QLYS

Ladies and gentlemen, thank you for standing by. Welcome to Qualys' first quarter 2026 investor call. At this time, all participants are on a listen-only mode. After the speaker's presentation, there will be a question and answer session. To ask a question during the session, you would need to press star one one on your telephone, and you will then hear an automated message advising your hand is raised. To withdraw your question, please press star one one again. Please be advised that today's conference is being recorded. I would like now to turn the conference over to Blair King, VP, Investor Relations. Please go ahead.

Thanks, Michelle. Good afternoon, and welcome to Qualys' first quarter 2026 earnings call. Joining me today to discuss our results are Sumedh Thakar, our President and CEO, and Joo Mi Kim, our CFO. Before we get started, I would like to remind you that our remarks today will include forward-looking statements that generally relate to product capabilities, future events, or future financial or operating performance. Actual results may materially differ from these statements, and factors that could cause results to differ materially are set forth in today's press release and our filings with the SEC, including our latest Form 10-Q and 10-K. Any forward-looking statements that we make on this call are based on assumptions as of today, and we undertake no obligation to update these statements as a result of new information or future events.

During this call, we will present both GAAP and non-GAAP financial measures. A reconciliation of GAAP to non-GAAP measures is included in today's earnings press release. As a reminder, the press release, prepared remarks, and investor presentation are all available on the Investor Relations section of our website. With that, I'd like to now turn the call over to Sumedh.

Thanks, Blair, and welcome to our first quarter earnings call. I'm pleased to report we delivered another quarter of strong revenue growth and profitability. With the accelerated progress of new frontier models discovering vulnerabilities and writing exploits autonomously, the number of detections is going to go up significantly while the exploit window is going to shrink dramatically. The need for organizations to know their true risk to effectively prioritize and auto-remediate riskiest vulnerabilities in less than one day has never been greater. This is why we innovated with the ETM Enterprise TruRisk Management platform, which implements an Artificial Intelligence-native Risk Operations Center risk operations center so customers can get their risks remediated instead of relying on dashboard tourism with siloed products that increase their exposure.

Given our number one rating in the GigaOm Patch Management Radar with over 150 million patches deployed and over 40 million of these delivered autonomously in the last year with a Six Sigma accuracy, organizations are turning to Qualys as a trusted solution to help them move from current broken manual remediation processes to high-impact, low-risk, autonomous remediation workloads at scale that go beyond Patch Management. That's exactly where we are focused. With exploitable vulnerability volume surging 6.5x and the average time to exploit collapsing to under a day as adversaries weaponize vulnerabilities before patches even exist, security teams focused on theoretical exposure are overwhelmed. Just finding more and more vulnerabilities doesn't equal risk. Real risk is determined by whether an adversary can successfully execute an exploit path in an organization's live environment.

That's why I'm pleased to report that our most recent addition to our Agentic AI marketplace, Agent Val, is now generally available. Powered by TruConfirm within our Enterprise TruRisk Management solution, Agent Val delivers closed-loop exploit validation and autonomous remediation directly to the ROC. Using autonomous exploit validation at scale, we remove the guesswork for customers by running safe exploits over the network to confirm whether attackers will succeed in their breach attempts while enabling security and IT teams to focus on the less than 1% of threats actually exploitable in their production environments.

In doing so, we have closed the gap between theoretical and actual exposure and believe set a new adoption standard in the industry. While traditional Continuous Threat Exposure Management solutions take days to pull scan telemetry from scanning tools and rely on theoretical risk scores, ignoring mitigating security controls, ETM and its Agentic AI workforce takes a fundamentally different approach.

Inside a continuously functioning loop, it detects vulnerabilities, validates exploit, quantifies real risk, automates remediation, and revalidates the exploit. Optimized and integrated with leading Large Language Models and Small Language Models, this end-to-end approach empowers organizations to be laser-focused on prioritizing only exploitable threats for the next logical step, which is autonomous remediation, leveraging Agent Sarah and TruRisk Eliminate. Underpinning our TruRisk Eliminate solution is our new AI-powered patch reliability score, a model trained in our own proprietary data set of hundreds of millions of deployed patches, which predicts patch-induced outages before they happen, giving customers the confidence to deploy with certainty or pause with purpose while setting a new standard for predictive, operationally aware patch management.

With an umbrella of remediation solutions, including patching and other compensating controls with less than a tenth of a percent rollback rate, the AI-native ROC accelerates, streamlines, and democratizes security outcomes while transforming from "We think" to "We know" to "It's been fixed" at machine speed. In the context of the newest frontier AI models giving attackers the ability to soon discover and divulge of zero-day vulnerabilities, generate exploits in near real-time, and develop autonomous attack agents unlike anything the industry has seen, the feedback to our get-it-fixed-in-hours approach from many of the Chief Information Security Officer I met at our recent Risk Operations Conference EMEA event in London has been very positive.

They shared their excitement about the rapid pace of new capabilities we are delivering, their deployment agendas, and their ability to now autonomously monitor, measure, and confidently remediate actual risk in multi-vendor environment in an era where just generating visibility dashboards is increasingly unacceptable. Our industry-leading capabilities are gaining broader recognition among our customers, partners, and third-party analysts. Specifically, our TotalCloud solution was recognized as a leader in Cloud-Native Application Protection Platform in the Q1 2026 Forrester Wave report and subsequently won the 2026 SC Award for the Best Cloud Security Management Solution. Both underscore our capabilities in delivering unified visibility with real-time detection and response at runtime across hybrid environments. It was also positioned as a leader in a 2026 GigaOm Radar report for cloud identity and entitlement management.

