Rapid7, Inc. (NASDAQ:RPD) is a global cybersecurity software and services provider on a mission to offer customers greater clarity and control of their attack surface through its comprehensive and consolidated security offerings. Founded over two decades ago, Rapid7 has partnered with customers across diverse industries and sizes to improve the efficacy and productivity of their security operations ("SecOps").
Business Overview
In the rapidly evolving IT environment, customers are encountering escalating challenges due to the proliferation of cyberattacks leveraging artificial intelligence, targeted automation, and a widening spectrum of attackers and techniques. To fortify their security posture, organizations require greater visibility, advanced capabilities leveraging increased expertise, and integrated data to effectively anticipate, identify, and respond to exposure-led threats. Through its security operations platform, anchored on cloud security, security information and event management (SIEM), advanced detection and response, and vulnerability management offerings, Rapid7 is poised to expand the capabilities of today's SecOps teams.
Rapid7 extends and expands the expertise of the Security Operations Center across information security, cloud operations, development, and IT teams, enabling them to better understand the attacker and leverage that information to take control of their fragmented attack surface. Enriched by years of managed services expertise, the company's integrated security operations platform enables SecOps teams to move away from a reactive approach, reduce their attack surface, and enhance response efficiency with a deep contextual understanding of their environment.
The industry is undergoing a customer-driven shift to consolidated security platforms, as customers move away from cloud security as a specialized function towards cloud security as an integrated capability for SecOps teams. Rapid7 views this as a demand driver for integrated SecOps and believes it has an opportunity to be a leader in delivering integrated risk and threat management across on-premise, cloud, and external attack surfaces.
As the threat landscape continues to grow in complexity, customers are demonstrating demand for integrated expertise to support them in effectively managing their security technologies. The convergence of these key trends – security consolidation, integrated cloud security, and expertise driven outcomes – are the foundation of what Rapid7 views as the new extended SOC. The company's focus is to be the leading provider of integrated security solutions for the extended SOC by providing risk and threat management within the context of overall security.
Rapid7 markets and sells its products and professional services to organizations of all sizes globally, including mid-market businesses, enterprises, non-profits, educational institutions and government agencies. As of March 31, 2024, the company had over 11,000 customers in 148 countries, including 47% of the Fortune 100. Revenue was not concentrated with any individual customer, as no customer represented more than 1% of revenue for the three months ended March 31, 2024 or 2023.
The company offers its products through a variety of delivery models to meet the needs of its diverse customer base, including cloud-based subscriptions, managed services, and licensed on-premise software. For the three months ended March 31, 2024 and 2023, recurring revenue, defined as revenue from term software licenses, content subscriptions, managed services, cloud-based subscriptions and maintenance and support, was 96% and 95% of total revenue, respectively.
Financials
In the first quarter of 2024, Rapid7 reported revenue of $205.1 million, up 12% year-over-year, in line with analysts' expectations. The company ended the quarter with $807 million in annualized recurring revenue (ARR), representing 11% year-over-year growth. Rapid7 saw sustained momentum with its Direct Complete consolidation offerings, which continued ramping nicely. However, the ending ARR result was below expectations, driven by a slower-than-anticipated shift of the company's vulnerability management (VM) base into its integrated risk offering, Cloud Risk Complete.
Rapid7's detection and response business maintained growth of over 20% year-over-year in the first quarter as mainstream enterprise customers continue to prioritize monitoring and detection of threats across their distributed environments. However, the company experienced a slower-than-expected transition in the quarter of selling its current integrated risk management package into its traditional VM base, both on new bookings and renewals.
Risks and Challenges
Rapid7 believes it is in a transition period during which customers are not yet able to see the full benefit of the foundational work it is doing to increase customer value by evolving its Cloud Risk Complete package into an improved integrated experience. The company is launching significant capabilities, including revamped cloud vulnerability assessment and the general availability of cloud VM across AWS, Azure and GCP, as part of this updated risk management offering. This updated offering is expected to meaningfully improve attack surface visibility and capabilities, while the data integration at the platform level will greatly improve the economics and allow Rapid7 to be a price leader in this space.
Outlook
Looking forward, Rapid7 expects this transition to temporarily weigh on its growth outlook through the remainder of 2024 as it launches the updated Cloud Risk Complete this summer and begins to regain momentum exiting the year. For the full year 2024, the company now expects ending ARR of $850 million to $860 million, representing growth of 6% to 7% over the prior year. While disappointed in this range of growth, Rapid7 remains confident that it has the right long-term strategy to deliver the best value, outcomes and economics for its customers and to ultimately reaccelerate this growth rate.
For the second quarter of 2024, Rapid7 expects total revenue in the range of $203 million to $205 million, representing growth of 7% to 8%. The company expects non-GAAP operating income for the second quarter in the range of $35 million to $37 million and non-GAAP net income per share of $0.50 to $0.53.
Despite the lower top line outlook for the year, Rapid7 is maintaining its full year profitability targets. The company continues to expect 2024 operating income of $150 million to $158 million and net income per share in the range of $2.10 to $2.21, based on an estimated 75 million diluted weighted average shares outstanding. Rapid7 also remains committed to scaling free cash flow in its business, maintaining its expectation to generate at least $160 million of free cash flow for the full year 2024.
Geographically, Rapid7's revenue growth was driven by a 22% increase in international revenue, which represented 23% of total revenue in the first quarter of 2024. North America revenue grew 9% and represented 77% of total revenue.
Conclusion
In summary, Rapid7 is navigating the evolving cybersecurity landscape by focusing on delivering integrated risk and threat management solutions that provide customers with greater visibility, advanced capabilities, and enhanced response efficiency across their on-premise, cloud, and external attack surfaces. While the company is experiencing some near-term headwinds as it transitions its integrated risk management offerings, Rapid7 remains confident in its long-term strategy and is committed to driving profitability and free cash flow generation in 2024 and beyond.