Qualys Inc
NASDAQ:QLYS

Watchlist Manager
Qualys Inc Logo
Qualys Inc
NASDAQ:QLYS
Watchlist
Price: 153.37 USD 2.12% Market Closed
Market Cap: 5.6B USD
Have any thoughts about
Qualys Inc?
Write Note

Earnings Call Analysis

Q4-2023 Analysis
Qualys Inc

Revenue Growth and Profitability Outlook 2024

Looking into 2024, the company aims to balance growth with profitability, driven by disruptive innovation and strategic go-to-market investments. A strong finish in 2023, with a 13% increase in revenue year-over-year, sets the stage for continued progress. For the full year 2024, revenue is expected to grow 8-10% to $600-610 million, while normalized revenue growth is projected at 9-11% after accounting for the sunsetting of an embedded solution for Microsoft Defender. Adjusted EBITDA margin is anticipated to be in the low 40s, with free cash flow margin in the mid-30s. Full year EPS guidance stands at $4.95 to $5.27, with capital expenditures between $15 million and $20 million.

Full Year Outlook and Strategic Vision

The company underlines a confident stance towards its 2024 prospects, building on their 'disruptive innovation' and 'strategic vision' to balance growth and profitability. They highlight the anticipated revenue split between U.S. and international markets, pegging them at approximately 60% and 40%, respectively, mirroring their current distribution. Investors should note the steady revenue guidance for 2024, expecting growth between 9% to 11%. Additional financial forecasts include an EBITDA margin in the low 40s, suggesting a 20% to 25% increase in operating expenses and a mid-30s free cash flow margin. Full-year EPS is projected to range from $4.95 to $5.27, with capital expenditures planned at $15 million to $20 million for the year, speaking to a robust underlying financial health.

Product Evolution and Market Adaptation

Speaking to their competitive edge, the company emphasizes its evolved product offerings, which have transcended legacy models to include an array of capabilities, offering clients a more integrated and comprehensive security platform. This shift allows the company to upsell and engage with customers more deeply, presenting opportunities to sell additional capabilities outside of their traditional portfolio. The investment strategy for 2024 echoes the approach taken in 2022, with the intent to replicate a similar 22-25% uptick in sales and marketing expenditures, reaffirming their goal to fuel long-term growth by expanding their market presence.

Partnerships and Channel Dynamics

2024 also focuses on intensifying partnerships, with new hires and program initiatives aimed at leveraging channel partners for enhanced market penetration. The evolving partner program reflects a strategic move to increase partner-led sales, which is transcending direct sales performance, indicating a shifting revenue contribution mix. This anticipated adjustment in channel dynamics has not impacted gross margins historically and is not expected to do so moving forward.

Investment in Growth and Incremental Progress

In terms of overall growth, investors can take comfort in the fact that average deal sizes are growing by double digits. This trend is expected to continue through 2024, reflecting a favorable market response to the company's product offerings and sales efforts. The stated objective of capitalizing on a large addressable market through a platform-centric growth strategy aligns with their plans, and incrementally, progress is forecasted to be more pronounced in the latter half of the year.

Innovation and Monetization

Despite the early stages of certain product offerings, the management's commentary reflects a nuanced view on monetization, favoring the adoption and integration of multiple product modules into the company’s existing platforms over standalone solutions. This enables clients to consolidate their security needs within a unified ecosystem, driving additional value and creating upsell opportunities while minimizing operational complexities. Thus, the dashboard becomes more of a value-added integration enabler rather than a direct revenue driver.

Earnings Call Transcript

Earnings Call Transcript
2023-Q4

from 0
Operator

Good day, and thank you for standing by. Welcome to Qualys Fourth Quarter 2023 Investor Call. [Operator Instructions]. Please be advised that today's conference is being recorded.

I would now like to hand the conference over to your speaker today, Blair King, Investor Relations. Please go ahead.

B
Blair King
executive

Thanks, Gigi. Good afternoon, and welcome to Qualys' Fourth Quarter 2023 Earnings Call. Joining me today to discuss our results are Sumedh Thakar, our President and CEO; and Joo Mi Kim, our CFO.

Before we get started, I'd like to remind you that our remarks today will include forward-looking statements that generally relate to future events or our future financial or operating performance. Actual results may differ materially from these statements, and factors that could cause results to differ materially are set forth in today's press release and our filings with the SEC including our latest Form 10-K and 10-Q. Any forward-looking statements that we make on this call are based on assumptions as of today, and we undertake no obligation to update these statements as a result of new information or future events.

During this call, we will present both GAAP and non-GAAP financial measures. A reconciliation of GAAP to non-GAAP measures is included in today's press release. And as a reminder, the press release, prepared remarks, and investor presentation are available on the Investor Relations section of our website.

So with that, I'd like to turn the call over to Sumedh.

S
Sumedh Thakar
executive

Thank you, Blair, and welcome, everyone, to our fourth quarter earnings call. 2023 was a strong year for Qualys in terms of product innovation as we expanded our platform capabilities, strategic relevance in the industry and market opportunity. we introduced software composition analysis in on-prem and cloud environments to identify open source software across the production environment of virtual images for our customers. We advanced our custom assessment and remediation capabilities into our agent-based VMDR and policy compliance solutions and launched a groundbreaking first-party software risk management solution. we deployed [ golf ] cloud of FedRAMP high impact level ready vulnerability and [ patch ] management cloud platform that meets President Biden's executive orders and list of compliance. We harness technology from our acquisition of Blue Hexagon and extended our cloud scale deep learning AI to discover and identify relationships and patterns within our own highly integrated data lake that are invisible and undetectable in traditional signature-based solutions. We unified cloud workload protection, cloud security posture management, cloud detection and response, infrastructure as code and container security and [ broaden ] organically integrated agent and agent-less cloud-native application protection platform CNAPP to the market. And at QSC in November, we announced our enterprise tourist platform with which we now are embarking on the most innovative advancements to the platform in Qualys' history, a comprehensive enterprise-wide initiative aimed at holistically measuring, communicating and eliminating cyber risk.

