Logo of jester cap with thought bubble.

Image source: The Motley Fool.

Qualys Inc (NASDAQ:QLYS)
Q2 2020 Earnings Call
Aug 10, 2020, 5:00 p.m. ET

Contents:

  • Prepared Remarks
  • Questions and Answers
  • Call Participants

Prepared Remarks:

Operator

Ladies and gentlemen, thank you for standing by, and welcome to Qualys Incorporated Second Quarter 2020 Investor Call. [Operator Instructions] I will now hand the conference over to your speaker today, Vin Rao.

Vinayak Rao -- Vice President, Corporate Development and Investor Relations

Good afternoon, and welcome to Qualys' second quarter 2020 earnings call. Joining me today to discuss the results are Philippe Courtot, our chairman and CEO' and Joo Mi Kim, our CFO.

Before we get started, I would like to remind you that our remarks today will include forward-looking statements that generally relate to future events or our future financial or operating performance. Actual results may differ materially from these statements. Factors that could cause results to differ materially are set forth in today's press release and in our filings with the SEC, including our latest Form 10-Q and 10-K. Any forward-looking statements that we make on this call are based on assumptions as of today, and we undertake no obligation to update these statements as a result of new information or future events.

During this call, we will present both GAAP and non-GAAP financial measures. A reconciliation of GAAP to non-GAAP measures is included in today's earnings press release. As a reminder, the press release, prepared remarks, investor presentation and supplemental historical financial spreadsheet are available on our website.

With that, I'd like to turn the call over to Philippe.

Philippe Courtot -- Chairman and Chief Executive Officer

Thank you, Vinayak, and welcome everyone to our Q2 earnings call. We hope that you and your families are healthy and safe. Our priority remains the health and well-being of our employees, while continuing to address and support the changing security needs of our customers. Since mid-March, we have seen at Qualys a seamless transition to a remote work environment and have continued to effectively deliver on all aspects of our business, including product development, operations and support services. The unprecedented environment with the ongoing COVID-19 pandemic has created uncertainties for individuals and organizations across the globe. As companies are experiencing a never-before-seen explosion of remote endpoints connecting to critical assets of their organizations, security of these endpoints is paramount. IT teams are responding to the challenge of ensuring that employees are able to work productively and securely from remote locations, and it is becoming eminently clear that traditional enterprise security solutions deployed inside organizations' networks are ineffective for protecting these remote endpoints. We believe that Qualys is one of the few companies well-positioned in this security market evolution due to our priority on investing in the extensibility and capabilities of our platform and our cloud-based architecture.

Upon the onset of COVID-19, we addressed the needs of our existing customers by promptly releasing a remote endpoint protection service that would help them quickly address the challenge of securing these proliferating endpoints. This service, which we are providing at no cost for 60 days, leverages the Qualys Cloud Agent and its cloud-based architecture to deliver instant and continuous visibility of remote computers as well their installed applications, obtain a real-time view of all critical vulnerabilities and misconfiguration, and remotely deploy missing patches for critical vulnerabilities. These patches are delivered securely and directly from vendor website and content delivery networks, ensuring there is little to no impact on external VPN bandwidth. In Q2, we added malware detection capabilities to the solution, and customers that were already using the service could extend their free 60-day license for an additional 30 days. Malware detection uses file reputation and threat classification to detect known malicious files on endpoints, servers and cloud workloads. In addition, this service is also now available to US federal agencies via a no-cost 60-day pilot. We currently have over 650 companies, including nearly 300 customer prospects, actively using this free offering.

This Remote Endpoint Protection service is based on the multi-function Qualys Cloud Agent, which instantly provides visibility into remote endpoints, detects vulnerabilities, manages their security hygiene proactively and patches them quickly at no cost. Our Cloud Agent is the technology platform for seven of our security, compliance and IT solutions, Vulnerability Management, Policy Compliance, File Integrity Monitoring, Indication of Compromise, Patch Management, Asset Inventory and the upcoming Certificate Management, and with more to come.

In Q2, we continued to see strong growth in our paid Cloud Agent subscriptions, with almost 43 million now, representing 81% growth from the prior year quarter. We have continued to make strong progress on our goal of achieving ubiquity for our Cloud Agents. After organizations download our Cloud Agent once, it's frictionless for them to subscribe to our paid applications because no additional infrastructure is required to expand the solution with additional products. Furthermore, this multi-product adoption naturally increases the stickiness of our platform and helps make us impenetrable to our competition. We do not offer the same -- our competitors do not offer the same breadth of solution or ease of adoption. This is demonstrated by the fact that the gross dollar retention rate of enterprise customers who have adopted five solutions or more stands at 99%.

Our Qualys Cloud Platform, combined with the capabilities of the powerful lightweight Cloud Agents, Virtual Scanners and Network Analysis, passive scanning, allowed us to create an effective and seamless vulnerability management solution that incorporates the four key elements of discovery, assessment, prioritization and Patch Management into a single application called VMDR, Vulnerability Management, Detection and Response, which went into general availability in April. This solution has been a huge success with customers and is also driving further penetration of our cloud agent. VMDR takes vulnerability management to the next level by providing the power to continuously detect vulnerabilities and misconfigurations across the entire

Global hybrid IT environment and responding in real-time to remediate assets that are vulnerable or already compromised from a single platform with built-in orchestration. Currently, 600 customers have adopted VMDR, which includes approximately 200 new customers. In fact, 8 million [Phonetic] out of our roughly 43 million paid Cloud Agents subscriptions have come from VMDR, of which 5.8 million were new agent subscriptions. VMDR has not only helped proliferate cloud agents, but also sets a foundation for further upsell of our other paid applications.

