,922        7,860        1,865        2,426   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Total cost of revenues

     5,416        6,924        9,076        2,134        3,054   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Gross profit

     30,949        40,284        57,081        10,597        14,341   

Operating expenses:

          

Research and development

     6,272        7,273        10,404        2,269        3,237   

Sales and marketing

     15,929        22,081        32,840        6,817        9,433   

General and administrative

     3,077        3,297        4,758        965        1,481   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Total operating expenses

     25,278        32,651        48,002        10,051        14,151   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Operating income

     5,671        7,633        9,079        546        190   

Financial income (expenses), net

     (190     4        (1,124     (240     (1,355
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Income before taxes

     5,481        7,637        7,955        306        (1,165

Taxes on income (benefit)

     (392     (225     1,320        178        83   
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Net income

   $ 5,873      $ 7,862      $ 6,635      $ 128      $ (1,248
  

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

 

49


Table of Contents
     Year ended December 31,      Three months ended
March 31,
 
     2011      2012      2013      2013      2014  
     (as a % of total revenues)  

Revenues:

              

License

     58.1%         57.3%         58.8%         52.6%         52.4%   

Maintenance and professional services

     41.9            42.7            41.2            47.4            47.6      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Total revenues

     100.0            100.0            100.0            100.0            100.0      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Cost of revenues:

              

License

     2.5            2.1            1.8            2.1            3.6      

Maintenance and professional services

     12.4            12.6            11.9            14.7            14.0      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Total cost of revenues

     14.9            14.7            13.7            16.8            17.6      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Gross profit

     85.1            85.3            86.3            83.2            82.4      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Operating expenses:

              

Research and development

     17.2            15.4            15.7            17.8            18.6      

Sales and marketing

     43.8            46.7            49.7            53.5            54.2      

General and administrative

     8.5            7.0            7.2            7.6            8.5      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Total operating expenses

     69.5            69.1            72.6            78.9            81.3      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Operating income

     15.6            16.2            13.7            4.3            1.1      

Financial income (expenses), net

     (0.5)           0.0            (1.7)           (1.9)           (7.8)     
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Income before taxes

     15.1            16.2            12.0            2.4            (6.7)     

Taxes on income (benefit)

     (1.1)           (0.5)           2.0            1.4            0.5      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Net income

     16.2%         16.7%         10.0%         1.0%         (7.2)%   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Comparison of the Three Months Ended March 31, 2013 and 2014

Revenues

 

     Three months ended March 31,                
     2013      2014      Change  
     Amount      % of
Revenues
     Amount      % of
Revenues
     Amount      %  
     ($ in thousands)  

Revenues:

                 

License

   $ 6,702         52.6%       $ 9,120         52.4%       $ 2,418         36.1%   

Maintenance and professional services

     6,029         47.4            8,275         47.6            2,246         37.2      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Total revenues

   $ 12,731         100.0%       $ 17,395         100.0%       $ 4,664         36.6%   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Revenues increased by $4.7 million, or 36.6%, from $12.7 million in the three months ended March 31, 2013 to $17.4 million in the same period in 2014. This increase was due to increased sales volume of our solution. This growth was most pronounced in the United States where revenues increased by $4.0 million compared to increases of $0.1 million in the EMEA region and $0.6 million in the rest of the world. The significant increase in revenues in the United States was also due to two large transactions that together accounted for a total of $2.3 million in revenues for the period. We increased our number of customers from approximately 1,250 as of March 31, 2013 to approximately 1,500 as of March 31, 2014.

License revenues increased by $2.4 million, or 36.1%, from $6.7 million in the three months ended March 31, 2013 to $9.1 million in the same period in 2014. In the three months ended March 31, 2014, approximately 59% of license revenues were generated from sales to customers from whom we had generated

 

50


Table of Contents

revenues before this period. Substantially all of the license revenue growth resulted from increased sales of our Privileged Account Security Solution, driven by demand for our Privileged Session Manager and our Application Identity Manager.

Maintenance and professional services revenues increased by $2.2 million, or 37.2%, from $6.0 million in the three months ended March 31, 2013 to $8.3 million in the same period in 2014. Maintenance revenues increased by $2.1 million from $4.9 million in the three months ended March 31, 2013 to $7.0 million in the same period in 2014, with renewals accounting for approximately $1.1 million and initial maintenance contracts for approximately $1.0 million, respectively, of this increase. Professional services revenues increased by $0.2 million from $1.1 million in the three months ended March 31, 2013 to $1.3 million in the same period in 2014 due to the provision of more services to customers.

Costs of Revenues and Gross Profit

 

     Three months ended March 31,                
     2013      2014      Change  
     Amount      % of
Revenues
     Amount      % of
Revenues
     Amount      %  
     ($ in thousands)  

Cost of Revenues:

                 

License

   $ 269         2.1%       $ 628         3.6%       $ 359         133.5%   

Maintenance and professional services

     1,865         14.7            2,426         14.0            561         30.1      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Total cost of revenues

     2,134         16.8            3,054         17.6            920         43.1      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Gross profit

   $ 10,597         83.2%       $ 14,341         82.4%       $ 3,744         35.3%   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Cost of license revenues increased by $0.3 million, or 133.5%, from $0.3 million in the three months ended March 31, 2013 to $0.6 million in the same period in 2014. The increase in cost of license revenues was driven primarily by an increase in license revenues and an increase in personnel costs in our operations department.

Cost of maintenance and professional services revenues increased by $0.6 million, or 30.1%, from $1.8 million in the three months ended March 31, 2013 to $2.4 million in the same period in 2014. The increase in cost of maintenance and professional services revenues was driven primarily by increased personnel costs and related expenses as our technical support and professional services headcount grew from 56 as of March 31, 2013 to 68 as of March 31, 2014.

Gross profit increased by $3.7 million, or 35.3%, from $10.6 million in three months ended March 31, 2013 to $14.3 million in the same period in 2014. Gross margins decreased from 83.2% to 82.4% during the same period. This decrease was due to the increase in costs associated with sales of licenses.

Operating Expenses

 

     Three months ended March 31,                
     2013      2014      Change  
     Amount      % of
Revenues
     Amount     

 

     Amount      %  
     ($ in thousands)  

Operating Expenses

                 

Research and development

   $ 2,269         17.8%       $ 3,237         18.6%       $ 968         42.7%   

Sales and marketing

     6,817         53.5           9,433         54.2           2,616         38.4     

General and administrative

     965         7.6           1,481         8.5           516         53.5     
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Total operating expenses

   $ 10,051         78.9%       $ 14,151         81.3%       $ 4,100         40.8%   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

 

51


Table of Contents

Research and Development. Research and development expenses increased by $1.0 million, or 42.7%, from $2.2 million in the three months ended March 31, 2013 to $3.2 million in the same period in 2014. This increase was primarily attributable to a $0.8 million increase in personnel costs and related expenses as we increased our research and development team headcount from 81 as of March 31, 2013 to 105 as of March 31, 2014 to support continued investment in our future product and service offerings.

Sales and Marketing. Sales and marketing expenses increased by $2.6 million, or 38.4%, from $6.8 million in the three months ended March 31, 2013 to $9.4 million in the same period in 2014. This increase was attributable to a $1.9 million increase in expenses for salaries and related expenses due to increased headcount in all regions to expand our sales and marketing programs and a $0.2 million increase in travel and related expenses. Our sales and marketing headcount grew from 115 as of March 31, 2013 to 163 as of March 31, 2014. The remainder of the increase is attributable to increased investment in marketing programs.

General and Administrative. General and administrative expenses increased by $0.5 million, or 53.5%, from $1.0 million in the three months ended March 31, 2013 to $1.5 million in the same period in 2014. This increase was primarily attributable to an increase of $0.2 million in payroll expenses, including variable compensation to executive management, and due to increased headcount coupled with a $0.3 million increase in other expenses such as legal, facilities and other administrative expenses.

Financial Expenses (Income), Net. Financial expenses for the three months ended March 31, 2013 were $0.2 million. For the same period in 2014, financial expenses were $1.4 million. This change resulted primarily from an increase of $1.4 million in expenses associated with the measurement of fair value of warrants to purchase series B3 preferred shares, partially offset by a small gain due to exchange rate fluctuations.

Taxes on Income. Taxes on income for the three months ended March 31, 2013 were $0.2 million. For the same period in 2014, taxes on income were $0.1 million. This change was attributable to the decrease in pre-tax income.

Comparison of the Years Ended December 31, 2012 and 2013

Revenues

 

     Year ended December 31,      Change  
     2012      2013     
     Amount      % of
Revenues
     Amount      % of
Revenues
     Amount      %  
     ($ in thousands)  

Revenues:

                 

License

   $ 27,029         57.3%       $ 38,907         58.8%       $ 11,878         43.9%   

Maintenance and professional services

     20,179         42.7            27,250         41.2            7,071         35.0      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Total revenues

   $ 47,208         100.0%       $ 66,157         100.0%       $ 18,949         40.1%   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Revenues increased by $19.0 million, or 40.1%, from $47.2 million in 2012 to $66.2 million in 2013. This increase was due to increased sales volume of our solution. This increase was also driven by growth in both our license revenues and our maintenance and professional services revenue. This growth was most pronounced in the EMEA region where revenues increased by $11.7 million compared to increases of $5.9 million in the United States and $1.4 million in the rest of the world. The significant increases in the EMEA region primarily resulted from three large transactions of greater than $1.0 million each with new customers that together accounted for $5.1 million of the increased revenue. Multiple large transactions or even a single large transaction in a specific period could continue to materially impact relative growth rates among our different regions for a particular period. We increased our number of customers from approximately 1,200 as of December 31, 2012 to approximately 1,500 as of December 31, 2013.

License revenues increased by $11.9 million, or 43.9%, from $27.0 million in 2012 to $38.9 million in 2013. In 2013, approximately 32% of license revenues were generated from sales to customers from whom we

 

52


Table of Contents

had generated revenues before this period. Substantially all of the license revenue growth resulted from increased sales of our Privileged Account Security Solution, driven by demand for our Privileged Session Manager and our Application Identity Manager.

Maintenance and professional services revenues increased by $7.1 million, or 35.0%, from $20.2 million in 2012 to $27.3 million in 2013. Maintenance revenues increased by $6.0 million from $16.3 million in 2012 to $22.3 million in 2013, with renewals accounting for approximately $4.2 million and initial maintenance contracts for approximately $1.8 million, respectively, of this increase. Professional services revenues increased by $1.1 million from $3.9 million in 2012 to $5.0 million in 2013 due to the provision of more services to customers.