The role of [ CISOs ] and security leaders is increasingly shifting away from just buying and deploying point security solutions towards being able to measure and articulate the amount of risk we post to their business. C-level executives and boards are increasingly looking to monitor cyber risk and the risk reduction ROI from the cybersecurity spend. The Qualys enterprise storage platform is focused on helping security leaders measure, communicate and eliminate cyber risk and become a partner in derisking their business. The Qualys platform aggregates and orchestrate data from around 25 threat intelligence feeds as well as third-party risk signals from non Qualys products to provide organizations with comprehensive AI-powered insights that translate risk signals into measurable scores and provide optimized remediation actions based on business impact. This single source of growth within a unified workflow and powerful integrated dashboard empowers customers to effectively measure and communicate risk secure cyber spend, add value, prioritize and eradicate [ that ] across on-prem cloud and multi-cloud environments and sets a new gold standard in the industry for risk management solutions.

Continuing this space of disruptive innovation on the platform, we're also extending our remediation capabilities to include AI-powered patch management and several other mitigation solutions, including virtual patching configuration updates and compensating controls guided by the [ TruRisk ] quantification technology. This new combination of capabilities, which we call TruRisk eliminate uniquely softens organizational boundaries and enables security teams to apply flexible, automated and intelligent space response solutions to address cyber based on their organization's own unique operational characteristics, remediation time lines and business objectives. Early customer feedback is quite encouraging. And with over 54 million patches deployed on Qualys agents in just the last 12 months alone, we believe this new approach to eliminating cyber risk will not only help our customers transform their security operations but further magnify our competitive differentiation in the market.

Today, we announced a major new upgrade to our Total Cloud CNAPP solution to provide comprehensive vulnerability posture and threat management from development to run time across multi-cloud and SaaS environments. Inclusive in this upgrade is the introduction of TruRisk Insights, which integrates data from our CWPP, [ CBR ] and external asset management solutions to provide organizations through the unified and prioritized view of risk. Combined with additional new reintroduced capabilities such as SaaS SSPM, SaaS portion management, open source software boundary detection and multiple [ IT integration ] with ServiceNow, we have created what we believe is one of the most comprehensive cloud native security solutions in the market with a unified actionable dashboard for immediate prioritization and remediation. The net benefit faster results, better security outcomes and lower overall cost for our customers.

Additionally, I'm pleased to announce that we are enhancing the Qualys Cloud Agent with passive center capabilities to help new and existing customers obtain real-time continuous visibility unknown unauthorized or road assets communicating inside their IT and OT environments. This unique approach to internal asset management enables millions of existing cloud agents to detect many more unmanaged devices with just a single click and eliminate the complexities associated with network appliance-based passive sensing. And this enables organizations to rapidly turn previously unknown assets into security managed assets with seamless cybersecurity asset management, VMDR enablement for comprehensive risk assessment, prioritization and remediation across the [ tax service ]. These innovative new approaches to cybersecurities management, along with several others on our road map for 2024 allow our customers to reduce complexity as they standardize on a trusted platform that delivers an immediate ROI and lower total cost of ownership relative to silo and detection-only technologies out in the market.

Turning to business update for the go-to-market motion in Q4, we experienced another quarter of steady VMDR adoption, which is now deployed by 56% of our customers worldwide. Key competitive VMDR wins include a leading health care provider, several global financial services, technology and manufacturing companies and multiple new and other existing customers, both down market and in the Global 2000. Adding to these wins, I will take a moment to share a couple of examples of how our customers and partners are expanding their use of Qualys capabilities to further consolidate the security stack.

On the customer front, one of my favorite new logo wins in Q4 was with a Fortune 300 media organization. Their organization was frustrated by the high volume of alerts being generated by their legacy security tools and the inability to uniformly contextualize and manage risk across dispersed agencies and environments which hampered its team's efficiency and obstructive critical incidents -- obscure critical incidents. Recognizing the increased value they could gain by modernizing their security stack and consolidating on Qualys' customer replace several existing vendors and adopted [ format juice ] from Qualys, including VMDR, Cybersecurity asset Management with external [ tax ] success management, web application scanning, and our newly introduced Total Cloud CNAPP solution in a highly competitive seven-figure new customer bookings win.

In another highly strategic and high 6 figure of booking upsell example, an existing Fortune 200 health care provider expanded its existing relationship with Qualys to standardize on our enterprise tourist platform. This customer has struggled to communicate the risk posture and list of prioritized risk mediation recommendations to their management as well as their different IT teams. The tourist platform help them consolidate risk factors from different Qualys modules into a single score with business context, which led them to purchasing multiple Qualys modules as part of this platform consolidation and expansion.

On the partner front, we continue to advance our evolving ecosystem with two leading global managed service providers, [ Orange CyberDefense and Kudelski ]. Both expanded their offerings beyond VMDR to include our patch management capabilities. These partners have indicated they chose Qualys over competing solutions due to our ease of orchestration, natively integrated platform and single-agent approach to simplify their security operations and significantly reduce the mediation times for their customers.

