Earnings call transcript: Varonis Systems beats Q2 2025 forecasts, stock rises

Varonis Systems reported its second-quarter 2025 earnings on July 29, exceeding market expectations with an EPS of $0.03 against a forecast of $0.01. Revenue also surpassed predictions, reaching $152.2 million compared to the anticipated $148 million. The company maintains impressive gross profit margins of 82.29%, according to InvestingPro data. Following the announcement, Varonis’ stock price increased by 0.99% in after-hours trading, reflecting investor optimism. With a market capitalization of $6.08 billion, Varonis demonstrates strong momentum, having delivered a 22.06% return year-to-date.

Key Takeaways

• Varonis Systems’ Q2 2025 earnings per share (EPS) surpassed expectations by 200%.
• Revenue for the quarter increased by 17% year-over-year, reaching $152.2 million.
• The company’s stock rose by 0.99% in after-hours trading following the earnings release.
• Varonis is focusing on expanding its SaaS offerings, now representing 69% of total annual recurring revenue (ARR).
• The data security market is expanding, driven by AI and cloud protection demands.

Company Performance

Varonis Systems demonstrated strong performance in the second quarter of 2025, with significant growth in revenue and annual recurring revenue (ARR). The company reported a 19% year-over-year increase in ARR, reaching $693.2 million. This growth is attributed to the company’s strategic focus on expanding its SaaS offerings, which now constitute 69% of total ARR. The transition to SaaS is expected to drive future growth, with the company targeting over 20% ARR growth post-transition. InvestingPro analysis reveals the company operates with a moderate level of debt, maintaining a debt-to-equity ratio of 2.05, while showing a consistent revenue CAGR of 17% over the past five years. For deeper insights into Varonis’s financial health and growth prospects, investors can access the comprehensive Pro Research Report, available exclusively to InvestingPro subscribers.

Financial Highlights

• Revenue: $152.2 million, up 17% year-over-year
• Earnings per share: $0.03, compared to the forecast of $0.01
• Free cash flow: $82.7 million year-to-date, up from $67.3 million last year
• SaaS ARR: 69% of total ARR, up from 61% in Q1 2025

Earnings vs. Forecast

Varonis Systems exceeded market expectations with an EPS of $0.03, significantly higher than the forecasted $0.01, marking a 200% surprise. Revenue also surpassed predictions, totaling $152.2 million against a forecast of $148 million, representing a 2.81% surprise. This positive performance reflects the company’s successful strategic initiatives and operational efficiencies.

Market Reaction

Following the earnings announcement, Varonis Systems’ stock price increased by 0.99% in after-hours trading, reaching $54.95. This rise indicates positive investor sentiment, driven by the company’s strong financial results and growth prospects. According to InvestingPro, the stock trades with relatively low volatility (Beta 0.76) and appears overvalued based on their Fair Value analysis. The stock’s movement aligns with broader market trends, as investors continue to favor companies with strong SaaS growth potential. InvestingPro subscribers have access to 10 additional key insights about Varonis, along with detailed valuation metrics and peer comparison tools.

Outlook & Guidance

Varonis Systems provided a positive outlook for the remainder of 2025, with full-year ARR guidance set between $748 million and $754 million, reflecting a 17% growth. The company also projected full-year revenue between $616 million and $628 million, representing a 12-14% increase. These projections underscore the company’s confidence in its growth strategy and market position.

Executive Commentary

CEO Yaki Feitelson highlighted the expanding data security market, stating, "Data security market is rapidly expanding because of many factors, including AI usage, the proliferation of data, and evolving compliance needs." CFO Guy Malamed added, "The simplicity and automated outcomes of our SaaS platform and MDDR offering continue to be key drivers." These comments underscore the company’s strategic focus on innovation and market adaptation.

Risks and Challenges

• Transition to SaaS: While the shift to SaaS is a growth driver, it also presents challenges in terms of operational execution and customer adaptation.
• Competitive landscape: The company faces competition from established DSPM vendors, necessitating continuous innovation.
• Market volatility: Economic fluctuations and changes in regulatory requirements could impact the company’s performance.
• Technological advancements: Rapid changes in technology may require ongoing investment in R&D to maintain a competitive edge.

Q&A

During the earnings call, analysts inquired about Varonis’ competitive positioning and strategic partnerships. The company elaborated on its partnership with Microsoft for Copilot security and its strategies for SaaS conversion and expansion. These discussions highlighted Varonis’ focus on leveraging strategic alliances and innovation to drive growth.

Full transcript - Varonis Systems (VRNS) Q2 2025:

Operator: Greetings, and welcome to the Verona Systems Second Quarter twenty twenty five Earnings Conference Call. At this time, all participants are in a listen only mode. As a reminder, this conference is being recorded. It is now my pleasure to introduce Tim Purz, Investor Relations. Please go ahead.

Tim Purz, Investor Relations, Varonis: Thank you, operator. Good afternoon. Thank you for joining us today to review Varonis’ second quarter financial results. With me on the call today are Yaki Feitelson, Chief Executive Officer and Guy Malamed, Chief Financial Officer and Chief Operating Officer of Varonis. After preliminary remarks, we will open the call to a question and answer session.

During this call, we may make statements related to our business that would be considered forward looking statements under federal securities laws, including projections of future operating results for our third quarter and full year ending 12/31/2025. Due to a number of factors, actual results may differ materially from those set forth in such statements. These factors are set forth in the earnings press release that we issued today under the section captioned Forward Looking Statements, and these and other important risk factors are described more fully in our reports filed with the Securities and Exchange Commission. We encourage all investors to read our SEC filings. These statements reflect our views only as of today and should not be relied upon as representing our views as of any subsequent date.