We continue to see good adoption of our free Global IT Asset and Inventory with almost 14,000 companies signed up and over 1,350 companies actively using the service. In terms of our other newer solutions, we have continued to see strong customer adoption of our Patch Management solution, both in the mid-market segment as well as at large customers. In Q2, a large IT services firm selected our Patch Management application over several competing solutions, given its ability to easily and effectively patch remote endpoints without using limited bandwidth available on VPN gateways. This quarter, we also saw robust growth again for our Container Security application with a major enterprise video communications provider that has already deployed VMDR across its infrastructure, adopting the solution. In addition, our File Integrity Monitoring, FIM, application continues to see solid momentum with a large Asian airline having selected our FIM solution over a competing point solution in order to effortlessly leverage the Qualys Cloud Agents they had already deployed for Vulnerability Management.

Now, diving deeper, we were also early to recognize the importance of capturing all of the necessary telemetry via our sensors and the Internet, while building the back-end with the scale and computing capabilities needed to handle such a large volume of data. Today, we handle more than 9 petabytes of data, indexing more than 7 trillion data points on our elastic search clusters, moving 14 billion messages a day on our Kafka bus, storing over 400 million objects in our Ceph clusters, and pumping 1 million writes per second in our Cassandra log analysis engine. As a result, our highly scalable cloud-based platform enables us to address all four new market segments, large enterprise, cloud providers, next-generation of managed security service providers and OT and IoT environments, providing a single pane of glass view across on-premise assets, endpoints, cloud and mobile environments.

Last month, we introduced our Multi-Vector EDR solution that goes well beyond the endpoint and not only allows for the reduction of false positives, but also makes it easier to automate the response and greatly reduce the response time and costs. As an app built natively on the Qualys Cloud Platform, our Multi-Vector EDR leverages its power, scale and accuracy to provide unprecedented visibility and telemetry by collecting security data from endpoints, adding context and correlating billions of global events with threat intelligence, analytics and machine learning. To strengthen our entrance into the EDR market, we acquired the software assets of Spell Security, a very innovative security start-up in India, and all security employees have joined now Qualys in Pune. The team has unique expertise in threat hunting and malware research, as well as a deep understand of multi-vector attacks. They also have threat hunting products that will be fully integrated into the Qualys Cloud Platform.

Traditional EDR solutions singularly focus on hunting and investigating endpoints' malicious activities and cyberattacks. Qualys' multi-vector approach provides critical context and full visibility into the entire attack chain by providing a faster, more automated and comprehensive response to protect against those attacks. We are delighted with the strong adoption of VMDR by both our customers

And managed security service providers and now by the interest Multi-Vector EDR is generating with them. Moving from multi -- from VMDR to Multi-Vector EDR is almost instantaneous as it only requires an update of our cloud agent, which is automatically done by our platform once the application is enabled.

We are also pleased to announce that Infosys Managed Security Services has now adopted both VMDR and Multi-Vector EDR and here is a quote from Vishal Salvi, CISO and Head of Infosys Cyber Practice: "We are pleased to partner with Qualys to deliver VMDR and Multi-Vector EDR solutions via our globally distributed network of Infosys Cyber Defense Center. The highly scalable Qualys Cloud Platform with its lightweight agent and sensors and its forthcoming incidence response capabilities provides us with all the intelligent analytics we need to effectively protect our clients and allows us to consolidate our security stack."

At Black Hat, we also discussed our upcoming Data Lake/SIEM solution that we expect to have in early beta at the end of 2020. This is an important new milestone and new opportunity for our company as current incident response solutions have become quite complex and costly, requiring organizations to use multiple vendors to collect the data needed and bring it into their SIEMs with fully contextual information. Qualys' unique advantage is that we can leverage our robust scalable backend and its array of sensors which collect, enrich, normalize and correlate trillions of data points across on-premise, endpoint, cloud, mobile and soon OT and IoT environments. On the hiring front, we are pleased to welcome back Joo Mi Kim as Chief Financial Officer of Qualys. Her extensive finance, strategic planning and investor expertise will be instrumental as we continue to expand the Qualys Cloud Platform and grow the Company. We are also delighted that Ben Carr has joined Qualys as Chief Information Security Officer. Ben is a proven information and risk executive and thought leader with more than 25 years of experience in executing long-term security strategies. At Qualys, he is responsible for providing cybersecurity guidance and security strategies to Qualys customers, leading the CIO/CISO Interchange and securing our IT infrastructure.

Finally, we are also honored to welcome John Zangardi to our Board of Directors. John has extensive experience in digital transformation and has successfully transformed the infrastructure of both the DHS and the DOD, as well as modernized their cybersecurity operations. We are grateful to gain his valuable insight and guidance as we continue to expand our cloud platform to deliver innovative security and compliance offerings.

In summary, because of the very nature of our business model, which is nearly 100% recurring and the fact that our solutions have become mission critical, we have a greater visibility than many other security companies in our industry, even in such a difficult time, not to mention our highly profitable and cash generating business model. Our product and platform achievements lay the foundation for our continued progress to enable customers to consolidate their security, IT and compliance stack, while drastically reducing their spend. And importantly, it is core to the highly profitable recurring and growing revenue model we have built.

With that, I'll turn the call over to Joo Mi to discuss our financial results and guidance for the third quarter and full fiscal 2020. Thank you.

