Categories Earnings Call Transcripts, Technology

FireEye Inc (FEYE) Q2 2021 Earnings Call Transcript

FEYE Earnings Call - Final Transcript

FireEye Inc (NASDAQ: FEYE) Q2 2021 earnings call dated Aug. 05, 2021.

Corporate Participants:

Kate PattersonSenior Vice President-Finance/Investor Relations

Kevin MandiaChief Executive Officer and Board Director

Frank VerdecannaExecutive Vice President, Chief Financial Officer and Chief Accounting Officer

Analysts:

Hamza FodderwalaMorgan Stanley — Analyst

Catharine TrebnickColliers — Analyst

Brian EssexGoldman Sachs — Analyst

Rustam KangaJMP Securities — Analyst

Saket KaliaBarclays — Analyst

Presentation:

Operator

Welcome to the Q2 2021 Financial Results Conference Call. My name is Adrienne, and I’ll be your operator for today’s call. [Operator Instructions]

I will now turn the call over to Kate Patterson. Kate, you may begin.

Kate PattersonSenior Vice President-Finance/Investor Relations

Thank you, Adrienne. Good afternoon and thanks to everyone for joining us on today’s call to discuss FireEye’s financial results for the second quarter of 2021. This call is being broadcast live over the Internet and can be accessed on the Investor Relations section of FireEye’s website at investors.fireeye.com. With me on today’s call are; Kevin Mandia, FireEye’s Chief Executive Officer; and Frank Verdecanna, Executive Vice President, Chief Financial Officer and Chief Accounting Officer of FireEye.

After the market closed today, FireEye issued a press release announcing the results for the second quarter of 2021. Before we begin, let me remind you that FireEye’s management will make forward-looking statements during the course of this call, including statements relating to the company’s guidance and expectations for future financial results and metrics; the sale of FireEye Products business, including expectations regarding timing for the completion of the transaction and effects of the transaction; the company’s priorities, initiatives, plans and investments; drivers and expectations for growth and business transformation; expectations, benefits, capabilities and availability of new and enhanced offerings; market opportunities and go-to-market strategies.

These forward-looking statements involve a number of risks and uncertainties, some of which are beyond our control, which could cause actual results to differ materially from those anticipated by these statements. These forward-looking statements apply as of today, and you should not rely on them as representing our views in the future, and we undertake no obligation to update these statements after the call. For a detailed description of the risks and uncertainties, please refer to our SEC filings, as well as our earnings release posted an hour ago.

Copies of these documents may be obtained from the SEC or by visiting the Investor Relations section of our website. Additionally, certain non-GAAP financial measures will be discussed on this call. We have provided reconciliations on these non-GAAP financial measures for the most directly comparable GAAP financial measures in the Investor Relations section of the website, as well as in the earnings release. Finally, I’d like to point out that we will be posting supplemental slides and financial statements on the Investor Relations section.

With that, I’ll turn the call over to Kevin.

Kevin MandiaChief Executive Officer and Board Director

Thank you, Kate, and thank you to all of you for joining us today on this call. We appreciate your interest and support. The FireEye Products and Mandiant Solutions teams remain focused and executed well against their plans for Q2, delivering results consistent with our company-wide guidance ranges for all key financial metrics. On a combined basis, we posted our best billings growth since the first quarter of 2016, up 23% year-over-year.

And we added 248 new logo customers, up from 223 in the second quarter a year ago. We also closed 47 transactions greater than $1 million, up from 39 in the second quarter of 2020. Today, I’d like to share some highlights from the second quarter. I will then discuss our Mandiant strategy and how our innovation is creating even greater opportunities for growth. On our first quarter call, we reported on the progress we have made in our transformation to become a Security as a Service company.

In Q2, we accelerated the pace of this transformation with the announcement of our plans to divest our FireEye Products business in a $1.2 billion transaction with Symphony Technology Group. The divestiture allows both the FireEye Products and Mandiant Solutions businesses to optimize their respective investments in go-to-market strategies, while continuing to support our joint customers with best-in-class threat detection based on shared threat intelligence.

We believe the divestiture will benefit our customers by accelerating innovation, create new opportunities for our employees and lead to an increased growth for both businesses. As a separate company, Mandiant will focus on delivering solutions and services to the Mandiant Advantage platform, further accelerating our transition to subscription-based services and solutions Even with the potential distractions of the divestiture of the FireEye Products business, we remain focused on our mission of protecting our customers and continuing to execute well in the second quarter. Mandiant Solutions billings grew 44% year-over-year, and our ARR grew 19% year-over-year. Mandiant Solutions were included in 18 of our 20 largest deals in the second quarter.

Mandiant Consulting services had its 13th straight record quarter, reporting year-over-year revenue growth of 26% and revenues of $62 million. Demand for Mandiant expertise has never been stronger. We exited the second quarter with nearly $109 million in deferred services revenue, representing a strong backlog of work. We are scaling our capacity to meet the demand. We are also building our expertise and intelligence into the modules of the Mandiant Advantage platform to extend our expertise and reach far beyond the number of customers we can reach through services alone.

We focused on growing our strategic transformation services, which help organizations mature their security posture. Growth in strategic services revenues was approximately 45% higher in the first half of 2021 compared to the same period in 2020. We also strengthened our position as a strategic partner to our customers. The constant evolution of the threat landscape and the rapid pace of innovation and information technology requires organizations to adapt their cybersecurity measures to maintain resilience.

