Search the web
Welcome, Guest
[Sign Out, My Account]
EDGAR_Online

Quotes & Info
Enter Symbol(s):
e.g. YHOO, ^DJI
Symbol Lookup | Financial Search
IMPV > SEC Filings for IMPV > Form 10-K on 28-Feb-2014All Recent SEC Filings

Show all filings for IMPERVA INC

Form 10-K for IMPERVA INC


28-Feb-2014

Annual Report


Item 7. MANAGEMENT'S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS

The following discussion and analysis of our financial condition and results of operations should be read in conjunction with our "Selected Consolidated Financial Data" and consolidated financial statements and notes thereto included elsewhere in this Annual Report on Form 10-K. This Annual Report on Form 10-K contains "forward-looking statements" within the meaning of Section 27A of the Securities Act of 1933, as amended (the "Securities Act"), and Section 21E of the Securities Exchange Act of 1934, as amended (the "Exchange Act"). These statements are often identified by the use of words such as "may," "will," "expect," "believe," "anticipate," "intend," "could," "estimate," or "continue," and similar expressions or variations. These statements are based on the beliefs and assumptions of our management based on information currently available to management. Such forward-looking statements are subject to risks, uncertainties and other factors that could cause actual results and the timing of certain events to differ materially from future results expressed or implied by such forward-looking statements. Factors that could cause or contribute to such differences include, but are not limited to, those identified herein, and those discussed in the section titled "Risk Factors," set forth in Item 1A of this Annual Report on Form 10-K and in our other SEC filings. You should review these risk factors for a more complete understanding of the risks associated with an investment in our securities. We disclaim any obligation to update any forward-looking statements to reflect events or circumstances after the date of such statements.

Overview

We are pioneering the third pillar of enterprise security, data center security, by directly protecting high-value applications and data assets in physical and virtual data centers. Built specifically for modern threats, our comprehensive suite of data center security offerings is designed to provide the visibility and control needed to neutralize attacks, theft and fraud from inside and outside the organization, mitigate risk, and streamline compliance. Our SecureSphere platform provides database, file and web application security across various physical and virtual systems in data centers, including traditional on-premise data centers as well as private, public and hybrid cloud computing environments. In addition, our cloud offerings are designed to protect against the unique threats created as enterprises increasingly shift to deploying their applications and storing their data in the cloud to take advantage of the flexibility and cost-efficiency offered by cloud-based solutions.

We believe that data center security is the third pillar of enterprise security because it fills the gaps between the first pillar of security, endpoint security, which blocks threats targeting devices, and the second pillar of security, network security, which blocks threats trying to access the network. Our unique suite of offerings protects the high-value applications and data assets that endpoint and network solutions are not designed to protect, whether the applications and data reside within our customers' data center or the cloud.

Organizations are facing numerous challenges in providing the visibility and control required to protect high-value applications and data assets from attack, theft and fraud. Attacks, whether perpetrated by sophisticated hackers or malicious insiders, continue to increase in sophistication, scale and frequency, and organizations must comply with increasingly complex regulatory standards enacted to protect high-value applications and data. Adoption of new technologies and architectures, such as mobile applications, modern web applications and big data, increases the complexity of, and open access to, the data center; thereby exposing critical data assets to new vulnerabilities. The increased adoption of cloud delivery models and virtualization technologies is also forcing applications to operate outside of the traditional security model. We believe that these challenges are driving the need for a comprehensive data center security solution to protect high-value applications and data assets in the data center.

We were incorporated as a Delaware corporation in 2002 with the vision of protecting high-value applications and data assets within the enterprise. Since that time we have been investing in our data center security solutions to meet the rapidly evolving demands of customers. We shipped our initial web application security and data security products in 2002; in 2006, we expanded our database security product to include compliance features. In 2010, we launched our file security offering. In addition, in 2010, we launched our cloud-based initiatives with ThreatRadar and, in 2011, we introduced our cloud-based offering for mid-market enterprises and small and medium-sized businesses ("SMB") that we provide through Incapsula, Inc., our majority owned


Table of Contents

subsidiary. In January 2014, we acquired certain assets and liabilities of Tomium Software, LLC to accelerate our mainframe data security solutions. In February 2014, we acquired SkyFence Networks Ltd. to further our Software as a Service (SaaS) delivery models for internally facing corporate applications and agreed to acquire the remaining portion of Incapsula that we did not already own in order to more fully integrate their operations with ours.