In addition, we expanded our relationship with Oracle Cloud with OCI, which is now making the enterprise storage platform available in its marketplace. We also evolved our partnership with Microsoft Azure by sunsetting our vulnerability assessment only integration to provide Azure customers with the full capabilities of VMDR in its marketplace, and we'll start ingesting Defender data into VMDR tourist platform. Further continuing our partnership with Microsoft, we are also selected to participate in a security Copilot leveraging an AI-powered security solutions. Finally, on the partner front, we expanded our relationship with Ingram Micro, which is now offering a full suite of our cybersecurity asset management, VMDR and prioritize remediation workflows to its customers in the APAC region. As evidenced through these wins and several others like them Qualys is much more than just a vulnerability management vendor with more and more companies begin to turn to Qualys to reduce agents security gaps, complexity and costs, enabling them to transform and consolidate their security stack on the Qualys risk platform. Largely as a result, customers spending $500,000 or more with us in Q4 grew 14% from a year ago to [ 283 ].

In summary, we believe our natively integrated platform that measures communicates and eliminate cyber risk brings a highly differentiated value proposition to our customers as they get more security using fewer resources with the Qualys Enterprise TruRisk platform. Looking ahead into 2024, we'll continue our disruptive innovation, advance our go-to-market investments and execute our strategic vision with a proven approach to balance growth and profitability.

With that, I will turn the call over to Joo Mi to further discuss our fourth quarter results and outlook for the first year, first quarter and full year 2024.

J
Joo Mi Kim
executive

Thanks, Sumedh, and good afternoon. Before I start, I'd like to note that except revenue, all financial figures are non-GAAP and growth rates are based on comparisons to the prior year period unless stated otherwise. We're pleased to report a strong finish to the year, with Q4 revenues in line with expectations and strong earnings fees delivering 13% revenue growth and 47% adjusted EBITDA margin in 2023. The leverage we generated this year demonstrates the efficiency in our model and enables us to step up investments in new technologies sales motion, targeted marketing programs and people to accelerate long-term growth and further enhance our position in the market as a trusted security partner of choice.

Now let's turn to fourth quarter results. Revenues grew 10% to $144.6 million at the midpoint of our guidance. Growth from channel partners outpaced direct at 16% versus 6% growth from Direct with continued investment in our channel. Our revenue contribution mix has shifted slightly over the past year, with the channel making up 44% of revenues in Q4 versus 42% a year ago. We expect a similar trend to continue in 2024. By [indiscernible], 13% growth outside of the U.S. was ahead of our domestic business, which grew 9%. Looking ahead to 2024, we expect our U.S. and international revenue mix to remain roughly at 60% and 40%, respectively.

As for calculated current billings, although we don't focus on or manage through this metric, anticipating questions related to bridging this LTM calculated current billings growth to revenue growth guidance, we would like to note that our Q4 calculated current billings was positively impacted by the timing of invoicing of multiyear prep subscription for large early renewal. Normalized for this, LTM calculated current billings growth would have been approximately 12%.

Turning to land and expand results. With customers confirming their prioritization of security within IT budgets, we anticipate the selling environment in 2024 and to remain stable with ongoing budget scrutiny being the new normal for many organizations. In Q4, we are pleased to see improvements in the new business, although the upsell environment remained challenging, with our net dollar expansion on a constant currency basis at 105%, down from 106% last quarter. While there continues to remain room for improvement from smaller customers, LTM revenues from customers spending $25,000 or more with us increased by 12%.

In terms of product contribution to bookings, Patch Management and Cybersecurity Asset Management combined made up 12% of total bookings and 22% of new bookings in 2023. In 2023, the increased adoption of these products resulted in over 50% growth on a combined basis. Our cloud security solutions made up 5% of 2023 bookings led by our natively integrated total cost CNAPP offering.

Turning to profitability. Adjusted EBITDA for the fourth quarter of 2023 was $65.8 million, representing a 46% margin compared to a 42% margin a year ago. Other operating expenses in Q4 were largely unchanged, up only 2% to $59.5 million. Sales and marketing expenses increased by 12% with us, closing out the year with [ 438 ] sales and marketing headcount, up 16% from last year. EPS for the fourth quarter of 2023 was [ 1.40 ], and our free cash flow was $32.3 million. Free cash flow for the full year 2023 was $235.8 million, representing a 43% margin compared to 37% in the prior year. In Q4, we continued to invest the cash we generated from operations back into Qualys, including $1.5 million on capital expenditures and $23.1 million to repurchase 140,000 of our outstanding shares. As of the end of the quarter, we had [ 83.7 ] million remaining in our share repurchase program. We're pleased to announce that our Board has authorized an additional 200 million share repurchase program, bringing the total available amount for share repurchases to 283.7 million.

With that, let us turn to guidance, starting with revenues. For the full year 2024, our revenue guidance is $600 million to $610 million, which represents a growth rate of 8% to 10%. For the first quarter of 2024, we expect revenues to be in the range of $144.5 million to $146.5 million, representing a growth rate of 11% to 12%. This guidance includes an estimated 1% reduction to revenue growth in 2024 from sunsetting our embedded solution for Microsoft Defender effective May 1.

Earlier this year, Microsoft Defender for cloud users, using [ pullet ] solutions were notified that we will be retiring our integration on Microsoft Defender and transitioning to [ BYOL ] model. With this change, these customers will be able to leverage Qualys total [ Casino ] to effectively manage their security risk for cloud and container workloads. Although the strategic shift is estimated to result in a short-term negative impact to revenues, we believe it will be key to delivering long-term value to consumers. Normalized for this change, our revenue guidance for the full year 2024 would have been 9% to 11%.