Varonis expressly disclaims any application or undertaking to release publicly any updates or revisions to any forward looking statements made herein. Additionally, GAAP financial measures will be discussed on this conference call. A reconciliation for the most directly comparable GAAP financial measures is also available in our second quarter twenty twenty five earnings press release and our investor presentation, which can be found at veronis.com in the Investor Relations section. Lastly, please note that a webcast of today’s call is available on our website in the Investor Relations section. With that, I’d like to turn the call over to our Chief Executive Officer, Yaki Faitelson.

Yaki?

Yaki Feitelson, Chief Executive Officer, Varonis: Thanks, Tim, and good afternoon, everyone. We appreciate you joining us to review our second quarter results and the progress of our SaaS transition. Our Q2 performance reflects our continued strong ARR growth and cash flow generation as we accelerate towards the completion of our SaaS transition and make investments to capture our growing market opportunity. Today, I want to remind you of what sets Varonis apart as the leader in data security. In today’s ever changing environment, one thing remains constant.

Data will continue to be created and shared, and usage of AI has only accelerated this trend. At the same time, attackers do not break in, they log in, and they need to secure data, and the challenges involved are greater than ever. VONI takes a data first approach and help companies to locate their sensitive data, visualize who has access to it, automatically lock it down, and then automatically detect and respond to threats on it. Performing only one or two of these tasks is insufficient to protect data. And what sets Varonis apart is our ability to successfully do all three of these tasks on Data Everywhere.

In the second quarter, this approach contributed to an ARR growth of 19% to $693,200,000 as we advanced toward completing our SaaS transition. With SaaS ARR now representing about 69% of total ARR, year to date, we generated $82,700,000 of free cash flow, up from $67,300,000 for the same point last year. I will review our results and our updated guidance in more detail shortly. We continue to experience strong demand to our SaaS platform for both new and existing customers, primarily due to the superior experience that Voroni SaaS and MDD are offered by enabling automatic data security with minimal effort. Additionally, I’m also proud to announce that we achieved the federal authorization enabling us to offer our entire SaaS platforms to the federal sector.

Demand from both new and existing customers looking to protect cloud environments with Varonis continue to positively inflect and is becoming a material contributor to our business. This is driven by the investments we have made in our platform to expand our use cases, going wider and deeper and entering new markets, including DSPM. Our ability to protect cloud data represents a significant untapped growth opportunity for us, and transitioning our customer to our SaaS delivery model is helping us unlock this market’s potential. Data security market is rapidly expanding because of many factors, including AI usage, the proliferation of data, and involving compliance needs. As a result, data security markets like DSPM are receiving new investments and focus, which is creating more budgeted line items and increasing opportunity.

Looking at the DSPM market, others we see usually focus on discovery and classification in cloud databases because it has the lowest barrier to entry, and they don’t address more challenging problems, like securing the data by automatically fixing risks and detecting threats or scaling to analyze large unstructured data sets. With that as a backdrop, it is important to note that seeing a problem does not solve a problem. Discovery and classification may find sensitive data, but they do not secure it. This generate potential exposure without providing a solution. Vonage has made significant investments to expand our coverage wider to both find and secure the data everywhere it leaves, while providing more complete and up to date visibility than typical DSPM technologies.

As a result, customers are consolidating their data security budgets with Varonis. I would like to dive deeper into why we win in competitive deals within the DSPM space. Our edge lies in the breadth and depth of our platform, following three step approach called find fixed alert. All three critical components are needed to secure data. While DSP endpoint tools focus on discovering sensitive data, Varonis is the only data security vendor that does more.

Not just finding sensitive data, but also finding where it is unprotected, fixing the risks by locking down sensitive data automatically, and continuously monitoring and alerting on unusual data activity. I will talk about the first step. Find. Varonis not only discover and classify all of our customers’ data, but also map all the controls that you lock it down, analyzing permissions, identities, entitlements, masking, and labeling, which creates a complete inventory of risk. We know exactly where sensitive data lives, how it is exposed, who has access, and how that access was granted.

We also watch data usage, tracking every time user accesses, modifies, or deletes data. To use a simple example, Varonis watches the bank vault, compiling an inventory of everything inside, every person that can access the vault, including everything they touch and can access inside, while logging all activity in and around the vault. And all this happened without impacting the customer’s experience. Now, I will talk about step two. Six, the holy grail of security is ensuring identities have access to the right data.

And this is very hard to do because you need all the right ingredients, which we provide. Voice understands how data is being used and where it is unnecessary exposed because we watch all data activity and connect identities to data. Our policies developed through extensive experience with thousands of large customers are designed to intelligently and automatically mitigate risks such as access to data that identities should not have or no longer need. To continue our example, because Varonis knows who can access the vault, what the vault is, and what they do regularly access, we can remove unneeded access like state access from a former intern that works at the competitor, or a bank employee that has moved to another branch, but still have the keys to the vault. Finally, let’s talk about step three, which is alert.

Since we only see every touch of data, we can baseline user behavior and detect threats or abnormal behavior in real time. Because we watch data directly, we generate alerts with very little noise. This enables our MDDR team, which is powered by AI, to efficiently watch customer data and investigate, validate, and prevent breaches with a thirty minute SLA on ransomware and without customer effort. To wrap up our example, VONIS watches the vault and can sound an alarm when a receptionist tries to access it after hours, or when a bank manager starts going in and out of the vault more often than normal and with more cash. I would like to contrast our approach to what we see from DSPM providers.