Cost of Revenues and Gross Profit

 

     Year ended December 31,      Change  
     2012      2013     
     Amount      % of
Revenues
     Amount      % of
Revenues
     Amount      %  
     ($ in thousands)  

Cost of Revenues:

                 

License

   $ 1,002         2.1%       $ 1,216         1.8%       $ 214         21.4%   

Maintenance and professional services

     5,922         12.6            7,860         11.9            1,938         32.7      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Total cost of revenues

   $ 6,924         14.7%       $ 9,076         13.7%       $ 2,152         31.1%   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Gross profit

   $ 40,284         85.3%       $ 57,081         86.3%       $ 16,797         41.7%   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Cost of license revenues increased by $0.2 million, or 21.4%, from $1.0 million in 2012 to $1.2 million in 2013. The increase in cost of license revenues was driven primarily by an increase in license revenues and an increase in personnel costs in our operations department.

Cost of maintenance and professional services revenues increased by $2.0 million, or 32.7%, from $5.9 million in 2012 to $7.9 million in 2013. The increase in cost of maintenance and professional services revenue was driven primarily by a $1.7 million increase in personnel costs and related expenses as our technical support and professional services headcount grew from 47 at the end of 2012 to 60 at the end of 2013.

Gross profit increased by $16.8 million, or 41.7%, from $40.3 million in 2012 to $57.1 million in 2013. Gross margins increased from 85.3% in 2012 to 86.3% in 2013. This increase was driven by our revenue growth outpacing the growth of our cost of revenues.

Operating Expenses

 

     Year ended December 31,      Change  
     2012      2013     
     Amount      % of
Revenues
     Amount      % of
Revenues
     Amount      %  
     ($ in thousands)  

Operating expenses:

                 

Research and development

   $ 7,273         15.4%       $ 10,404         15.7%       $ 3,131         43.0%   

Sales and marketing

     22,081         46.7            32,840         49.7            10,759         48.7      

General and administrative

     3,297         7.0            4,758         7.2            1,461         44.3      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Total operating expenses

   $ 32,651         69.1%       $ 48,002         72.6%       $ 15,351         47.0%   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

 

53


Table of Contents

Research and Development. Research and development expenses increased by $3.1 million, or 43.0%, from $7.3 million in 2012 to $10.4 million in 2013. This increase was primarily attributable to a $2.6 million increase in personnel costs and related expenses as we increased our research and development team headcount from 70 at the end of 2012 to 95 at the end of 2013 to support continued investment in our future product and service offerings. The increase was also attributable to a $0.4 million increase related to allocated overhead costs.

Sales and Marketing. Sales and marketing expenses increased by $10.7 million, or 48.7%, from $22.1 million in 2012 to $32.8 million in 2013. This increase was attributable to an $8.0 million increase in expenses for salaries and related expenses due to increased headcount in all regions to expand our sales and marketing organization coupled with a $1.4 million increase in expenses related to our marketing programs and a $0.8 million increase in travel and related expenses. Our sales and marketing headcount grew from 100 at the end of 2012 to 135 at the end of 2013. The remainder of the increase is attributable to increased investment in marketing programs.

General and Administrative. General and administrative expenses increased by $1.5 million, or 44.3%, from $3.3 million in 2012 to $4.8 million in 2013. This increase was primarily attributable to an increase of $1.2 million in payroll expenses, including variable compensation to executive management, and due to increased headcount coupled with a $0.2 million increase in other expenses such as legal, facilities and other administrative expenses.

Financial Income (Expenses), Net. In 2012, financial income (expenses), net, was zero. In 2013, we had financial expenses, net, of $1.1 million. This change resulted primarily from an increase of $1.4 million in expenses associated with the measurement of fair value of warrants to purchase series B3 preferred shares, partially offset by a gain of $0.3 million due to exchange rate fluctuations.

Taxes on Income. Taxes on income increased from a tax benefit of $0.2 million in 2012 to tax expenses of $1.3 million in 2013. This increase was attributable to an increase of $1.8 million in tax expenses in Israel offset by a decrease of $0.3 million in the United States.

Comparison of the Years Ended December 31, 2011 and 2012

Revenues

 

     Year ended December 31,      Change  
     2011      2012     
     Amount      % of
Revenues
     Amount      % of
Revenues
     Amount      %  
     ($ in thousands)  

Revenues:

                 

License

   $ 21,125         58.1%       $ 27,029         57.3%       $ 5,904         27.9%   

Maintenance and professional services

     15,240         41.9            20,179         42.7            4,939         32.4      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Total revenues

   $ 36,365         100.0%       $ 47,208         100.0%       $ 10,843         29.8%   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Revenues increased by $10.8 million, or 29.8%, from $36.4 million in 2011 to $47.2 million in 2012. This increase was driven by growth in both our license revenues and our maintenance and professional services revenues. This growth occurred in all regions and was most pronounced in the United States. We increased our number of customers from approximately 1,000 as of December 31, 2011 to approximately 1,200 as of December 31, 2012.

License revenues increased by $5.9 million, or 27.9%, from $21.1 million in 2011 to $27.0 million in 2012. In 2012, approximately 24% of license revenues were generated from sales to customers from whom we had generated revenues before this period. During this same period, prices of our products did not change

 

54


Table of Contents

significantly from the previous year. Substantially all of the license revenue growth resulted from increased of sales of our Privileged Account Security Solution, driven by demand for our Privileged Session Manager.

Maintenance and professional services revenues increased by $5.0 million, or 32.4%, from $15.2 million in 2011 to $20.2 million in 2012. Maintenance revenues increased by $4.2 million from $12.1 million in 2011 to $16.3 million in 2012, with renewals accounting for approximately $3.3 million and initial maintenance contracts for approximately $0.9 million, respectively, of this increase. Professional services revenues increased by $0.8 million from $3.1 million in 2012 to $3.9 million 2012 due to the provision of more services to customers.

Cost of Revenues and Gross Profit

 

     Year ended December 31,      Change  
     2011      2012     
     Amount      % of
Revenues
     Amount      % of
Revenues
     Amount      %  
     ($ in thousands)  

Cost of revenues:

                 

License

   $ 899         2.5%       $ 1,002         2.1%       $ 103         11.5%   

Maintenance and professional services

     4,517         12.4            5,922         12.6            1,405         31.1      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Total cost of revenues

   $ 5,416         14.9%       $ 6,924         14.7%       $ 1,508         27.8%   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Gross profit

   $ 30,949         85.1%       $ 40,284         85.3%       $ 9,335         30.2%   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Cost of license revenues increased by $0.1 million, or 11.5%, from $0.9 million in 2011 to $1.0 million in 2012. The increase in cost of license revenues was driven primarily by an increase in license revenues and an increase in personnel costs in our operations department.

Cost of maintenance and professional services revenues increased by $1.4 million, or 31.1%, from $4.5 million in 2011 to $5.9 million in 2012. The increase in cost of maintenance and professional services revenues was driven primarily by a $1.1 million increase in personnel costs and related expenses as our technical support and professional services headcount grew from 34 at the end of 2011 to 47 at the end of 2012.

Gross profit increased by $9.4 million, or 30.2%, from $30.9 million in 2011 to $40.3 million in 2012. Gross margins increased from 85.1% in 2011 to 85.3% in 2012. The increase in gross margin was driven by decreased costs associated with maintenance and professional services revenue.

Operating Expenses

 

     Year ended December 31,      Change  
     2011      2012     
     Amount      % of
Revenues
     Amount      % of
Revenues
     Amount      %  
     ($ in thousands)  

Operating expenses:

                 

Research and development

   $ 6,272         17.2%       $ 7,273         15.4%       $ 1,001         16.0%   

Sales and marketing

     15,929         43.8            22,081         46.7            6,152         38.6      

General and administrative

     3,077         8.5            3,297         7.0            220         7.1      
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Total operating expenses

   $ 25,278         69.5%       $ 32,651         69.1%       $ 7,373         29.2%   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

 

55


Table of Contents

Research and Development. Research and development expenses increased by $1.0 million, or 16.0%, from $6.3 million in 2011 to $7.3 million in 2012. Substantially all of this increase was attributable to an increase in personnel costs as we increased our research and development team headcount from 54 at the end of 2011 to 70 at the end of 2012 to support continued investment in our future product and service offerings. The increase is also attributable to a $0.2 million increase related to allocated overhead costs.

Sales and Marketing. Sales and marketing expenses increased by $6.2 million, or 38.6%, from $15.9 million in 2011 to $22.1 million in 2012. This increase was attributable to a $3.9 million increase in expenses for salaries and related expenses due to increased headcount in all regions to expand our sales and marketing organization coupled with a $0.9 million increase in expenses related to our marketing programs and a $0.8 million increase in travel and related expenses.

General and Administrative. General and administrative expenses increased by $0.2 million, or 7.1%, from $3.1 million in 2011 to $3.3 million in 2012. This increase was attributable to an increase of $0.2 million in legal and accounting expenses.

Financial Income (Expenses), Net. In 2011, financial expenses were $0.2 million. In 2012, we had financial income (expenses), net, of zero. This change resulted primarily from a gain of $0.2 million due to foreign exchange fluctuations of the foreign currencies.

Taxes on Income. Taxes on income decreased from a tax benefit of $0.4 million in 2011 to tax benefit of $0.2 million in 2012. This decrease was attributable to an increase of $0.7 million in tax expenses in the United States partially offset by an increase of $0.5 million in tax benefit in Israel.

 

56


Table of Contents

Quarterly Results of Operations and Seasonality

The following tables present our unaudited condensed consolidated quarterly results of operations in dollars and as a percentage of revenues for the periods indicated. This information should be read in conjunction with our audited consolidated financial statements and related notes included elsewhere in this prospectus. The historical quarterly results presented are not necessarily indicative of the results that may be expected for any future quarters or periods.

The quarterly supplemental financial measures below include quarterly non-GAAP operating income, non-GAAP net income and net cash provided by operating activities, which are non-GAAP financial measures. See “Summary—Summary Consolidated Financial Data” for a description of how we calculate non-GAAP operating income and non-GAAP net income, a reconciliation of these non-GAAP financial measures to the most directly comparable GAAP measures and a discussion about the limitations of these non-GAAP financial measures.