Joo Mi Kim -- Chief Financial Officer

Thanks Philippe, and good afternoon. Before I start, I'd like to note that, except for revenue, all financial figures are non-GAAP and growth rates are based on comparisons to the prior year period, unless stated otherwise. We're delighted with our increasing Cloud Agent subscriptions and multi-product penetration, as well as the strong adoption of VMDR, which lays the foundation for future revenue growth and industry-leading profitability. Our Q2 financial and operational highlights include: Revenues for the second quarter of 2020 grew 13% to $88.8 million. Please note, our Q2 2020 calculated current billings was negatively impacted by the timing and amount of prepaid multi-year subscriptions, as well as requests for shorter duration invoicing, which we expect to continue to next quarter given the current market conditions. Our average deal size increased 7% and platform adoption continued to increase as the percentage of enterprise customers with three or more Qualys solutions rose to 54% from 44% and the percentage of enterprise customers with four or more Qualys solutions increased to 38% from 24%. Paid Cloud Agent subscriptions increased to 43 million over the last 12 months, up from 38 million for the 12 months ended in Q1 2020. And 19% of VM customers up for renewal in the quarter renewed into a VMDR subscription, up from 4% in Q1.

Our scalable platform model continues to drive superior margins and generate significant cash flow. Adjusted EBITDA for the second quarter of 2020 was $42.8 million, representing a 48% margin versus 42%. Q2 EPS grew 34%. And Our free cash flow for the second quarter of 2020 was $24.9 million, representing a 28% margin and down 20%, primarily due to recent changes in billing and payment terms for select customers, given the current macroeconomic environment. YTD, our free cash flow margin is 40% and is up 6%.

In Q2, we continued to invest the cash we generated from operations back into Qualys including: $4.3 million on capital expenditures for operations, including principal payments under capital lease obligations; and $25.3 million to repurchase 242,500 of our outstanding shares.

We remain confident in our business model, driven by our foundation of nearly 100% recurring revenues and expanding suite of applications. We are delighted to be raising our full year 2020 guidance for both revenues and earnings. We are raising the bottom and top end of our revenue guidance for the full year to now be in the range of $359 million to $360.5 million from the prior range of $354 million to $359 million. We are raising our full year non-GAAP EPS guidance to now be in the range of $2.60 to $2.65 from the prior range of $2.46 to $2.51.

We expect to maintain industry-leading margins in 2020 and continue to produce strong cash flow. And Our Q3 guidance for revenue is $91.6 million to $92.2 million and for non-GAAP EPS is $0.65 to $0.67. For the third quarter, we expect capital expenditures to be in the range of $8 million to $9 million, which includes approximately $2 million for the build-out of our Pune headquarters. Because of COVID-19 related delays, the timing of spend on our Pune headquarters has been pushed out a few months, and we now expect that $2 million of our original planned spend will occur in the second half of the year.

As Philippe mentioned, we are very excited by the robust early adoption of VMDR and the launch of our Multi-Vector EDR application. We feel very well-positioned during this period of uncertainty due to the value provided by our cloud platform and our 20 apps, as well as our underlying highly scalable and profitable operational model.

With that, Philippe and I are happy to answer any of your questions.

Questions and Answers:

Operator

[Operator Instructions] And our first question is from Erik Suppiger with JMP Securities. Please go ahead.

Erik Suppiger -- JMP Securities -- Analyst

Hi, thanks for taking the question. Can you talk a little bit about linearity, how did the pandemic play out through the quarter?

Joo Mi Kim -- Chief Financial Officer

Yeah, I'll take that question. So linearity, we didn't see any material highlights to note under linearity. It was similar to last quarter.

Erik Suppiger -- JMP Securities -- Analyst

Okay. And then on VMDR, can you talk a little bit about how much adoption you've seen with -- of using the Patch Management component to that?

Philippe Courtot -- Chairman and Chief Executive Officer

So, we had a big demand...

Joo Mi Kim -- Chief Financial Officer

Go ahead, please.

Philippe Courtot -- Chairman and Chief Executive Officer

No, we have a big demand for Patch Management. There is no question that. This is an application that is really coming up, and VMDR makes it much easier because, obviously, the last mile is you patch, and it's at your fingertips. So, yeah, it's very significant. Then, we see -- by the way, what is interesting is, both on the mid-market, but as well as with large enterprise, in fact, I mentioned on the speech -- on the call that we had a large enterprise, which really adopted not only VMDR, but they also adopted a big -- it's a big deployment of Patch Management.

Erik Suppiger -- JMP Securities -- Analyst

And who are you displacing or who do you see on that patching front? Is that BigFix?

Philippe Courtot -- Chairman and Chief Executive Officer

It's interesting is that, it's not so much of the displacement. It's fact that it's become -- it starts more like adding, for example, it's much easier, of course to -- with our solution to patch the endpoints. So we -- in fact, we believe, in some cases, they could continue using, for example, SCTM for other solutions. But the endpoints is much easier to do it with Qualys, so -- and other patch management solution. But essentially, it's adding to what they're doing. And we see more and more appetite to essentially move to a solution like Qualys, which integrates the entire -- from discovering new assets, to identifying the vulnerabilities on those assets, to prioritize the remediation, and then remediate. We have also, by the way, integration with some customers. They don't take the full patch management solution but they take all the information that we provide them with the superseding patches and so forth, so they can continue pushing that into their own patch management solution.

Erik Suppiger -- JMP Securities -- Analyst

Very good. Thank you.

Operator

Thank you. Our next question comes from Shebly Seyrafi with FBN Securities. Please go ahead.

Shebly Seyrafi -- FBN Securities -- Analyst

Yes, thank you very much. I want to drill down on the current billings. It looks like it grew by 13% year-to-year, down from 15% in the prior two quarters. And I saw what you said in the script. So, what would current billings growth has been versus 13% reported? Had duration not changed or decline?