Starting with step one, the first key difference is that most VSPN providers schedule scans and use sampling as opposed to viewing all the data to discover and classify sensitive data because they cannot do it any other way. They do not track data activity. So, they don’t know when data is added or changed. So, their information is immediately stale. And they lack the scalability to view everything.

Sampling allows them to scan quickly, but this also means that significant amount of potential exposed data is never found, and they cannot deliver full picture of risk or compliance. And because scans are scheduled, their picture is always out of date. As a result of these shortcomings, they try to avoid risk assessment. Would you be willing to store your money at a bank that does not have security camera and try to protect it using a lease that only includes 10% of its inventory and is only received on Fridays at five p. M?

Moving to step two, because DSPM providers don’t map or track access to sensitive data, there is no viable, safe way to fix risks that they find. As a result, these providers just generate service tickets, leaving overworked security teams to manually address them. We hear from prospects that this approach leads to time consuming busy work, and oftentimes followed by a data breach. Finishing with step three, DSP endpoint tools cannot detect threats to perform any meaningful forensics in an event of a suspect or actual breach, because they don’t track data usage. There is no activity monitoring and no user behavior analytics.

Going back to our example, using DSPM point tools, you like trying to understand how a bank was robbed and what was taken with no security cameras or footage, no record of who had access to the vault, and an outdated and incomplete record of what was in the vault. To wrap up, TSPM tools focus on discovery and classification, mostly in the cloud. They are compliance, band aids, and not security solutions. Varonis not only discover and classify data, but also intelligently and automatically locks it down everywhere and watches it for threats. Our approach results is vastly reduced risk and much lower likelihood for a data breach as compared to alternatives.

Customers understand it and our ability to showcase these outcomes automatically at scale is why we are winning. Another key driver of our recent success has been the secular trend of AI usage. This quarter, we expanded our coverage to protect OpenAI Charge GPT’s enterprise. We are also excited to announce an update to our strategic partnership with Microsoft. This update is focused on joint feature development, which builds on our existing innovations to help organizations adapt Microsoft Copilot security.

While deepening our integration with them, together, we are addressing one of the most critical challenges, which is ensuring AI tools and LLNs do not expose data. By aligning our engineering efforts, we are accelerating our ability to drive secure AI adoption. With that, I would like to briefly discuss a couple of key customer wins from Q2. The first one I would like to talk about is a large healthcare organization of over 20,000 employees that was concerned about their ability to respond to ransomware and comply with SEC disclosure requirements for the AWS environment. They were evaluating Varonis against the DSP and point tools.

And it became clear that only Varonis would meet their success criteria, our ability to cover petabyte scale cloud environments and provide customers with the tools to avoid breaches and funds without effort, where capabilities this point solution could not match. In contrast, the DSPM tool scanned a small sample of data that quickly became stale and could not provide any meaningful outcomes. As a result, this decision was an easy one to choose Varonis. We again saw strong demand from existing customers looking to convert to our SaaS platform. One example was a defense contractor with over 25,000 employees.

The new CISO, who was undergoing a digital transformation project needed to modernize the data security strategy. The CISO stated the future of cybersecurity is data security, and was quickly on board with Veroni SaaS understanding the need for automated protection. This is also a key example of our Microsoft Better Together partnership, since they will use Varonis to automate the purview labeling program and automatically reduce exposed data and proactively stop purchased Varonis SaaS with NDDR for hybrid environments for pilot and Azure. In summary, we are excited by the many tailwinds we are seeing in our business. The simplicity and automated outcomes of our SaaS platform, the adoption of AI and growing awareness of data centric cloud security are driving increased momentum in our business.

We remain focused on executing on this tailwind, as we capture our massive and growing market opportunity. With that, let me turn the call over to Guy. Guy?

Guy Malamed, Chief Financial Officer and Chief Operating Officer, Varonis: Thanks, Yaki. Good afternoon, everyone. Thank you for joining us today. Our second quarter performance represents a continuation of our solid start to the year. We again saw strong ARR growth and free cash flow generation as well as continued progress towards the completion of our SaaS transition.

This performance allows us to again raise our full year ARR guidance, while we also continue to keep an eye on the uncertain macro backdrop. We remain confident in our outlook because of the underlying drivers of our business and are well positioned to execute on the growing need to secure data everywhere. We continue to see broad based strength from new and existing customers looking for Varonis to secure their data. The simplicity and automated outcomes of our SaaS platform and MDDR offering, as well as customers looking to secure Co Pilot continue to be key drivers. As a result of this momentum, we ended Q2 with 69% of total company ARR coming from SaaS or approximately $475,000,000 This represents an eight point increase in our SaaS mix from the 61% we reported in Q1.

We continue to see SaaS NRR trend at very healthy levels, which is being driven by our customers coming back and buying protection for additional cloud platform. Once we complete the SaaS transition, we can allocate even more focus on this upselling motion. We believe that this additional time spent on upselling existing customers combined with a healthy new customer momentum that we are continuing to see will allow us to drive towards our goal of growing ARR more than 20%. Furthermore, we are prudently and thoughtfully increasing investments in our business because of the growing demand for our solution and we see a clear path to drive durable growth post transition. In the second quarter, ARR was $693,200,000 increasing 19% year over year.

