Earnings call transcript: Qualys beats expectations in Q2 2025

Qualys Inc. (QLYS) reported strong financial results for the second quarter of 2025, surpassing Wall Street expectations with an earnings per share (EPS) of $1.68, compared to a forecast of $1.47. This represents a 14.29% positive surprise. Revenue also exceeded projections, reaching $164.1 million against the anticipated $161.24 million. Despite these positive results, the company’s stock declined by 3.84% to close at $135.82, though it saw a post-market recovery of 0.91%. According to InvestingPro analysis, Qualys maintains impressive gross profit margins of 81.79% and holds more cash than debt on its balance sheet, indicating strong operational efficiency.

Key Takeaways

• Qualys reported a 14.29% EPS surprise, outperforming forecasts.
• Revenue increased by 10% year-over-year, driven by international growth.
• The stock fell 3.84% but showed signs of recovery in after-hours trading.
• New AI-native Risk Operations Center was launched, enhancing product offerings.
• Full-year revenue guidance was set at $656-$662 million, indicating 8-9% growth.

Company Performance

Qualys demonstrated robust performance in Q2 2025, with revenue growing by 10% year-over-year. The company attributed this growth to strong international sales, which rose by 15%, and a 17% increase in channel partner revenue. The launch of innovative products, such as the AI-native Risk Operations Center, positions Qualys as a leader in the evolving cybersecurity landscape.

Financial Highlights

• Revenue: $164.1 million, up 10% year-over-year
• EPS: $1.68, up 11% from the previous year
• Adjusted EBITDA: $73.4 million, representing a 45% margin
• Net dollar expansion rate: 104%, an improvement from 103% last year

Earnings vs. Forecast

Qualys exceeded market expectations with an EPS of $1.68, compared to the forecasted $1.47, marking a 14.29% surprise. Revenue also surpassed predictions, coming in at $164.1 million against a forecast of $161.24 million, a 1.75% surprise. This performance marks a continuation of the company’s trend of surpassing earnings forecasts.

Market Reaction

Despite the strong earnings report, Qualys’ stock fell by 3.84% during regular trading hours, closing at $135.82. However, in after-hours trading, the stock showed signs of recovery, rising by 0.91% to $137.05. This movement may reflect broader market volatility or investor caution despite positive earnings.

Outlook & Guidance

Qualys provided a positive outlook, forecasting full-year 2025 revenue between $656 million and $662 million, representing 8-9% growth. The company also anticipates a full-year EPS range of $6.20 to $6.50, highlighting confidence in its strategic initiatives and market position. While trading at a P/E ratio of 26.38, InvestingPro analysis suggests the stock is currently undervalued, with additional ProTips available to subscribers regarding the company’s valuation metrics and growth prospects.

Executive Commentary

CEO Sumit Dakar emphasized Qualys’ pioneering role in the cybersecurity industry, stating, "In this new era of cybersecurity driven by advanced data analytics, automation, and AI, Qualys is pioneering a new risk operation center category." CFO Jimmy Kim added, "We continue to believe organizations will increasingly adopt cloud native, full stack security and compliance coverage," underscoring the company’s strategic focus.

Risks and Challenges

• Macroeconomic uncertainty could impact future growth.
• Increasing competition in the cybersecurity sector may pressure market share.
• The need for continuous innovation to maintain technological leadership.
• Potential challenges in scaling international operations.
• Dependence on channel partners for revenue growth.

Q&A

During the earnings call, analysts inquired about the macroeconomic environment, which was described as stable but challenging. Questions also focused on the reception of new AI products, with executives noting a positive market response. The company highlighted its partner-led growth strategy as a key driver of future expansion.

Full transcript - Qualys Inc (QLYS) Q2 2025:

Conference Operator: Ladies and gentlemen, thank you for standing by. Welcome to Qualys’ Second Quarter twenty twenty five Investors Call. At this time, all participants are in a listen only mode. After the speakers’ presentation, there will be a question and answer session. To ask a question during the session, you would need to press 11 on your telephone.

You would then hear an automated message advising your hand is raised. Please be advised that today’s conference is being recorded. I would now like to turn the conference over to Blair King, Investor Relations. Please go ahead, sir.

Blair King, Investor Relations, Qualys: Thank you, Michelle. Good afternoon, and welcome to Qualys’ second quarter twenty twenty five earnings call. Joining me today to discuss our results are Sumit Dakar, President and CEO and Jimmy Kim, our CFO. Before we get started, I would like to remind you that our remarks today will include forward looking statements that generally relate to future events or our future financial or operating performance. Actual results may differ materially from these statements.

Factors that could cause results to differ materially are set forth in today’s press release and our filings with the SEC, including our latest Form 10 Q and 10 ks. Any forward looking statements that we make on this call are based on assumptions as of today, and we undertake no obligation to update these statements as a result of new information or future events. During this call, we will present both GAAP and non GAAP financial measures. A reconciliation of GAAP to non GAAP measures is included in today’s earnings press release. And as a reminder, the press release, prepared remarks and investor presentation are all available on the Investor Relations section of our website.

So with that, I’d like now to turn the call over to Samed.

Sumit Dakar, President and CEO, Qualys: Thank you, Blair, and welcome to our second quarter earnings call. In q two, we continued to execute well, resulting in another quarter of solid revenue growth and profitability. In this new era of cybersecurity driven by advanced data analytics, automation, and AI, Qualys is pioneering a new risk operation center category in cybersecurity and redefining how organizations manage cyber risk. While traditional security operation centers are focused on detecting breaches after they happen, the rock is built for prevention. Qualys’ cloud native ETM Enterprise Tourist Management solution powers this transformation.

With over 18,000,000,000,000 data points processed in real time, we have unleashed the power of our platform to integrate and normalize signals from both Qualys and non Qualys tools, including CrowdStrike, Security Scorecard, Tenable, and WIS. Unlike other continuous threat exposure management solutions that simply highlight exposure and lack effective remediation or business context, Qualys’ ETM solution is a powerful orchestration layer, aggregating both Qualys and non Qualys security findings, applying threat intelligence, and delivering a unified business contextual view of risk with holistic prioritization and automated remediation. This business aligned approach to pre breach cyber risk management continues to resonate strongly with customers and boards, and positions Qualys at the forefront of a paradigm shift in cybersecurity, one defined not just by the detection of the vulnerabilities, but by measurable, proactive, automated risk reduction at scale. With active POCs already converting after announcing GA just a short while ago, we continue to see many parallels between this new market opportunity and the early days of our VMDR launch, including a significant greenfield opportunity and growing demand. With our latest announcement yesterday, we are very excited to introduce Qualys’ latest game changing vision for the future of cyber risk management with the launch of a fully reimagined agentic AI platform built on a unified fiber to seamlessly manage cyber risk across multi vendor environments.