Shifting to profitability guidance. For the full year 2024, we expect EBITDA margin to be in the low 40s implying approximately 20% to 25% increase in operating expenses similar to increase in investments in 2022 and free cash flow margin in the mid-30s. We expect full year EPS to be in the range of $4.95 to $5.27. For the first quarter of 2024, we expect EPS to be in the range of $1.27 to $1.35 billion. Our planned capital expenditures in 2024 are expected to be in the range of $15 million to $20 million and for the first quarter of 2024 in the range of $3 million to $5 million.

In 2024, we plan to align our product and marketing investments to focus on specific initiatives aimed at driving more pipeline enhancing our partner program, expanding our federal vertical and supporting sales while maintaining a disciplined approach to unit economics. As a percentage of revenue, we expect to prioritize an increase in investments in sales and marketing as well as related support functions to [ tens ] people with more modest increases in engineering and G&A. As we increase our focus on sales and marketing in a new, customer success and productivity in response to a more stable selling environment, we believe we will be able to drive wallet share and long-term returns while balancing growth and profitability.

In conclusion, in 2023, we delivered a healthy top line growth, and industry-leading profitability in the wake of a challenging macroeconomic environment. We continue to lead with product innovation and announced an exciting new road map for the Quality Enterprise TruRisk platform. We are confident in our ability to deliver on our growth opportunity long term and remain committed to maximizing shareholder value.

With that, Sumedh, and I would be happy to answer any of your questions.

Operator

[Operator Instructions] Our first question comes from the line of Josh Tilton from Wolfe Research.

J
Joshua Tilton
analyst

I just want to sneak two in here. The first is on the really strong billings growth in the quarter. I know in the prepared remarks, you kind of highlighted as one-off. But could you maybe just give us a little bit more detail around the one-off early renewal? And then again, I understand that it's early, but you should still be able to [ rev rec ] it. So is the way to think about it, that revenue growth would have been -- or revenue guidance would have been lower had this early renewal not happened in Q4?

J
Joo Mi Kim
executive

So in terms of early renewal, we booked it earlier. And typically, when we book early renewals, it's a combined with an upsell. So it actually doesn't have a rev-rec impact earlier in the period because we closed the deal earlier. So the revenue recognition as an example, if it was an early renewal that was supposed to renew on January 1, and were renewed on December 1 because the customer wanted to have an upsell combined with the renewal, and we closed the entire deal on December 1 because that's what the customer preferred, the early renewal piece, even though it impacted the billings because we would invoice for the total amount wouldn't have had an impact on the revenue into Q4.

J
Joshua Tilton
analyst

And then I guess just my follow-up is really appreciate the clarity on the Microsoft partnership and the contribution to revenue. Could you maybe just dive one level deeper on obviously, the short-term negative is a clear impact, but how you guys envision this being more of a long-term positive for Qualys?

S
Sumedh Thakar
executive

That's a great question, Josh. I think if you look at what VM has evolved quite a bit over the last few years and VMDR that we came out with, which took the scan-only VM and evolved it into multiple other additional capabilities, including inventory and threat detection as well as certificate management, giving an ability to patch systems. And so that VMDR really, in my mind set the standard for what end-to-end modern VM needs to be. And so what -- with the relationship with Microsoft, the particular integration was the legacy scan-only VM that they were leveraging. And so moving to the full -- to the BYOL allows us to have the ability to work with the customers to bring the full VMDR license into Azure environment. And then with that full VMDR license, of course, it allows us to not only sell them VMDR but also allows us to have conversations with them out on CSAM, patch management, file integrity monitoring, total cloud upsell because today cloud security is evolving and integrated with vulnerability management, which we provide is significantly better than just getting a CV list out there. And so with that, we feel, over the longer term, it gives us opportunities to have more upsells and more -- and access to these customers to talk to them about the additional capabilities of Qualys. And help them see a much more unified view of their overall risk posture, especially as we talk about the enterprise TruRisk platform. And so as the partnership has evolved, we will be taking a defender data into our new tourist platform that we are working on as well as pushing quality, trying to Copilot for a different type of insights that Microsoft provides. And so the BYOL still gives that integrated experience and the ability to embed the Qualys agent, just that the licensing then comes to Qualys and does not become sort of an embedded thing that we don't really have access to.

Operator

Our next question comes from the line of Jonathan Ho from William Blair.

J
Jonathan Ho
analyst

In terms of your investments in sales and marketing, can you maybe help us understand the magnitude of those investments, and just given that you've got the new sales leadership here in place, what are some of the specific opportunities that you're seeing to make those investments?

J
Joo Mi Kim
executive

The way we're looking at the investment in 2024 is relatively in line with what we had in 2022. So back in 2002, we said that it was going to be an investment year. We had increased sales and marketing investment by approximately 25% back then, and we have increased our sales and marketing head count by 22%. This is kind of what we're looking to repeat in 2024, especially given that we've only grown sales and marketing by 14% in 2023. Primarily it will be driven by increasing the sales and marketing, the employee count that hiring for quota-carrying sales reps as well as other support functions associated with that, especially with a particular focus on the channel managers with our focus on partner first. Additional investment that we plan to make is related to anything that's like pipeline generating activities, including marketing, trade shows, events and partner enablement as well as sales enablement.