And year to date, we generated $82,700,000 of free cash flow, up from $67,300,000 in the same period last year. In the second quarter, revenues were $152,200,000 up 17% year over year. During the quarter as compared to the same quarter last year, we had approximately a 7% headwind to our year over year revenue growth rate as a result of having increased SaaS sales in our booking mix, which are recognized ratably versus the upfront recognition of our on prem subscription product. SaaS revenues were $105,900,000 Term license subscription revenues were $32,400,000 and maintenance and services revenues were $13,900,000 as our renewal rates were again over 90%. As we are getting closer to the completion of our SaaS transition, we expect the positive trend of maintenance and services revenues to continue to decline.

Moving down the income statement, I’ll be discussing non GAAP results going forward. Gross profit for the second quarter was $122,600,000 representing a gross margin of 80.6% compared to 84.1% in the 2024. Our gross margin continues to track ahead of our expectations and we feel very confident in our long term target set at our Investor Day. Operating expenses in the second quarter totaled $124,500,000 As a result, second quarter operating loss was negative $1,900,000 or an operating margin of negative 1.2%. This compares to an operating income of $2,100,000 or an operating margin of 1.6% in the same period last year.

During the quarter as compared to the same quarter last year, we had approximately a 6% headwind to our operating margin as a result of having increased SaaS sales in our booking mix, which are recognized fully ratable versus the upfront recognition of our on prem subscription product. Second quarter ARR contribution margin was 16.5%, up from 14.9% last year. The significant leverage improvement reflects our ability to drive strong incremental margins while growing ARR, transitioning to SaaS and investing in our business to capture our growing market opportunity. During the quarter, we had financial income of approximately $10,000,000 driven primarily by interest income on our cash, deposits and investments in marketable securities. Net income for the 2025 was $3,800,000 or net income of $03 per diluted share compared to a net income of $6,800,000 or net income of $05 per diluted share for the 2024.

This is based on 135,200,000.0 diluted shares outstanding and 128,000,000 diluted shares outstanding for Q2 twenty twenty five and Q2 twenty twenty four respectively. As of 06/30/2025, we had 1,200,000,000 in cash, cash equivalents, short term deposits and marketable securities. For the six months ended 06/30/2025, we generated $89,300,000 of cash from operations compared to $68,400,000 generated in the same period last year. And CapEx was $5,700,000 compared to $1,100,000 in the same period last year. During the second quarter, we repurchased 1,000,000 shares at an average purchase price of $38.59 for a total of $38,700,000 Over the course of the program, we repurchased 2,500,000.0 shares at an average purchase price of $40.32 for a total consideration of $100,000,000 Turning now to our updated 2025 guidance in more detail.

For the 2025, we expect total revenues of $163,000,000 to $168,000,000 representing growth of 10% to 13%. Non GAAP operating income of $4,000,000 to $7,000,000 and non GAAP net income per diluted share in the range of $07 to $08 This assumes 134,000,000 diluted shares outstanding. For the full year 2025, we now expect ARR of $748,000,000 to $754,000,000 representing growth of 17%. Free cash flow of $120,000,000 to $125,000,000 total revenues of $616,000,000 to $628,000,000 representing growth of 12% to 14% non GAAP operating income of breakeven to 6,000,000 non GAAP net income per diluted share in the range of $0.16 to $0.18 This assumes 134,700,000.0 diluted shares outstanding. In summary, our second quarter performance demonstrates the growing demand for Varonis evidenced by the strong ARR growth and cash flow generation.

This demand is driven by the simplicity and automated outcomes of Varonis SaaS and MDDR as well as the security challenges created by the usage of AI and the growing awareness for data security. We look forward to completing our SaaS transition, which will position us to even better execute on these tailwinds and drive additional value for our customers, company and shareholders. With that, we would be happy to take questions. Operator?

Operator: Thank you. We’ll now be conducting a question and answer session.

Yaki Feitelson, Chief Executive Officer, Varonis: You.

Operator: In the interest of time, we ask the participants to limit themselves to one question. One moment please while we poll for questions. Our first question is from Saket Kalia with Barclays.

Saket Kalia, Analyst, Barclays: Okay, great. Hey, guys. Thanks for taking my question here. How are you?

Guy Malamed, Chief Financial Officer and Chief Operating Officer, Varonis: Good. How are you?

Saket Kalia, Analyst, Barclays: Good. Good. Yanki, maybe for you. The numbers here are pretty straightforward. So I’d love to ask a market question here if I could.

We all saw one of your privately held competitors, Cyera, raised money recently. And I was wondering since we’re on the call, can you just talk about how you compete against them, how you win, and maybe how your move to SaaS is changing that competitive backdrop. Does that make sense?

Yaki Feitelson, Chief Executive Officer, Varonis: Yes, completely. Primarily, it’s the same for all these DSPM vendors. What they are doing for us more than anything else is expanding our total available market and generate awareness that you need to protect data on these cloud repositories. Essentially, these are very small pieces of the data security platform. They don’t provide outcomes.

Like we just explained, you need to understand that the DSPM, what they are doing data discovery and very partially, a lot of it is based on sampling, but they don’t do any remediation and any threat detection. Essentially, if is if you have a compromised account or an insider, they will even not see. You’re starting to have abnormal behavior to the data. They can’t identify it. They can’t remediate the excessive access control.

And then after you notice that something happened, they can’t even do forensics. Fundamentally, it’s something that is completely different. Our SaaS is primarily about scalability and about automated outcomes. We are doing everything for the customers. The secure data with Zon is as easy as having a credit card from a top bank in terms of just all the automation and everything we do.