At its core, every cyber risk AI agent represents a specialized autonomous AI fabric equipped to automate complex business processes and autonomously adapt to customers’ environment by accessing diverse internal and external data sources, applications, and machines. These agents achieve complete end to end outcomes for cybersecurity teams. Available in a first of a kind agentic AI marketplace for risk management, CSOs can now quickly augment their team with highly specialized autonomous experts that can bring down the time to remediation, increase accuracy, and reduce costs. Users can use out of the box cyber risk agents available in the marketplace, interactively create their own specialist agents, or leverage third party agents from our partners that can be added to the marketplace in the future. Further advancing our remediation focus beyond patching, we are introducing new capabilities to our TruRisk eliminate umbrella of remediation solutions.

Now organizations can quickly determine trending risks to their environment, the estimated impact of a breach on a particular asset, and the probability of successfully applying a patch. If applying a patch is deemed a significant operational risk to the business, security and IT teams can alternatively choose to automate an array of compensating controls to prevent an incident from occurring. Embedding Qualysys AI systems directly into remediation workflows is a significant adoption lever, a strong competitive differentiator, and opens new market opportunities well beyond patch management. Continuing this rapid pace of innovation, we are further broadening our ETM solution and bringing natively integrated identity security management, ISPM, to market at a time when identities have become part of the new perimeter. Compromise credentials are central to nearly every major cyber attack today, and Qualysys solution is aimed at helping organizations stay in front of adversaries by continuously analyzing identity systems for misconfigurations, excessive privileges, and toxic combinations with assets.

By unifying the identity risk surface, we eliminate silos and help security visualize identity exposure and remediate risk before attackers escalate privileges or laterally. Spanning devices, cloud workloads, and applications, Qualys now provides holistic protection using Qualys and non Qualys data sources across key identity touch points, mapped to asset criticality and backed by real time remediation through a single natively integrated platform. These innovative new approaches to cybersecurity risk management, along with several others we are showcasing at Black Hat this week, allow our customers to reduce complexity and cost, achieve better outcome, and create multidimensional path for durable long term growth in our business. Moving on to the business update. Over the last several months, I have personally met with many customers, prospects, and partners, and the message has remained resoundingly clear.

Organizations are increasingly anchoring pre breach cyber spend, the solutions that articulate and demonstrate a measurable impact on cyber risk. Rather than consolidating around a single vendor, CSOs seeking are platforms that allow flexibility across their security stack while unifying this through a common framework. This requires a centralized risk habit, which brings together diverse tools and enables teams to uniformly assess, prioritize, and remediate risk. With a twenty five year track record of converting operational challenges for customers into strong competitive advantages, we are well positioned to capitalize on these evolving market opportunities. In Q2, this success was demonstrated by the number of customers spending $500,000 or more, growing 7% from a year ago to two twelve.

It was also evidenced by notable industry endorsements in the market we helped pioneer. Qualysys VMDR with TruRisk and Total Cloud were voted the best vulnerability and cloud Security Posture Management Solution, respectively, at the twenty twenty four SC Awards in Europe. IDC named Qualys as a major player in CNAP, and Kuppinger Co. Recognized Qualys as a leader in CNAP and a market leader in attack surface management. Let me share a couple of recent wins, which illustrate these accolades and reflect why companies ready to centralize their response to cyber risk are turning to Qualys to help unify their security tools, quantify and remediate risk in their environments, and achieve better security outcomes.

First, a global fintech company determined that managing siloed tools added complexity to their operations lacked integration and missed detections, which hindered their ability to assess risk and centralize remediation. This customer chose Qualys to transform siloed risk signals spanning code repositories, endpoints, identity, cloud, container IT, and network assets into a cohesive real time risk management solution by consolidating Qualys and non Qualys data. This included purchasing seven Qualys modules, including ETM, to begin operationalizing their risk operations center with ingested data from CrowdStrike BitSight and WIS, resulting in a 7 figure annual bookings deal. By consolidating these data sources into the Qualys platform, we are now delivering this customer a vendor agnostic orchestration layer with full visibility of their attack surface, centralized risk assessment, quantification, prioritization, and remediation, while unleashing the operational efficiencies of security stack consolidation aligned with acceptable risk parameters for the business. Another marquee win was a large federal government agency previously using multiple legacy and next gen solutions to manage a variety of risk management use cases across their IT security and DevOps teams.

In addition to the complexity of using multiple points products, this government agency was frustrated with increasing costs associated with outdated on prem deployments from last several years. Looking to migrate to a cloud native solution that meets the CISA binding operational directives, they are now in the process of replacing two of the existing vendors in a high 6 figure annual booking deployment using 10 Qualys modules, including cybersecurity asset management, VMDR, patch management, and Total Cloud. Through this highly strategic and competitive win, the customer is now able to leverage unified dashboards across nearly a dozen separate bureaus that provide them a greater insight and automation that can that any of the competitive products that they had evaluated while taking full advantage of the speed and scale of the integrated platform. With out of the box support for CDM within the CISA framework, we are now working towards a phase two agency wide rollout of their cybersecurity asset management solution, representing a significant upsell opportunity for us. Beyond this win, we are pleased to announce has recently received agency authorization for FedRAMP High.

With this authorization, Qualys is the only FedRAMP High platform offering inventory vulnerability management, patch management, CSPM, container security, and EDR in a single unified workflow across hybrid environments. As government agencies increasingly transition workloads from on prem environments to the cloud, the achievement marks a significant milestone and establishes Qualys as the only modern alternative to legacy scanners for federal, state, and local agencies. Our authorization consolidated platform and continued investment in public sector expansion underscores our commitment to this market and positions Qualys well to drive long term incremental growth. That momentum was on full display at our second annual public sector risk conference, Cyber Risk Conference, in May, where we were especially encouraged by the strong turnout and positive feedback to the concept of a risk operation center to bring efficiency to government agencies instead of playing risk whack a mole with multiple silo legacy solutions. Investing in our partner’s ecosystem remains a key pillar of our growth agenda.