Following our dual Pwnie Awards late last year, our Threat Research Unit, TRU, has again demonstrated its impact with the discovery of CrackArmor, uncovering critical AppArmor vulnerabilities that can lead to root-level compromise and container escape across millions of Linux systems worldwide. This, alongside with our recently released research on the broken physics of remediation, further demonstrates Qualys' commitment to fortify security operations and raising the bar on adversaries.

The net result is that we have distinctly unified CTEM, exploit validation, cyber risk quantification, and remediation into a single AI-driven risk fabric that continuously senses, alerts, reasons, and acts across hybrid environments. Armed with these capabilities and growing ROC momentum that will soon autonomously trigger IT Service Management workflows, we remain laser-focused on accelerating ETM adoption throughout our Vulnerability Management, Detection and Response customer base and positioning Qualys for larger upsell opportunities over time.

Turning to our business update, we have established a long history of converting operational challenges into strong competitive advantages, demonstrated by customer spending $500,000 or more, growing 9% from a year ago to 2021 To 2,221. That's why one of my favorite wins in Q1 was with an existing global 1,500 customer. Despite strong foundational visibility, their team struggled to operationalize risk reduction across a growing mix of on-premises and multi-cloud environment, siloed tools, fragmented telemetry, a growing population of LLMs, and millions of vulnerabilities with limited business context. This customer recognized that traditional severity-based prioritization methods were not long were no longer sufficient and launched a strategic initiative to unify risk signals across their environment and operationalize the ROC.

Leveraging AI for security and security for AI, they expanded their Qualys footprint by adopting ETM and TotalAI in a mid six-figure annual upsell. By consolidating disparate signals into the Qualys platform, this customer now has a unified orchestration layer that delivers end-to-end visibility across their attack surface, including deep scans on their assets across binaries, open source libraries, and dependencies with centralized risk quantification, prioritized remediation workflows, and measurable outcomes aligned with business risk tolerance. This win reflects broader ETM momentum as more and more customers turn to Qualys for evidence-based exploit validation and remediation while benefiting from the efficiency and scale of AI-native ROC automation. Partners remain a key pillar for our growth agenda.

In addition to a growing list of nearly two dozen certified mROC partners beginning to actively launch new services, we are seeing momentum build across all geographic theaters with a strong focus on AI-native ROC. For example, one of our largest Managed Risk Operations Center partners is now in the process of bringing a Managed Security Operations Centers-ready AI-native ROC to market powered by our ETM and automated remediation solutions. Through our strategic alliances initiatives, we continue to drive deep technology integrations, co-selling opportunities, and demand generation programs. To drive innovation in security research through the latest frontier models, we have partnered with OpenAI in their Trusted Access for Cyber program and Anthropic in their Cyber Verification Program to advance our vulnerability and threat intelligence and allow customers to ingest these findings into ETM for further detection and remediation.

On the cyber insurance side, we are also pleased to announce a new strategic partnership with Converge Insurance, leveraging the Qualys ETM solution to help their customers demonstrate strong security hygiene and qualify for meaningful premium reduction, advancing our vision of tying cybersecurity to business outcome for CISOs. Further supporting our growth trajectory in Q1, we continued to expand beta testing of QFlex, designed to help customers accelerate and broaden their adoption of the Qualys and ETM platform. Based on strong early engagement and positive feedback, we plan to build on this momentum by proactively identifying opportunities to extend QFlex to select customers and partners with a go-live date planned for later this year.

Finally, as the federal government seeks to garnish greater efficiency and replace outdated and costly on-premise deployments from years past with modern cloud native risk management solutions, we are especially excited to host our third annual federal conference in Washington, D.C., towards the end of this month. We have made good progress growing our federal business and advancing our FedRAMP high status with large federal agencies, and we continue to believe this market will fuel a new leg of growth for the company over time. In summary, we are pioneering a new category in pre-breach risk management by bringing autonomous exploit validation, risk quantification, and zero-day remediation together within a single AI-driven risk fabric that redefines how enterprises operationalize cyber risk.

Complementing frontier model discovered vulnerabilities, our platform leverages proprietary domain data, real-time telemetry, and deep operational context using sensors and agents behind the firewalls to continuously discover assets, validate exposures, quantify risk, remediate threats, and enforce company-specific policies which are unavailable in the public domain. This is driven by over two decades of processing petabytes of structured telemetry combined with industry-leading threat intelligence in a closed-loop system that compounds across thousands of customer environment every day. Frontier models are powerful and accelerate attack path analysis and triage. However, they need to be paired with a highly reliable control plane to consistently enforce accurate policy and compliance outcomes across live hybrid environments. This is where the unique value proposition for Qualys customers lives, and it requires deterministic, auditable, repeatable, and trusted execution with effectively zero tolerance for error.

With attacks moving at machine speed and increasingly requiring defenses that learn and respond in real time, closed-loop agent-to-agent orchestration, governed by policy and harnessed by flexible model choice, act as a force multiplier, further enabling precise risk quantification, safe remediation, and even faster and more deterministic outcomes at scale. For Qualys, this means our massive data context, LLM and SLM integration, and trusted execution serve as the system of record for pre-breach cyber risk management and translate AI into a patch automation platform that delivers customers measurable risk reduction, zero-day remediation, governed outcomes, and immediate ROI. I will turn the call over to Joo Mi to further discuss our first quarter results and outlook for the second quarter and full year 2026.

