The Strongest Cybersecurity Stocks In Q3

Cybersecurity stocks have performed well in 2023, rising about +26.5% YTD, with the security backdrop boosted by an increase in data breaches and ransomware. Quarterly spending has increased approximately +12.7% YoY to ~$37.6 billion through the first half of the year, although commentary from sector leaders Fortinet and Palo Alto raised some concerns about spend optimization, with billings forecasts from the two weaker than expected.

Despite beating on the top and bottom lines, Zscaler provided flat billings guidance while revenue growth is set to slow. CrowdStrike was GAAP profitable from operations for the first time ever as net new ARR reached a record, but billings and ARR growth both decelerated.

Cybersecurity Market Growth Slows in Q2

Zscaler and CrowdStrike reported their October quarters this week with both providing important commentary that the macro environment is tougher than usual. CrowdStrike’s management said that buyers still remain cautious since the “macroenvironment remains challenging with continued increased budget scrutiny.” Zscaler said that while the “global macro environment remains challenging, and customers continue to scrutinize large deals, … customer sentiment seems to be stabilizing.”

Looking back at the cybersecurity market through Q2 offers a bit of color on those broader trends impacting growth this year. The market registered a third straight quarterly deceleration in Q2, per Canalys estimates, as the global market recorded +11.6% YoY growth to $19.0 billion.

This marked a slight deceleration from the +12.5% growth in Q1 to $18.6 billion, and a sharper deceleration from the +15.8% growth rate seen in 2022, as the cybersecurity market topped $71 billion for the year.

Growth in North America remained resilient at +12.6% YoY in Q2, the bellwether of the market considering it accounts for more than half of total spending. Latin America and EMEA growth remained in the double digits, though both decreased approximately 180 to 210 bp sequentially. APAC growth saw the largest slowdown, from +10.7% YoY in Q1 to +8.8% YoY in Q2.

Headwinds Remain in Play in Q3

Budget cuts, consolidation, and optimization are some of the trends at play in the cybersecurity market that are pulling 2023’s growth rates lower. Microsoft CEO Satya Nadella said in January during its fiscal Q2 earnings call that customers were “consolidating on our security stack, in order to reduce risk, complexity and cost.”

CrowdStrike CEO George Kurtz echoed Nadella’s view in the company’s Q1 earnings call in March that customers “want to reduce cost and headcount, reduce the number of point products and agents, reduce complexity and simplify operations.”

Venture capital funding deals and deal value also reflect this challenging environment persisting through Q3. According to Crunchbase, deal count declined just over (-15%) from Q2 to 153. Although deal value was marginally higher at $1.9 billion compared to ~$1.8 billion in Q2, it was about (-30%) lower YoY as large late-stage deals faded. VC funding has totaled just $6.4 billion YTD, on track to mark the lowest level of funding for cybersecurity startups since 2019, which totaled $8.8 billion.

Despite such cost and complexity concerns, companies are still committed to protecting data and operations. It’s this point that will drive long-term growth of the industry in the face of these near-term headwinds: there will always be more data to protect.

Fortinet: Q4 Guidance Soft, Billings to Decline YoY

Fortinet declined (-12.4%) following its Q3 earnings report for three key reasons: Q3 revenues marginally missed estimates, Q4 revenue guide was below consensus, and most importantly, Fortinet is projecting a YoY decline in net billings.

Fortinet reported revenues of $1.33 billion in Q3, which missed expectations by just $20 million. For Q4, Fortinet guided revenues $80 million lower at midpoint than the consensus estimate of $1.49 billion.

Q4 billings were projected to be between $1.56 to $1.70 billion, representing a YoY decline of ~(1%) to (9%). Management’s transition to SASE and security operations, and challenging network comps, are some of the factors behind the revenue slowdown with Fortinet seeing “modest” revenue growth for the next few quarters.

Fortinet’s billings slowdown and the lowered revenue forecast is a concern as 2023 would mark Fortinet’s slowest billings growth since its IPO in 2009. Growth is estimated at just +10.2% YoY at the $6.165 billion midpoint. It’s also a significant slowdown from the +34% and +35% billings growth seen in 2022 and 2021. Management said the growth slowdown in Q3 stemmed from “1 month shorter contract duration and importantly, lackluster appliance demand.”