S
Sumedh Thakar
executive

Yes, we're pretty excited about what we're seeing with the response on our CNAPP solution with Total Cloud and then enterprise TruRisk platform kind of coming up. And so with pretty encouraged with what we're seeing for new logos that are coming to us and really interested in the cloud security solution, not VMDR or not just VMDR, I should say. And so we're going to also invest more in sort of marketing around our cloud security solution as well this year in addition to the sales and marketing head count growth that we look at for '24 as the way for us to invest into our platform.

Operator

Our next question comes from the line of Mike Walkley from Canaccord Genuity.

D
Daniel Park
analyst

It's Daniel on for Mike. So in the prepared remarks, you called out expectations of, I guess, shifting more revenue coming from the channel. Can you give us some additional color on what you're seeing with your channel partners and sort of how this is progressing following the hiring of Dino?

S
Sumedh Thakar
executive

Yes. We're pretty happy with Dino having come on board. We also hired in Q4 in an SVP of channels, who's really working closely with us. And so as we are looking into 2024, encouraged by the mix that we are seeing with partner versus direct, we're going to continue in 2024 to invest with our partners. There's the next phase of our partner program that we are planning to roll out in a couple of months as well. And as you see some of these additional partnerships that we are making, whether it's with Orange CyberDefense or Kudelski taking on our additional solution like patch management, also as part of that, to take it to market. So we're also investing in hiring some partner-focused marketing as well as partner-focused product management roles internally as well. And overall, encouraged by the conversations we're having with our partners and seeing sort of the contribution that they are making. We have a good comprehensive plan this year to invest with our partner ecosystem, including focusing really on net global generation and working with our partners to help kind of generate that pipeline for us and work with them on most of our net new locals.

D
Daniel Park
analyst

And just as a quick follow-up, maybe for Joo Mi. How should we sort of think about the potential timing for the increased sales and marketing investments. Should we anticipate maybe the step-up in cost to be more back-end loaded or kind of just progress throughout the year evenly?

J
Joo Mi Kim
executive

I think what you could assume is progress evenly throughout the entire year, but it will be more heavier in the second half than the first half.

Operator

Our next question comes from the line of Brian Colley from Stephens.

B
Brian Colley
analyst

So could you talk about what your win rates look like in the CNAPP space today, kind of what you view as your biggest competitive differentiation in that space, whether or not you see CNAPP is becoming a source of new lands rather than just landing with VMDR in the future?

S
Sumedh Thakar
executive

Great question. With our CNAPP solution with Total Cloud, the -- I think the biggest differentiator that we see right now is that cloud is not the only infrastructure that customers deploy. And so while they are a cloud-only security solutions, they do not give them the full perspective of the risk that these cloud environments have. As an example, if a cloud environment access is on a laptop of a particular admin employee, and that laptop has certain vulnerabilities and risk configuration that can lead to a compromise that can then lead to compromise in the cloud.

And so today, with our early -- it's too early right now in terms of calling out win rates, et cetera because we just recently launched it, and now we've released additional updates to that. But what we do see is that customers really want to see that comprehensive view of their risk, not just in cloud environments, but across different environments and our ability to tie the different components of cloud and non-cloud together to give them a more holistic risk score is really something that they are excited about. And now sort of uniquely introducing this concept of SSPM which is SaaS Portion Management as part of our cloud security solution is also very interesting because if you recently saw, the SEC requires that [ CSAM ] should also responsible for data hosted in cloud environment. And so it becomes more important that when you look at cloud security holistically, it is not just about your own public cloud environment, but also being able to look at your SaaS providers configuration where you are storing all of your data. And so with that, we're pretty excited to have a more comprehensive solution, which we believe compared to the cloud security, cloud security only solutions out there.

And also what we are seeing very early on right now, it's still really small numbers, but we are seeing net new logos coming because of the interest in cloud security solution or first-time buyers directly coming in and buying the total cloud solution from us, not just the VMDR solution. And so that's definitely encouraging. And that's kind of where I look forward this year to invest more in our cloud security and looking to generate more opportunities and pipeline to say, look, you can go and look at a cloud security only solution, which gives you only a small view or look at a more comprehensive solution like Qualys, which does cloud and non-cloud on-prem, all kinds of different assets together in one view.

B
Brian Colley
analyst

One for Joo Mi. I'm curious what your expectations are for gross margins in 2024. And also just longer term, if you kind of view -- or really just beyond 2024, if you view low 40s as kind of the new normal for EBITDA margins or if you see other opportunities for leverage in the model to maybe start re-expanding margins again beyond this year.

J
Joo Mi Kim
executive

Yes. In terms of the EBITDA margin, what we said before was we -- I mean if you take a look at our 2023 EBITDA margin was up 47%. So it was clear to us that, obviously, there's room for us to reinvest back into the business in light of the changes that we're going through right now and opportunities ahead. For 2024, we believe that this is an appropriate guide as we continue to ramp the investment in sales and marketing and catch up on some of the investments that we had planned earlier in 2023.

Longer term, I think it's a little too difficult to say because if we think that there's really an opportunity where there is a high ROI in an investment area, we think that it would make sense for us to trade more of that margin with the growth, but that model would have to work out for us to really change our [ new ] and reset our targets.

Operator

Our next question comes from the line of Trevor Walsh from Citizens JMP Securities.

T
Trevor Walsh
analyst

Sumedh, maybe just a couple for you. on a real high level, what are you seeing from a budget perspective as we're kind of starting out 2024, just broadly within security? And then I can have -- just depending on how you answer I have a follow-up around VMDR, if I can.