 

    Three months ended  
    Mar. 31,
2012
    Jun. 30,
2012
    Sept. 30,
2012
    Dec. 31,
2012
    Mar. 31,
2013
    Jun. 30,
2013
    Sept. 30,
2013
    Dec. 31,
2013
    Mar. 31,
2014
 
    (in thousands)  

Consolidated Statements of Operations Data:

                 

Revenues:

                 

License

  $ 5,522      $ 5,360      $ 6,383      $ 9,764      $ 6,702      $ 9,717      $ 9,970      $ 12,518        $9,120   

Maintenance and professional services

    4,717        4,647        5,005        5,810        6,029        6,767        6,920        7,534        8,275   
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Total revenues

    10,239        10,007        11,388        15,574        12,731        16,484        16,890        20,052        17,395   
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Cost of revenues:

                 

License

    191        293        228        290        269        243        223        481        628   

Maintenance and professional services

    1,364        1,408        1,386        1,764        1,865        2,001        1,920        2,074        2,426   
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Total cost of revenues

    1,555        1,701        1,614        2,054        2,134        2,244        2,143        2,555        3,054   
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Gross profit

    8,684        8,306        9,774        13,520        10,597        14,240        14,747        17,497        14,341   
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Operating expenses:

                 

Research and development

    1,676        1,810        1,780        2,007        2,269        2,568        2,717        2,850        3,237   

Sales and marketing

    4,558        4,766        5,278        7,479        6,817        7,740        7,876        10,407        9,433   

General and administrative

    731        787        814        965        965        1,055        1,156        1,582        1,481   
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Total operating expenses

    6,965        7,363        7,872        10,451        10,051        11,363        11,749        14,839        14,151   
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Operating income

    1,719        943        1,902        3,069        546        2,877        2,998        2,658        190   
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Net income (loss)

  $ 2,257      $ 941      $ 2,223      $ 2,441      $ 128      $ 2,598      $ 2,513      $ 1,396      $ (1,248
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

 

57


Table of Contents
    Three months ended  
    Mar. 31,
2012
    Jun. 30,
2012
    Sept. 30,
2012
    Dec. 31,
2012
    Mar. 31,
2013
    Jun. 30,
2013
    Sept. 30,
2013
    Dec. 31,
2013
    Mar 31,
2014
 
    (as a % of total revenues)  

Consolidated Statements of Operations Data:

                 

Revenues:

                 

License

    53.9%        53.6%        56.1%        62.7%        52.6%        58.9%        59.0%        62.4%        52.4%   

Maintenance and professional services

    46.1           46.4           43.9           37.3           47.4           41.1           41.0           37.6           47.6      
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Total revenues

    100.0           100.0           100.0           100.0           100.0           100.0           100.0           100.0           100.0      
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Cost of revenues:

                 

License

    1.9           2.9           2.0           1.9           2.1           1.5           1.3           2.4           3.6      

Maintenance and professional services

 

 

 

 

13.3   

 

  

 

 

 

 

14.1   

 

  

 

 

 

 

12.2   

 

  

 

 

 

 

11.3   

 

  

 

 

 

 

14.7   

 

  

 

 

 

 

12.1   

 

  

 

 

 

 

11.4   

 

  

 

 

 

 

10.3   

 

  

 

 

 

 

14.0   

 

  

 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Total cost of revenues

 

 

 

 

 

 

15.2   

 

 

  

 

 

 

 

 

 

17.0   

 

 

  

 

 

 

 

 

 

14.2   

 

 

  

 

 

 

 

 

 

13.2   

 

 

  

 

 

 

 

 

 

16.8   

 

 

  

 

 

 

 

 

 

13.6   

 

 

  

 

 

 

 

 

 

12.7   

 

 

  

 

 

 

 

 

 

12.7   

 

 

  

 

 

 

 

 

 

17.6   

 

 

  

 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Gross profit

 

 

 

 

 

 

84.8   

 

 

  

 

 

 

 

 

 

83.0   

 

 

  

 

 

 

 

 

 

85.8   

 

 

  

 

 

 

 

 

 

86.8   

 

 

  

 

 

 

 

 

 

83.2   

 

 

  

 

 

 

 

 

 

86.4   

 

 

  

 

 

 

 

 

 

87.3   

 

 

  

 

 

 

 

 

 

87.3   

 

 

  

 

 

 

 

 

 

82.4   

 

 

  

 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Operating expenses:

                 

Research and development

    16.4           18.1           15.6           12.9           17.8           15.6           16.1           14.2           18.6      

Sales and marketing

    44.5           47.6           46.4           48.0           53.5           46.9           46.6           51.9           54.2      

General and administrative

 

 

 

 

7.1   

 

  

 

 

 

 

7.9   

 

  

 

 

 

 

7.1   

 

  

 

 

 

 

6.2   

 

  

 

 

 

 

7.6   

 

  

 

 

 

 

6.4   

 

  

 

 

 

 

6.8   

 

  

 

 

 

 

7.9   

 

  

    8.5      
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Total operating expenses

 

 

 

 

 

 

68.0   

 

 

  

 

 

 

 

 

 

73.6   

 

 

  

 

 

 

 

 

 

69.1   

 

 

  

 

 

 

 

 

 

67.1   

 

 

  

 

 

 

 

 

 

78.9   

 

 

  

 

 

 

 

 

 

68.9   

 

 

  

 

 

 

 

 

 

69.5   

 

 

  

 

 

 

 

 

 

74.0   

 

 

  

 

 

 

 

81.3   

 

  

 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Operating income

 

 

 

 

16.8   

 

  

 

 

 

 

9.4   

 

  

 

 

 

 

16.7   

 

  

 

 

 

 

19.7   

 

  

 

 

 

 

4.3   

 

  

 

 

 

 

17.5   

 

  

 

 

 

 

17.8   

 

  

 

 

 

 

13.3   

 

  

 

 

 

 

1.1   

 

  

Net income

    22.0%        9.4%        19.5%        15.7%        1.0%        15.8%        14.9%        7.0%        (7.2)%   
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 
    Three months ended  
    Mar. 31,
2012
    Jun. 30,
2012
    Sept. 30,
2012
    Dec. 31,
2012
    Mar. 31,
2013
    Jun. 30,
2013
    Sept. 30,
2013
    Dec. 31,
2013
    Mar 31,
2014
 
    (in thousands)  

Supplemental Financial Metrics:

                 

Non-GAAP operating income

  $ 1,739      $ 1,006      $ 2,000      $ 3,172      $ 627      $ 2,972      $ 3,108      $ 2,775      $ 346   

Non-GAAP net income

    2,277        1,004        2,321        2,720        209        2,845        3,270        2,160        304   

Net cash provided by operating activities

    4,130        1,641        2,846        5,040        3,699        3,024        6,485        6,951        8,751   

Total deferred revenues (as of three-months end)

    10,629        11,273        11,818        15,068        17,310        19,649        22,723        24,478        32,395   

Reconciliation of Operating Income to Non-GAAP Operating Income:

                 

Operating income

  $ 1,719      $ 943      $ 1,902      $ 3,069      $ 546      $ 2,877      $ 2,998      $ 2,658      $ 190   

Share-based compensation

    20        63        98        103        81        95        110        117        156   
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Non-GAAP operating income

  $ 1,739      $ 1,006      $ 2,000      $ 3,172      $ 627      $ 2,972      $ 3,108      $ 2,775      $ 346   

Reconciliation of Net Income to Non-GAAP Net Income:

                 

Net income

  $ 2,257      $ 941      $ 2,223      $ 2,441      $ 128      $ 2,598      $ 2,513      $ 1,396      $ (1,248

Share-based compensation

    20        63        98        103        81        95        110        117        156   

Warrant adjustment

    —          —          —          176        —          152        647        647        1,396   
 

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

   

 

 

 

Non-GAAP net income

  $ 2,277      $ 1,004      $ 2,321      $ 2,720      $ 209      $ 2,845      $ 3,270      $ 2,160      $ 304   

 

58


Table of Contents

Quarterly Revenue Trends. Our quarterly revenues increased year-over-year for all periods presented due to increased sales of licenses to new customers, as well as upsells to existing customers of new licenses as well as professional and support service contracts. Comparisons of our year-over-year total quarterly revenues are more meaningful than comparisons of our sequential results due to seasonality in the sale of our products and services. Our fourth quarter has historically been our strongest quarter for sales because our target customers are enterprises that generally make such license purchases in this quarter. While we believe that these seasonal trends have affected and will continue to affect our quarterly results, our rapid growth has largely masked seasonal trends to date. We believe that our business may become more seasonal in the future. Historical patterns in our business may not be a reliable indicator of our future sales activity or performance.

Quarterly Gross Profit and Margin Trends. Our quarterly gross profit increased year-over-year for all periods presented. Our fourth quarter gross profit has historically been our strongest, which is consistent with our quarterly revenue trends. Our quarterly gross margin has remained relatively consistent over all periods presented, and any fluctuation is primarily due to shifts in the mix of sales between licenses and maintenance and professional services, as well as the types and volumes of products sold.

Quarterly Operating Expense Trends. Our quarterly operating expenses increased year-over-year for all periods presented primarily due to the addition of personnel in connection with the expansion of our business. Our operating expenses generally increase in the fourth quarter of each year as expenses increase to accommodate the increased revenues encountered in this quarter. Research and development expenses increased sequentially over the periods as we increased our headcount to support continued investment in our future products and services offerings. Sales and marketing expenses increased significantly over the periods as we incurred costs associated with commission expenses to sales people, personnel costs associated with increases in headcount and an increase in overhead allocations. General and administrative expenses increased over the periods primarily due to an increase in personnel costs, legal expenses and professional services fees related to preparing to be a public company.

Liquidity and Capital Resources

We fund our operations with cash generated from operating activities. In the past, we have also raised capital through the sale of equity securities to investors in private placements and, to a lesser extent, through exercised options. Our primary current uses of our cash are ongoing operating expenses and capital expenditures.