The other thing, data is a massive problem at scale. And there is something that is common with all these DSPM vendors. They’re avoiding POCs like a play, POCs on production data. And this is the cornerstone of our sales motion. We are coming to you and we starting to deploy very fast, taking all the data, finding it automatically, classifying it, labeling it, reducing excessive access control, making sure that your Copilot and AI can see only what it needs to see.

Looking at Active Directory, and with the MVDR, we save dozens of these customers on a week to week basis. So primarily what it does is just creating awareness for data security with a very small part of data security from a data security platform. So by and large, this is something that is doing very well for us and for the awareness of the market.

Operator: Our next question is from Matt Hedberg with RBC Capital Markets.

Saket Kalia, Analyst, Barclays: Great. Thanks for taking my question, guys, and congrats on the results. Yaki, it’s great to hear about the updates to your expanded Microsoft partnership. I’m wondering, is there a way that you can help us size the opportunity in terms of revenue contribution today? And additionally, how should we think about go to market initiatives to drive you more success?

Sounds like you talked about a lot of integration work, but curious about some of the go to market initiatives as well.

Yaki Feitelson, Chief Executive Officer, Varonis: Thanks for the question, Matt. At the end of the day, AI security problem is a data security problem. And what happened, we have a lot of synergies with Microsoft, but then just understood that one of the biggest gating factors, so the deployment of a Copilot, which is fundamental now for their strategy and success is security. You know what happened when we started the POC? It’s the Copilot, which is a tremendous productivity tool.

It’s like a attachment from hell. It just goes and inhale all the permissions that they have and then people stop it and say, okay, how we are going to deploy it? And Varonis does very well for you. The other thing, we have a lot of synergy with a lot of their security staff from Defender to MCAS to sending alerts to Sentinel. And we saw just our customers using Purview for labeling that there is just a lot of synergies.

We find a lot of low hanging fruit by doing the overall technical integration. And then we came together and decided that we need to take the partnership to the next level. It’s still the early innings, but for them, CoPilot is a lot of what they want to do in terms of productivity in the workforce, and we are securing it. And it just works very well together. So they’re compensating the regular sellers.

We’re starting to have pipeline development efforts with them that so far are working very well. And we are very excited about the partnership, I believe that they are also excited.

Operator: Our next question is from Joseph Gallo with Jefferies.

Joseph Gallo, Analyst, Jefferies: Hey, guys. Thanks for the question. Are there any metrics or data you can share that just instills the confidence in over 20 ARR growth? I imagine that means SaaS ARR without conversion tailwinds is growing healthily above that currently, but just anything on new logos or NRR that kind of helps us see that what you guys see and are so positive on? Thank you.

Guy Malamed, Chief Financial Officer and Chief Operating Officer, Varonis: So when you look at the Q2 results, they were driven by strong new customers again. And we talked a lot about how SaaS opens up the opportunity to sell to additional customers. We saw that continue in Q2. We also saw the conversions and existing customers contributing nicely. But what’s actually more interesting is that the NRR for SaaS is higher than the reported NRR that we gave at the end of Q4.

And when you look at our ARR number being 19%, if we can continue to sell to new customers the way we have done so far and actually move away from the conversions and just focus on the upsell within the SaaS customers, then kind of the difference between 19% ARR and 20% is not that large. So there are a lot of moving parts that are working in our favor and we feel very good about the opportunity of going back to that 20 plus percent.

Yaki Feitelson, Chief Executive Officer, Varonis: In addition, we feel very good about our investments in R and D. So we see very strong adoption of everything that related to the other cloud platforms. And we believe that we have a good visibility in the way that our investments in R and D and the new product will work. And we’re just very excited about the opportunity. If you want to be serious about security, you need to protect the data and your best bet to protect the data is ours.

Operator: Our next question is from Joshua Tilton with Wolfe Research.

Joshua Tilton, Analyst, Wolfe Research: Hey, guys. Thanks for sneaking me in here. I have a two parter. I guess the first part is just in the prepared remarks, I think you mentioned that the macro environment is still kind of challenging. I don’t think that’s a surprise to anyone, but maybe could you just compare how the macro this quarter compared to last quarter?

What direction is that macro trending? And then just maybe on the conversion piece specifically, you guys said it contributed nicely to the quarter, but can you just maybe give us an update on how the accelerated conversion is going relative to your plan? Are you tracking in line ahead or maybe behind? Just an update on both those would be very helpful. Thanks.

Guy Malamed, Chief Financial Officer and Chief Operating Officer, Varonis: So, I’ll start with the second part. When we look at the conversions, the fact that we’re increasing our SaaS mix from 80 to 82% and actually started the year with full year guidance of 78% is an indication of things going very well. We knew that we could improve the conversion component in 2025, and there were a lot of lessons learned that we took from 2024 and implemented as part of our strategy for 2025. So I can say that we’re very happy. I wouldn’t say that we’re shocked by how good it’s going.

We’re very happy. And we knew that we could do better than 2024. When you look at the macro, I can say that Q2 was very much similar to what we saw in Q1. There’s not much of a difference. There’s more deal scrutiny.

And we talked about the deal scrutiny for quite some time now. But at the same time, we can say that when you look at data security and when you look at the fact that CoPilot is generating a lot of awareness to a problem that existed for a long time. But it’s putting that spotlight on it. And we’re there to try and capitalize on it.

Joshua Tilton, Analyst, Wolfe Research: Super helpful. Thank you, guys.