Thanks, Sumedh, good afternoon. Before I start, I'd like to note that except for revenue, all financial figures are non-GAAP and growth rates are based on comparisons to the prior year period, unless stated otherwise. Turning to first quarter results, revenues grew 10% to $175.6 million. The channel continued to increase its contribution, making up 52% of total revenues, compared to 49% a year ago. Revenues from channel partners grew 17%, outpacing direct, which grew 3%. As a result of our strategic emphasis on leveraging our partner ecosystem to drive growth, we expect this trend to continue. By geo, 15% growth outside the U.S. was ahead of our domestic business, which grew 6%. U.S. and international revenue mix was 55% and 45% respectively.

In Q1, as expected, there was no meaningful movement in our net dollar expansion rate, closing the quarter at 104%, slightly up from 103% last quarter. More importantly, we'd like to turn to a new metric that we plan to disclose going forward on a quarterly basis. Net dollar expansion rate of customers with prior year purchase of ETM or CyberSecurity Asset Management subscriptions. We believe that this metric is currently the best indicator of success of our ETM strategic initiatives. With ETM innovation having stemmed from strong customer demand, we anticipate ETM adoption to drive higher net dollar expansion rates. However, given that ETM adoption is still in its early stages, we have decided to include CSAM customers in this cohort so that the metric has more weight to it.

In addition, as a reminder, ETM is essentially an upgrade from CSAM, so we believe that this is an appropriate baseline to track and measure going forward. In Q1, the net dollar expansion rate of ETM/CSAM cohort was 107%. As more customers move into this cohort, we hope to see consistent and meaningful improvement to our overall net dollar expansion rate and thereby driving accelerated revenue growth. Moving on to product mix, our differentiated new products continue to drive growth. First, ETM/CSAM combined made up 11% of total bookings and 14% of new bookings on an LTM basis in Q1, up from last year's 8% and 9% respectively. Next, Patch Management made up 8% of total bookings and 15% of new bookings on an LTM basis in Q1.

This compares to 7% and 16% respectively in Q1 of last year. Lastly, TotalCloud made up 5% of total LTM bookings in Q1, unchanged from a year ago. We believe that these differentiated products combined will increase contribution to bookings in 2026, given our opportunity to increase market share and maximize share of wallet. Reflecting on a scalable and sustainable business model, Adjusted EBITDA for the first quarter of 2026 was $83.3 million, representing a 47% margin, same as last year. Operating expenses in Q1 increased by 8% to $67.5 million, driven by investments in sales and marketing, which grew 17%.

With this strong performance, EPS for the first quarter of 2026 was $1.95 per diluted share, and our free cash flow was $93.6 million, representing a 53% margin compared to 67% in the prior year. In Q1, we continued to invest the cash we generated from operations back into Qualys, including $1.7 million on capital expenditures and $53.9 million to repurchase 505,000 of our outstanding shares. Since commencing our share repurchase program in February of 2018, we have repurchased 11.2 million shares and returned $1.3 billion in cash to shareholders. As of the end of the quarter, we had $306.6 million remaining in our share repurchase program. With that, let us turn to guidance, starting with revenue.

For the full year 2026, we now expect revenues to be in the range of $721 million-$727 million, which represents a growth rate of 8%-9%. This compares to prior guidance of $717 million-$725 million. For the second quarter of 2026, we expect revenues to be in the range of $177.5 million-$179.5 million, representing a growth rate of 8%-9%. While we believe our approach to pre-breach cyber risk management provides some insulation amidst ongoing macro volatility, this guidance continues to assume no material change in our net dollar expansion rate, with moderate growth contribution from new business in 2026. Shifting to profitability guidance.

For the full year 2026, we expect EBITDA margin to be in the mid-40s, implying mid-10s increase in operating expenses and free cash flow margin in the low 40s. We expect full year EPS to be in the range of $7.44-$7.65, up from the prior range of $7.17-$7.45. For the second quarter of 2026, we expect EPS to be in the range of $1.73-$1.80. Our planned capital expenditures in 2026 are expected to be in the range of $8 million-$12 million and for the second quarter of 2026 in the range of $1.2 million-$3.2 million.

As the impact of the macroeconomy is still unfolding, we are closely monitoring the business environment and adjusting our priorities accordingly. That said, considering the long-term growth opportunities ahead of us and our industry-leading margins implying further room for investment, we intend to continue to responsibly align our product and marketing investments to focus on high-impact initiatives aimed at driving more pipeline, accelerating our partner program, and expanding our federal vertical. As a percentage of revenue, we expect to prioritize an increase in investments in sales and marketing with more modest increases in engineering and G&A. With that, Sumedh and I would be happy to answer any of your questions.

As a reminder, to ask a question, please press star one one on your telephone and wait for your name to be announced. To withdraw your question, please press star one one again. The first question will come from Patrick Colville with Scotiabank. Your line is open.

Thank you very much for taking my question. Sumedh and, and Joo Mi, in your prepared remarks, I mean, I think you did a really good job of conveying why, you know, risk quantification, I guess testing whether an asset is exploitable with a runtime context, the ability to kind of patch and revalidate all make Qualys at low risk of AI disruption in the enterprise. What I wanna ask though is, you know, there's a lot of hype around Anthropic, Claude Mythos, OpenAI, GPT-5.4, Cyber. Are they leading to more inbounds? If so, like, how will those inbounds and that kind of surge of interest translate into the financial model in 2026?