As of March 31, 2014 and December 31, 2013, we had $73.6 million and $65.6 million of cash, cash equivalents and short-term bank deposits, respectively. This compared with cash, cash equivalents and short-term bank deposits of $49.6 million, $46.0 million and $33.4 million as of March 31, 2013, December 31, 2012 and December 31, 2011, respectively. We believe that our existing cash, cash equivalents and short-term bank deposits will be sufficient to fund our operations and capital expenditures for at least the next 12 months. Our future capital requirements will depend on many factors, including our rate of revenue growth, the expansion of our sales and marketing activities, the timing and extent of spending to support product development efforts and expansion into new geographic locations, the timing of introductions of new software products and enhancements to existing software products and the continuing market acceptance of our software offerings.

The following table presents the major components of net cash flows for the periods presented:

 

     Year ended December 31,     Three months
ended March 31,
 
     2011      2012     2013     2013     2014  
     (in thousands)  

Net cash provided by operating activities

   $ 9,376       $ 13,657      $ 20,159      $ 3,699      $ 8,751   

Net cash provided by (used in) investing activities

     369         (3,233     (826     (435     549   

Net cash provided by (used in) financing activities

     6,691         (329     159        106        50   

 

59


Table of Contents

A substantial source of our net cash provided by operating activities is our deferred revenues, which is included on our consolidated balance sheet as a liability. The majority of our deferred revenues consist of the unrecognized portion of upfront payments associated with maintenance and professional services, with the remainder consisting of payments for licenses that could not yet be recognized. We assess our liquidity, in part, through an analysis of our short and long-term deferred revenues that have not yet been recognized as revenues together with our other sources of liquidity. Deferred revenues for licenses are recognized when all applicable revenue criteria are met. Revenues from maintenance and support contracts are recognized ratably on a straight-line basis over the term of the related contract which is typically one year and, to a lesser extent, three years, and from professional services as services are performed. Thus, since we frequently recognize revenues in subsequent periods to when certain payments may be received, an increase in deferred revenues adds to the liquidity of our operations.

Net Cash Provided by Operating Activities

Our cash flows historically have reflected our net income coupled with changes in our non-cash working capital. During the three months ended March 31, 2014, operating activities provided $8.7 million in cash as a result of a decrease of $8.3 million in our non-cash working capital, adjusted by $1.8 million of non-cash charges related to a $1.4 million change in the fair value of warrants to purchase preferred shares, depreciation of $0.2 million and share-based compensation expenses of $0.2 million coupled with a $1.2 million increase in long-term deferred revenues from three-year maintenance contracts for which we collected payment up front, which were partially offset by a net loss of $1.2 million combined with a $1.4 million increase in long-term assets. The decrease of $8.2 million in our non-cash working capital was due to a $6.7 million increase in short-term deferred revenues, a decrease of $4.7 million in trade receivables and a decrease of $0.3 million in short-term deferred tax assets, which were partially offset by a $3.4 million decrease in trade payables, employees and payroll accruals and other current liabilities. Our days’ sales outstanding (DSO) was 42 days for the three months ended March 31, 2014.

During the three months ended March 31, 2013, operating activities provided $3.7 million in cash as a result of a decrease of $4.2 million in our non-cash working capital combined with net income of $0.1 million, adjusted by $0.2 million of non-cash charges related to depreciation of $0.1 million and share-based compensation expenses of $0.1 million offset with a $0.8 million decrease in long-term deferred revenues from three-year maintenance contracts for which we collected payment up front. The decrease in our non-cash working capital was due to a $3.1 million increase in short-term deferred revenues, a $2.5 million decrease in trade receivables and a $0.3 million decrease in short-term deferred tax assets which were partially offset by a decrease of $1.7 million in trade payables, employees and payroll accruals and other current liabilities. Our DSO was 50 days for the three months ended March 31, 2014.

During the year ended December 31, 2013, operating activities provided $20.2 million in cash as a result of a decrease of $9.5 million in our non-cash working capital combined with net income of $6.6 million, adjusted by $2.3 million of non-cash charges related to a $1.4 million change in the fair value of warrants to purchase preferred shares, depreciation of $0.5 million and share-based compensation expenses of $0.4 million coupled with a $1.8 million increase in long-term deferred revenues from three-year maintenance contracts for which we collected payment up front. The decrease in our non-cash working capital was due to a $7.6 million increase in short-term deferred revenues and a $6.6 million increase in trade payables and employee-related accruals which were partially offset by increases of $3.3 million in trade receivables, $0.9 million in other current assets and $0.5 million in short-term deferred tax assets. Our DSO was 70 days for the year ended December 31, 2013.

During the year ended December 31, 2012, operating activities provided $13.7 million in cash as a result of a decrease in our non-cash working capital of $0.7 million combined with net income of $7.9 million, adjusted by $0.8 million of non-cash charges related to share-based compensation expenses of $0.3 million, depreciation of $0.3 million and a $0.2 million change in the fair value of warrants to purchase preferred shares coupled with a $2.9 million increase in long-term deferred revenues from three-year maintenance contracts for which we

 

60


Table of Contents

collected payment up front and a decrease in long-term assets, net, of $1.4 million. The decrease in our non-cash working capital was due to a $2.9 million increase in short-term deferred revenues and a $2.7 million increase in account and trade payables and employee-related accruals which were partially offset by increases of $3.1 million in trade receivables and $1.8 million in short-term deferred tax assets. Our DSO was 73 days for the year ended December 31, 2012.

During the year ended December 31, 2011, operating activities provided $9.4 million in cash as a result of net income of $5.9 million, adjusted by non-cash charges of $2.1 mainly related to share-based compensation expenses of $1.7 million and a $1.9 million decrease in long-term assets, net, mainly related long-term deferred revenues by $1.6 million due to three-year maintenance contracts for which we collected payment up front. The increase was partially offset by an increase in non-cash working capital of $0.5 million. Our DSO was 64 days for the year ended December 31, 2011.

Net Cash Provided by (Used in) Investing Activities

Net cash provided by investing activities was $0.5 million for the three months ended March 31, 2014. Net cash used in investing activities was $0.4 million for the three months ended March 31, 2013. Net cash provided by investing activities was $0.4 million in 2011. Net cash used in investing activities was $3.2 million and $0.8 million in 2012 and 2013, respectively. Investing activities have consisted primarily of investment in and proceeds from short-term deposits, and purchase of property and equipment.

Net Cash Provided by (Used in) Financing Activities

Our financing activities have primarily consisted of proceeds from the sale of preferred shares and from the exercise of share options. Net cash provided by financing activities was $0.1 million for each of the three months ended March 31, 2013 and 2014, respectively. Net cash provided by financing activities was $0.2 million for the year ended December 31, 2013. Net cash used in financing activities was $0.3 million in 2012. Net cash provided by financing activities was $6.7 million in 2011. We expect the completion of this offering to result in a material increase in our net cash flows from financing activities.

Contractual Obligations

The following summarizes our contractual obligations as of December 31, 2013:

 

     Payment due in Period  

Contractual Obligations:

   2014      2015      2016      2017 and
after
     Total  
     (in thousands)  

Operating lease obligations(1)

   $ 2,046       $ 1,683       $ 1,568       $ 1,944       $ 7,241   

Uncertain tax obligations (2)

     272         —           —           —           272   
  

 

 

    

 

 

    

 

 

    

 

 

    

 

 

 

Total

   $ 2,318       $ 1,683       $ 1,568       $ 1,944       $ 7,513   

 

(1) Operating lease obligations consist of our contractual rental expenses under operating leases of facilities and certain motor vehicles.
(2) Consists of accruals for certain income tax positions under ASC 740 that are paid upon settlement, and for which we are unable to reasonably estimate the ultimate amount and timing of settlement. See Note 8(j) to our consolidated financial statements included elsewhere in this prospectus for further information regarding our liability under ASC 740. Payment of these obligations would result from settlements with tax authorities. Due to the difficulty in determining the timing of resolution of audits, these obligations are only presented in their total amount.

 

61


Table of Contents

Application of Critical Accounting Policies and Estimates

Our accounting policies and their effect on our financial condition and results of operations are more fully described in our consolidated financial statements included elsewhere in this prospectus. We have prepared our financial statements in conformity with U.S. GAAP, which requires management to make estimates and assumptions that in certain circumstances affect the reported amounts of assets and liabilities, revenues and expenses and disclosure of contingent assets and liabilities. These estimates are prepared using our best judgment, after considering past and current events and economic conditions. While management believes the factors evaluated provide a meaningful basis for establishing and applying sound accounting policies, management cannot guarantee that the estimates will always be consistent with actual results. In addition, certain information relied upon by us in preparing such estimates includes internally generated financial and operating information, external market information, when available, and when necessary, information obtained from consultations with third-parties. Actual results could differ from these estimates and could have a material adverse effect on our reported results. See “Risk Factors” for a discussion of the possible risks which may affect these estimates.

We believe that the accounting policies discussed below are critical to our financial results and to the understanding of our past and future performance, as these policies relate to the more significant areas involving management’s estimates and assumptions. We consider an accounting estimate to be critical if: (1) it requires us to make assumptions because information was not available at the time or it included matters that were highly uncertain at the time we were making our estimate; and (2) changes in the estimate could have a material impact on our financial condition or results of operations.

Revenue Recognition

We account for our software licensing sales in accordance with the Financial Accounting Standards Board, or FASB, Accounting Standards Codification, or ASC, 985-605, “Software Revenue Recognition.” ASC 985-605 generally requires revenues earned on software arrangements involving multiple elements to be allocated to each element based on the relative fair value of the elements when Vendor Specific Objective Evidence, or VSOE, of fair value exists for all elements and to be allocated to the different elements in the arrangement under the “residual method” when VSOE of fair value exists for all undelivered elements and no VSOE exists for the delivered elements.

Maintenance and professional services are sold separately and therefore the selling price is based on VSOE.

Under the residual method, at the outset of the arrangement with the customer, we defer revenues for the fair value of our undelivered elements and recognize revenues for the remainder of the arrangement fee attributable to the elements initially delivered in the arrangement (software product) when all other criteria in ASC 985-605 have been met. Any discount in the arrangement is allocated to the delivered element.

We recognize software license revenues when persuasive evidence of an arrangement exists, the software license has been delivered, there are no uncertainties surrounding product acceptance, there are no significant future performance obligations, the license fees are fixed or determinable and collection of the license fee is considered probable. Fees for arrangements with payment terms extending beyond customary payment terms are considered not to be fixed or determinable, in which case revenues are deferred and recognized when payments become due from the customer provided that all other revenue recognition criteria have been met.