Our research and development efforts are focused primarily on improving and enhancing our existing data center security solutions and services, as well as developing new products and services and conducting advanced security research. We conduct our research and development activities in Israel, and we believe this provides us with access to some of the best engineering talent in the security industry. As of December 31, 2013, we had 183 employees dedicated to research and development, including our advanced security research group, the Application Defense Center ("ADC"). Our research and development expense was $27.6 million, $20.6 million and $17.6 million for the years ended December 31, 2013, 2012 and 2011, respectively.

We derive our revenue from sales and licenses of our products and sales of our services. Products and license revenue is generated primarily from sales of perpetual software licenses installed on hardware appliances or virtual appliances for our SecureSphere Business Security Suite. Services revenue consists of maintenance and support, professional services and training and subscriptions. A majority of our revenue is derived from customers in the Americas region. In 2013, 61% of our total revenue was generated from the Americas, 24% from Europe, Middle East and Africa ("EMEA") and 15% from Asia Pacific ("APAC").

We market and sell our products through a hybrid sales model, which combines a direct touch sales organization and an overlay channel sales team that actively assist our extensive network of channel partners throughout the sales process. We also provide our channel partners with marketing assistance, technical training and support. We primarily sell our products and services through our channel partners, including distributors and resellers, which sell to end-user customers, who we refer to in this Annual Report on Form 10-K as our customers. We have a network of over 300 channel partners worldwide, including both resellers and distributors. In 2013, our channel partners originated over 40%, and fulfilled almost 85%, of our sales. We work with many of the world's leading security value-added resellers, and our partners include some of the largest hosting companies for cloud-based deployments.

As of December 31, 2013, we had over 3,000 customers in more than 75 countries. In addition, our solutions are used to protect thousands of organizations through cloud-based deployments with our Software-as-a-Service ("SaaS") customers and our managed security service provider ("MSSP") and hosting partners. Our customers include eight of the top ten telecommunications companies, five of the top ten commercial banks in the United States, three of the top five global consumer financial services firms, four of the top five global computer hardware companies, over 250 government agencies around the world and more than 350 Global 2000 companies.

Our net revenue has increased in each of the last three years, growing from $78.3 million in 2011 to $137.8 million in 2013. We have incurred net losses attributable to our stockholders of $25.2 million, $7.4 million and $10.3 million in 2013, 2012 and 2011, respectively. As of December 31, 2013, we had an accumulated deficit of $98.7 million.

Opportunities, Challenges and Risks

We believe that the growth of our business and our future success are dependent upon many factors, including our ability to maintain our technology leadership, improve our sales and marketing, address the needs of smaller enterprises and compete effectively in the marketplace for data center security solutions. While each of these areas presents significant opportunities for us, they also pose important challenges and risks that we must successfully address in order to sustain the growth of our business and improve our results of operations.

Maintain Technology Leadership. As a result of the rise in sophisticated attacks by hackers and malicious insiders, the difficulty in complying with regulations governing business data and the growing complexity of, and open access to, data centers, we believe that enterprises are struggling to provide visibility and control over high-value business applications and data assets that they need to protect. In addition, organizations are increasingly taking advantage of cloud-based services and virtualization technologies, and these new technologies and architectures are increasing the complexity of, and accessibility to, the data center. We believe these challenges are driving the need for a new protection layer positioned closely around the applications and data assets in the data center. We expect that as enterprises recognize the growing risk to high-value business data and the need to comply with increasing regulatory compliance mandates, their spending will increase on solutions designed to control and protect such data. We believe that traditional security and compliance products do not address the evolving needs of enterprises or do not do so adequately, and that this presents us with a large market opportunity. To capitalize on this opportunity, we have introduced and expect that in the future we will need to continue to introduce innovations to our broad business security solutions, including solutions to address data center security opportunities that arise as enterprises pursue cloud computing initiatives. We cannot assure you that our products will achieve widespread market acceptance or that we will properly anticipate future customer needs. Moreover, if our products do not satisfy evolving customer requirements, we will not capture the increase in spending that we expect will result from enterprises seeking to secure data across various systems in the data center.