That's a great question. I think our customers who are in this day in and day out, they understand pretty well that this is going to lead to more disclosures of patches and vulnerabilities from multiple vendors that they use. I think the challenge is going to be more about, as I mean, on the positive side, I think these models are helping companies get better with finding these vulnerabilities themselves versus waiting for attackers to find them. It also means that they're gonna lead to more patches being announced by all multiple vendors that the customers will have to deploy. I think the challenge is going to be more that once the patches come out, attackers leveraging AI can reverse engineer those patches and find the exploits.

It really becomes a game of how quickly can you apply the patch that the vendor is giving in a matter of hours and not wait for days and weeks as it happens right now. That's where a lot of the conversations that we have had with our customers, we are seeing a lot of CISOs, like customers reaching out to understand how our patch management capability and remediation capability and exploit validation capability is really going to be helpful for them because they all need to provide an update to their board in terms of how they are going to fight against AI-induced attacks that are coming from these models getting better. The response cannot be we are going to do more manual remediation.

They need to have a response that anchors themselves in fighting autonomous AI attacks with autonomous remediation. They see us as a trusted vendor, having deployed 150 million patches already, and 40 million of those already fully autonomously deployed. A lot of those conversations are positive right now. Of course, it's in the early stage, and we need to work through to see how they take out the conversations, how they go back to their boards, to their IT teams, partner with the IT teams. Happy with the activity, but a little too early right now to talk about how the impact is going to be on the pipeline and outlook.

As Joo Mi said, we're not considering any change from where we are right now in terms of the guidance. We are happy to see the engagement that we are seeing from the inbounds that we're getting from customers trying to understand how best they can respond to this.

Very clear. Can I just, I mean, just to touch on that point. I mean, Joo Mi, you very kindly last quarter provided us a soft guidance for 7%-8% current billings growth in 2026. Is the point you were trying to make in the prepared remarks that remains the case? No change to that level? Even with the, you know, strong 1Q performance and, you know, I guess the positive vibes that Sumedh was just talking to.

Yes, that's correct. I think that if you take a look at our Q1 performance, it was a solid start to the year. We're very pleased with the Q1 outlook as well as what we anticipate for the rest of the year. However, we don't see any material kind of meaningful change for the full year today. Given that, the baseline still remains a 7%-8% for the current billings for the full year.

All right. Thank you so much.

Thank you. Our next question will come from Roger Boyd with UBS. Your line's open.

Great. Thanks for taking my questions. Sumedh, it was not a strong quarter from a new customer ad perspective and particularly for 1Q, which is typically seasonally a little bit lower. Can you just talk about what's working right from a new logo perspective? Then everything you just kind of mentioned from a Patch Management remediation standpoint, to what degree is that sort of impacting the new customer conversation? Any metrics you can give around attach rate of Patch Management or TruRisk Eliminate would be great. Thanks.

Yeah. A great question. I think, you know, we kind of talked about right now where we are with Patch Management, sort of 8% of Last Twelve Months overall bookings and 15% of new bookings, right? I think, definitely good execution by the team. Focused execution is key there. If you kinda recall our what we talked about at RSA and a little bit before that, our focus on Agentic AI agents as we went into last year. I mean, if you look at today, what everybody's talking about is how can we very quickly autonomously remediate things. This is not by accident that we are here right now. We have been delivering capabilities around patching, going beyond patching, the exploit validation. Those messages have been resonating with customers.

I think this is leading to better conversations with customers as they look at, we are encouraged with the conversations we are having around ETM. I mean, the thing is, look, at the end of the day, risk measurement and risk management is gonna be critical because if the number of patches that you have to deploy explodes, you just as a company cannot just deploy all the patches. Anchoring it back to risk is very important. Eliminating the right risk and the minimum amount of risk is important. To be able to get there so you're not patching and fixing everything, creating more risk from an outage, ETM then becomes very important because ETM is the one that does the hyper prioritization. For ETM to be successful, you need high-quality detection capabilities.

I think one of the concerns that customers have brought up after these models have come out has been the question of false negatives, right? If you are using Tier 2 scanners, the time it takes to get signatures out and find the findings versus a scanner like Qualys, where we are getting signatures out multiple times a day. We are adding capabilities to detect things to reduce the false negatives is becoming very important. I think that those conversations are culminating in positive conversations for ETM, which is still early. ETM and Eliminate conversations typically, they do go hand in hand many times. I think while it's still early for ETM, we are encouraged by the conversations that we are having at this point.

Again, we have to work to continue the execution. We're happy with how Q1 went, but we're gonna continue to work on executing with the opportunity that's in front of us. Like we said, our partners are working with us closely, and we look forward to continuing to our partners bringing us additional sort of new logos and working with our existing customers with the MROC services, which can get more value for existing customers through our partners to make sure that our upsell also continues to tick up.

That's really helpful. Then maybe just a quick one for Joo Mi. On Q-Flex, you talked about kind of building out this pipeline and identifying a customer pipeline to extend that procurement model too. Can you just talk about kind of the customers that you see as a good fit for Q-Flex and any thoughts on when that kind of push could start this year? Thanks.

Yeah. Mostly, Q-Flex is targeted towards our enterprise customers who need that flexibility to potentially cover the forecast that they have anticipated for the full year. As an example, what they're looking for is, given that we continuously enhance their products and come out with newer products throughout the year, they want the comfort of having to pre-purchase or pre-commit to a higher amount that they might necessarily think that is absolutely needed for the year. We've been talking with a select group of customers that have the budget, that are willing to pre-commit to a higher credit with Qualys, with the ability to swap out different products and offerings and try out newer solutions throughout the year. We're pleased with the momentum that we have today, and we do plan to go General Availability with Q-Flex later this year.

I would quickly add to that.