Revenues from maintenance and support contracts are recognized ratably on a straight-line basis over the term of the related contract which is typically one year and, to a lesser extent, three years, and from professional services as services are performed.

Our agreements with distributors and resellers are non-exchangeable, non-refundable, non returnable and carry no rights of price protection. Accordingly, we consider distributors as end-users.

 

62


Table of Contents

We do not generally grant a right of return to our customers. In transactions where a customer’s contractual terms include a provision for customer acceptance, revenues are recognized when such acceptance has been obtained or as the acceptance provision has lapsed.

Deferred revenues include unearned amounts received under maintenance and support contracts, professional services and amounts received from customers for licenses but not recognized as revenues due to the fact that these transactions did not meet the revenue recognition criteria as of the balance sheet date.

Derivatives instruments

ASC No. 815, “Derivative and Hedging”, requires companies to recognize all of their derivative instruments as either assets or liabilities in the statement of financial position at fair value. For those derivative instruments that are designated and qualify as hedging instruments, a company must designate the hedging instrument, based upon the exposure being hedged, as a fair value hedge, cash flow hedge or a hedge of a net investment in a foreign operation.

For derivative instruments that are designated and qualify as a cash flow hedge (i.e., hedging the exposure to variability in expected future cash flows that is attributable to a particular risk), the effective portion of the gain or loss on the derivative instrument is reported as a component of other comprehensive income and reclassified into earnings in the same period or periods during which the hedged transaction affects earnings. The remaining gain or loss on the derivative instrument in excess of the cumulative change in the present value of future cash flows of the hedged item, if any, is recognized in current earnings during the period of change.

To hedge against the risk of overall changes in cash flows resulting from foreign currency salary payments during the year, we have instituted a foreign currency cash flow hedging program. We hedge a portion of our forecasted expenses denominated in NIS. These forward and option contracts are designated as cash flow hedges, as defined by ASC 815, and are all effective, as their critical terms match underlying transactions being hedged.

Share-Based Compensation

Option Valuations

Under U.S. GAAP, we account for share-based compensation for employees in accordance with the provisions of the FASB’s ASC Topic 718 “Compensation—Stock Based Compensation,” or ASC 718, which requires us to measure the cost of options based on the fair value of the award on the grant date.

We selected the Black-Scholes-Merton option pricing model as the most appropriate method for determining the estimated fair value of options. The resulting cost of an equity incentive award is recognized as an expense over the requisite service period of the award, which is usually the vesting period. We recognize compensation expense over the vesting period using the straight-line method and classify these amounts in the consolidated financial statements based on the department to which the related employee reports.

The determination of the grant date fair value of options using the Black-Scholes-Merton option pricing model is affected by estimates and assumptions regarding a number of complex and subjective variables. These variables include the expected volatility of our share price over the expected term of the options, share option exercise and cancellation behaviors, risk-free interest rates and expected dividends, which are estimated as follows:

 

    Fair Value of our Ordinary Shares. Because our shares are not publicly traded, we must estimate the fair value of ordinary shares, as discussed in “—Ordinary Share Valuations” below.

 

    Expected Term. The expected term of options granted represents the period of time that options granted are expected to be outstanding, and is determined based on the simplified method in accordance with ASC No. 718-10-S99-1, (SAB No. 110), as adequate historical experience is not available to provide a reasonable estimate.

 

63


Table of Contents
    Volatility. The expected share price volatility was based on the historical equity volatility of the ordinary shares of comparable companies that are publicly traded.

 

    Risk-free Rate. The risk-free interest rate is based on the yield from U.S. Treasury zero-coupon bonds with a term equivalent to the contractual life of the options.

 

    Dividend Yield. We have never declared or paid any cash dividends and do not presently plan to pay cash dividends in the foreseeable future. Consequently, we used an expected dividend yield of zero.

If any of the assumptions used in the Black-Scholes-Merton model change significantly, share-based compensation for future awards may differ materially compared with the awards granted previously.

The following table presents the weighted-average assumptions used to estimate the fair value of options granted to employees during the periods presented. The number of options granted to non-employees was immaterial.

 

     Year ended December 31,    Three months ended
March 31,
   2012    2013    2013    2014

Expected volatility

   40%-45%    45%    45%    45%

Expected dividends

   0    0    0    0

Expected term

   5.28-6.11 years    6.11 years    6.11 years    6.06 years

Risk-free rate

   0.61%-2.64%    1.15%-2.64%    2.04%    1.81%

Ordinary Share Valuations

The following table presents the share options grants made between January 1, 2013 and the date of this prospectus and the related exercise price and estimated fair value per ordinary share at the grant date:

 

Date of Grant

   Number of Shares
Subject to Awards
Granted
     Exercise Price Per
Share
     Estimated Fair
Value Per Ordinary
Share at Grant Date
 

February 2013

     130,170       $ 1.78       $ 1.78   

May 2013

     156,500         2.21         2.21   

December 2013

     393,400         6.47         6.47   

January 2014

     50,000         8.84         8.84   

April 2014

     74,400         9.93         9.93   

Based on the assumed initial public offering price of $             per share, the midpoint of the estimated initial public offering price range, set forth on the cover page of this prospectus, the intrinsic value of the awards outstanding as of March 31, 2014 was $             million, of which $             million related to vested options and $             million related to unvested options.

Due to the absence of a trading market for our ordinary shares, the fair value of our ordinary shares for purposes of determining the exercise price for award grants was determined in good faith by our management and approved by our board of directors. In connection with preparing our financial statements for this offering, our management considered the fair value of our ordinary shares based on a number of objective and subjective factors consistent with the methodologies outlined in the American Institute of Certified Public Accountants Practice Aid, Valuation of Privately-Held-Company Equity Securities Issued as Compensation, referred to as the AICPA Practice Aid. We also obtained independent third-party valuations on a periodic basis.

 

64


Table of Contents

For our first two valuations associated with option grants in 2013, we determined our enterprise value, and allocated that enterprise value to each element of our capital structure (preferred shares, ordinary shares and options), using the following methodology:

 

    First, we used the discounted cash flow, or DCF, method, to determine our enterprise value. Then, for valuations where our total enterprise value was such that our ordinary shares would not automatically convert to preferred shares, we used the option pricing method, or OPM, to allocate the enterprise value to each element of our capital structure.

 

    Under the DCF method, our projected after-tax cash flows available to return to holders of invested capital were discounted back to present value, using the discount rate. Since it is not possible to project our after-tax cash flows beyond a limited number of years, the DCF method relies on determining a “terminal value” representing the aggregate value of the future after-tax cash flows after the end of the period for which annual projections are possible. The discount rate, known as the weighted cost of capital, or WACC, accounts for the time value of money and the appropriate degree of risk inherent in a business. The DCF method requires significant assumptions, in particular, regarding our projected cash flows and the discount rate applicable to our business.

 

    Under the OPM, ordinary and preferred shares are treated as call options, with the preferred shares having an exercise price based on the liquidation preference of the preferred shares. Ordinary shares will only have value if funds available for distribution to the shareholders exceed the value of the liquidation preference at the time of a liquidity event such as a merger, sale or initial public offering, assuming the enterprise has funds available to make a liquidation preference meaningful and collectible to the shareholders. The ordinary shares are modeled as call options with a meaningful enterprise at an exercise price equal to the remaining value immediately after the preferred shares are liquidated. The value of the call options is determined using the Black-Scholes-Merton option-pricing model. The OPM method requires significant assumptions, in particular, the time until investors on our company would experience an exit event and the volatility of our ordinary shares (which we determined based on the volatilities of public companies with business and financial risks comparable to our own).

 

    We also used the guideline company method, initially as a reasonableness test in order to evaluate whether the DCF / OPM method provided a reliable estimate of our enterprise value. Subsequently, as we started to contemplate an IPO, we considered the guideline company method as a standalone valuation methodology since it more closely reflected how we would be valued in connection with an IPO. Under the guideline company method, we identified public companies with business and financial risks comparable to our own. We considered the enterprise value to revenue multiple and enterprise value to EBITDA multiple of those comparable companies to derive a reasonable range for our company’s enterprise value. The most significant assumptions in the guideline company method are the selection of comparable companies and the selection of appropriate multiples. We used the same six comparable companies for the guideline company method as we used to determine volatility in connection with the OPM method (a seventh company was used in connection with the earlier valuations but was acquired and therefore ceased to be used in later valuations).

We applied a discount to the valuations due to the lack of marketability of or ordinary shares. We calculated this using a put option model based on the Black-Scholes-Merton option-pricing model. The significant assumptions involved were the same as described above.

As indicated above, the guideline company method more closely reflected how we would be valued in connection with an IPO. Conversely, the DCF / OPM method more closely reflected our value as a private company. Accordingly, starting with the valuation of our ordinary shares in December 2013 when we were first seriously contemplating an IPO, we assigned a probability weighting to the likelihood of an IPO based on management’s discussions with our board of directors and our assessment of market conditions. This is referred to as the Probability Weighed Expected Return Method (PWERM).

 

65


Table of Contents

We have set out below the application of the above methodologies to the valuation of our ordinary shares on each of the grant dates:

 

    February 2013 Grant. We determined that the fair value of our ordinary shares as of February 5, 2013 was $1.78 per share. As part of this determination, along with market considerations, our management considered a third-party valuation dated November 30, 2012. Under the DCF method, we used a discount rate of 18.0%. The resulting enterprise value was allocated among the elements of our capital structure using the OPM method assuming a liquidity event within 2.5 years. This resulted in a value per ordinary share of $2.30. We found this estimate to be reasonable after calculating a reasonable enterprise value range under the guideline company method. The estimated value of ordinary shares was then discounted by 22.5% due to lack of marketability, to arrive at a fair value of $1.78 per share.

 

    May 2013 Grant. We determined that the fair value of our ordinary shares as of May 30, 2013 was $2.21 per share. As part of this determination, along with market considerations, our management considered a third-party valuation dated May 30, 2013. Under the DCF method, we used a discount rate of 17.0%. The resulting enterprise value was allocated among the elements of our capital structure using the OPM method assuming a liquidity event within two years. This resulted in a value per ordinary share of $2.76. We found this estimate to be reasonable after calculating a reasonable enterprise value range under the guideline company method. The estimated value of ordinary shares was then discounted by 20% due to lack of marketability, to arrive at a fair value of $2.21 per share. The primary driver of the increase in the fair value was us exceeding our 2012 financial projections, which reduced the risk that we would achieve our 2013 financial projections and resulted in a lower discount rate compared to the previous valuation.