A slowdown in product revenue growth is likely a driving factor behind the lowered revenue forecast for 2023. Product revenue is forecast to increase only +9% YoY to $1.935 billion – this is well below 2022’s +42% growth, 2021’s +37% growth, and its +23.7% average growth rate since 2009. CEO Ken Xie said that “the Secure Networking market is experiencing slower growth as product demand returns to normal levels following two years of elevated growth.” He added that “building and product revenue fell below our expectation” due to that slowdown in Secure Networking.

Palo Alto: Billings Weaker than Expected, Underlying Metrics Strong

Palo Alto shares fell (-5.4%) following its fiscal Q1 earnings report, but have since gained more than +14% to rise to new highs. The initial negative reaction stemmed from a lowered billings forecast as well as hints that revenue growth is slowing below 20%, but other underlying metrics remained strong.

Palo Alto reported +20% YoY revenue growth to $1.88 billion and +16% YoY billings growth to $2.02 billion, which came in below its prior outlook for $2.05 to $2.08 billion in the October quarter. This miss is amplifying concerns that revenue and billings growth is decelerating — revenue growth was at the lowest level since fiscal Q4 2020, while billings growth was at the lowest level in more than four years and marks a second quarter with growth below +20%.

For the full year, Palo Alto lowered its billing forecast to $10.7 to $10.8 billion, from a prior view of $10.9 to $11.0 billion. This correlates to YoY growth of +16% to +17%, roughly in line with the recent quarter’s +16% growth rate. Palo Alto cited volatility in contract duration, increased financing demand, and increased demand for deferred billings plans for the lowered forecast. CFO Dipak Golechha said that the company “saw the rising cost of money have an important and incremental impact on customer behavior in [fiscal] Q1.” Similar to Fortinet, Palo Alto saw minimal growth in product revenue, at just +3% YoY, with the majority of revenue growth driven by service revenue, +25% YoY.

Aside from that, Palo Alto had multiple underlying strengths in the report, especially with its next-gen offerings. Next-Gen Security ARR increased +53% YoY to $3.23 billion, and SASE ARR increased +60% YoY. Palo Alto saw very strong growth in multi-module customers, with +155% YoY growth in those adopting 5+ modules, and +59% YoY growth in those adopting 3+. XSIAM’s pipeline exceeded $1 billion, with more than $500 million of that pipeline added in Q1.

Zscaler: Billings Guide Unchanged, Revenue Growth May Slow

Zscaler maintained its billing guide for the full year, although revenue and EPS both came in ahead of expectations in its fiscal Q1. Large customer growth continued to slow, while fiscal Q2’s guide hinted at a possible deceleration in revenue growth.

Zscaler reported $497 million in revenue, +40% YoY, which handily beat expectations and the company’s guidance for +33% YoY growth to $473 million in revenue. While it did post +131% YoY growth in adjusted EPS to $0.67 and a surge in free cash flow, Zscaler remains unprofitable on a GAAP basis.

GAAP operating loss improved 33% YoY to ($46 million), while GAAP operating margin improved 10 percentage points to (9%). At its scale of more than $2 billion in annual revenue, it’s likely the market will want Zscaler to soon shift to operating profitability, which could be tough at the moment given that sales, marketing and R&D accounted for ~98.8% of gross profit in Q1. SBC also remained high at $129.1 million, or ~26% of revenue.

Billings growth remained strong, at +34% YoY to $456.6 million. However, Zscaler did not raise its full-year billings outlook as it tends to do, even if only by a few million; its outlook remained unchanged at +24% to +26% YoY growth, or $2.52 to $2.56 billion. That outlook suggests that billings growth will decelerate through the remainder of the fiscal year.

Fiscal Q2’s revenue guide also hinted at some early signs of revenue deceleration, with the $506 million guide pointing to YoY growth of approximately +30.5%. Fiscal 2024’s guide calls for +29.5% YoY growth at midpoint to $2.095 billion, again indicating that revenue growth in fiscal Q3 and Q4 is likely to slow to the mid to high-20% range.