Joo Mi Kim -- Chief Financial Officer

Yeah. So we have a healthy business. It's a little difficult to perfectly normalize growth rate that account for the multiple different impacts because, for example, one of the reasons why quarterly billings may be impacted is because the renewals are not done at the anniversary of initial deal. There could also be changes in billing terms that we've highlighted in terms of the shorter duration billings, as well as amount of prepaid subscriptions that have a negative impact. Basically in the first year upon renewal, you see that fluctuation. But what we'd also to point to is, year-to-date calculated current billings is up 10% from last year. And in terms of -- this actually supports why the trajectory of our annual revenue guidance is the best proxy for business momentum with our current bookings and confirming [Phonetic] our guidance. And if you take a look at our annual revenue guidance, we did raise basically from -- the prior high end is our current low end. And our bookings actually came in better than expected this quarter, especially from new.

Shebly Seyrafi -- FBN Securities -- Analyst

I want to correct myself. Current billings was up 7%; like you said, 10% for the first half. But I'm trying to see because you expect these moving parts to linger, it looks like, for the next few quarters. And I just want to know when you think things may normalize such that your current billings growth can go back to the historical something like 15% or so, do you think it's two quarters long or four quarters long?

Joo Mi Kim -- Chief Financial Officer

I think it's a little too early for us to tell, given the uncertainty of the environment. Basically, we're -- at this time, we're leveraging our strong financial position to accommodate customers because they are asking for shorter duration invoices as well as delayed billing, which is another factor that we should take into account, in addition to the renewals not being done at the time of end, like, renewal.

Shebly Seyrafi -- FBN Securities -- Analyst

Okay. Last one from me is Spell Security. Do you have estimated incremental revenue and expenses for that company?

Joo Mi Kim -- Chief Financial Officer

Yeah. So, for Spell Security, it's a small tuck-in acquisition, similar to what we've done before. We don't see a material impact to our top line or expenses from that acquisition.

Shebly Seyrafi -- FBN Securities -- Analyst

Okay, thank you.

Operator

Thank you. Our next question comes from Alex Henderson with Needham. Please go ahead.

Alex Henderson -- Needham -- Analyst

Thank you very much. I was looking at the revenue associated with the customers that have bought the highest number of units. And it actually shows the revenue declining from $270 million to $257 million, even as you're adding more revenue per customer. And I was wondering if you are including in those statistics, any of the free solutions that you're offering. How -- why is it -- why is the average revenue declining on your top customers?

Joo Mi Kim -- Chief Financial Officer

Yeah. Average revenue on the top customers, it could fluctuate depending on the category that -- as customers move into different categories. And another factor that we should consider is, we're relooking all their metrics to make sure that they're all still relevant to customers. I think that one of the metrics that we've highlighted before is the multi-product adoption. With the launch of VMDR, VMDR is really counting as -- we're counting it as four products. And so, what we've said before is generally, we expect it to be a revenue neutral impact because, for example, for VM-only customers, we do expect them to see some uplift as they renew into VMDR, while some other customers who used to subscribe to like several other Qualys products, they may be spending a little bit less.

Alex Henderson -- Needham -- Analyst

So are you including in that any of the free solutions? Or is that not included in the number of solutions?

Joo Mi Kim -- Chief Financial Officer

No, it only includes paid solutions, and it's incremental solution that starts [Indecipherable].

Alex Henderson -- Needham -- Analyst

Great. So the second question would be, you've obviously got a lot of free stuff out in the market today. You talked about Patch Management, the free asset inventory, a number of program. If you were to tally all of those free customer subscriptions up, what type of nut are we talking about? How big a chunk of business would that be? And to what extent -- I'm assuming that that predominantly starts to roll off the free into some of the paid -- a paid version of it. What type of conversion rate do you expect? And I think that's mostly in the fourth quarter, is it not? Since most of that runs through September.

Joo Mi Kim -- Chief Financial Officer

Right. So one thing that I would like to highlight is, because there is -- as a subscription business, our model is to really allow customers to buy up their own pace. Customers do trials and then often expand at the time of renewal for existing. And then for new, we do realize that with our -- several of the products that we've launched, it's great that we're seeing adoption and some traction in terms of the active usage, both with respect to the endpoint remote protection, as well as asset discovery and inventory. And we are tracking it. But at the same time, we don't -- it's not that we expect everyone to convert to paid. We wouldn't be surprised if some people continue to use our free service, which is fine because we don't offer a free service as a half-baked offering. And we really don't push products to customers. We kind of see, like, based on the customer's need, we do expect some to convert. I do think that's a little bit early, given that a lot of the products are fairly new.

Alex Henderson -- Needham -- Analyst

So don't -- is there a cliff [Phonetic] on any of those products that would then force them to take a decision?

Philippe Courtot -- Chairman and Chief Executive Officer

Yeah. So let me add. On the endpoint protection 60-day free trials, we do have a cliff, and in fact, we estimate we can see that there is a very -- very happy customers, in fact some have even deployed very largely. So we expect to see some of these customers convert to the base subscription when the program will end up. As you mentioned, that be at the end of September essentially. Then, we have other services, which have been very successful, like the Global IT Asset Inventory, which is the Global IT Asset Inventory that we are using more for lead generation and that are now today fully integrated with VMDR. So of course, the Global IT Asset Inventory comes with VMDR. So that's all that.. As you can see, we skin that cat in different way. One way of looking at these paid [Phonetic] services is looking at them as lead generation, creating of course -- exposing the power of our platform to customers. And then, of course, we have a team to essentially help them to onboard them and then of course to try to upsell them as well. So yes, so this is part of our marketing strategy. It's a very cost-effective marketing strategy because of course for us, the different -- we can deliver software at the four corners of the universe, I would say, thanks to our cloud-based platform very cost-effectively.

Alex Henderson -- Needham -- Analyst

Okay, thank you.

Operator

Thank you. Our next question comes from Yun Kim with Rosenblatt Securities.