Through our strategic technical alliances program, we are driving deep technology integrations, wholesaling opportunities, and demand generation programs. We believe this expanding ecosystem bolsters our capacity, harnesses transformative solution sales, and brings new business to Qualys. Additionally, we have advanced our global ROC ecosystem by certifying three new strategic MROC partners who wanted to partner with Qualys to bring the rock to their customer base. With growing channel momentum and a growing pipeline of fresh new AMROC services being offered to customers, we look forward to sharing some exciting new wins in the upcoming quarters. With more and more customers and partners beginning to perceive Qualys as a leading pre breach risk mitigation management platform that consolidates and orchestrates multiple security solutions and workflows, I am pleased to announce May Mitchell as our newly appointed CMO.

Pipeline creation, growing modular adoption, winning new business, and evangelizing the AI native ROC are key priorities. With Mae at the helm and her long experience in cybersecurity, we are intensifying our marketing activities and increasing focus on ramping top of the funnel initiatives, and enhancing brand awareness to help drive adoption of the Qualys platform to new heights. To further accelerate awareness and unleash new Qualys capabilities for customers, I’m also pleased to announce the launch of our Qualys platform pricing model, where we enable customers to purchase Qualys units, QLUs, providing access to the entire platform and flexibly utilizing Qualys modules of their choice over the course of their subscription term. Instead of purchasing Qualus modules individually, organizations now adopt the products they need today and in the future through a frictionless process design to flexibly replace existing technologies and seamlessly switch between Qualus modules. Customers are expressing strong enthusiasm for this new pricing model, and we believe it will further enhance long term customer loyalty and drive larger lands, reduce cost, and bolster cyber resilience over time with more customers adopting more Qualys solutions faster.

In summary, Qualys is well armed with fresh new capabilities and new agency authorized FedRAMP high solution for government wide use, strong channel momentum, and flexible platform pricing to help customers unify pre breach risk management workflows, reduce cost, and address today’s toughest security challenges. With trusted innovation and early rock adoption, we’re strengthening our position as the partner of choice for customers ready to centralize their response to cyber risk, and believe we have poised to outpace our competitors, extend our thought leadership, and build upon an already strong foundation to drive durable long term growth in the business. With that, I will turn the call over to Jume to further discuss our second quarter results and outlook for the third quarter and full year 2025.

Jimmy Kim, CFO, Qualys: Thanks, Hamed, and good afternoon. Before I start, I’d like to note that except for revenue, all financial figures are non GAAP, and growth rates are based on comparison to the prior year period unless stated otherwise. Turning to second quarter results. Revenues grew 10% to 164,100,000.0 The channel continued to increase its contribution, making up 49% of total revenues compared to 46% a year ago. Revenues from channel partners grew 17%, outpacing direct, which grew 4%.

As a result of our strategic emphasis on leveraging our partner ecosystem to drive growth, we expect this trend to continue. By geo, 15% growth outside The U. S. Was ahead of our domestic business, which grew by 7%. US and international revenue mix was 5743%, respectively.

In Q2, despite ongoing macroeconomic uncertainty, our growth retention rate and upsell execution improved with our net dollar expansion rate of 104%, up from 103% last quarter. In terms of product contribution to bookings, patch management and cybersecurity asset management combined made up 16% of total bookings and 26% of new bookings on an LTM basis. Our cloud security solutions, Total Cloud SINA, made up 5% of LTM bookings. Turning to profitability. Adjusted EBITDA for the 2025 was $73,400,000 representing a 45% margin compared to a 47% margin a year ago.

Operating expenses in Q2 increased by 15% to $67,700,000 driven by investments in sales and marketing and R and D. Demonstrating our ability to innovate and invest in our long term growth initiatives while remaining capital efficient, EPS for the 2025 grew 11% to 1.68. Our free cash flow was 32,400,000 representing a 20% margin compared to 33% in the prior year due to fluctuations in working capital. Normalizing for this, first half twenty twenty five margin was 43% compared to 45% in the prior year. In Q2, we continued to invest the cash we generated from operations back into Qualys, including $1,300,000 in capital expenditures and $49,200,000 to repurchase 375,000 of our outstanding shares.

Since commencing our share repurchase program in February 2018, we’ve repurchased 10,000,000 shares and returned over $1,100,000,000 in cash to shareholders. As of the end of the quarter, we had 254,600,000.0 remaining in our share repurchase program. With that, let us turn to guidance, starting with revenue. For the full year 2025, we expect revenues to be in the range of $656,000,000 to $662,000,000 which represents a growth rate of 8% to 9%. This compares to prior guidance of $648,000,000 to $657,000,000 For the 2025, we expect revenues to be in the range of 164,500,000.0 to $167,500,000 representing a growth rate of 7% to 9%.

While we believe our platform approach to cyber risk management provides some insulation amidst macro volatility, this guidance assumes continued budget scrutiny and a challenging environment for new business growth in 2025. Shifting to profitability guidance. For the full year 2025, we expect an EBITDA margin in the range of low to mid-40s, applying a 15% to 17% increase in operating expenses and a free cash flow margin in the mid-30s. We expect full year EPS to be in the range of $6.2 to $6.5 up from the prior range of $6 to 6.3 For the 2025, we expect EPS to be in the range of 1.5 to 1.6. Our planned capital expenditures in 2025 are expected to be in the range of 7,000,000 to $9,000,000 and for the 2025 in the range of 1,000,000 to $3,000,000 We continue to believe organizations will increasingly adopt cloud native, full stack security and compliance coverage to meet the demands of today’s threat landscape and reduce costs.

As the impact of the macro economy unfolds, we are closely monitoring the business environment. We’ll continue to adjust our priorities accordingly. That said, considering the long term growth opportunities ahead of us, and our industry leading margins implying further room for investment, we intend to continue to responsibly align our product and marketing investments to focus on high impact initiatives aimed at driving more pipeline, accelerating our partner program, and expanding our federal vertical. As a percentage of revenues, we expect to prioritize increased investments in sales and marketing and engineering, with a more modest increase in G and A, consistent with our commitment to balance long term growth and profitability. With that, Sumit and I would be happy to answer any of your questions.