Table of Contents

Invest in Sales and Marketing. In order to capitalize on the anticipated increase in spending in the data center security market, we will need to continue to invest significant resources to further strengthen our existing relationships with channel partners, extend our global network by adding new channel partners and grow our sales and marketing team. Any investments that we make in our sales and marketing will occur in advance of our experiencing any benefits from such investments, and so it may be difficult for us to determine if we are efficiently allocating our resources in this area. We cannot assure you that the investments that we intend to make to strengthen our sales and marketing efforts will enable us to capitalize on the expected increase in spending in the data center security market or result in an increase in revenue or an improvement in our results of operations.

Address Needs of Smaller Enterprises. As market awareness of the benefits of a comprehensive data center security solution increases, we believe there is a significant opportunity to provide data center security solutions to smaller enterprises as they confront increasing security threats and compliance mandates. To capitalize on this opportunity, we intend to increase our business with mid-market enterprises and SMBs by expanding our cloud-based service offerings and our distribution channel. We have made, and may in the future continue to make, significant investments in our cloud-based security products to address the business security needs of mid-market enterprises and SMBs. If our cloud-based security products, which are relatively new, fail to gain broad acceptance with mid-market enterprises and SMBs, our revenue growth, results of operations and competitive position in our industry could suffer.

Compete Effectively. We operate in an intensely competitive market that has witnessed significant consolidation in recent years with large companies acquiring many of our competitors. We track our success rate in competitive sales opportunities against certain competitors, some of which generate higher revenues and have greater market capitalizations than we do, and many of which are more established or have greater name recognition within our industry. Based upon our internal tracking of the results of such competitive sales opportunities, we believe that we have historically competed favorably against our larger competitors, and that we have a proven track record of successfully competing against such larger competitors. Nonetheless, some of our larger competitors have numerous advantages, including, but not limited to, greater financial resources, broader product offerings and more established relationships with channel partners and customers. If we are unable to compete effectively for a share of the business security market, our business, results of operations and financial condition could be materially and adversely affected.

To date, we have incurred, and continue to incur, losses from operations and net losses. However, we believe that our existing cash, cash equivalents and short-term investments will be sufficient to meet our working capital and capital expenditure needs for at least the next 12 months. Further, we expect that, if we successfully execute our business plan and strategy, our loss from operations and our net losses will decline, and that we will reach profitability. Should we need additional cash in the future, we may utilize existing lines of credit, enter into additional lines of credit or raise funds through the sale of equity securities.

Key Metrics of Our Business

We monitor the key financial metrics discussed below to help us evaluate growth trends, establish budgets, measure the effectiveness of our sales and marketing efforts and assess operational efficiencies.

Net Revenue. We measure our net revenue to assess the acceptance of our products from our customers, our growth in the markets we serve and to help us establish our strategic and operating plans for future periods. We discuss the components of our net revenue in "-Financial Overview- Net Revenue" below.

Gross Margin. We monitor our gross margin to assess the impact on our current and forecasted financial results from any changes to the pricing and mix of products we are selling to our customers.

Loss from Operations. We track our loss from operations to assess how effectively we are planning and monitoring our operations as well as controlling our operational costs, which are primarily driven by headcount.

Cash, Cash Equivalents and Short-term Investments. We evaluate the level of our cash, cash equivalents and short-term investments to ensure we have sufficient liquidity to fund our operations, including the development of future products and product enhancements and the expansion into new sales channels and territories.

Number of Customers. We believe our customer count is a key indicator of our market penetration, the productivity of our sales organization and the value that our products bring to our customer base. We also believe our existing customers represent significant future revenue opportunities for us.

We discuss for the periods presented revenue, gross margin, the components of loss from operations and number of customers further below under "-Segments" and "-Results of Operations", as applicable, and we discuss our cash and cash equivalents under "-Liquidity and Capital Resources."