 

    December 2013 Grant. We determined that the fair value of our ordinary shares as of November 30, 2013 was $6.47 per share. As part of this determination, and along with market considerations, our management considered a third-party valuation analysis dated January 8, 2014.

 

    First, under the DCF method, we used a discount rate of 16.0%. The resulting enterprise value was allocated among the elements of our capital structure using the OPM method assuming a liquidity event within two years. This resulted in a value per ordinary share of $6.20.

 

    Next, we applied the guideline company method by comparing our projected revenue and EBITDA multiples with that of comparable companies in order to calculate enterprise value. This resulted in an estimated value per ordinary share of $10.90.

We applied a 15.0% lack of marketability discount to each estimate of fair value per ordinary share, thus getting $5.27 and $9.26 under the DCF / OPM method and guideline company method, respectively. Using the PWERM, we gave the DCF / OPM method and the guideline company method a probability of 70% and 30%, respectively, thereby arriving at a final value of $6.47 per share.

The most significant driver of the increase in fair value was significant improvements in our projected revenues for 2014 and 2015 based on exceeding our originally projected revenues for 2013. Due to the fact that our cost base has fixed elements, this increase in revenues significantly improved our after-tax cash flows. The other significant driver of the increase in fair value was our decision to consider undertaking an IPO and the related use of the guideline company method with the attribution of a 30% probability of completing an IPO.

 

    January 2014 Grant. We determined that the fair value of our ordinary shares as of January 31, 2014 was $8.84 per share. As part of this determination, and along with market considerations, our management considered a third-party valuation analysis dated March 7, 2014.

 

   

First, under the DCF method, we used a discount rate of 16.0%. In the event of a sale or IPO at a value over $175 million, our preferred shares will automatically convert into ordinary shares. Given the amount of the resulting enterprise value, the increasing probability of having an IPO, and the shorter expected time to exit, it was deemed that there was a very high probability that an

 

66


Table of Contents
 

exit event would occur at a value over $175 million, and that our preferred shares would be converted to ordinary shares and therefore use of the OPM to allocate value was no longer appropriate. We therefore divided the enterprise value by the number of fully diluted shares for a value per ordinary share of $8.90.

 

    Next, we applied the guideline company method by comparing our projected revenue and EBITDA multiples with that of comparable companies in order to calculate enterprise value. This resulted in an estimated value per ordinary share of $13.97.

We then applied a 15% lack of marketability discount to each estimate of fair value per ordinary share, thus getting $7.56 and $11.87 under the DCF method and guideline company method, respectively. Using the PWERM, we allocated a 62% probability to the DCF method (reflecting a remaining private scenario), 35% to the guideline company method (reflecting an IPO scenario) and 3% to a liquidation scenario, thereby arriving at a final value of $8.84 per share.

Two factors contributed to the increase in fair value. First, the elimination of the liquidation preference of our preferred shares due to the increase in our overall enterprise value and the assumed conversion of the preferred shares in any scenario resulted in a greater allocation of enterprise value to our ordinary shares. Second, there had been a meaningful increase in the forward trading multiples of the comparable companies due to improved market conditions.

 

    April 2014 Grant. We determined that the fair value of our ordinary shares as of March 31, 2014 was $9.93 per share. As part of this determination, and along with market considerations, our management considered a third-party valuation analysis dated May 12, 2014.

 

    First, under the DCF method, we continued to use a discount rate of 16.0%. In the event of a sale or IPO at a value over $175 million, our preferred shares will automatically convert into ordinary shares. For the reason described above, we no longer considered it appropriate to use the OPM to allocate value. We therefore divided the enterprise value by the number of fully diluted shares for a value per ordinary share of $9.62.

 

    Next, we applied the guideline company method by comparing our projected revenue and EBITDA multiples with that of comparable companies in order to calculate enterprise value. This resulted in an estimated value per ordinary share of $14.10. The increase compared to January 2014 was not significant since the forward trading multiples of the comparable companies were substantially the same.

We then applied a 15% lack of marketability discount to each estimate of fair value per ordinary share, thus getting $8.18 and $11.99 under the DCF method and guideline company method, respectively. Using the PWERM, we allocated a 47% probability to the DCF method (reflecting a remaining private scenario), 50% to the guideline company method (reflecting an IPO scenario) and 3% to a liquidation scenario, thereby arriving at a final value of $9.93 per share.

Two factors contributed to the increase in fair value. First, the increased probability of an IPO and the higher weighting accordingly attributed to the guideline public company method resulted in the majority of the increase. Second, improvements in our projected results of operations in future years resulted in a higher valuation under the DCF method.

Warrants to Purchase Preferred Shares

We account for freestanding warrants to purchase our preferred shares as a liability on our balance sheet at fair value. The warrants to purchase preferred shares are recorded as a liability as the underlying preferred shares are contingently redeemable (upon a deemed liquidation event) and, therefore, may require us to transfer assets in the future. The warrants are subject to re-measurement to fair value at each balance sheet date and any change in fair value is recognized as a component of financial income (expense), net, on the consolidated statements of

 

67


Table of Contents

operations. We will continue to adjust the liability for changes in fair value until the earlier of the exercise or expiration of the warrants, the completion of a deemed liquidation event or the conversion of preferred shares into ordinary shares.

The warrant is recorded at its estimated fair value utilizing the OPM with changes in the fair value of the warrant liability reflected in financial income (expense), net. Upon the earlier of the exercise of the warrants or the completion of a liquidation event or the completion of an initial public offering in which the warrant expires, the preferred share warrant liability will be remeasured to fair value one final time, and any remaining liability will be reclassified to additional paid-in capital. Immediately prior to the completion of this offering, all of our preferred share warrants will be exercised and we will no longer record any liability in respect of them on our balance sheet.

During the years ended December 31, 2011, 2012 and 2013, we recognized financial expenses in the amount of $0.2 million, $0.2 million and $1.4 million, respectively, from the remeasurement of the fair value of the warrants. For the three months ended March 31, 2014, we recognized financial expenses in the amount of $1.4 million from the remeasurement of the fair value of the warrants, while we did not incur any such expense during the three months ended March 31, 2013.

Income Taxes

As part of the process of preparing our consolidated financial statements we are required to estimate our taxes in each of the jurisdictions in which we operate. We account for income taxes in accordance with ASC Topic 740, “Income Taxes,” or ASC Topic 740. ASC Topic 740 prescribes the use of an asset and liability method whereby deferred tax asset and liability account balances are determined based on the difference between book value and tax bases of assets and liabilities and carryforward tax losses. Deferred taxes are measured using the enacted tax rates and laws that will be in effect when the differences are expected to reverse. We exercise judgment and provide a valuation allowance, if necessary, to reduce deferred tax assets to their estimated realizable value if it is more likely than not that some portion or all of the deferred tax asset will not be realized.

Deferred tax assets are classified as short or long-term based on the classification of the related asset or liability for financial reporting, or according to the expected reversal dates of the specific temporary differences, if not related to an asset or liability for financial reporting. We account for uncertain tax positions in accordance with ASC 740 and recognize the tax benefit from an uncertain tax position only if it is more likely than not that the tax position will be sustained on examination by the taxing authorities, based on the technical merits of the position. The tax benefits recognized in the financial statements from such a position should be measured based on the largest benefit that has a greater than 50% likelihood of being realized upon ultimate settlement. Accordingly, we report a liability for unrecognized tax benefits resulting from uncertain tax positions taken or expected to be taken in a tax return. We recognize interest and penalties, if any, related to unrecognized tax benefits in tax expense.

Off-Balance Sheet Arrangements

We do not currently engage in off-balance sheet financing arrangements. In addition, we do not have any interest in entities referred to as variable interest entities, which includes special purposes entities and other structured finance entities.

Quantitative and Qualitative Disclosure About Market Risk

Foreign Currency Risk

Our results of operations and cash flows are affected by fluctuations due to changes in foreign currency exchange rates. In 2013, the majority of our revenues were denominated in U.S. dollars and the remainder in other currencies, primarily euros and British pounds sterling. In 2013, the majority of our cost of revenues and

 

68


Table of Contents

operating expenses were denominated in U.S. dollars and NIS and the remainder in other currencies, primarily euros and British pounds sterling. Our NIS-denominated expenses consist primarily of personnel, rent and other overhead costs. Since a significant portion of our expenses is incurred in NIS, any appreciation of the NIS relative to the U.S. dollar would adversely impact our net loss or net income, if any.

The following table presents information about the changes in the exchange rates of the NIS against the U.S. dollar:

 

Period

   Change in Average Exchange
Rate of the NIS against the
U.S. Dollar (%)
 

2011

     (4.1

2012

     7.8   

2013

     (6.4

2014 (through March 31, 2014)

     0.0   

The figures above represent the change in the average exchange rate in the given period compared to the average exchange rate in the immediately preceding period. Negative figures represent depreciation of the U.S. dollar compared to the NIS. A 10% increase or decrease in the value of the NIS against the U.S. dollar would have decreased or increased our net loss by approximately $1.6 million in 2013.

For purposes of our consolidated financial statements, local currency assets and liabilities are translated at the rate of exchange to the U.S. dollar on the balance sheet date and local currency revenues and expenses are translated at the exchange rate at the date of the transaction or the average exchange rate dollar during the reporting period to the United States.

To protect against the increase in value of forecasted foreign currency cash flow resulting from expenses paid in NIS during the year, we have instituted a foreign currency cash flow hedging program. We hedge portions of the anticipated payroll of our Israeli employees in NIS for a period of one to twelve months with forward contracts and other derivative instruments. We do not use derivative financial instruments for speculative or trading purposes.

Other Market Risks

We do not believe that we have material exposure to interest rate risk due to the fact that we have no long-term borrowings.

We do not believe that we have any material exposure to inflationary risks.

New and Revised Financial Accounting Standards

The JOBS Act permits emerging growth companies such as us to delay adopting new or revised accounting standards until such time as those standards apply to private companies. We have irrevocably elected not to avail ourselves of this and, therefore, we will be subject to the same new or revised accounting standards as other public companies that are not emerging growth companies.