Thank you.

Conference Operator: And the first question comes from Jonathan Ho with William Blair. Sir, your line is open.

Blair King, Investor Relations, Qualys: Hi, good afternoon and congratulations on the strong results. I wanted to maybe start out with the macro environment and, you know, get a sense from you of what some of the puts and takes are out there, and especially, you know, relative to your ability to raise guidance, you know, how we should think about, you know, sort of the conservatism that’s baked in.

Sumit Dakar, President and CEO, Qualys: I think at a high level, as Jume mentioned, right, the environment is kind of stable right now, but it continues to be challenging, so deal scrutiny is there. I think customers are overall just a little bit more wait and watch to see how the impact of some of the current conditions is gonna be on their spend through the rest of the year. And so we’re just being, you know, factoring that in right now in the way that we are thinking, we’re not assuming anything, you know, getting better from an environment perspective. So it’s more, you know, assuming that it’s going to continue kind of as is.

Jimmy Kim, CFO, Qualys: Yeah, and, you know, from our perspective in Q2, we did see slight improvement in the net dollar expansion rate, moving up to 104%. We’ve been at 103 for several quarters in a row, and our low was at 102% a year ago. And so we are optimistic that we were able to make an improvement from both a growth retention as well as upsell perspective this quarter, which kind of indicates that the market and the selling environment is actually not worsening. We see an opportunity to upsell more of our newer products, have more conversations with our customers. And although the new business continues to be challenging and we expect that to continue throughout 2025, we do see some upside when it comes to expand with our existing customers.

Blair King, Investor Relations, Qualys: Excellent. And just in terms of a follow-up, can you help us understand how maybe the mRoc messaging has been performing? Just given the challenges of selling sort of new platforms in the environment, what’s maybe resonating the most with customers and causing them to choose to go in the MROC direction? Thank you.

Sumit Dakar, President and CEO, Qualys: That’s a great question. Know, I think a lot of partners are providing sort of, you know, SOCMDR services. It’s a bit of a saturated market, and for them, this threat detection after a breach has happened is what they’re focused on. And so what partners are excited about is being able to go back to those partners who have a SOC, to those customers who have a SOC and being able to position a new solution and new services, which is proactively managing your risk and helping prevent. A lot of them sort of provide a, you know, some managed vulnerability service here or there, but there is no, and then there is cloud, and then there is identity, and so when you look at risk management, there is sort of no easy holistic service that a lot of them are offering, and so what MROC does is part of the managed risk operation center concept, they can go to the customers that have SOC and say, hey, we now have a new capability that you can upsell to, which allows you to implement a similarly operationalized risk operation center environment built on the Qualys platform, and it does not require them to switch out solutions that they are potentially using for cloud security for identity, that this is something that can be built on top of that.

And so they’re excited about that because this is, this allows them to create services and services revenue is very interesting for them, rather than just a few points here or there on the price of the individual SKU. And so in some cases, again, potentially add $5 of service to a dollar of ETM that they could sell as a representative example, right? And so that is where we are seeing these partners are excited. Of course, they have to build out new services and they have to build out new practices to be able to do that. But the excitement of being one of the few Emerock partners that actually is able to offer this service is very interesting for them because that differentiates them from the other 200 players that are only offering MDR.

Analyst: Thank you.

Conference Operator: And our next question will come from Roger Boyd with UBS. Your line is open.

Roger Boyd, Analyst, UBS: Great. Thanks for taking the questions. Jimmy, I was wondering if you could just help us kind of bridge the gap between revenue and billings growth. I know that’s not a metric you guide to, but you’ve previously given some directional color about the growth of those two numbers being in the same ballpark. Just trying to get a sense of the difference there, what you’re seeing from a billings front, anything to be mindful of around deal timing given RPO bookings look, I think, pretty strong this quarter.

Anything else to be mindful there, FX or anything else would be great? Thanks.

Jimmy Kim, CFO, Qualys: Yes. So revenue I would say that current billings on an LTM basis could be indicative of the bookings performance, which is more of a leading indicator. So I understand the focus on the current billings. At the beginning of the year, what I had kind of given an indication for, for current billings at around like 6% to 8% in line with the revenue growth guidance, 6% to 8% at the beginning of the year.

For current billings, would say that still remains true. Probably the best indicator or guidance I can give at this time. Now on the revenue side, you could see that we’ve outperformed, booking 10% growth rate for Q1 and Q2, guiding to 7% to 9% for Q3. And so, what that implies is current billings going up from 7% to 8%, 7% in Q1. Q2 looks like we closed it at 8%.

But in the second half, because of the tougher comparison relative to second half of last year, we are anticipating it to kind of come down to land around 6% to 8% for the full year for current billings.

Roger Boyd, Analyst, UBS: Got it. That’s helpful. And then just as a follow-up, Sumit, nice to see FedRAMP high. Just any insight into kind of your expectations for the federal vertical in 3Q? My gut assumption is that it’s probably difficult to think that can be super impactful in the next quarter, but would love to get kind of your your view on on the opportunity there.

Thanks.

Sumit Dakar, President and CEO, Qualys: Yeah. For sure. Right? I think expecting any federal movement happening within a few weeks of us getting the FedRAMP high would be a little bit too much expectation, but I think so see for us, this has been a long term focus and investment that we have been making and and as anybody who goes for FedRAMP and FedRAMP high will tell you this is significant investment to really get there. And so we’re super excited to now have that FedRAMP High platform that, you know, does vulnerability management, patch management, and cloud security.

And so that really is going to open us up opportunities. Obviously, now you kind of have a mixed bag with some folks kind of waiting to see how things progress with the cost reduction. Others are seeing this as an opportunity to change out their incumbent vendors to new solutions. And so FedRAMP High coming at this time bodes well in my mind for opportunities that will get created over the next few quarters, because now we could go and, you know, we could basically showcase that we are the modern solution that is FedRAMP High, and so as they are looking for efficiency in moving out of legacy on prem solutions, you know, their options are non FedRAMP high solution in the cloud, or a FedRAMP high solution with Qualys. And so I think that is an advantage in my opinion for us, and we look forward to, you know, leveraging that.