Operator: Our next question is from Jason Ader with William Blair.

Jason Ader, Analyst, William Blair: Hey, guys. Sorry, I have a two parter as well. Just first on the comment that you guys have made historically that you only see competition in one out of 20 deals. I was hoping you can update us on that. And then the second part is kind of related, but we’ve seen some of the backup vendors move into the DSPM market through acquisition like Rubrik with Laminar and then Commvault most recently with Satori.

I don’t know, maybe you can comment on convergence between traditional backup and data security, data governance? Do you feel like that’s a long term trend? I don’t just any interpretation of what’s happening there with the backup vendors?

Yaki Feitelson, Chief Executive Officer, Varonis: Infrastructure and backup vendors, rarely see them in any of the POCs, completely different sales motion. And in general, we can tell you that all the DSPM companies that got acquired by large companies, We don’t see them a lot. It’s just it’s Thera security can be a side gig. What we see is that the companies, we see the DSPM companies that got funding here and there. It take the competition level for everything that is three sixty five and on prem stays the same.

We see around 10% in the cloud infrastructure, but you need to understand one thing. Cornerstone for everything that we do is POC. We continue and we deploy the problem at scale. There is much more data and critical data in the cloud than in on prem. And talking about these blogs and databases that we are in and Snowflake and Databricks.

And what we see with our competitors is that they don’t want to do POC. They are trying not to do a POC. So sometimes the initial conversation, we hear about them, but usually when the rubber meets the road, they don’t like to do these POCs. So when customers are doing just a diligent process and in data security, the way that you sell is a POC, They don’t like usually, they don’t do it. And if they try to do it, they try to do it in a lab and small set of data.

Some of them have risk scalability challenges.

Operator: Our next question is from Roger Boyd with UBS.

Roger Boyd, Analyst, UBS: Awesome. Thanks for taking the questions. Can you expand on the trend of customers consolidating their data security budgets to Varonis? And when you look at the trends around consolidating around data stores like database, around functional areas like DSP and DLP. Are there particular trends within those that are looking stronger than others?

And is this something that you’re seeing today, the general brownfield consolidation opportunity? Or is more of a pipeline opportunity as you think out over the next year? Thanks.

Yaki Feitelson, Chief Executive Officer, Varonis: I think it’s both, the way that budget works. You have budget for security, compliance, insider threat, everything that related to labeling, the ability to understand abnormal behavior. Part of it is DLP and all the prerequisites on the work that you need. And we are doing all of it and these customers understand that they need to do it. In terms of security, you need to understand that bad actors are not breaking in, are logging in.

If I’m not mistaken, Tim Wittmann did a testimony to Congress and he talks about all the phishing that we can have with AI. And this is something that we are starting to see. I can take your voice and I can be you. And then if I have your information, many times I can get your credentials. So what we see is that just the way that everything works is that once I get your credentials, we are what we call the only game in town.

So a lot of these security that related to insider spreads, everything that related to user behavior analytics is really consolidating around us. And these bad actors, what they are doing in order to elevate credentials these days. But most of the time they are not reading for memory and doing all these jazz. The way that they are doing it is going from one data repository to the other. So we want to cover everything in order to be secure.

And this is also something that works very well for us. We start with something and then people just naturally expand. And this is because of our SaaS platform that is scaling so easy and provide these automated outcome. We just need to buy and we will provide the security.

Operator: Our next question is from Brian Essex with Goldman Sachs.

Brian Essex, Analyst, JPMorgan: Hey guys, it’s Brian from JPMorgan. Operator trying to demote me, but thank you for taking the question.

Saket Kalia, Analyst, Barclays: Yossi, maybe a question for you. Great

Brian Essex, Analyst, JPMorgan: to see the FedRAMP authorization. I would love to get your sense of how you feel positioned ahead of the stronger third quarter for Fed spending. How much visibility you might have into that Fed business? And what’s your sense of the preparedness on the Fed side to adopt data security versus what you’re seeing on the enterprise side? Thanks.

Guy Malamed, Chief Financial Officer and Chief Operating Officer, Varonis: So I’ll start, and then Yaki can add some stuff. Obviously, we were very excited to receive the FedRAMP authorization this quarter. It really is a great milestone for us. We can now offer the SaaS platform to the federal sector, and that’s really a big deal from our end. Our team put a lot of time, effort, and investment into this achievement.

And we know there’s a significant white space for us in the federal vertical. But I do want to remind everyone, the federal is still about 5% of our total company ARR. It really is still too early to say if we can have any benefits from the FedRAMP in our Q3 results this year. But from a guidance perspective, we assume the similar contribution to last year. On the longer term side, we see a huge opportunity in this vertical.

Yaki Feitelson, Chief Executive Officer, Varonis: It’s very easy, Dave. Lot of critical information. We showed a lot of critical information about you as well. And the way that it works, and you see a lot of bad actors and state actors many times, so this is data that they need to protect. You just saw now what happened with the SharePoint vulnerability and so forth.

It’s all about data. And I want to say another thing. FedRAMP, it’s not only important for federal customers. When you are a data security company, even though we don’t take critical data to our SaaS, but it was very important to demonstrate it for many customers on the commercial side, FedOMP is critical. It’s a certificate that it takes security very seriously, that you are under the right audits, that you have the right controls.

It was very important for us to do this exercise. We are taking the security of our platform extremely, extremely seriously. We want to make sure that once we are protecting your data, we are all the time secure. And definitely on the data security these days, from all these DSPM space, we are the only one who’s a fellow.