S
Sumedh Thakar
executive

Can I get the second part of the question?

T
Trevor Walsh
analyst

So the second part, just based on what you're seeing with budgets, curious just you provide good visibility around the VMDR penetration rate in your investor deck. I'm just wondering, you had 56% kind of for this past quarter and it kind of trended, I think, in a fairly kind of even [ fuel ] throughout the year last year. I guess, what's the internal view of what's good and kind of where are you striving for? And if are there limitations to that expectation, is it around -- to the first part of the question, is it more budget constrained or is it more competitive type of things coming into play? Just like how those sort of push and pull together, if that makes sense.

S
Sumedh Thakar
executive

So yes, we are really not seeing a big change in terms of sort of the budget or the amount of time it is taking for customers to do a POC or even after they do a POC and the timing of when they will actually make a purchase or the size of the purchase compared to the initial start of the POC, et cetera. Really not seeing much of a difference.

I think Q4, we saw a couple of customers who are actually able to close the projects that they have started with us for a while and be able to close the deal, not necessarily translating that into '24 as being any major investment -- increase in the cybersecurity investment. I think there's a little bit more sense of stability in the sense that they sort of have an idea now this is kind of where I land and more optimistic that their budget will not be taken away in the middle of the year that happened with some of the customers. And so I think there is no clear change in direction in the way I see from what we have seen in the last few quarters. I think it's continuing like that. We just focus on improving our execution, being able to listen to the customer better, size our POCs the right way and close the right size of the deals.

In terms of VMDR, I think VMDR penetration, we are very happy with where it is. It is kind of reached a point where we will see a continued sort of incremental growth. But now our focus really is on how do we -- as you saw, we talk a lot about Cybersecurity asset management, patch management, our focus is those customers now who have VMDR and they have the agent deployed. How can we leverage those deployments and work with those customers for additional upsells on agent-based solutions? And that's why I'm super excited about this ability that we introduced where and any existing Qualys Cloud Agent can immediately be turned into a listener on the network to find any additional devices that are communicating that are not part of the Qualys inventory. And so now a customer has immediate access. And with that, they can now leverage that agent to find new assets they did not know about and immediately add that into the Qualys subscription so that they can sort of grow the number of assets that are brought into the Qualys umbrella, so to say.

And so we continue to really focus on innovating around CNAPP Patch Management, et cetera, to those VMDR customers while we expect VMDR penetration to sort of continue to have this sort of slow space, and we continue to work with those customers and opportunities that are coming for us to convert sort of legacy VM-only customers into VMDR customers are always encouraging for us.

Operator

Our next question comes from the line of Yun Kim from Loop Capital Markets.

Y
Yun Suk Kim
analyst

Sumedh, just like you said, VMDR adoption has been steady. Cloud Agent deployment seems to be steady here over the past several quarters. You have patch management, cybersecurity management solution consistently doing well. I know you have a guidance for the year, but I am assuming you are hoping to do better. Do you feel that the incremental sales and marketing investments and new go-to-market motion could drive that upside to your guide? Or do you feel that you need another new killer product to jump start the growth?

S
Sumedh Thakar
executive

I'm seeing no lack of products at Qualys, right? So we continue to innovate and work with our customers and make sure that we align our go-to-market with that. And so look, I think Cybersecurity asset management, Patch Management are continuing to do well over multiple quarters, pretty excited about the opportunity that we are generating with Total Cloud and our CNAPP solution there and response that we are getting with customers' ability to display some of the large cloud-only vendors that are out there. So that's an area that this year, I'm looking forward to do more investments in marketing, et cetera, so we can generate more opportunities to -- from that upside perspective.

But also, as I mentioned, we launched the TruRisk platform at the end of last year at our QSC. And so that product is actually now going beyond just Qualys. And so not only is it is going to help us focus on getting our customers to look at getting multiple modules from Qualys in one go just because they get a unified view of their entire risk score in one rather than having to go module by module. But also the ability that we're going to add to ingest third-party data from multiple other sources like competing VM solutions, cloud security solutions as well as code scanning solutions, et cetera, which means that, that gives us additional opportunity to ingest data and charge the customer for taking the data that they have from other solutions and then adding additional analytical and meaningful value from a business context to that.

And so TruRisk platform, we're super excited about that as we continue to launch that through the rest of the year, and that's an area that I'm looking forward to next year to really be something that we will get more and more of our customers adopting to that because at the end of the day, the CSOs are really saying like all this like finding [ counts ] and dashboards are fine, but I'm not able to articulate to my Board and my executives and my CFO, what the risk is, I'm not able to articulate how much money I'm willing to spend to bring that risk down. And so I think you talk about things on a nuclear product and I think TruRisk enterprise platform. I'm super excited about that.

Y
Yun Suk Kim
analyst

On Azure and hyperscalers in general, are you getting increasing traction with your marketplace or app store offerings?

S
Sumedh Thakar
executive

On the Azure marketplace, I mean, look, we have the BYOL is one, and that is -- we already have a lot of enterprise customers who leverage Qualys directly in Azure that don't go through the marketplace. Like we have millions of agents today running in Azure that are through our enterprise customers already. And so I think the BYOL is one channel for us potentially now to get customers coming to us. But other than that, a good amount of our enterprise customers are using Azure already coming to us because they are looking for a more holistic solution that goes across multiple clouds, on-prem platforms, laptops, et cetera. So we'll continue to see how that channel evolves more, but it's too early to say right now.

Y
Yun Suk Kim
analyst

And then Joo Mi, real quick, any insight into any ASP trend in the quarter? And how do you see that metric trending this year?