I’m also looking forward to a lot of other commercial companies that actually are FedRAMP High or looking to get FedRAMP High, need a FedRAMP High solution, and you have a lot of big companies who are looking for that. And so that puts us in an interesting opportunity, again, where it’s not just the government agencies themselves, but we can also see potential pipeline buildup from commercial entities that are currently in the process of trying to go FedRAMP High or FedRAMP High and want to switch to a solution that is also FedRAMP High because there currently is no other solution that can do like FedRAMP High Patch Management as an example, right? So I don’t really expect anything immediately in this quarter, but I think with the momentum that we’re seeing our investment in the federal side of the conference that we did, and now getting FedRAMP high, I think this is a key for us, as I have mentioned the last few quarters as well that federal over the next couple of years can be an important area of growth for us.

Analyst: Very good. Thank you both. And

Conference Operator: our next question will come from Kingsley Crane with Canaccord. Your line is open.

Kingsley Crane, Analyst, Canaccord: Hey, thank you. Echo congrats on a really strong quarter. Nice to hear about Qualys Flex pricing. I think this has been something you’ve been considering for a while. I want to hear more about what kinds of impacts we could expect as a result, like, larger commitments, and just wanna clarify if any of the large deals in the quarter were flex pricing.

Thanks.

Sumit Dakar, President and CEO, Qualys: So it’s early days right now. What the feedback that we have gotten has been very positive. Right? So we wanna get this out, that we wanna get some of these deals closed, but overall, you know, today if a customer buys VMDR, then they are interested in trying patch management, like that’s a whole process that they have to go through to buy that additional SKU. And so as we move into this QLU pricing, it essentially, if they buy any number of QLU pricing, it gives them access to all Qualys modules, right?

They have access to it, of course, if they wanna use it, they have to buy additional units to be able to leverage those. And so for somebody who’s maybe focusing on vulnerability management, they want to try patch management, they can just do that now with the flex pricing, you know, without really having to go and get a whole new SKU purchased, etcetera. So that is where it’s exciting for them, is that they can look at the utilization, they can try new capabilities, and then as they like those capabilities that they can actually buy more units to be able to use those capabilities at scale. And that’s really where we see the opportunity. And so we are looking forward to seeing the kind of uplift that we can get, because that can get a customer interested in buying a fewer additional units, so that they can leverage broader platform capabilities, right, as they do the purchase.

So that’s the hypothesis and the way we are seeing the early conversations with customers, but do we still need to get a few of those deals closed and then we’ll give updates as we see the progress happening, but it is definitely something that we see as a key aspect over the next year or two for us to push forward so that we can create upsells. And also for net new customers, as we’re seeing net new customers also coming in, buying multiple modules upfront, as you can see, you know, cybersecurity asset management patch management already 26% of bookings for net new customers. Like, that will give them opportunity to leverage newer capabilities and more capabilities, which then allows them to potentially buy more units as they roll that out.

Kingsley Crane, Analyst, Canaccord: Great. Yeah. I I mean, the models it’s great for customers and good for you. And so for Jimmy so you just brought on May Mitchell, and we’re talking about, you know, investing in more key marketing initiatives. Of course, we’ve had some pretty significant earnings upticks over the past two quarters on the guide.

So, I mean, should we expect that some of these are really gonna be more of a focus in fiscal twenty six?

Jimmy Kim, CFO, Qualys: I would say that we’re ready to get started because we’ve we’ve kind of built the momentum. Because if you take a look at our sales and marketing for the first half of this year, it’s grown by 15% year over year nicely. And then even on the R and D front, we grew it by 8% in Q1. We ramped that up to 15% because R and D also included product management. And so the entire JTM team has been working very closely together to make sure that we work on the value proposition, how we’re positioning our product to not just our sales reps, but more importantly partner first approach.

So we are really working with the entire team including the engineers to make sure that are we working on the right product enhancements, are we messaging it correctly, and then really focus on partner marketing front. And so we do anticipate that increase in sales and marketing investments up from the 15% level that we saw in Q2, and then same thing on the R and D side.

Kingsley Crane, Analyst, Canaccord: Really helpful. Thank you.

Conference Operator: And the next question will come from Rudy Kessinger with D. A. Davidson. Your line is open.

Analyst: Great. Thanks for taking my questions. Revenue Jimmy, the revenue outperformance historically has been pretty minimal on your quarters. Last four quarters now you’ve beaten on revenue by about 2%. Is there any more color you can add to that?

Just what’s driving that relative to your guidance? Have you guys just adopted a more conservative guidance framework in general? Is because of the macro conservatism or any professional services revenue potentially driving that upside?

Jimmy Kim, CFO, Qualys: Yeah. It it’s not professional services, but it definitely had to do with the fact that when we first guided to revenue at the beginning of the year, there was a good amount of uncertainty in the business with respect to macro as well as if you’re taking a look at our current billings, kind of the trajectory of historical performance and with our revenue coming down, we wanted to make sure that if I’m looking at a potential range of outcomes for the business, given that we are pivoting significantly into ATM, a new platform play, introducing new products, the difficulty that we’ve had with expanding the spend with our existing customers, we were looking at a more conservative scenario. And it could have gone that way, but thankfully as you see by your performance, we’ve done really well in the first half. I think the team has worked really hard to make sure that we’re making up for kind of all the underperformance if you will, like that we saw at the end of last year. With our CMO in place and we’re continuing to look for our new CRO, we are hoping that we will continue to make good progress on this going forward to the 2025 and hopefully we’ll be able to make some meaningful improvements in 2026.

Analyst: Okay, that’s helpful. And then on current calculated billings, TTM current calculated billings, it sounds like you guys are still expecting 6% to 8% this year. What would be the drivers of upside to that figure? And irrespective of where it lands, should we still look at TTM billings, you know, as the the go forward indicator of next twelve months revenue growth as we exit this year and go into ’26?

Jimmy Kim, CFO, Qualys: Yes. I think that would be the the best proxy at this point if you’re thinking about 2026 revenue. But on current billings, would say that a higher probability of us outperforming with our existing customers given our newer products? Like, for example, our net dollar expansion rate did increase to 104%, up from 103. If you were to call out two areas where the additional growth could come from new land versus existing customers, I would say the latter.

Analyst: That’s helpful. Congrats again on a good quarter.

Jimmy Kim, CFO, Qualys: Thank you.