Yun Kim -- Rosenblatt Securities -- Analyst

Thank you. Actually, congrats on a pretty solid quarter, and welcome Joo Mi. Philippe, one metric that really stands out in the quarter is the acceleration in the adoption of the multiple products. Growth in the percentage of the percentage of the customers was three-plus, three-plus, four-plus, five-plus, all accelerated from prior trends, not just four-plus products. Can you specifically point out anything particular that drove that acceleration in the quarter? And what are you expecting in terms of that trend going forward?

Philippe Courtot -- Chairman and Chief Executive Officer

So, the trend will continue. What you see with some of these -- it's a combination of a few things. With some of these products is the maturity that we are reaching with these products. We see that very clearly with File Integrity Monitoring. We are also seeing -- of course, Patch Management has been also a very good take. We're waiting to get the UNIX and the iOS patch capabilities, which are coming in a couple of months, if I recall correctly. But it's -- imminently, that will boost further the adoption. And so -- and of course, now, what we see more and more is the interest in the platform itself, where you get all these solutions fully integrated. So VMDR is a huge -- is a really huge success. And helps us not only essentially have -- all of our customers have more reason to look for our solutions today, but it also helps us in penetrating and displacing current competitors. So VMDR was a big success, and we anticipate with the Multi-Vector EDR, which is of course brand-new, will go GA at the end of the month, early September, the latest, that we have already significant interest with Multi-Vector EDR. And by the way, remember one thing is that for all of our customers, which have the agent already installed, moving to EDR or Multi-Vector EDR is a no-brainer. They can immediately try and buy essentially. So that gives us a huge advantage with all these agents that we have now deployed.

Yun Kim -- Rosenblatt Securities -- Analyst

Okay, great. Thanks for that. And obviously, now with the initial success with VMDR and obviously a lot of high-profile product launches ahead, I think it's pretty clear that you have a platform strategy that is beyond your core VM footprint. Can you update us on any major go-to-market initiatives you may have plan to support all the product launches and where you are in terms of product positioning today? And then, in that regard, any plans to increase sales and marketing to support these perhaps any new sales and marketing, marketing initiatives to perhaps accelerate adoption in the marketplace and really more focus on maybe the initial land [Phonetic] deals and whatnot?

Philippe Courtot -- Chairman and Chief Executive Officer

Yes. This is a very good question. So, in fact, our strategy since day one was to really build that multi-platform. It was -- it has been a huge, huge undertaking as well, which we've been able to do because of the significant engineering team that we have now in Pune, India. We've close to 900 people. That was not a walk in the park. It was very complex. We had to inject a lot of the newer technologies like ElasticSearch, etc. So, that's where our focus has been. At the same time, not only beefing up the computing power of the platform was to also acquire telemetry. The problem today that you see with security is that in order for you to have context, you need to build -- you need to bring data from multiple different application and you have not very much idea of how good that data is. And that's the problem that SIEM today have. So, not only it's costly, it's complex, but then to correlate, to analyze, to enrich that data is not also that easy. So, that has been our overall strategy. So, today, finally, our platform and clearly VMDR showed that that we could now sort of integrate all the solution, multi-Vector EDR is as well, our ability now to go well beyond what the current EDR solution upward because we have significantly more telemetry.

And now, of course, our next big thing is essentially to -- essentially moving to the SIEM space which, as I mentioned earlier, are planning to go beta in -- at the end of the year. One of the lynchpin of all of that is that the unique -- and I'd say and I repeat that -- unique ability that Qualys has to automatically create the Global IT Asset Inventory across on-premise and on cloud containers, etc. automatically that nobody -- you cannot secure what you don't know, end of the story. And adding that ability allows us to essentially really provide, if you prefer, that context. And of course, how do we get that is because the combination of our agent, which brings information, and our Passive Scanning, all the network analysis, bringing all that data into one single platform. So now that we are starting to have, if you prefer, solutions that carry significantly more dollars, or when you look at the EDR marketplace, for example, the EDR marketplace is not so much the cost per endpoint, but it's the fact that you have many of them. And then, when you look at the SIEM, it's a significantly bigger standpoint. So, yes, to answer your question, we are going -- as we deliver additional services, obviously expand our marketing and sales capabilities to bring these solutions to market. Then, we have already a large customer base, which is a huge advantage, of course, because we can bring very cost-effectively those solutions to our customers.

And the third element of our go-to-market is we believe that now today, we have a platform that essentially becomes very attractive for the managed security service providers because today, they don't have the means anymore to take these -- to build this kind of platform, which is what they have been in the past. They absolutely need to move beyond the monitoring to do the response, which is now what Qualys provides. And so I think we have already a large number of managed security service providers, which are using Qualys. They are all moving into VMDR. And you saw the announcement that I made about Infosys, which is now is adopting as well the EDR solution. So we see that as another channel, if you prefer to, bring these solutions to market, as well as them being able to consume our incident response solution, because obviously, this is the core of managed security service providers. You need to monitor and then you need to respond. So I think we're extremely well-positioned from an architectural standpoint, well ahead of anything which is out there. And, of course -- now, of course, we need to bring all that to market.

Yun Kim -- Rosenblatt Securities -- Analyst

Great. Thanks for that detail. But one question I do have on that is, do you plan to maybe accelerate the sales headcount addition for your [Speech Overlap?

Philippe Courtot -- Chairman and Chief Executive Officer

Yeah. The big advantage we have is that, it's a proportion, because now we're going to be able to do bigger deals. Of course, you get more -- you can spend more as a result. It's not going to change really our profitability. We're not going to deploy a lot salespeople again. Our model is try and buy. It's very effective. Again, I mentioned our managed security channels. We see that as a very big channel, so to bring all these new solutions to market. And so, that doesn't mean we suddenly need to put a lot of salespeople in the field. But, yes, we are building, expanding our sales force everywhere.