Recently Issued and Adopted Accounting Pronouncements

In July 2013, the FASB issued a new accounting standard that will require the presentation of certain unrecognized tax benefits as reductions to deferred tax assets rather than as liabilities in the consolidated balance sheets when a net operating loss carryforward, a similar tax loss, or a tax credit carryforward exists. We will be required to adopt this new standard on a prospective basis in the first quarter of fiscal 2015; however, early adoption is permitted as is a retrospective application. We are currently evaluating the timing, transition method and impact of this new standard on our consolidated financial statements.

 

69


Table of Contents

BUSINESS

Overview

We are a global leader and pioneer of a new layer of IT security solutions that protects organizations from cyber attacks that have made their way inside the network perimeter to strike at the heart of the enterprise. Our software solution is focused on protecting privileged accounts, which have become a critical target in the lifecycle of today’s cyber attacks. Privileged accounts are pervasive and act as the “keys to the IT kingdom,” providing complete access to, and control of, all parts of IT infrastructure, industrial control systems and critical business data. In the hands of an external attacker or malicious insider, privileged accounts allow attackers to take control of and disrupt an organization’s IT and industrial control infrastructures, steal confidential information and commit financial fraud. Our comprehensive solution proactively protects privileged accounts, monitors privileged activity and detects malicious privileged behavior. Our customers use our innovative solution to introduce this new security layer to protect against, detect and respond to cyber attacks before they strike vital systems and compromise sensitive data.

Organizations worldwide are experiencing an unprecedented increase in the sophistication, scale and frequency of cyber attacks. The challenge this presents is intensified by the growing adoption of new technologies, such as cloud computing, virtualization, software-defined networking, enterprise mobility and social networking, which has resulted in increasingly complex and distributed IT environments with significantly larger attack surfaces. Organizations have historically relied upon perimeter-based threat protection solutions such as network, web and endpoint security tools as the predominant defense against cyber attacks, yet these traditional solutions have a limited ability to stop today’s advanced threats. As a result, an estimated 90% of organizations have suffered a cybersecurity breach according to a 2011 survey of approximately 580 U.S. IT practitioners by the Ponemon Institute, a research center focused on privacy, data protection and information security policy. Organizations are just beginning to adapt their security strategies to address this new threat environment and are evolving their approaches based on the assumption that their network perimeter has been or will be breached. They are therefore increasingly implementing new layers of security inside the network to disrupt attacks before they result in the theft of confidential information or other serious damage. Regulators are also continuing to mandate rigorous new compliance standards and audit requirements in response to this evolving threat landscape.

We believe that the implementation of a privileged account security solution is one of the most critical layers of an effective security strategy. Privileged accounts represent one of the most vulnerable aspects of an organization’s IT infrastructure. Privileged accounts are used by system administrators, third-party and cloud service providers, applications and business users, and they exist in nearly every connected device, server, hypervisor, operating system, database, application and industrial control system. Due to the broad access and control they provide, exploiting privileged accounts has become a critical stage of the cyber attack lifecycle. The typical cyber attack involves an attacker effecting an initial breach, escalating privileges to access target systems, moving laterally through the IT infrastructure to identify valuable targets, and exfiltrating, or stealing, the desired information. According to Mandiant, credentials of authorized users were hijacked in 100% of the breaches that Mandiant investigated, and privileged accounts were targeted whenever possible.

We have architected our solution from the ground up to address the challenges of protecting privileged accounts and an organization’s sensitive information. Our solution provides proactive protection against cyber attacks from both external and internal sources and allows for real-time detection and neutralization of such threats. It can be deployed in traditional on-premise data centers, cloud environments and industrial control systems. Our innovative software solution is the result of over 10 years of research and expertise, combined with valuable knowledge we have gained from working with our diverse population of customers.

Our comprehensive, purpose-built Privileged Account Security Solution enables our customers to secure, manage and monitor privileged account access and activities. Our Privileged Account Security Solution consists of our Enterprise Password Vault, Privileged Session Manager, Application Identity Manager, On-Demand Privileges Manager and Privileged Threat Analytics. These products share a common technology platform that

 

70


Table of Contents

includes our Digital Vault, Master Policy Engine and Discovery Engine, and integrates out of the box with over 100 types of IT assets in the datacenter or the cloud. Our solution complements network, endpoint, web and other security tools and enhances the effectiveness of other security defenses by preventing the misuse of privileged accounts that are built into these products.

As of June 30, 2014, we had over 1,500 customers, including over 35% of the Fortune 100 and approximately 15% of the Global 2000. We define a customer to include a distinct entity, division or business unit of a company. Our customers include leading enterprises in a diverse set of industries, including energy and utilities, financial services, healthcare, manufacturing, retail, technology and telecommunications, as well as government agencies. We sell our solution through a high touch, channel fulfilled hybrid sales model that combines the leverage of channel sales with the account control of direct sales, and therefore provides us with significant opportunities to grow our current customer base. This approach allows us to maintain close relationships with our customers and benefit from the global reach of our channel partners. Additionally, we are enhancing our product offerings and go-to-market strategy by establishing technology alliances within the IT infrastructure and security vendor ecosystem.

Our business has rapidly grown in recent years. During 2011, 2012 and 2013, our revenues were $36.4 million, $47.2 million and $66.2 million, respectively, representing year-over-year growth of 29.8% and 40.1% in 2012 and 2013, respectively. Our net income for 2011, 2012 and 2013 was $5.9 million, $7.9 million and $6.6 million, respectively. For the three months ended March 31, 2013 and 2014, our revenues were $12.7 million and $17.4 million, respectively. Our net income for the three months ended March 31, 2013 was $0.1 million compared with a net loss of $1.2 million for the same period in 2014.

Industry Overview

The recent increase in sophisticated, targeted security threats by both external attackers and malicious insiders, along with an increase in the attack surface due to the growing complexity and distributed nature of IT environments, have made it extremely challenging for enterprises and governments around the world to protect their sensitive information. These challenges are driving the need for a new layer of security that complements traditional threat protection technologies by securing access to privileged accounts and preventing the exploitation of organizations’ critical systems and data.

Security threats are increasingly sophisticated and targeted

Organizations are experiencing an elevated level of increasingly sophisticated and targeted security threats. These advanced threats are frequently driven by organized groups such as: professional criminals attempting to gain access to valuable or sensitive information, state-sponsored groups that aim to further national agendas through industrial espionage or cyber warfare, and “hacktivists” pursuing a variety of socially-driven causes. These groups are highly motivated, technically advanced and are often well funded. They have become fundamental drivers of the heightened risk of cyber attacks.

Increasing complexity and openness of IT environments increases risk

To support business priorities and the evolving needs of their customers, enterprises are investing in new technologies and architectures that are rapidly increasing the complexity and openness of the IT infrastructure, including virtualization, cloud computing, mobility, software-defined networking, big data and social networking. A large enterprise’s IT infrastructure typically consists of tens of thousands of servers, databases, network devices and applications, and is often distributed across multiple geographic regions. Enterprises are increasingly adopting mobility and bring-your-own-device (BYOD) policies, allowing employees to access confidential company information and applications on mobile devices. Furthermore, many enterprises are outsourcing aspects of their infrastructure to cloud service providers and remote vendors, increasing their reliance on third parties to manage and protect their sensitive information. While these modern IT technologies offer organizations many benefits, they also increase the security risk by expanding the attack surface of the organization and increasing the complexity of security management.

 

71


Table of Contents

Privileged accounts are widespread and vulnerable to attack

Privileged accounts represent one of the most vulnerable aspects of an organization’s IT infrastructure. Privileged accounts are those accounts within an organization that give the user high levels of access, or “privileged” access, to IT systems, applications and data. Privileged accounts are used by systems administrators to deploy and maintain IT systems and they exist in nearly every connected device, server, database, application and industrial control system. Additionally, privileged accounts extend beyond an organization’s traditional IT infrastructure to include employee-managed corporate social media accounts, which can be misused to cause significant reputational damage and other harm to an enterprise. With the increasing complexity of IT infrastructures, the number of privileged accounts has grown exponentially. We believe that organizations typically have two to four times more privileged accounts than employees. As a result, hijacking privileged accounts gives attackers the ability to access and download an organization’s most sensitive data, disrupt business operations, create additional user and privileged accounts, distribute malware, bypass existing security controls, perform other sensitive operations, and erase audit trails to hide their activity. Hackers, malicious insiders or even careless users pose a significant threat to organizations when they gain access to privileged accounts. Some well-publicized examples of cyber attacks that have compromised privileged accounts, according to sources in the public domain, include:

 

    BlackPOS. At the end of 2013 and continuing into 2014, several large retail organizations were attacked using BlackPOS, a type of malware targeting point of sale systems. The malware was transferred into at least one of the organizations using privileged network credentials assigned to a remote third-party vendor. These attacks compromised the credit card information of tens of millions of customers and may cost the retailers over $1 billion in related expenses.

 

    U.S. Intelligence Agency. In 2013, a third-party systems administrator abused his insider status and authorized privileged credentials to download and make public hundreds of thousands of classified documents.

 

    South Korea. In 2013, South Korean TV stations and banks were attacked with data wiping malware. According to reports, the devastating attacks carried out on South Korea were precipitated by hackers obtaining a privileged administrator login to a security vendor’s patch management server via a targeted attack. The attackers then created malware that resembled a normal software update, tricking unsuspecting organizations into infecting their own systems with this malicious update.

 

    Flame. In 2012, an extremely sophisticated cyber weapon was discovered that was designed to collect and delete sensitive information. This cyber-espionage worm was estimated to have infected systems at 600 organizations in several countries in the Middle East and Africa. The worm compromised privileged accounts with domain administrative rights, allowing it to move laterally and spread the infection to more machines.

 

    RSA. In 2011, after initially penetrating the network through a spear phishing email, an attack harvested legitimate user credentials, including privileged credentials needed to infiltrate the core RSA SecurID token master key database, thereby compromising the security of thousands of other companies, including several major U.S. defense contractors.

 

    Night Dragon. Starting in 2009 and reported in 2011, an attack was carried out against a number of energy firms that targeted proprietary operations and project-financing information. Once the initial system was compromised, the attack targeted local privileged administrative accounts, providing the attacker with broad access to the energy firms’ systems and confidential intellectual property.