Conference Operator: And the next question comes from Trevor Walsh with Citizens. Your line is open.

Trevor Walsh, Analyst, Citizens: Great. Hey, team. Thanks for taking my questions. Samed, maybe to start with you. Great to see the product development that you’re working on as far as AI agents in the marketplace and kind of all the ways in which that I guess, boost the platform.

There’s been a lot of activity in that space, I guess, security, just generally kind of M and A wise this week, given Black Hat and others. Just curious kind of what your overall take is on that space, given some of that, those announcements and just as a product person yourself, how you feel about building versus buying there. And if this is somehow different in the space, the pace at which these some of these tools are kind of moving and growing that that might get you off the fence to to do something around the the same lines or if it’s more thinking you can do it kinda organically internally.

Sumit Dakar, President and CEO, Qualys: Yeah. Thank you for that question. I I was like, with four questions in and nobody’s asked about AI. I’m so excited about it, but it’s it’s super exciting, right, if you if you get a chance to really go through that. I think the way we have positioned and and created this capability is really bridging that gap between, you know, like, the agentic AI being some piece of code somewhere versus sort having a marketplace where you feel like you’re actually able to, you know, hire a Patch Tuesday expert who knows absolutely end to end how to coordinate scans, to coordinate assessment, how to coordinate prioritization, how to coordinate reputation, and who gets all of that thing done all in one, and they know they have a name, they have a persona, you can rate them, and so that’s been super exciting for us, and we have been really able to get that.

We’ve been working on it for a few months, but of the things that happening in AI in general is the advancement of technology is happening at a rapid pace, right? And not to get too much into the depth of it, but if you look at like Rag came out a year or so ago, and now what we are leveraging in big ways, MCP protocol, right, like the model context protocol. And so MCP allows customers to much more rapidly take their existing solutions and use them with overall AI agents, because they add a layer of context on top of their existing APIs and existing databases and existing data source, right? And so that allows us to do this much, much quicker than what we have. And so I think AI security is following that same that as AI concepts and AI protocols are evolving so fast, people are also trying to figure out, well, what does that mean, right, if we were looking at rack security, where you were bringing all of your data into one single vector database, maybe a few months ago, suddenly you have MCP, which is sort of bringing a new layer.

Now bringing the new layer of MCP doesn’t mean that your existing data store and all of that does not have to have the traditional security, it still needs to have the security that you need to. And so what our team is doing is really rapidly tracking sort of these enhancements and new capabilities that are coming out in AI and responding accordingly, and that’s where we came up with Total AI a few months ago when people were running LLMs in their own environment, and now we’re seeing LLMs being run at least the foundational LLMs being leveraged by from Red Rock as a service, and so we’re pivoting quickly to provide capabilities around MCP protocol, MCP discovery, and MCP mapping, as well as MCP authentication authorization capabilities. So I think there’s always opportunities for us to look at some players that are upcoming, but it’s just so dynamic right now that we also want to wait and watch as we develop our own solutions to see which direction is going to be the stable direction for some of these AI capabilities to go.

Trevor Walsh, Analyst, Citizens: That makes total sense. Maybe a quick follow-up for you, Jimmy. Just more of a clarification. Now that you have the FedRAMP high in place, I know that some of the investments in the past around sales marketing were to build out the public sector team. So do you feel like those investments now are just kind of waiting to deliver on the ROI of those or will there still be as part of that increased spend you noted going forward kind of public sector pieces or elements to that?

Thanks.

Jimmy Kim, CFO, Qualys: There are definitely pieces just because we are making sure that all the investments that we made to achieve FedRAMP High have already been made. With that said, there’s maintenance and there’s also GTM efforts, Marketing efforts to make sure that we just opened up the DC office, to make sure our customers know that we have a presence in DC. And so we’ll be working very closely with our marketing team to make sure that we have all the opportunities out there. I think that from a meaningful booking perspective it won’t happen until next year. But we’ve been ready.

I think it’s just about execution at this point.

Trevor Walsh, Analyst, Citizens: Great. Thanks both for the questions.

Conference Operator: And the next question comes from Patrick Colville with Scotiabank. Your line is open.

Joe Vandrick, Analyst, Scotiabank: Hi, this is Joe Vandrick on for Patrick Colville. Sumed, that global fintech win you highlighted is a great example of consolidation on the platform. So how often are your conversations turning into multi product platform deals versus customers just buying a module to solve the specific pain point?

Sumit Dakar, President and CEO, Qualys: You know, the the way the space is evolving is very interesting. Right? There are opportunities for consolidation with, in certain areas with the vendor, and you see that happening with CNAP, where in the past it used to be multiple cloud security solutions are kind of going under one umbrella, but we also see that customers are not necessarily looking back to have every single capability from the same vendor, so there are areas and vendors that they trust for certain use cases, and they want to stick with those vendors. And so what we see when we are talking to customers is a combination of in areas where they are like, hey, look, wanna consolidate vulnerability and patching and some of those cloud things with you, but, you know, for identity, I still wanna continue to use Okta, and for EDR, I’m still using CrowdStrike, and I wanna use security score for for third party management. And so that’s kinda where and that deal that I highlighted was great because we saw a bunch of modules they took from Qualys, but then they also took the ETM module, which allowed them to bring third party data from their existing solutions to consolidate into a single fabric, to get a single view of their risk.

And so that’s what we are excited about is, like, while it’s early days, if the customer wants to consolidate certain capabilities, we have a bunch of those modules, and in the cases where they don’t necessarily want to consolidate right now, we don’t have to walk away. We still have a ETM solution that they can purchase to take the data from the existing modules, and actually provide better value of their investment in some of these third parties. And in one of the conferences in DC, I showcased this sort of a funnel view where we took 65,000,000 findings across Waze, CrowdStrike, Qualys, Security Scorecard, and after we applied the risk operation center paradigms, threat detection, and business context, it went from 65,000,000 overall findings to 2,000,000 that actually mattered, and then after we applied the business context, this went down to 300,000 that actually were adding business risk to the customer, and that kind of an outcome from a risk operation center really was exciting for them, so they could get the value without having to do a vendor replacement and going through that process. They could, you know, combine Qualys modules with third party data and get real meaningful outcome and value for their board.