Table of Contents

We also believe that deferred revenue and cash flow from operations are key financial metrics for our business. The components of deferred revenue and cash flow from operations, as well as our rationale for monitoring these metrics, are discussed immediately below this table:

                                                                  Years ended (or as of
                                                                      December 31)
                                               2013                       2012                       2011
                                               (in thousands, except number of customers and percentages)
Net revenue                              $         137,759          $         104,235          $          78,302
Gross margin                                          78.4 %                     79.0 %                     79.3 %
Loss from operations                     $         (25,429 )        $          (7,104 )        $         (10,006 )
Total deferred revenue                   $          63,052          $          46,291          $          32,925
Cash, cash equivalents and
short-term investments                   $         115,085          $         102,327          $          97,612
Net cash provided by (used in)
operations                               $           9,797          $           4,467          $          (6,537 )
Number of customers                                  3,011                      2,293                      1,740

Deferred Revenue

Our deferred revenue consists of amounts that have been invoiced but that have not yet been recognized as revenue. The majority of our deferred revenue balance consists of the unamortized portion of services revenue from maintenance and support, and subscription contracts. We monitor our deferred revenue balance because it represents a significant portion of revenue to be recognized in future periods. We also assess the increase in our deferred revenue balance plus revenue we recognized in a particular period as a measure of our sales activity for that period. While the change in our deferred revenue and revenue recognized in a given period comprise the majority of our sales activity during that period, they do not constitute the entire sales activity during the period. Our total sales activity also includes sales of products and services for which we have not yet met the criteria to recognize revenue or add such amounts to our deferred revenue balance. Revenue and deferred revenue from these transactions is recognized or recorded in future periods when we have met the required criteria. We discuss for the periods presented deferred revenue further below under "-Results of Operations."

Net Cash Used in Operations

We monitor cash flow from operations as a measure of our overall business performance. Our cash flow from operations is driven primarily by sales of our products and licenses and, to a lesser extent, from up-front payments from customers under maintenance and support contracts. Our primary uses of cash in operating activities are for personnel-related expenditures, costs of acquiring the hardware used for our appliances, marketing and promotional expenses and costs related to our facilities. Monitoring cash flow from operations enables us to analyze our financial performance without the non-cash effects of certain items such as depreciation and amortization and stock-based compensation expenses, thereby allowing us to better understand and manage the cash needs of our business.

Segments

For financial reporting purposes, we operate as two reportable business segments: (i) Imperva, which is comprised of our financial position and results of operations and those of our wholly-owned subsidiaries; and (ii) Incapsula, which is comprised entirely of the financial position and results of operations of our majority-owned subsidiary. Our Incapsula segment commenced operations in November 2009 and has not generated significant revenue since inception. In discussing our results of operations, we have provided a consolidated discussion and analysis of the revenues from our two segments and, where significant, provided a separate discussion and analysis of the operating expenses of our two segments. See Note 13 of "Notes to Consolidated Financial Statements" for a discussion of our financial information by segment.

Financial Overview

Net Revenue

We derive our revenue from sales and licenses of our products and sales of our services. As discussed further in "-Critical Accounting Policies and Estimates-Revenue Recognition" below, revenue is recognized when persuasive evidence of an arrangement exists, delivery has occurred, the price is fixed or determinable and collection is probable.


Table of Contents

Our net revenue is comprised of the following:

Products and License Revenue-Product and license revenue is generated from sales of perpetual software licenses installed on hardware appliances or virtual appliances for our SecureSphere Business Security Suite. Our SecureSphere Business Security Suite consists of database security, file security and web application security. We offer multiple hardware appliance versions that accompany our software, each with different throughput capacities. Perpetual software license revenue is generated from sales of our appliances, licenses for additional users and add-on software modules. We also generate a small amount of hardware revenue from sales of spares or replacement appliances, demonstration units and accessories.