Operator: Our next question is from Shaul Eyal with TD Cowen.

Joseph Gallo, Analyst, Jefferies: Thank you. Hi, good afternoon guys. Congrats on the beaten race. Yafka, I was listening carefully to your market and products commentary. Specifically on that healthcare related win with 25,000 seats, can you provide us with more color about how many subscription services or modules would such a customer be utilizing through Varonis?

Yaki Feitelson, Chief Executive Officer, Varonis: Yes, it was a big AWS wing with everything that was there, databases, Azure Globe and other services, including three sixty five and the on prem, and obviously CoPilot. And this is something, Joel, that we see now. A lot of these are just mixed. People understand where I have critical data. I want to start sometimes data that people are collaborating more.

Want start first and almost always will take the identity side that we are doing extremely well.

Operator: Our next question is from Mike Costikos with Needham and Company.

Brian Essex, Analyst, JPMorgan: Hey, thanks for taking the question here, guys. And I just wanted to cycle back to Joe’s question at the top of the Q and A, just because 20% plus ARR growth that you guys are citing is probably one of the most frequent inbounds we get from clients. So could you just provide some more commentary on those new logos that you guys are addressing as far as size of those initial lands and what you’re seeing? Is there actually an acceleration taking place in new logo acquisition?

Guy Malamed, Chief Financial Officer and Chief Operating Officer, Varonis: So, have seen the new logos actually accelerate in terms of the number and also in our ability to land at a larger number. The SaaS platform and the MVDR together with the CoPilot is extremely appealing to many of our customers. The opportunity to sell to customers and actually go to them and the value proposition is that we would do everything for you. All you need to do is pay us. With this environment that is becoming so complex from a cybersecurity perspective and a risk perspective is extremely appealing for customers.

And I think that’s part of the reason we’re seeing our new customers adopt so well. We’ve seen very healthy contribution from our new customers. We feel very good with the ASPs over time that have increased significantly from the levels we saw in the past. But even with the higher land, there is so much more meat on the bone in terms of selling additional platforms. So we feel very good with the ability to show value to those customers and then go back to them and sell them additional platforms.

Yaki Feitelson, Chief Executive Officer, Varonis: What is very interesting is after we are converting to SaaS and customers are realizing these automated values of fund, fix, fail, they naturally expand to other platforms. So once we are moving there, it’s just much easier to do the upsell. As we said before, it’s a tale of two companies and just the SaaS company is tremendous. And as you can see, we’re just moving very fast to the SaaS and after that definitely reducing friction.

Guy Malamed, Chief Financial Officer and Chief Operating Officer, Varonis: And just to add, that’s part of the reason we talked about the SaaS NRR being significantly higher than the reported NRR. There’s so much additional platforms to sell once you show that value and the automation and the Nvidia.

Operator: Our next question is from Andy Nowinski with Wells Fargo.

Brian Essex, Analyst, JPMorgan: Okay. Thank you for taking my question. So I wanted to ask about your SaaS revenue. So you’ve had two consecutive quarters of significantly outperforming the consensus estimate, you know, with suggesting the Street seems to be miss modeling that conversion. I know you don’t guide specifically the SaaS revenue but if we just use your SaaS ARR of four seventy eight that you reported this quarter and you know divide that by four and use that as a proxy, it certainly suggests that subscription or SaaS revenue should be about 120 in Q3.

I guess what my question is, is there anything, any reason that that proxy or that calculation would not be correct? Is there anything that why we wouldn’t want to use something like that? Thank you.

Guy Malamed, Chief Financial Officer and Chief Operating Officer, Varonis: I’ve said really since the Investor Day in 2023 that there are three North Stars that we’re focusing on during the transition. There’s a lot of noise during a transition and the three North Stars that we have talked about are ARR contribution margin and the free cash flow. The one thing I really want to avoid is noise on the conversion on the revenue side and specifically on the SaaS revenue component. The right metric to focus on to identify the strength of the business is the ARR. When we look at revenue as a whole, we’re thinking of twenty twenty five as kind of a trough where the P and L is still kind of very noisy.

From a numbers perspective, 2026 as we kind of complete the transition, the actual numbers should become more straightforward. The percentages will still kind of move around because on the comparable side, you’ll have that noise from 2025. And then 2027 is really kind of the year where you can look at the P and L in a more straightforward way. So the focus right now on the conversion year, and I can’t emphasize this enough, is kind of focusing on the three North Stars where the top line number that should be focused is the AR.

Operator: Our next question is from Shrenik Kothari with Robert W. Baird.

Tim Purz, Investor Relations, Varonis0: Thanks for taking my question and echoing congrats on the quarter. So beyond the new logos, right, you reiterated strong SaaS conversion execution, of course, tracking ahead of plan. But specifically, Yaki and Guy, you just made comments that past these conversions and the tailwinds, the SaaS NRR. Right? The customers realizing value faster, post transition about the expansion upsell cross sell.

Just what specific new workload, either ramping or multi cloud expansion signals are giving you the most confidence here? And if you can just help unpack that SaaS NRR a little bit more among MDDR, Copilot, OpenAI, Greenfield SaaS, unstructured data, you mentioned, Snowflake data. Just wanted to understand, like, if we can unpack that a little bit more.

Yaki Feitelson, Chief Executive Officer, Varonis: Actually, all of them are performing well. You know, just data storing, Azure, AWS, GCP, Snowflake, Databricks, salesforce.com, GitHub, wherever you have critical data. We can say that as time goes by, more and more platforms are doing well. And now you have a lot of this critical data in the cloud, still a lot of critical data on prem. Customer realizing that they need to protect all of it, And all of it is vulnerable.