Joe Vandrick, Analyst, Scotiabank: Thanks. That’s helpful. And then maybe one for to me. And you guys mentioned an improvement in gross retention and net retention. So I’m wondering if you attribute that mostly to the macro environment or or is that driven by improved execution or or maybe a little bit of both?

Jimmy Kim, CFO, Qualys: I would say it’s it’s hard to parse it, but it’s probably a little bit of both because if you’re talking about our net dollar expansion increasing this quarter relative to last quarter, it’s a cohort of customers that were up for renewal in this quarter. And from the discussions that we were having, it’s not just that we start today. We typically start discussions like throughout the entire year, like definitely at least a quarter before the intended renewal date. And what we’ve seen is I think that there’s less of a macro headwind today than we saw definitely at the beginning of the year. So with our continued execution, continue having multiple discussions of our new products and the value prop, and how we’re evolving as a company, and how our product suites that, it makes sense for them, especially with what’s upcoming with the new pricing model, it’s really resonating with our existing customers.

Joe Vandrick, Analyst, Scotiabank: Got it. Thanks so much.

Conference Operator: And our next question will come from Joshua Tilton with Wolfe Research. Your line is open.

Joshua Tilton, Analyst, Wolfe Research: Hey guys, thanks for taking my questions. Two for me. The first one is, Sumit, unless I misheard you, I think you spoke to some channel initiatives that you expect to drive some large deals in the second half. Is there anything you can elaborate on those large deals? Is it new customers?

Is it existing customers expanding? And more importantly, are these deals baked into your revenue outlook in your 6% to 8% billings growth expectation for the full year? And then again, I have a follow-up.

Sumit Dakar, President and CEO, Qualys: Yeah. No specific deals. What I talked about strategically is is the risk operation center concept is resonating well with the CSOs of the the partners’ customers, and they are working with us to get the MROC certifications and then MROC services deployed in our catalog, and for them to be able to sell those. And what we are seeing is the conversations are driving their customers to look at consolidation of certain areas, as well as purchasing Qualys licenses on top of their existing solutions as well, and so we are looking forward to working with them for new business deals and taking some of our existing direct customers as we work with them to see if they have the right contacts that we can upsell to additional capabilities, but nothing specific at this point that we are, you know, talking about or baking in anything additional as part of that. And this is a more of a initiative and we are looking forward for our partners to start to help us build that pipeline, which obviously is going to take some time and closing their pipeline will take some more time.

Joshua Tilton, Analyst, Wolfe Research: Super helpful. And then maybe my second one is just more of a clarification, just a follow-up to Kingsley’s question. New CMO, lots of exciting product announcements. It sounds like you guys are going to invest behind this to drive some additional growth. Are the investments that you plan to execute, are they fully baked into the second half?

Or is this should we start to see these investments ramping next year?

Jimmy Kim, CFO, Qualys: Right now, we are starting the 2026 budget and planning cycle, but what we’re planning to is what we had planned at the beginning of this year. So it’s fully baked into the guidance. And the way we’re seeing kind of the traction and the increase in investment quarter over quarter is we saw some nice improvement with respect to investments in product management as well as sales and marketing, we do see more room for us to take advantage of the current opportunities ahead with the newer employees in SEED. And so we plan to continue to invest and hence we were guiding to the 15% to 17% increase in OpEx growth.

Blair King, Investor Relations, Qualys: Okay. Super helpful. Thanks for clarifying. Appreciate it, guys.

Jimmy Kim, CFO, Qualys: Thank you. And

Conference Operator: the next question comes from Shrinik Kothari with Baird. Your line is open.

Blair King, Investor Relations, Qualys0: Hey, thanks for taking my question and congrats on the great results. Soumit, you mentioned, of course, identity become the leading vector and the new periphery and now with the formal introduction of ISPM, which, of course, potentially seems like can be an anchor for broader zero trust, SideRock, Amrock. And and so just curious, what advantages do you think Qualys brings to identity risk that allows you to compete here natively against other players, and and what monetization potential do you see in in identity risk management controls? And I had a quick follow-up.

Sumit Dakar, President and CEO, Qualys: Look, a lot of value that we add is our deep understanding in how attacks work and how vulnerabilities and escalation of privileges are tied to identities. And so for a while, we have focused on hosts and assets and servers and containers, you know, and the second part of that is the posture view of the identity and how that creates a combination that can add additional risk, right? So a particular asset with a particular vulnerability, if it also has a identity that has certain issues, now the risk is compounded as an example, right? And so the main differentiator that we bring is not necessarily that we are going to be the identity service provider or anything like that, but pulling in the identity posture view into the risk operation center, tying that identity view with the the risk that we see coming from the infrastructure, the risk that we see coming from third party integrations, and the risk that we see coming from any of the other sources, like misconfigurations, cloud, etcetera. How do we bring a more holistic view of that identity and as it ties to the assets themselves, and as it ties to the customers’ vendors, and how does that create a compound risk is really our main focus.

And so it’s not necessarily for that we are, you know, going to, looking to replace some of the provider that they might have for identity, it is more how do we integrate with the provider that they have for identities, and then provide them a better view of the risk, which is not siloed only for identity, but it’s actually a combined view of the identity and the the asset together with the context of the threat actors who are utilizing that. That’s that’s really the focus.

Blair King, Investor Relations, Qualys0: Super helpful. Thanks for that color, Sumedh. And quick follow-up for for Jimmy. So net dollar retention picked up. Just looking out and and looking forward, I know, Jimmy had talked about potential sort of floor, around 103.

How how much headroom do you see just looking at, I know it’s backward looking, but at the pipeline trans conversions for the NDR and just from the ROC adoption, from the pricing model shift, just deeper sort of multimodal attaches with to the platform model here? Just curious how we’re thinking about going forward.

Jimmy Kim, CFO, Qualys: I do see an upside there because if you take a look at our low, it was at 102% a year ago and when we were hoping that would be the trough. And since then we’ve been kind of holding steady at 103. We did increase to 104%. Now if you were looking at our historical net dollar expansion rate in the most recent year, the highest we’ve seen was at 111% a few years back. And so given the raw, given the flex pricing, given our newer products that we’ve just launched, I do anticipate that to continue to tick up.

Not consistently though, I’m not calling that. I think that for this year, I’m just assuming that no new meaningful improvement in net dollar expansion rate in the current guide. But with that said, that is something that we will be taking a look at very closely for next year’s guidance.