Really helpful.

that this is right now with what is happening is a good example of where a Q-Flex model will be helpful for customer because we didn't have exploit validation earlier last year. Now that we have that and we have methods driving more focus on patching, Q-Flex customers through the year will have more flexibility in being able to use those credits to suddenly pivot towards patching more because there is a particular event that has come up and not have to sort of keep going back from a procurement perspective. Like Joo Mi said, exciting early conversations with these large customers, and we look forward to working through with them this year and then getting towards the GA by the end of the year.

Makes a lot of sense. Thank you both.

Thank you. The next question will come from Kingsley Crane with Canaccord Genuity. Your line's open.

Hi, thanks for taking the question. Sumedh, I guess just to start off, I'm kind of curious how important is access to something like Mythos Preview just for your business at all? Just in general, you know, talking about the growing marketplace of Agentic AI solutions, you know, we've seen a pretty significant jump recently even with just models like Opus 4.7. What is the future of that type of integration with agents for the platform and, like, how relevant is inference as a line item for Qualys, you know, if you look, like, three years out? Thanks.

That's a great question. I think it's less about a particular model and more about the direction that these models are going, right? I think for us it is, we have been leveraging other open source models as well, and we're excited to now be part of the Trusted Access for Cyber program from OpenAI, which gives us access to GPT-5.5-Cyber, which is a equivalent model for the most parts to Claude Mythos as an example and also part of the Cyber Verification Program.

Since we have really been doing a lot of exploit and vulnerability research ourselves, these type of models, whether it be these two frontier models or other open source models that have been using, in my mind are definitely something that help us do a better job of figuring out exploits that we can safely create for our customer environment, so that the customers can really test these at scale through the Qualys platform. It also helps us do a much better job at figuring out the right patches or the right mitigations. One of the key things that we have done at Qualys is really put a lot of research energy into coming up with mitigations that don't need a patch.

People worry about patches, but we reverse engineer patches to figure out maybe there are other mitigations that can be leveraged to make sure that these mitigations can help the customer deploy a compensating control on the machine without having to deploy an immediate patch, which is extremely valuable for them when they only have a few hours to make a decision on mitigating a highly exploitable vulnerability. That research is definitely, you know, what we have been doing. As the models are progressing, these partnerships definitely help us accelerate and cover more and get more options to help our customers go through that.

I see that, you know, leveraging these models, either whether it's through research or integrating with them to pull findings from these models so customers can actually take their core findings and run it through the millions of Qualys agents that they already have installed to find the actual instance of that. Whether it is overall our own Agentic AI solutions where we use different small language models, large language models to optimize the outcomes for whether it's chat, whether it's an AI Agent that is taking action. I think that is something that we look forward to continuing to partner with whether it's open source or these frontier models.

I do think that for any solution, it is going to be important to make sure that they leverage some form of AI capabilities. It's just that because we uniquely do the exploit validation and patching, we have a very interesting use case for use of these models.

That's really helpful. For Joo Mi, you know, it's great to see the continued efficiency in the business. You've talked about R&D growing a bit more modestly than sales and marketing this year. With 2% growth year-over-year, is that about what we should expect for the rest of the year? Just, like, thinking bigger picture, in such a dynamic time for the cybersecurity market, I mean, what would get you to invest more in that line item? Then understood that, you know, you're already very efficient there, operationally, so I can appreciate that. Thanks.

Yeah. Currently, what we're forecasting is OpEx growth in the mid-teens. Sales and marketing continue to grow well above the 15% mark. Last quarter, it grew by 18% year-over-year. This quarter, it's 17% year-over-year. With sales and marketing potentially ramping in the second half of the year, the rest of it that we've allocated is for the R&D for the most part. We do anticipate significant investments that we think that could be justified from a returns perspective, especially with the AI investment that we continue to make in the business. Given that, we're guiding to mid-40s EBITDA margin, which is implied by the mid-teen growth in OpEx.

Okay. Thank you.

Thank you. The next question will come from Jonathan Ho with William Blair. Your line's open.

Hi. Good afternoon. I just wanted to, you know, better understand sort of the pre-breach risk management opportunity and how maybe this changes from prior approaches and what makes, you know, maybe Qualys better positioned than other competitors to offer this solution?

Yeah, that's a great question, Jonathan. I think it's not that it changes from the prior approach from a Qualys perspective. We have been building and innovating around the EPM platform and the concept of a risk operation center the last two years, almost in preparation for something like this, where we'll see significant number of vulnerabilities coming our way, but you cannot fix everything and you cannot play vulnerability Whac-A-Mole, where you're trying to jump from one vulnerability to another. The idea of creating a risk operation center and implementing that with EPM has been to make sure that we are creating an outcome where things are fixed for the customer in a matter of hours.

I think that's an approach that's different than a CTEM solution, which is waiting for collecting data from different scanners and then creating some reasoning, but then they don't actually do the patching. They pass it off to somebody else to do the patching, which again, you know, loses time, as an example. What I think we are seeing is the opportunity here is having created sort of this end-to-end. I mean, what's interesting is if you look at our demo that we did at RSA about Agent Val. Agent Val went from finding the vulnerability, validating the exploit, applying a mitigation, and then revalidating the exploit that it is fixed in under 15 minutes. I don't know of any CTEM solution can really do that where you get an outcome of something being fixed.

With ETM, we are focused on the Cyber Risk Quantification aspect of it as well, right? Just because the vulnerability and patch count goes up significantly, customers still need to think of this in terms of the business and the budget that they've allocated, and how much of a risk to the business do these vulnerabilities carry so that they can make better decisions on prioritization. That's, again, the other aspect of our ETM solution being integrated now with a cyber insurance company, where if you have a good score on your, a good score that demonstrates you are actually doing the right cadence of fixing your vulnerabilities, you can actually get a premium reduction for your cyber insurance, which is a positive thing for your business.