And thankfully, we are doing well all over.

Operator: Our next question is from Rudy Kessinger with D. A. Davidson.

Joseph Gallo, Analyst, Jefferies: Great. Thanks, guys, for taking my question. Similar question actually to the last one. I am curious, you mentioned in the prepared remarks, the contribution mix of protecting cloud and SaaS environments continues to increase. Any data points you can share on, you know, what percent of SaaS net new ARR, you know, from new logos and expansions, not the conversions you’re doing, but new logos and expansions, is coming from protecting cloud environments and SaaS applications?

Guy Malamed, Chief Financial Officer and Chief Operating Officer, Varonis: So in Q2, we started to see some meaningful contribution from the additional cloud platforms. I can tell you that we were extremely happy with the performance coming from that spectrum. We don’t really break it out in dollar terms. We’re trying to sell more and more of the platforms. And we’re seeing very good adoption by our customers.

And we’re actually seeing the sales force focusing on that type of sale, understanding the benefit it can provide to our customers. So I can say that it’s kind of improving from quarter to quarter. And this quarter, we really started to see some meaningful contribution. We expect that trend to continue.

Operator: Our next question is from Jonathan Rukaver with Cantor Fitzgerald.

Tim Purz, Investor Relations, Varonis1: Yeah, good afternoon. So regarding the recent introduction of your next gen DAM offering database activity monitoring, I’m curious how should we view that in terms of just an enhancement over traditional dams to drive a replacement cycle versus positioning around a broader data security strategy. When you look at the revenue opportunity, it would seem the replacement opportunity relative to some legacy vendors like Imperva and Guardium would be quite compelling near term. So how are you positioning that in terms of the go to market?

Yaki Feitelson, Chief Executive Officer, Varonis: With our cloud data repository, we started to do very well with databases, primarily with admin activities and with the classification. And really, so many customers came and told us, please come and replace the incumbents. Said, what’s going on? And they said, we needed to get into the queries, whatever we need for compliance, but we also need user behavior analytics. The current solutions are not really security solutions.

And many times a lot of these companies didn’t innovate and haven’t done it in the right way. They want it part of one coherent data security platform. This is when we bought Cyril and we just understood that this is a market that is time for destruction. And it’s just part of our overall data security because a lot of the most critical data in the world resides within databases. We are very excited about the opportunity.

This is a very robust infrastructure. Way that we really state of the art cloud architecture that we are working in can take massive amount of clouds. And we want to make sure that everything that’s related to data, Varonis will solve for you, for data security. And database is part of it, and we definitely feel that we can go to new customers, but also we can benefit from big replacement cycles of the incumbents. So we are very bullish about the opportunity and we believe that we can execute very well against the potential of this opportunity.

Operator: Our next question is from Junaid Siddiqui with Truist Securities.

Joseph Gallo, Analyst, Jefferies: Great. Thank you for taking my question. Just wanted to ask about your identity protection suite that you launched last month. We’re seeing more and more convergence between data and identity security.

Brian Essex, Analyst, JPMorgan: Could you

Joseph Gallo, Analyst, Jefferies: just talk a bit about some of the differentiating aspects, what this does compared to some of the other what some of the other identity vendors are able to offer their customers?

Yaki Feitelson, Chief Executive Officer, Varonis: Yeah. It’s not a new model. It’s already built into our platform. It’s very important to understand that Varonis is not managing identity access. We understand identity from a threat perspective.

So what are you doing? We identify who you are, what is your configuration, how you behave, and if you’re doing anything that is abnormal and enrich the identity with a lot of data streams. As we said before, attackers are not breaking the login and the beginning is the identity. Once that identity is compromised, there is no perimeter. And you need sophisticated data security platform like Varonis to protect your data from it.

Operator: Our next question is from Fatima Boolani with Citi. Hey. Good afternoon, guys. Thanks for taking our questions. This is Mark for Fatima.

Thanks for squeezing us in. Maybe just to dig a little bit more into the comment of SaaS continues to create opportunities to sell to additional customers. Within this cohort, should we think about of this as, you know, selling more into new industries or end markets that, you know, SaaS has allowed you to enter or your ability with SaaS to capture new budgets within IT environment? And relatedly, are these greenfield opportunities or are you displacing incumbents? Thanks.

Guy Malamed, Chief Financial Officer and Chief Operating Officer, Varonis: So we’re definitely seeing SAS open up additional opportunities. It’s in a way increasing our time, increasing our ability to offer protection to customers that probably wouldn’t have considered us if we didn’t have the SaaS offering. And I can tell you that when we look at different verticals, different size of companies, we have absolutely seen our TAM increase 3x from where it was pre the additional data, cloud protection that we have introduced recently. So in analyzing our TAM and analyzing the opportunity, I can tell you that it’s additional opportunity. And in a way, there are also opportunities to replace existing offerings but for the most part it’s opening up new avenues, new verticals and new customers that wouldn’t consider us otherwise.

Operator: Thank you. There are no further questions at this time. I’d like to hand the floor back over to Tim Perris.

Tim Purz, Investor Relations, Varonis: Thanks for the interest in Varonis. We look forward to meeting everybody at conferences this

Tim Purz, Investor Relations, Varonis1: quarter. Goodbye.

Operator: This concludes today’s conference. You may disconnect your lines at this time. Thank you for your participation.

This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.