J
Joo Mi Kim
executive

The average deal side is growing by double digits, and so we kind of expect it to continue to 2024.

Operator

Our next question comes from the line of Dan Bergstrom from RBC Capital Markets.

D
Dan Bergstrom
analyst

It's Dan Bergstrom for Matt Hedberg. So you called out a couple of Fortune 500 wins in the prepared remarks and looking at the earnings materials, it looks like you've had some nice incremental adoption in that Fortune 500, the Global 2000 over 2023. I guess following a couple of years of kind of more consistent penetration, maybe can you help us with what drove that incremental traction at the upper end of the market? Was it a product? Partners? Reach?

S
Sumedh Thakar
executive

I think it's a combination of all, but I would say that Qualys generally does really well on the enterprise side in terms of solving complex problems. And so as our Cybersecurity Asset Management product has matured, patch management has matured, our customers [ seeing ] -- there was a hesitation at the beginning to say, well, the VM buyers going to buy patch management from a VM vendor, right? So there was a lot of pushback at the beginning. But now seeing that 55 million patches have been deployed by Qualys agents in the last 12 months, I think that adoption and customers really having those conversations with each other and seeing the outcome of that is definitely helping sort of drive that focus on these additional modules and additional upsell.

As you saw, I talked about a couple of our partners have started now to actually provide patch management as a service based on the Qualys patching in addition to the VMDR right? So now -- and we already have a couple of smaller partners that we're doing that is on [indiscernible] Orange and Kudelski starting to do that is those partners are also helping us have these conversations with the customers because sometimes the partner has a better access to the IT team than we do directly from the security. So having these partners starting to adopt patch management also very exciting because now they are actually taking Patch Management to these customers and helping push that. And so I think it's a combination of sort of helping overcome the silos of IT and security, showing the success that we have had and then our partners really taking us out there and multiple of our customers at our user conference and QSC, including GE and others talked about how they are actually successful with our Patch Management solution and our Cybersecurity Asset management solution with [ external ex surface ].

So I think it's a combination of all these multiple things, and that's kind of one of the reasons that I'm looking forward to make this as a year where we invest more while -- and we are in a good place with the ability for us to grow our sales and marketing head count when a lot of others are having to risk and reduce their sales marketing expense. So I'm excited, and I think that's kind of where we're looking to see how we can make an impact from those investments this year.

Operator

Our next question comes from the line of [ Aiden Perry ] from Piper Sandler.

U
Unknown Analyst

This is [ Aiden ] on for Rob Owens. I just wanted to ask if you could touch upon the comments made with the sales mix geographically. Can you elaborate on the comments made to keep the U.S. and foreign sales mix around 60-40 and the thought process on foreign investments in the future?

J
Joo Mi Kim
executive

Yes. The way we're thinking about it is we have a huge opportunity because we have a large target addressable market. And for us, Majority of our growth will be driven by our platform play, where if you talk about the patch management, CSAM, Total Cloud, all these products are relatively new to Qualys. And this is where we think that we could -- we have a huge opportunity across all different regions. So we do plan on investing not only in Americas but also internationally as well. So we expect the growth to kind of continue as is.

If you take a look at the prior years, there have been some periods where the outside international revenue growth would be faster than the U.S. and vice versa. And so that's why we gave the guidance. We expect it to be approximately similar 60-40 going forward based on our investment plan for 2024

Operator

Our next question comes from the line of Shrenik Kothari from Baird.

S
Shrenik Kothari
analyst

Sumedh, you highlighted the TruRisk platform and how it's aligning with the customer priorities under these tighter budgets with the CSOs getting to monitor the ROI. So of course, the early feedback you said is pretty positive and kind of underscores the platform's potential. Now you mentioned about capitalizing the rolling up of multiple modules. But there are others out there who have started kind of monetizing or at least planning to monetize such kind of high-level dashboard that's as kind of stand-alone payment SKUs given the demand potential in strength. Is that a model that you are considering or potentially can consider? So that's -- I have one quick follow-up as well.

S
Sumedh Thakar
executive

You mean other solutions that are integrating different capabilities together, stand alone solutions?

S
Shrenik Kothari
analyst

Yes. And the dashboard in itself becoming a kind of monetizable standalone SKU at some point?

S
Sumedh Thakar
executive

I see what you're saying. Yes. So I don't -- I think we're still early in the game to have a specific pricing model that we have released. We are working with our customers to understand that. But see, the advantage that I see over sort of stand-alone dashboard consolidating product is first is the customers already have Qualys. So instead of handling Qualys and then buying another solution to pull data from Qualys and other solutions into that the dashboarding solution itself is operational challenge for them.

The second thing is that none of those solutions actually do elimination or help into getting the customer to fix those issues that they find directly onto the platform. And so today, our focus is not necessarily on monetization of the dashboard itself, but it is about if you get that particular dashboard, are you more inclined to say, I'm just -- I don't want to get five different point solutions and build a dashboard myself. I would rather just buy five modules from Qualys and then the dashboard already providing you. So the dashboard in fact, becomes the enabler for you to try to get these additional modules from Qualys. And then the upsell from there becomes that, oh, I can also help you fix this by leveraging patch management and mitigation.