ETM really has been about taking the business' quantification, the CTEM, the traditional CTEM component, but also pairing that with exploit validation and remediation, giving an end-to-end outcome. I think what we are seeing now more is the customers who have been interested in this are now feeling like this is the time that they really need to look at this more deeply because of the number of vulnerabilities that are gonna come their way.

They feel like looking at a risk operation center and ETM and the ability to maybe some of the resistance that people have had in the past against autonomous remediation or Patch Management, in the initial conversations we have had in the last couple of weeks, we're seeing a bit of a change in the way people are thinking about this as given that the threat landscape has changed. In that sense, it's a positive outcome for us to say that instead of other solutions where somebody else is scanning, somebody else is pulling the data, and somebody else is patching, the ability to go from detecting, validating, fixing and revalidating in under 15 minutes is something that is really desirable. And doing that at a Six Sigma accuracy is very desirable for our customers.

I think it's more that our platform really was innovated and designed for this, and now we're excited to see sort of these early conversations we are having with customers that are more interested in looking at this now because of the push coming from these frontier models detecting more vulnerabilities.

Excellent. Just one quick follow-up. You know, does Mythos potentially expand the number and types of assets that you would also cover, as well as maybe accelerating, you know, sort of this adoption of more products on the platform, you know, to deal with the increased complexity? Thank you.

Yeah. I think, you know, these models will be able to find vulnerabilities in any code base, right? I think that's where the comprehensive nature of the Qualys sensors, whether it is detecting, vulnerabilities on network assets, right, with, you know, like, let's say the traditional assets which have agents, on laptops and other servers, expanding that into, network assets or network-based assets like firewalls and VPN, devices or, cameras that are on the network or IoT devices. We already covered that. Of course, we also cover cloud and container security and a lot of these.

I think what we are seeing right now is that customer interest in covering as much as possible more natively so that they can get quick scan results and not have to wait for hours to pull those scan results if they can do more and more of those natively. I think given that the threat, whether your server is running on-premise or in a data center or if the server is running as a container in the cloud, the threat from a quick vulnerability exploitation coming your way is similar. You know, the conversations do lead themselves to it. In a way, the way ETM is designed, it is designed to pull data from all kinds of different capabilities, whether it's cloud or containers or others.

There is more willingness from customers to say today they are doing dashboard tourism. They have a separate dashboard for code scanning, a separate dashboard for cloud, a separate dashboard for on-premise, a separate dashboard for endpoints. If there is a way to operationalize and consolidate all of these different types of assets into more of a unified workflow where agentic AI is looking at it and making, you know, autonomous decisions by looking at the previous enterprise context and then minimizing and then executing the minimum remediations, that is really where the focus of the customers is.

I think, again, you know, how these conversations proceed will be interesting, but it does lead customers to say, "I don't have necessarily the time now to go to look at a different individual risk management dashboards when it comes to previous breach management. If there is a way for me to pull different things, normalize all of that, and quickly focus on the ones that matter the most, and then actually validate with exploits and remediate those, that is the ideal solution.

Thank you.

Thank you. Our next question is gonna come from Rudy Kessinger with D.A. Davidson. Your line's open.

Hi, guys. Great. Thanks for taking my questions. I guess I'm curious just on the ETM sales so far, are you getting that full $1 uplift on those early sales so far? Then if we think about the 107% net expansion rate with those customers, I feel a little foggy on that. You're saying that includes customers who purchased CPM in the past. I guess, does that expansion percentage include the upsell from them purchasing EPM? Or if you could just break down that number a bit further.

Yeah. It's, it's a little too early for us to comment on how much of the uplift actually is. The illustrative dollar uplift is based on more of a list price. The cohort of customers that have sub-subscriptions to EPM is too small today. Given that, what we decided to do was the number that we disclosed, 107%, that actually includes customers who purchased CSAM or EPM. The way that we calculate that number is one year ago from today, so Q1 of 2025, which customers had EPM or CSAM subscriptions. We took those customers and then the revenue that they generated in Q1 of 2025, so that would be the denominator. Took the same cohort of customers in Q1 of 2026 and looked at the revenue contribution from that group.

We calculated that %. It doesn't just include the EPM or CSAM subscription, it's the total spend spent by those customers. What we're thinking is, our hypothesis is these customers, theoretically, whether they have CSAM and then eventually later upgrade to EPM, because EPM is essentially an upgrade from CSAM, or they start to purchase EPM, these cohort of customers will help to drive the total net dollar expansion rate eventually because they see the value in it. They'll be stickier with us, they'll result in a higher upsell. That's part of the reason why we're tracking this metric internally to make sure that, one, we're successfully upgrading CSAM customers to be EPM customers, and two, is that really generating the type of upsell that we're looking for.

Got it. That's really helpful. I must have misheard it earlier on. Secondly, you know, what does sales productivity look like? How has that been trending in the last few quarters? You know, just given the increases in sales and marketing expense outpacing the revenue growth, you know, is there a lot more marketing dollars in there? Or where all is that, you know, investment going in sales and marketing?