Yun Kim -- Rosenblatt Securities -- Analyst

Okay. Great. Thank you so much.

Operator

Thank you. Our next question comes from Hamza Fodderwala with Morgan Stanley.

Hamza Fodderwala -- Morgan Stanley -- Analyst

Hi. Thank you for taking my question. Philippe, I was wondering if you can comment a little bit more on the competitive landscape in Vulnerability Management and the sales cycles for Q2. Because, clearly, I think as far as your solutions are concerned, as far as providing more visibility and efficiency and a more distributed work environment, the prioritization of that is clearly increasing, but we're not fully seeing that reflected in results quite yet. So, I'm wondering if you could comment a little bit about those two aspects, sort of the sales cycles, as well the competitive environment.

Philippe Courtot -- Chairman and Chief Executive Officer

So the sales cycle has not changed essentially. If you look on the enterprise, market is much more a displacement market. While on the mid-market and the small enterprise, it's a much more rapid market, but the sales cycle has not fundamentally changed. What has changed today is, with the entrance of VMDR, we have totally differentiated our solution vis-a-vis competitors. And today, with the forthcoming entrants -- if we look today, we have two main competitors now, I should say, are Tenable and Rapid7. So, Tenable, is essentially a VM company, they don't have the platform that Qualys has. Rapid7 acquired a company, as I'm sure you know, which essentially gave them kind of a SIEM platform. And of course, today, Qualys, we're entering that SIEM market, and we don't see them very much in the Vulnerability Management -- we don't compete that much more on the VM side. They are more essentially moving, and their growth is coming from that low-end SIEM market that they have addressed. So, we're coming up with, of course, what we call the next generation of SIEM, which goes well beyond the mid-market, while goes really after the very large installations as well. So, our SIEM scale will scale significantly more.

So, we see ourselves extremely well-differentiated against these traditional competitors now. And of course, the question becomes, who can build out the platform that Qualys has built and how long are they there and how long it will take them. And if we look around, we are really well ahead of anybody because we have been working on that for a very long time. This didn't happen overnight. And we're really focus on that. And today, we're very happy. Again, with the VMDR introduction, we've demonstrated the power of what we have done. Now with Multi-Vector EDR, and very soon it's going to be with our incident response solution, which is entering alpha now, and that we plan to go beta -- early beta at the end of the year.

Hamza Fodderwala -- Morgan Stanley -- Analyst

Got it. Thank you. That's helpful. And then just one quick follow-up for Joo Mi. Any way you could quantify perhaps the impact of the shift toward lower durations and some of the renewal timing that impacted current billings?

Joo Mi Kim -- Chief Financial Officer

Yeah, we're tracking that internally. In terms of the shorter duration invoice life cycle, we've experienced a couple million impact to it. With that said, one of the reasons of why we're not actively managing the quarterly billings is because, as you know, we have the industry-leading margins with our operating cash flow margin at 33%, and so that's why we wanted to make sure that we take this opportunity to leverage that, to help out our customers where it makes sense. We do expect to get paid at the end of the day and this is part of the reasons why we've highlighted that we've actually had a great quarter, where the bookings came in higher than what we expected. And so, billings is just not tracking, or is not indicative of the billings -- bookings performance this quarter. And then going forward, we expect it to be similar because we don't really see a reason for us to not accommodate wherein when we feel that the customers actually need it.

Hamza Fodderwala -- Morgan Stanley -- Analyst

Got it. Thank you very much.

Operator

Thank you. Our next question comes from Brian Essex with Goldman Sachs. Brian, your line is open.

Brian Essex -- Goldman Sachs -- Analyst

Yeah. Apologies. I had mute on. Good afternoon. Thank you for taking the question. Philippe, I was just wondering if you could maybe give us a sense of conversations that you're having with customers, particularly after what we've seen high demand for endpoint identity firewall spend, are you seeing any derivative spend now that these more disparate networks may need to focus on security posture now that they've addressed those kind of initial concerns in a more distributed environment?

Philippe Courtot -- Chairman and Chief Executive Officer

I'm not so sure -- could you repeat the question? I'm not so sure that I understand the question there.

Brian Essex -- Goldman Sachs -- Analyst

Yeah. I guess -- just trying to get a sense of the conversations that you're having with customers from a budgeting and spending perspective, particularly after we've seen high demand for the obvious kind of work-from-home solutions like...

Philippe Courtot -- Chairman and Chief Executive Officer

Okay.

Brian Essex -- Goldman Sachs -- Analyst

Endpoint identity firewall. Are you getting a derivative of that spend now that those issues may have been addressed?

Philippe Courtot -- Chairman and Chief Executive Officer

Yeah. No. Okay, makes sense. So I think today what happened is that the -- obviously, the COVID has highlighted for a lot of companies the fact that their enterprise security solutions, they just don't -- they are not built for that world where essentially everything is connected with everything across the Internet. And so, of course, enterprise security solutions were not designed for that. So, as a -- so that became very visible. The first visibility is how do you patch a system which is outside of your network very -- with a lot of difficulties. Then, you have to buy more VPNs, more this, more that. So that has really, if you prefer, essentially given the wake-up call that it's about time that people rethink their security infrastructure. And layering on all these enterprise security solutions not only is very costly. So, the move to the cloud is very definitively is happening in our industry. There's no question. It used to be that our industry was very resisting the cloud because for security reason and so forth, and now today, of course, we can see that the minds are changing. And with our customers, the discussions is stack [Phonetic] consolidation. And so, that's the number-one priority they have. They cannot continue to have that many applications that they have to manage. They don't even find the people to do that. So they're all looking for solutions like Qualys, which consolidate essentially as many solutions as possible. And that's -- this was our vision, when you will get there, that it took much longer than we thought and to build a platform that we built was far more complex than we thought, but I think we kept on going, if I may say so. And I think that serves us very well. You also see that our multi -- that our agent -- the fact that our agent, one single agent, if you prefer, one platform, one single agent, one global view is what people are looking for, and we see today a lot of interest in our Multi-Vector EDR. This is a marketplace which, of course, is growing very fast today because of the need you just described, but it's also a market that needs also some -- a lot of consolidation as well. So I think we're very well-positioned here.