Services Revenue-Services revenue consists of maintenance and support, professional services and training and subscriptions. Maintenance and support revenue is generated from support services that are bundled with appliances and add-on software modules. There are three levels of maintenance and support-Standard, Enhanced and Premium-and these are offered through agreements for one to five-year terms. Maintenance and support includes major and minor when-and-if available software updates; customer care, which includes our designated support engineer and Imperva resident engineer programs; content updates from our advanced security research group, the ADC, and hardware replacement. Subscription revenue is generated from sales of our cloud-based services. Professional services revenue consists of fees we earn related to implementation and consulting services we provide our customers. Training services revenue consists of fees we earn related to training customers and partners on the use of our products. We expect that the services revenue from maintenance and support contracts will continue to grow along with the increase in the size of our installed base.

A majority of our products and services are sold to customers in the Americas, primarily in the U.S., however, a significant portion of our revenue is generated from international sales. See Note 13 of "Notes to Consolidated Financial Statements" for a discussion of our financial information by geographic region. Our revenue by geographic region is as follows (in thousands):

                                           Years Ended December 31,
                                       2013          2012          2011
                 Americas            $  83,736     $  61,588     $ 47,851
                 EMEA                   33,183        24,958       18,464
                 APAC                   20,840        17,689       11,987

                 Total net revenue   $ 137,759     $ 104,235     $ 78,302

Cost of Revenue

Our total cost of revenue is comprised of the following:

Cost of Products and License Revenue-Cost of products and license revenue is comprised primarily of third-party hardware costs and royalty fees. Our cost of products and license revenue also includes personnel costs related to our operations team, shipping costs and write-offs for excess and obsolete inventory.

Cost of Services Revenue-Cost of services revenue is primarily comprised of personnel costs of our technical support team, our professional consulting services and training teams and our Security Operations Center ("SOC") team. Cost of services revenue also includes facilities costs, subscription fees and depreciation. We expect that our cost of services revenue will increase in absolute dollars as we increase our headcount.

Operating Expenses

Our operating expenses consist of research and development, sales and marketing and general and administrative expenses. Personnel costs are the most significant component of our operating expenses and consist of wages, benefits and bonuses and, with regard to the sales and marketing expense, sales commissions. Personnel costs also include stock-based compensation. We expect personnel costs to continue to increase in absolute dollars as we hire new employees to continue to grow our business.

Research and Development

Our research and development is focused on maintaining and improving our existing products and on new product development. A majority of our research and development expenses are comprised of personnel costs and, to a lesser extent, facility costs, hardware prototype costs, laboratory expenses and depreciation. We expense research and development costs as incurred. We expect our research and development expenses to increase in absolute dollars as we continue to enhance our existing products and develop new products and services that address the emerging market for business security and regulatory compliance.


Table of Contents

Sales and Marketing

Sales and marketing expense is the largest component of our operating expenses and consists primarily of personnel costs, including commissions and travel expenses. Sales and marketing expenses also include costs related to marketing and promotional activities, third-party referral fees and, to a lesser extent, facilities costs and depreciation. We expect our sales and marketing expenses to increase in absolute dollars as we expand our sales and marketing efforts worldwide.

General and Administrative

General and administrative expense consists primarily of personnel costs, including stock-based compensation, as well as professional fees, facilities costs and depreciation. General and administrative personnel costs include our executive, finance, purchasing, order entry, human resources, information technology and legal functions. Our professional fees consist primarily of accounting, external legal, information technology and other consulting costs.

Other Income (Expense), net

Other income (expense), net is comprised of the following items:

Interest Income-Interest income consists of interest earned on our cash, cash equivalents and short-term investments. We expect interest income . . .

  Add IMPV to Portfolio     Set Alert         Email to a Friend  
Get SEC Filings for Another Symbol: Symbol Lookup
Quotes & Info for IMPV - All Recent SEC Filings
Copyright © 2014 Yahoo! Inc. All rights reserved. Privacy Policy - Terms of Service
SEC Filing data and information provided by EDGAR Online, Inc. (1-800-416-6651). All information provided "as is" for informational purposes only, not intended for trading purposes or advice. Neither Yahoo! nor any of independent providers is liable for any informational errors, incompleteness, or delays, or for any actions taken in reliance on information contained herein. By accessing the Yahoo! site, you agree not to redistribute the information found therein.