Yeah. Majority of the increase in sales and marketing is still driven by headcount. If you take a look at our headcount growth, it was over 10% for the sales and marketing, the GTM side, last year. Part of the reason is because we do see a huge upside in the business, and because we are focused on moving the business from direct to indirect. As we work closely with the partners, we have different sales teams, whether it be a sales team focused on direct sales or a sales team focused on ETM sales or a sales team that are really focused on the channel management or relationship there. We do anticipate continued growth and continued investment in that team. As a result, the productivity is not necessarily the traditional Software as a Service view of it.

It's not exactly where we think it will be in the future. We're working on it right now. There's room for increase in efficiency. Quite not seeing it there yet, like you pointed out, especially because, you know, we do see this as a time for us to invest more versus making sure that we scale back based on the productivity metrics that we see today.

Thank you. Our next question will come from Joseph Gallo with Jefferies. Your line's open.

Hey, guys. Thanks for the question. I believe you mentioned that your guidance today reflects Net Revenue Retention kind of stays flat, but yet, you know, ETM, you know, NRR is 107 and expected to grow. I mean, how should we think about the potential timeline for acceleration of total NRR? And is there any pressures or offsets that we should think through that might keep that number flat over the next two quarters?

Yeah. Our NRR has been around the 103%, 104% range for the last couple quarters. The reason why we're still assuming for the baseline that to be the case is because ETM is still in the early stages. We don't anticipate a significant ramp in terms of the adoption of ETM that will result in the total company NRR rate to be ticking on materially this year. For this year, our baseline is that, you know, taking into consideration the macro factors that, you know, geopolitical conditions today, we do see some potential headwinds. Could be fully offset by the tailwinds, as Sumedh had mentioned earlier, with the increase in demand, given that, you know, our customers are willing to spend more with us, increase in cybersecurity risk that we can definitely help to remediate.

With that said, all in all, our guidance assumes, you know, baseline case of growth more or less in line, definitely from the current billings perspective. Revenue, we've increased slightly just because of the beat that we saw in Q1. Overall, nothing has changed from the case that we saw earlier in February.

Oh, no, that's super helpful. Thank you. Just as a follow-up, I mean, you mentioned kind of geopolitical tensions. I think you made a comment in your opening remarks about closely monitoring the business environment and adjusting priorities accordingly. Is there any way to quantify, I guess, what you're saying? Is that mostly related to the war? Is there anything in terms of customer budgets and they're prioritizing AI spend today and not necessarily cyber? I'm just kind of curious what the actual math was behind some of those comments you made on macro, and if anything has changed over the last 90 days.

Yeah, the way we're monitoring the situation is basically stemming from the conversations that we're having from our existing customers as well as new prospects. When we're discussing potentially, you know, coming over to Qualys as a new customer or increasing their spend with us, whether in quarter cycle or out of quarter cycle, there could be disruptions during that discussion. As an example, I would say that any announcements from OpenAI or Anthropic could be a disruption, as in, as we're talking through it could be a factor. Now, that could result in increase in sale from us, but it could increase the sales cycle. That's why we're taking a look at the scenario. There will be puts and takes. There will be some gains, there will be some offsetting factors.

That's why we thought that, you know, the baseline, if you model it out, the way we view it today is more or less falls in the range that we had calculated at the beginning of the year.

So far in terms of budgets, we haven't seen any real changes there from customers or any conversations directly when it comes to cyber. I think it's stayed roughly the same. As Joo Mi said, you know, just being prudent at sort of what potentially could we should look at in the future.

That's reassuring. That's good to hear. Thank you.

Thank you. The next question's going to come from Shrenik Kothari with Baird. Your line is open.

Yeah, thanks a lot for taking my question. Sumedh, in light of the frontier AI agentic explosion and now with Agent Val to more broader remediation. You also emphasized the Patchless Patching, which I remember you've been specializing in and talking about in the past. I know you talked about early customer conversations. Just, we'd really appreciate if you would maybe point to some anecdotes, some proof points how that can or is becoming a real budgeted sort of operating priorities for customers over and above typically as, you know, products customers like conceptually, just what's really changing and anything you can point to and have a quick follow.

Yeah. Like I said, I think I gave that example of, We have been having quite a few customer conversations the last few days.

You know, I had a CISO for a very large bank in Canada sort of got on the call and, you know, he's like, basically, "Look, our challenge right now is how do we get things key scanner right now, and how do we, who should we partner with for patching?" You know, when I was able to explain to them, well, you know, we already do the eliminate part, immediately he was excited about that. You know, so that he could go talk to his board that they're partnering with a solution that is gonna help them have the ability as needed to rapidly fix and patch things and not wait for the IT team's patching solution to take days and weeks to patch things.

That led to an immediate conversation of starting an immediate POC as an example, right? It's early days. That's an anecdotal example. We are seeing that pushback or resistance that we had for integrated patching and autonomous patching in the early conversations is coming with Like, where they are asking, "Hey, do you have a patching capability?

Because that's what I need to be able to explain, not that I'm finding more and scanning more, or I'm taking my scanning and I'm passing it off to some other patching solution which is taking even longer. That is an example of a good conversation that we had where a customer was quite excited to have the ability to quickly find, remediate, Quickly find, exploit, it, verify it, patch it in a matter of hours and be done so they can show that level of success rather than just finding more things. That would be an example of just something that happened two days ago.

Great. That's super helpful, Sumedh. Just, Joo Mi, a quick follow-up. Just following up to Joseph's question on NRR. Just wanted to hear your thoughts on what sort of moves the needle for sort of this next leg of growth. I mean, you know, you still appears to be guiding off sort of a base case with no real assumed NRR movement. You of course have Agent Val in GA. There's better ETM mix. There's continued strength in channel international. Can you help us understand is it mainly just prudence about the sales cycles as you mentioned, and you still need more proof points on monetization?