Brian Essex -- Goldman Sachs -- Analyst

Got it. That's super helpful. And I just want to follow up with maybe one for Joo Mi. I think someone touched on a question earlier about -- particularly for enterprise customers with over four-solution stack, LTM revenue per customer coming down slightly. But it looks like if you look at all the categories, you're coming down. So, I guess I'm just wondering what are the other categories? How are those affected and what are the drivers of that? Maybe it's a customer growth issue or a mix issue, but just wanted to get a sense of the declines in the other categories as well.

Joo Mi Kim -- Chief Financial Officer

Yeah. So, in terms of some of the other categories, some of it is attributed to the fact that we've rolled out a lot of smaller solutions. Now, with the newer solutions that are coming out that we're expecting to be priced similar to VM, we are expecting the ARPU to go up over time. So, for example, we talked about Patch Management, FIM and IOC, that will have a similar deal size, whereas some of the smaller solutions that we've launched, like, an example is like Continuous Monitoring, it's not as priced as high.

Brian Essex -- Goldman Sachs -- Analyst

Got it. But, if I look at this, can I infer that -- it looks like it implies that just overall revenue per customer has gone down. Is that not the case? Is it just mix issue or...

Joo Mi Kim -- Chief Financial Officer

Well, overall, the average deal size we mentioned in the prepared remarks, it is up 7% year-over-year.

Brian Essex -- Goldman Sachs -- Analyst

Okay. All right. Thank you very much.

Operator

Thank you. Our next question comes from Gur Talpaz with Stifel.

Gur Talpaz -- Stifel Nicolaus -- Analyst

Okay, great. Thanks for taking my questions. Philippe, you noted that you've added malware detection this quarter alongside the launch of EDR. I want to understand more broadly what your confidence threshold here is in competing in more traditional endpoint markets. And I think beyond that, what are you seeing in terms of customer interest thus far?

Philippe Courtot -- Chairman and Chief Executive Officer

Oh, no. There's a very big interest. Now, the malware detection that we added with our 60-day free Endpoint Protection is detection, not response, because we didn't have yet the capabilities of response in our agent -- built into our agent, and that's what is coming up with Multi-Vector EDR, which give you the full solutions. And the differentiation between our solutions -- our solution and other solution is that all endpoint solution today, they essentially have only information about the endpoint. Now, of course, because we have all the telemetry, we can look beyond the endpoint, and that is very important. So today I think we have a solution that, technically speaking, have significant more advantages eliminating possibilities, allowing you to do certain things much more easily because you need that access to all that information, you don't have go fishing, as I used to call it. And so, I think we have a very good solution.

Now, the big advantage we have here is that we have already a large, large usage of our Cloud Agent, and for us to upgrade to -- for our customers to really look at the solution, it's very easy because it's instant update of the agent to give them that response capability that I just discussed about and that's essentially all that's needed and it's pretty straightforward, and now you can try our Multi-Vector EDR. And we call it Multi-Vector EDR because the attacks today are precisely multi-vectored. So it's not only just the endpoint, you need to know to what that device connects to because the device could be attacked from another part of the network, and that's why you need that full view, just not the view of endpoints.

Gur Talpaz -- Stifel Nicolaus -- Analyst

That's helpful. Thank you. And Joo Mi, maybe one for you, just kind of building on the last question, how should we think about products like EDR and SIEM serving as a lift, if you will, to the ASP or average deal size?

Joo Mi Kim -- Chief Financial Officer

Yeah, this is something that we're very optimistic about. We believe that with the launch of VMDR followed by EDR and Data Lake and SIEM coming after -- with our customers having already -- have Cloud Agents installed at the endpoint, so we really think that this will drive our ARPU higher, increase the dollar retention rate and overall drive acceleration in revenue.

Gur Talpaz -- Stifel Nicolaus -- Analyst

That's helpful. Thank you.

Operator

Thank you. And our next question is from Matt Hedberg with RBC Capital Markets. Please go ahead.

Matthew Hedberg -- RBC Capital Markets -- Analyst

Hey, guys. Thanks for taking my questions. Philippe -- and maybe I missed it, but -- or could you comment on sort of some of the geographic trends you did domestically here and then overseas in terms of when economies start to reopen?

Philippe Courtot -- Chairman and Chief Executive Officer

I think today we see -- yeah, I think the US, as you know, is trying reopen the core markets. We're not seeing, in fact, much difference fundamentally between all the markets, and we see very, very good adoptions in Europe and in Asia Pac as well. So, we have not seen really an economical impact. And the reason is very simple. You still -- I'll take the example of Qualys. We have nobody working in our offices, obviously. However, this is our network that we need to continuously maintain because that's a network that connects us together. So, that network is essentially like the nervous system. So, that's why the security market -- and you need to secure this network. So that's why, as a whole, we have not seen significant reduction in the demand. What we see conversely is a lot of companies essentially asking for price concession, payments, etc. That's what we see. We see of course some companies which are going -- are getting bankrupt or will go bankrupt. That's of course the dynamic. Now, for us, instead of speaking in term of reduction, we try to essentially now change the debate in saying, by the way, what about consolidating? You are spending so much amount of dollars maintaining disparate solutions, why don't you take a solution like Qualys and look -- where everything is integrated, and of course, overall, your total cost of ownership is drastically reduced because you won't need that many people to do that job. You don't have to worry about the integration between these different solutions. It's all done for you. And you don't have to worry about the infrastructure cost because, of course, this is a cloud-based solution. So, I think we're extremely well-positioned.