Growth in large customers of over $1M in ARR has slowed significantly by 21 points over the past year, from 55% growth down to 34%. Growth in $100K+ ARR customers has also slowed from 37% to 22%.

CrowdStrike: Net New ARR Rises to Record, But Billings Decelerate

CrowdStrike beat on the top and bottom lines and guided fiscal Q4 marginally above consensus. The report in itself was fairly strong, as net new ARR rose to a record and CrowdStrike recorded its first-ever quarter with positive operating income. However, ARR growth and billings growth both decelerated, similar to peers who are also seeing decelerating billings. Management added that “buyers are still cautious” as the “macroenvironment remains challenging with continued increased budget scrutiny.”

Net new ARR rebounded to a record $223.1 million, +12.6% YoY, a strong recovery from Q1 and setting the stage for another possible record to close out FY24. With this rebound in net new ARR, CrowdStrike’s ARR topped $3 billion for the first time, reaching $3.15 billion in fiscal Q3. CrowdStrike emphasized that it is the “fastest and only pure play cybersecurity software vendor in history” to surpass the $3 billion ARR milestone.

However, ARR growth is still decelerating, as is billings growth. ARR growth in fiscal Q3 was +34.6% YoY, a slight deceleration from Q2’s +36.9% YoY growth rate and a sharper deceleration from the +55% YoY growth rate from fiscal Q3 last year. What’s important is that CrowdStrike soon shows ARR bottoming and stabilizing, instead of decelerating further into the +20% range or even the high teens.

Billings also decelerated, matching what we’ve seen so far with CrowdStrike’s peers. Billings were calculated to have fallen (-2%) QoQ and +9% YoY to $821.5M for Q3, a significant slowdown from the +13% QoQ and +22% YoY growth rate recorded in the prior quarter. You can read more about billings and ARR in our CrowdStrike’s Q3 earnings recap here.

Pictured Above: I/O Fund calculations for CrowdStrike’s billings growth/decline

CrowdStrike also recorded its first quarter to generate operating income, albeit at a razor-thin 0.4% operating margin. However, this shift to a positive margin benefited the bottom-line, allowing net margin to expand ~225 bp QoQ to ~3.4%. This marked CrowdStrike’s third straight quarter of GAAP profitability, with sequential growth in each of the three quarters. We had previously mentioned that while CrowdStrike had begun to post GAAP profitability, it was preferable that the company be GAAP profitable from operations rather than interest income – now, the next task is for CrowdStrike to show further growth in operating income.

Conclusion

Aside from Fortinet, the remaining cybersecurity stocks covered here have all rallied to new highs following earnings, despite each report having some weaknesses. Cybersecurity stocks are investor favorites due to an ever-growing need for cybersecurity solutions among enterprises and high cash flow generation metrics – all of the four reported free cash flow margins higher than 30%. Billings growth remains an important metric to track, given the decelerations seen this quarter and hints at more deceleration ahead. Yet, these key metrics are providing clues as to which companies will be strongest moving into 2024.

Damien Robbins, Equity Analyst at the I/O Fund, contributed to this article.

The I/O Fund has detailed the firm’s favorite cybersecurity stock for premium members here. For more in-depth research from Beth, including 15-page+ deep dives on the 10 stock positions the I/O Fund owns, subscribe here.

Every Thursday at 4:30 pm Eastern, the I/O Fund team holds a webinar for premium members to discuss how to navigate the broad market, as well as various stock entries and exits. We offer trade alerts plus an automated hedging signal. The I/O Fund team is one of the only audited portfolios available to individual investors. Learn more here.

Please note: The I/O Fund conducts research and draws conclusions for the company’s portfolio. We then share that information with our readers and offer real-time trade notifications. This is not a guarantee of a stock’s performance and it is not financial advice. Please consult your personal financial advisor before buying any stock in the companies mentioned in this analysis. Beth Kindig and the I/O Fund own shares in CRWD at the time of writing and may own stocks pictured in the charts.

If you would like notifications when my new articles are published, please hit the button below to “Follow” me.

Source: https://www.forbes.com/sites/bethkindig/2023/11/30/the-strongest-cybersecurity-stocks-in-q3/