Blair King, Investor Relations, Qualys0: Got it. Very helpful. Thanks, Julie. The

Conference Operator: next question will come from Mike Sykos with Needham. Your line is open.

Blair King, Investor Relations, Qualys1: Hey guys, thanks for taking the question here. I just wanted to cycle back to the improved commentary we’re hearing today on upsell activity. Is there a way for you guys to parse out, I know if I go back to Q1 towards the end of the quarter, we saw customers look to delay or weaker upsell activities than what was initially expected. How many of those customers came back to the table? Did all of them come back in during this June quarter?

And was there a catch up, so to speak, when we think about the results we have here today?

Jimmy Kim, CFO, Qualys: No. It doesn’t quite work like that for us. Typically, what happens is there’s a cohort of customers that are up for renewal because majority of our deals are one year renewals. So if you think about the customers that were up for renewal in Q1, what we would be talking to them about is a renewal set of products and a dollar amount, and then plus the upsell side. Like let’s say you were spending $100,000 with us and you had 10% increase in budget, how would you like to allocate that?

Would you like to purchase more of existing products, let’s say VMDR? Would you like to try out newer products that you hadn’t had before for patch management as an example? So we will be having those discussions with those cohort of customers up for renewal in that quarter. And typically we would follow-up with them, but it’s not a meaningful percentage of customers who come back the quarter after to say all of a sudden they have increase in budget and they’d like to do a second upsell. So what you’re seeing for Q2 is really the score of customers that are up for renewal in Q2.

Blair King, Investor Relations, Qualys1: Okay. And then improved 2Q upsell activity then was that in any way a reflection of the macro? Or what did you guys do from an internal process standpoint to drive that behavior, whether it was from partners or direct?

Jimmy Kim, CFO, Qualys: Majority of our discussions currently are focused on partners. I would say that it applies still more to new land with existing customers. It’s working very closely with partners as well as our existing GTM team to make sure that we’re having the right conversations with the right set of customers. I think that it’s not necessarily due to one versus another. I think the macro from our perspective definitely hasn’t worsened.

I think there weren’t any surprises in the quarter when you’re looking at external factors. We are getting better in terms of making sure that how we’re communicating with our existing customers, how they should be thinking about Qualys products and adopting newer products, as well as utilizing their existing subscription, we’ve been getting better at it. And so I think all of it kind of contributed to the slight uptick in the net dollar expansion rate.

Blair King, Investor Relations, Qualys1: Terrific, thank you.

Conference Operator: Okay, and our next question will come from Brian Essex with JPMorgan. Your line is open.

Analyst: Hi, good afternoon. Thank you for taking the question. Yes, two for me. I guess one, Samed, I think you alluded to maybe making some progress on the Chief Revenue Officer front. It’s great to see the addition of May to the team.

Just wondering what your timeline might be around that and how that might impact some of the, you know, go to market and issues you might have.

Sumit Dakar, President and CEO, Qualys: Yeah. As soon as I find the perfect one. I think my focus was the last few months to really, you know, make sure we get the marketing team in shape because I think for us, it’s really the messaging around risk operation center is key for us to grow in the future. Like I said, we have a pretty good team under that from a sales perspective that’s been working well as you’re seeing improving our performance and we look forward to, you know, as we continue to talk and interview people. I think we don’t have a timeline right now, I’m honestly just looking to find the right fit for us as we move more of a partner led approach, so we need a CRO that’s gonna be focusing more on partners other than building a direct sales force, etcetera.

And I think from that perspective, it’s not that necessarily we’re holding back too much on the, like, you know, we are continuing to invest in the business. And of course, when we have a new CRO, we will work through and figure out kind of what the strategy change, if anything is needed, where that falls, and then any investment changes will follow according to that. Jimmy, I don’t know you want

Analyst: Got it. Super helpful. And maybe a quick housekeeping question for Jimmy. FX really moving around a lot Just wondering what the impact was, I guess, both on the revenue side and then on the cost side of the business as you see it and what we should expect.

Should we see the same, I guess, devaluation of the dollar towards the back half of the year?

Jimmy Kim, CFO, Qualys: Yeah. For us on both fronts, whether you’re looking at the top line or the expense line, it wasn’t material for us just because we do hedge both. So what we’ll do is we are monitoring it. When it becomes meaningful, we will call it out.

Analyst: Got it. Helpful. Thank you.

Conference Operator: And the next question will come from Rob Owens with Piper Sandler. Your line is open.

Trevor Walsh, Analyst, Citizens: This is Aiden on for Rob Owens. Thank you for taking my question. You touched on this a bit earlier, but can you speak to how channel and customer education efforts with the newer products and partners have tracked all these expectations? And what are some of the hurdles that may still exist there with newer solutions and AI advancements? Thank you.

Sumit Dakar, President and CEO, Qualys: Well, I think with the response has been great at one of the key change strategy changes we made from a you know, getting this information out to customer perspectives. Last year, we hired Rich Sireson as the chief risk technology officer. He’s author of the book, How to Measure Entity in Cybersecurity, and that has led to a lot of CISO workshops around board report risk reporting, and this has really been very helpful for us for top of the funnel activities. We’re getting a lot of direct CISO conversations and they are hearing about the conversation of the risk operation center. We’re doing these workshops along with partners in many countries where the partner will bring their customers and you know Rich will go and talk and so I think those are all positive indicators, that the concept of a rock is new, and they may not have budgeted for it, and so typically once they come, they like the idea, they want to talk to the board, we work with them, you know, then that goes into a demo, that goes into a POC, and then that helps them sort of figure out, okay, I hadn’t budgeted for this this year, how can I work on getting a budget that then I can get done, you know, purchased the following year?

So that’s sort of where we’re at in the journey. Super excited about the engagement we’re seeing at the top and happy with the conversions we’re seeing right now as well. And we have good things in the hopper, and so now it’s about how do we get those closed. I think getting this out to the right people is something I think we’re doing well. I think now it’s about how do we scale that and how do we get more people to close those deals.

Kingsley Crane, Analyst, Canaccord: Thank you.

Conference Operator: There are no further questions at this time. This will conclude today’s conference call. Thank you for your participation and you may now disconnect.

This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.