Matthew Hedberg -- RBC Capital Markets -- Analyst

Got it. And then I know you've historically taken a very active role in sales, effectively running sales for several years. But I believe you promoted Laurie to EVP Worldwide Field Ops last year. As far as I can tell, I don't think she's with the Company anymore. I wonder if you can comment on that, just sort of like the overall sales initiative.

Philippe Courtot -- Chairman and Chief Executive Officer

As you know, we have, of course, replaced Laurie, and in fact, as you know, not -- we have very long-term employees at Qualys, but not everybody stays forever, obviously. And so, I think [Indecipherable] position here. We have, in fact, promoted somebody from within to take her role and who is doing very well. And so, I think again as I mentioned earlier, we are looking at expanding our sales force today. So, I think we're well-positioned at getting there.

Matthew Hedberg -- RBC Capital Markets -- Analyst

Got it. Thanks.

Operator

And our next question is from Sterling Auty with J.P. Morgan.

Sterling Auty -- J.P. Morgan -- Analyst

Yeah. Thanks. Hi, guys. I think you mentioned a couple of times during the call that bookings in the quarter were stronger than expected. Early in the call, in the Q&A, you mentioned linearity was the same as it was last quarter. If that's the case, then I guess -- I wonder why wasn't revenue in the quarter actually stronger than the reported number?

Joo Mi Kim -- Chief Financial Officer

Revenue -- when we guided to the revenue, it was $88 million to $88.6 million, and we actually reported a revenue of $88.8 million. And so, it did come in higher than what we had expected. Is that what you meant, Sterling?

Sterling Auty -- J.P. Morgan -- Analyst

Yeah. But I guess I would call that more in line with the top end of the range, or maybe were the bookings maybe just slightly above what you expected in the quarter?

Joo Mi Kim -- Chief Financial Officer

Yes. And coupled with the fact that sometimes when we do bookings, it really depends on -- some of our bookings actually are based on a consumption model as well, as you know. Given our established partnerships, we do have consumption-based scan on behalf of bookings that do come in, that could be factored into it. But overall, yes, we were expecting our revenue to be somewhere in the midpoint of our revenue guidance range, and after -- we ended up coming in a little bit higher at $88.8 million.

Sterling Auty -- J.P. Morgan -- Analyst

Got it. And then, one follow-up on the VMDR and EDR. Can you remind us -- I think you have some different pricing models, especially with VMDR. How is the uptake under that pricing model? And what should we take about the revenue contribution looking like for this year?

Philippe Courtot -- Chairman and Chief Executive Officer

So, the pricing model is different. As you know, we're now an asset-based model which makes it very simple -- much simpler for our customers to procure than going through the old system that we had, which was a la carte and then also IP days. So, I'm not so sure that I understand exactly your question in terms of the impact on what.

Sterling Auty -- J.P. Morgan -- Analyst

On revenue for the year. So, given your new products, so not knowing how much contribution you expect the total revenue for this year, is it meaningful, is it de minimis, is it a slow ramp, a fast ramp? Those types of things.

Philippe Courtot -- Chairman and Chief Executive Officer

No, no, VMDR is moving very well. We have a huge adoption of VMDR, as we have mentioned in the numbers. And no, this is, everybody is looking to VMDR. And what we mentioned, again in some cases, either because for those customers, which have adopted already multiple solutions, VMDR end up a little bit cheaper. And then for those who have not essentially deployed new solution, of course, it comes a little bit more expensive. And all-in-all, I mean it's a very healthy business. And what it does -- of course, we anticipate most of our customer base migrating to VMDR relatively quickly and we see that adoption accelerating. And what it does, it populates the agent. It makes us absolutely much more sticky because, of course, now you have all of these solutions totally integrated. So, we think this is a huge success. VMDR is absolutely a huge success.

Sterling Auty -- J.P. Morgan -- Analyst

Thank you.

Operator

Thank you. And I'm not showing any further questions in the queue. I would like to turn the call back to Philippe Courtot for his final remarks.

Philippe Courtot -- Chairman and Chief Executive Officer

Okay. So, thank you all. And again, this -- as you know, we are very excited to see our new solution coming, VMDR. It's been a fantastic, as I mentioned earlier, solution. We're now bringing the Multi-Vector EDR. As you can see, we are now moving into detection and response, VMDR, EDR. We have more to come. And of course, we are looking forward to launching our new incident response solution.

So with that, we'd like to thank you for your time, and again, thank you very much.

Operator

[Operator Closing Remarks]

Duration: 62 minutes

Call participants:

Vinayak Rao -- Vice President, Corporate Development and Investor Relations

Philippe Courtot -- Chairman and Chief Executive Officer

Joo Mi Kim -- Chief Financial Officer

Erik Suppiger -- JMP Securities -- Analyst

Shebly Seyrafi -- FBN Securities -- Analyst

Alex Henderson -- Needham -- Analyst

Yun Kim -- Rosenblatt Securities -- Analyst

Hamza Fodderwala -- Morgan Stanley -- Analyst

Brian Essex -- Goldman Sachs -- Analyst

Gur Talpaz -- Stifel Nicolaus -- Analyst

Matthew Hedberg -- RBC Capital Markets -- Analyst

Sterling Auty -- J.P. Morgan -- Analyst

More QLYS analysis

All earnings call transcripts

AlphaStreet Logo