Exploiting privileged accounts is a critical stage of an attack lifecycle

Today’s advanced cyber attacks are typically designed to evade traditional threat prevention technologies that are focused on protecting the perimeter from outside breach. Once inside a network, many of these modern attacks follow a common lifecycle. Attackers typically attempt to advance from the initial breach, escalating their privileges and moving laterally through the system to identify and access valuable targets and confidential

 

72


Table of Contents

information so they can access their target systems and information. Once an attacker has hijacked the privileged credentials of an authorized user, its activities blend in with legitimate traffic and is therefore much more difficult to detect. Attackers can therefore operate undetected inside an organization for long periods of time. In fact, according to the 2013 Data Breach Investigations Report from Verizon, 66% of breaches take months or years to discover and approximately 70% of breaches were discovered by external parties who then notified the targeted company. According to Mandiant, the median length of time that attackers are on an organization’s network before being detected is approximately 240 days. The diagram below shows the typical lifecycle of a cyber attack.

 

LOGO

 

    Perimeter compromise. Attackers can gain entry into a corporate network through multiple attack vectors including email, web and endpoints. The most common technique used to penetrate an enterprise network and break through the network perimeter is a “phishing” attack through which an email is used to deliver malware to an employee of the target. Attackers have become highly sophisticated and are increasingly finding ways to evade traditional network perimeter threat detection technologies. In most cases, immediately after the initial compromise, attackers download malware tools and establish a connection to a command-and-control server to enable ongoing control.

 

    Escalate privileges. External attackers, after the initial compromise, target privileged accounts to facilitate the future stages of the attack. Through a variety of tactics, including keystroke logging malware, “pass the hash” attacks, dictionary attacks and other techniques, attackers attempt to gain possession of the credentials used to access privileged accounts. Malicious insiders typically already have some degree of privileged access but may need to escalate privileges to extend their access. Privilege escalation is a critical stage of the attack, because if privileged credentials are compromised, the attacker is able to move closer to sensitive data while remaining undetected.

 

    Reconnaissance and lateral movement. Once armed with privileged credentials, attackers may conduct stealth reconnaissance across the network to locate other vulnerable systems, and then spread laterally across the network in search of target data and systems. As the attacker identifies an additional interesting target, it may again need to escalate its privileges to gain access to the newly identified system and then continue its reconnaissance.

 

73


Table of Contents
    Data exfiltration. The final stage of an attack lifecycle is typically to exfiltrate the desired information from the target’s corporate network to a location that the attacker controls. Once the target information has been gathered in a staging area and is ready for exfiltration, the attacker can use its privileged access to bypass controls and monitoring technologies designed to prevent or detect exfiltration.

Malicious insiders continue to be a significant risk

Malicious insiders have historically been responsible for some of the most significant security breaches and continue to pose a significant risk to organizations. Insiders are generally trusted users such as employees, contractors and business partners. Insiders typically have trusted credentials and knowledge of the organization, and can therefore be extremely dangerous if they decide to exploit their position to steal confidential information, commit financial fraud, disrupt operations or cause other harm. Malicious insiders are often disgruntled employees or contractors driven by financial or personal motives and often seek valuable or sensitive information that can be used to harm the organization. These individuals and groups use their access to attempt to exploit privileged credentials in order to laterally move throughout the organization and gain access to valuable or sensitive information. In addition, accidental changes to system configuration settings or other system operating characteristics by well-intentioned insiders are also a significant risk, as they can cause expensive service disruptions and unknown security vulnerabilities.

Security-related regulatory and compliance requirements are challenging to manage

Governments and industry groups continue to enact new legislation and compliance standards regarding data protection and privacy and internal control. Furthermore, compliance requirements continue to become more stringent in response to the complex and evolving threat landscape. Regulations and compliance standards can overlap with one another, change very frequently, require costly and time consuming compliance measures and carry significant financial and reputational consequences for audit failure and non-compliance. Examples of such regulations include the Payment Card Industry Data Security Standard (PCI-DSS); the Federal Information Security Management Act (FISMA) and associated National Institute for Standards and Testing (NIST) Network Security Standards; the Sarbanes-Oxley Act; Title 21 of the U.S. Code of Federal Regulations, which governs food and drug industries; the North American Electric Reliability Corporation Critical Infrastructure Protection Plan (NERC-CIP); the German Federal Financial Supervisory Authority (BaFin) Minimum Requirements for Risk Management; and the requirements of Monetary Authority of Singapore’s Technology Risk Management Notices. The common theme of these regulations is generally a requirement that organizations implement control over privileged accounts, establish accountability to specific users and maintain a complete recording of privileged sessions.

Enterprises have historically relied on traditional security threat protection technologies

Organizations have invested heavily in security products to protect their IT infrastructure and valuable information. According to IDC, worldwide spending on IT security products is expected to grow from $32.0 billion in 2013 to $42.0 billion by 2017. Historically, the majority of this spending has been focused on perimeter threat protection products such as network, web and endpoint security. While prevention of the initial breach is an important layer of an enterprise security strategy, we do not believe that perimeter-based threat protection alone is sufficient to protect against today’s increasingly sophisticated and targeted external security threats or malicious insiders. Despite significant investments in perimeter-based threat protection solutions, most enterprises are still being breached. Therefore, we believe in the future a greater portion of the overall spend will be dedicated to solutions focused on the inside of the enterprise.

Challenges in Protecting Privileged Accounts

The increasing sophistication, scale and frequency of advanced cyber attacks challenge traditional cybersecurity methods and create a need for a comprehensive approach to securing privileged accounts from use by external or internal attackers to gain access to and exploit an organization’s confidential data and IT systems. Such an approach must address a range of challenges presented by privileged accounts.

 

74


Table of Contents
    Traditional security solutions’ limited ability to protect privileged credentials and critical assets from cyber attacks. Organizations worldwide continue to struggle to protect privileged credentials and critical assets despite significant investment in traditional perimeter, endpoint or identity-focused security solutions. Organizations’ attempts to solve this problem using a combination of disparate traditional security solutions do not address the unique requirements of securing privileged accounts. Without proactive, automated controls on privileged accounts, including privileged credential protection and real-time alerting on potential threats and malware isolation, attackers can bypass traditional security controls and exploit privileged accounts as a gateway to critical infrastructure, confidential data and other security solutions.

 

    Insufficient visibility and lack of automation in the management of privileged accounts. Traditional approaches to identifying and managing privileged accounts typically involve manual, time-consuming tasks performed on an infrequent or ad-hoc basis. These approaches do not ensure that organizations identify their complete inventory of privileged accounts or manage their privileged credentials securely. Manual approaches can result in common passwords used across multiple systems, unauthorized sharing of credentials, default passwords remaining in place and other behaviors that compromise security and leave IT systems susceptible to attack. These approaches do not provide a current, accurate and global picture of an organization’s security and compliance posture, decreasing security effectiveness and increasing IT operational costs.

 

    Inability to monitor and audit all privileged activity. Traditional information systems do not provide sufficient detail of privileged activities, or worse yet, allow privileged accounts to change security settings or delete system audit logs to hide wrongdoing. Without end-to-end monitoring and recording of all command-level privileged activities, organizations are unable to audit privileged activity. This leaves them at risk of failing compliance audits, being unable to hold privileged users accountable for their actions and lacking critical forensics information to help deconstruct and remediate an attack.

 

    Inadequate or delayed response time in detecting malicious and high risk behaviors. Many organizations often log high level privileged account activity as part of a broad, system-wide logging solution; however, this information is collected and stored amongst other vast data aggregations, and in many cases does not provide the right level of detail or context to understand what differentiates normal from anomalous behavior. Without regular and methodical review of these logs, identification of threats is often missed or delayed. Additionally, tampering with log files is one of the routine aspects of an advanced malware attack or internal hack, rendering such information or analysis inaccurate or incomplete. Organizations need a single platform that can collect and record complete, detailed records of privileged account activity, develop profiles of expected user behaviors and then alert in real-time on any deviations from expected behavior.

 

    Limited scalability of existing point solutions. Traditional solutions that attempt to address privileged account security are often delivered as tactical point tools rather than comprehensive solutions and lack enterprise-level scalability or support for globally distributed datacenters. In addition, an attempt to patch together such disparate point tools having different interfaces and architectures and typically provided by different vendors, leads to interoperability issues. Without a single, scalable solution, organizations must devote considerable time and resources to develop integration strategies for existing solutions with the rest of their IT security investments.

Our Solution

Our solution provides proactive protection against cyber attacks from both external and internal sources and allows for real-time detection and neutralization of such threats. Our Privileged Account Security Solution provides organizations with the following benefits:

 

   

Comprehensive platform for proactive protection of privileged credentials and target assets from cyber attacks. Our comprehensive solution for privileged account security enables our customers to proactively protect against and automatically detect and respond to in-progress cyber attacks before they strike vital

 

75


Table of Contents
 

systems and compromise sensitive data. Our unified solution to these previously disparate security needs enables our customers to preemptively remediate vulnerabilities and improve their security effectiveness from a central command and control point. We enhance the effectiveness of traditional security defenses by introducing a new security layer that prevents the misuse of privileged accounts which exist in virtually every piece of technology in the organization including security products.

 

    Automatic identification and understanding of the scope of privileged account risk. Our solution automatically detects privileged accounts across the enterprise and helps customers visualize the resulting compliance gaps and security vulnerabilities. This automated process reduces the time-consuming and error-prone task of manually tracking and updating privileged credentials, thereby decreasing IT operational costs. This enhanced visibility significantly improves the security posture of our customers and facilitates adherence to rigorous audit and compliance standards.

 

    Continuous monitoring, recording and secure storage of privileged account activity. Our solution monitors, collects and records individual privileged session activity down to every mouse click and keystroke. It also provides highly secure storage of privileged session recordings and robust search capabilities allowing organizations to meet their audit and compliance requirements. Session recordings also provide a full forensics record of privileged activity to facilitate a more rapid and precise response to malicious activity.

 

    Real-time detection, alerting and response to malicious privileged activity. Our Privileged Threat Analytics product builds on historical data collected by our comprehensive Privileged Account Security Solution and other network data sources to create and maintain a current profile of each privileged user’s behavior. It uses proprietary algorithms to profile and analyze individual privileged user behavior without impacting the privileged account session and creates prioritized alerts in real-time when abnormal activity is detected. These alerts allow our customers’ incident response teams to investigate and prioritize threatening activity and respond by terminating the active session.