And the TruRisk element that we talked about is also very exciting because patching sometimes have some resistance because people don't want to deploy a whole patch, but now with TruRisk [ eliminate ] we are providing other mitigation options that the customer will be able to deploy that do not require a patch to be deployed. They can actually make them fit changes to Qualys and fix some of the things on the asset itself especially in a zero day. So the idea there is really about the platform being an organically developed single platform. And so the dashboard is what unifies everything together. But the unified dashboard is the reason why you would consolidate multiple modules rather than getting 5 different products from 5 different vendors and trying to do it yourself with a sixth vendor.

S
Shrenik Kothari
analyst

And just very quickly, a follow-up for Joo Mi. So you mentioned about the channel partners compared to direct sales. Again, the channel product growth is going to -- far outpacing the direct sales, 16% with a 6%. So can you kind of provide some color around kind of how is that being factored into the overall margin trajectory and margin guidance for the year? And is that the right assumption? Or you guys are essentially consuming a different mix to end the year with? Sorry if somebody already asked the questions.

J
Joo Mi Kim
executive

Yes, no problem. So it's already factored in. And what's really interesting for us is, and this is something that we have mentioned at the beginning when we started to really think about how to better our partnership with different channel partners. If you take a look at our mix, right, channel partners used to make up like approximately 40% of our revenues, and that's trended up to 40%, 41%, 42% and ending the year 2023 was 43%. It really didn't have much of an impact on our gross margin. And if you take a look at our EBITDA margin as well, you can kind of see it had -- it's not really tied to the percentage increase from the partner mix going from 40% to currently sitting at 43% for the total year 2023. And that's why we think that it will slowly continue to step up with it being 44% for Q4, maybe a percentage or two, we don't think that it will be a meaningful impact to our margins.

Operator

Our next question comes from the line of Brian Essex from JPMorgan.

B
Brian Essex
analyst

I guess, Sumedh, the question for me is basically set around SecOps and cloud security. I mean the two segments that are -- we're seeing quite a lot of demand for and growth across the industry. So I guess the question is with your -- what seems to be an approach of landing with a Cloud Agent based risk management strategy and then expanding into what seems to be some pretty robust features and functionality in those emerging segments, any focus on shifting the strategy to lead with SecOps with cloud security and then cross-selling risk management? And just kind of wondering if there's a way to adjust the strategy to capture some of that demand as opposed to leading with risk management. And then maybe a part B, particularly on cloud security, any headwinds there if that might be a bit of a different sale than the overall risk management platform?

S
Sumedh Thakar
executive

Great question. So that's what I mentioned that we are quite pleased, again, with smaller numbers, but in the last couple of quarters to see that net new business is coming to us with interest in cloud security. And to the question that you asked, we're finding that our -- we have a fairly robust solution now. It's not just the cloud agents. We have [ CSPM ] built in, we have now acquired Blue Hexagon, which gives us some Malware capability as well. And so we're finding that our sellers are actually a lot comfortable with pitching and providing the POCs for the cloud security solution as well even in our SME, SMB segment where there is kind of a smaller POC cycle, et cetera.

So that's encouraging for us. And so that's the reason why, like I said, this year, we are looking at part of our sales marketing investment is to do cloud security specific demand gen to bring people who are looking for cloud security directly to us and not just the VMDR piece. And so those who are looking for cloud security, then we can say, look, a lot of these top big vendors that have cloud security-only solutions, those customers that, in anyway, end up using Qualys Cloud Agent in the cloud for a much better comprehensive vulnerability management. And so then they have two consoles and they have to [ leave ] all of those together. And so with us kind of providing a package all in one solution and providing a single view of the risk on the normally cloud environment, but in the non-cloud environment, that is an area where we're looking, we're continuing to work with our team on GTM, enablement from a sales enablement perspective and with our launch of [ Cloud 2.0 ] today, providing SaaS capability, which is a big differentiator where any CSO is concerned about the O365 configuration and really -- but does not have a good way to see that today. And so without our solution, we combine that into a single risk view as well to say. Or maybe your S3 bucket is fine, but your user in O365 MFA is disabled and that same user has access to the cloud bucket. And so now you have a risk.

So we are encouraged to see the early adoption of total cloud for net new customers, and we do right now believe that investing in demand gen for cloud-specific demand will be something that we will be doing as part of our '24 strategy.

B
Brian Essex
analyst

And maybe a quick follow-up for maybe for Joo Mi. Any thoughts on providing maybe some metrics so we can track some of these emerging segments outside of the core, I guess, VMDR based risk management suite, whether it's DR, DR or the cloud security, maybe like a percentage of net new business attributable to the emerging segments? Just to get a sense of traction.

J
Joo Mi Kim
executive

Yes. That's a good point. We'll think about it internally and as we always do, to make sure that we disclose relevant metrics to provide more clarity and guidance.

Operator

Our next question comes from the line of Hamza Fodderwala from Morgan Stanley.

H
Hamza Fodderwala
analyst

I just had one clarification around the Microsoft relationship. I understand they're a partner as well as a customer on the customer front. Any comment there around just Microsoft commitment to quality as a customer going forward?

S
Sumedh Thakar
executive

We have a really good relationship with Microsoft. They are a partner with us. They internally used Qualys. I think those are two completely different teams, and they have different goals and the team that is working on the [ different ] piece is they're looking at their solution. The internal team is looking to make sure that they get the best solution out there, and they have very good relationship with us. We continue to work with them. And so at this point, the combined sort of with Azure, the partner piece as well as their internal usage of Qualys within the low single digits as a percentage of revenue. And so while we continue to look at opportunity to expand with them. At this point, there is really no change from what we have seen or heard.

Operator

Thank you. At this time, there are no further questions. This concludes today's conference call. Thank you for participating. You may now disconnect Goodbye.