There's also some legacy mix drag, which is playing a role in addition to you accelerating high value attach here? Yeah.

Yeah. It's based on a historical track record of what we've been able to see. One of the reasons why we thought that this was the best metric that we could share with the investors today is because if you take a look at our historical products, whether it be CSAM or otherwise, it does take a bit of time for a newer product to take to our customers. As an example, CSAM was actually launched in 2021. If you take a look at the percentage contribution to bookings, ETM plus CSAM currently make up 11% of bookings on an LTM basis.

You can understand that how we're looking at the CSAM conversion or upgrade to ETM will likely take some time since ETM just went live, and it's been in GA for a little over a year. Given that, we're assuming that this will take time for more of our customers to adopt ETM, and that will translate to increase in spend that's meaningful enough for the total revenue growth.

Got it. Thanks a lot, Joo Mi.

Thank you. The next question will come from Brian Essex with JPMorgan. Your line's open.

Hi, good afternoon. Thank you for taking the question. I guess maybe one for you, Sumedh. On the back of, you know, the increased capabilities of foundation models in the security space, and thinking about where you're seeing vulnerabilities across the spectrum where you have, you know, operating systems, infrastructure, both package as well as custom applications and then Operational Technology environments. The spectrum of fixability, if you will, across those different types of areas is can be materially different. Particularly, you know, for like hardware, some of it can't be patched, it might have to be replaced. Custom apps that have to be maybe need to be refactored. From your experience and what you're seeing from the foundation model companies, where is their expertise best placed for vulnerability discovery and potential exploitation?

How does that change the risk profile of your customers and how they may utilize your platform to mitigate those risks?

Yeah, great question. I think helping software developers find more vulnerabilities in their code is definitely one of the key things there that these models bring and which will definitely lead to more disclosure. In theory, right, you could say that, well, if all software developers are able to find these vulnerabilities using the models, then you kinda don't necessarily have a zero-day problem because all these software developers will find them the code themselves before the attackers do, and they will create patches, right? Then, you know, customers just have to focus on applying those patches. I think the other capability the frontier models are doing well is the ability to chain low-level vulnerability exploits that maybe have a lower CVSS score and the customer might not have fixed those.

in the past because their score was low, but being able to chain a few of those to create an exploit. That's where the advantage of the TruRisk platform is very solid because our TruRisk scoring, and we have demonstrated this multiple times, that we are actually scoring low-level Common Vulnerability Scoring System vulnerabilities as very high, about 40 days before they get added into CISA Known Exploited Vulnerabilities, as an example. Having the customers have that intelligence that we are bringing and to their environment to say, "Look, this is a low-level vulnerability, but it is prone to be used in an attack," and making sure that that is mitigated becomes important. The third piece of what you mentioned is I think it's perfectly fine to say that I'm not gonna patch this because my risk is low.

That's a very individual organization level conversation that needs to happen, which again, with ETM and the TruRisk platform, we are helping customers understand the context in their environment, understand the exploitability, and make the determination that maybe it's perfectly valid to say, "We're not gonna patch this because we have mitigating controls in place." That's where we were, again, ahead of the curve when a couple of years ago we introduced the concept of Patchless Patching, is the ability to deploy mitigations for some of these environments where, yeah, you cannot necessarily patch an OT asset immediately like you would normally do, but maybe the even the regular assets with operating systems and packages. Providing them a way to say, "Look, I think if you just delete this old DLL," which our agent can do for you.

Deleting a DLL or making a change to a registry key or something simple like that can actually prevent the exploit from running in that particular environment. That is the third piece of it, which is perfectly valid with ETM to say, "Look, less than 1% of the vulnerabilities are actually exploitable in your environment." These are the ones we don't need to fix because we validated they're not exploitable. To also be able to say, "We actually have a way to mitigate this with a compensating control without deploying a patch," makes it very interesting. In fact, one of the popular ones with our customers is we provide them the ability to see that the package that has the vulnerability is actually not being used on the asset for the last 18 months.

Uninstall is actually a better option than trying to patch it. That's why I call it the eliminate buffet, which gives customers multiple different choices because the goal is not to patch, the goal is to remediate and eliminate the risk. That's why the TruRisk Eliminate with prioritization, validation becomes so important.

Great. That's super helpful. Maybe if I could squeeze one in for Joo Mi on Q-Flex. It sounds like, you know, that the program's targeted at large enterprise customers that are already spending a meaningful amount on the platform. Is there any potential for existing customers who may be ripe for migration to ETM where you can actually accelerate that migration by, you know, offering them Q-Flex as well?

There is. We are working with customers today. We are working with a select group of customers to so that they have an option of adopting Q-Flex today. It's not stopping. It's just that we are planning to go broadly GA with it by the end of the year. We think that there is definitely a potential where that could help us to drive growth.

We do have those conversations with customers who are looking to do ETM. We start the conversation with Q-Flex, which is well-received, especially given this environment where so many new capabilities are coming, things are changing fast, and they need the flexibility. Even if you're not the largest enterprise, you still need the flexibility to be able to move things around pretty quickly. In fact, enterprises that don't necessarily have a cyber budget that is the size of the Gross Domestic Product of a small country actually have the most value many times from being able to do these kind of automations and say, like, "I don't need to fix all these things because I validated they're not relevant in my environment no matter what the frontier model says.

Right. Makes a lot of sense. Thanks. Thank you for the color.

Thank you. This is all the time that we have for questions. We want to thank you for your participation. This will conclude today's conference call, and have a good evening.

Goodbye.