Source: FireEye

FireEye (NASDAQ: FEYE) is embracing a service-based business model.

The cybersecurity firm offers its customers a wide variety of different products, mostly physical and cloud-based appliances, and subscription services designed to be used in conjunction with them. A customer might purchase one of FireEye's NX boxes, for example, then pair it with FireEye's Dynamic Threat Intelligence Cloud subscription service. Demand for FireEye's products and services has risen rapidly in recent years, and fueled the company's growth.

But FireEye's future could center on a different sort of offering. FireEye-as-a-service (FaaS) offers the core functions of its security platform in a more flexible way. In recent quarters, demand for FaaS has accelerated tremendously, and management is optimistic about its long-term potential. 

FaaS is boosting stand-alone subscription revenue
FireEye announced FaaS in the fall of 2014. "By blending FireEye's technology, intelligence and expertise into a single on-demand offering, FireEye as a Service simplifies and consolidates the disparate patchwork of products and services organizations must piece together to defend themselves," CEO Dave DeWalt said.

Since then, FaaS has emerged as a key driver for the company. "[I]n 2015 we built [FaaS] into a $100 million business in less than 18 months, grew it at over 100%, and scaled to hundreds of customers," DeWalt said on the company's February earnings call. In fiscal 2015, FireEye generated platform billings of $540 million, about 26% of which came from the sale of what FireEye terms "stand-alone product subscriptions." FaaS falls into that category, along with its email threat prevention solution. Management expects that figure to rise to 35% this year as its platform billings exceed $655 million.

Source: FireEye.

The company's management believes FaaS is attractive to customers for several reasons. There's the issue of accounting: With FaaS, enterprise customers can record the cost as operating expense, rather than a capital expense, on their books. They have more flexibility in terms of deployment, so they are able to more easily scale up or scale down to meet their needs. And FaaS taps FireEye's network of security experts, who provide additional security oversight. 

Lofty growth targets
FireEye has been a volatile stock since it entered the public markets in the fall of 2013. The company hasn't been profitable, nor does it expect to be in the near future. Rather, investors have been betting on the prospect of tremendous future growth. During the February earnings call, DeWalt quantified the company's long-term potential, stating that the future of FireEye would center around providing security-as-a-service.

We're building out a platform. We have a security-as-a-service. I see every other tangential market that had this kind of condition eventually ended up with an as-a-service model, and you think about the WorkDays and the SalesForces and the ServiceNows, security has thousands of vendors. Most clients have hundreds of vendors, millions of alerts. If we can make that simple and deliver it, the value of this company will be a lot greater than it is today.

FireEye made that point again during its analyst day in March, when it showed this slide:

Source: FireEye.

Over time, FireEye hopes to deliver FaaS from the cloud using only software, eliminating the need for on-site hardware entirely. That would improve margins, and reduce the amount of time it takes to bring an additional customer on board (right now it takes around 40 days).

On Thursday, FireEye will turn in its first-quarter earnings. Investors should watch the growth of FaaS closely.