As a trusted adviser in this ongoing process, we work continuously with our customers to ensure security effectiveness. Looking back over the last 12 months, more than 500 customers generated services revenue in all four quarters and another 250 customers generated revenue in three out of the four quarters. In addition to the great financial performance, we continue to respond to the security breaches that made the headlines. We also continue to be recognized as thought leaders in the industry, appearing on multiple occasions to testify in Congress where we briefed our nation’s leaders on cybersecurity issues.

And Mandiant Services is our competitive advantage and also creates a natural sales motion for our technology. We believe this is due to the trust and deep relationships we build with our consulting customers. We are seeing this play out in early momentum for the modules of the Mandiant Advantage platform. Adoption of our Mandiant Advantage platform, which consists of our Security Validation, Automated Defense and Mandiant Intelligence offerings, grew to over 500 active customers. The total active Mandiant Advantage user community increased 27% sequentially since the first quarter of 2021.

Mandiant Intelligence delivered via the Mandiant Advantage platform had a record quarter for new logos. Perhaps most importantly, our Mandiant Intelligence team working hand-in-hand with our consultants notified hundreds of victim organizations that they were compromised, and many of these notifications headed off ransomware events prior to the encryption of the victim environments. Mandiant Automated Defense, the module in Mandiant Advantage that codifies our human expertise in the machine learning models and analytics, now works with over 70 third-party technologies. We continue to add new integrations and recently included new endpoint technologies, such as Microsoft Defender and Tanium as well as numerous network security products.

I am most excited about our continued development of cloud account compromise detection models for cloud platforms as we are responding to more breaches that affect cloud assets than ever before, and authentication abuse is the most common threat to guard against. This demonstrates the power of the Mandiant innovation cycle. We respond to over 1,000 security breaches a year, routinely seeing the attacks evade common safeguards and we feed our observations and learnings back to our engineers and data scientists to build detections into our solutions to close the security gap for our customers.

I believe automation, powered by AI and machine learning technologies is the only way organizations will be able to keep up with attacks and maintain resilience, customers are coming to this realization as well and momentum for Mandiant Advantage continues to build. We entered the second half of the year with a strong pipeline of new business and a growing base of renewals. And we are also excited by the momentum of our technology-based solutions that are managed by Mandiant experts.

In the first few months of making Managed Defense for Windows Defender available, nearly 25% of new logos for Managed Defense were for the new offering, and we expect to support more endpoint technologies in the second half of the year. Managed validation, both on demand and continuous, allows our customers to leverage our expertise to prioritize their security operations and increase their resilience to the latest attacks. The new offering is generating growing interest with customers and we closed a multimillion-dollar managed validation transaction already in the third quarter.

The combination of increasing threats and a growing shortage of cybersecurity skills means in-house teams are overworked, and they may lack the expertise or visibility to manage their security controls and security posture. Our follow-the-sun model for Managed Defense and Managed Validation means customers can add expertise to their in-house capabilities, closing both the time and skills gap in their security coverage. In Q2, Mandiant Solutions billings performance and our outlook for the second half show the progress we have made executing on the Mandiant strategy.

The 2 parts of our Mandiant business, services and solutions, are interdependent and complement each other. Our consultants are technology-enabled by the Mandiant Advantage platform, allowing them to scale their productivity, and our technology is expertise-enabled with our frontline intel and experience. In combination, this allows us to deliver our expertise at scale whenever and however customers need it. Going forward, we plan to continue building on our Mandiant Advantage strategy, automating human tasks and applying machine learning to create a super analyst: a technology that thinks, learns and makes recommendations to make our customers more secure.

Given the constant headlines about breaches, there can be no doubt there is a growing need for a more simple and effective approach to cybersecurity. I believe Mandiant is uniquely positioned to address this need by enabling our customers to automate, validate and augment their security programs. Growing numbers of organizations are finding that Mandiant makes security effective with security validation. Organizations are discovering how we are automating Mandiant experts to address the shortage of expertise in the market with our Automated Defense. And organizations are realizing that Mandiant can be a seamless extension of their security team with the Managed offering like Managed Validation and Expertise On Demand. I believe this is another beginning for Mandiant. And I’d like to thank all of our employees for the progress we have made towards our transformation and for their commitment to the security of our customers.

With that, I’ll turn the call over to Frank.

Frank VerdecannaExecutive Vice President, Chief Financial Officer and Chief Accounting Officer

Thanks, Kevin, and hello to everyone on the call. Thank you for joining us today. For today’s discussion, I will focus on continuing operations and take you through the walk from our Q2 results for continuing operations before the sale of the FireEye Products business closes to the transition model after the transaction closes. We still currently expect that the transaction to be completed by the end of the fourth quarter, subject to customer regulatory approvals and closing conditions.

Since our prior guidance for the quarter assumed combined results for the FireEye Products and Mandiant Solutions businesses, we have provided Q2 results that map to our guidance metrics. I’m pleased to say that we met our guidance ranges for all key metrics. As always, I’ll be referring to non-GAAP metrics, except when discussing revenue and operating cash flow. Our non-GAAP measures exclude stock-based compensation, amortization of intangibles, noncash interest expense on our convertible debt and convertible preferred equity, restructuring charges, accretion of Series A convertible preferred stock and other nonrecurring items. Highlights of the combined business’ performance is as follows. Billings growth of 23% year-over-year to $249 million.

This was the highest billings growth rate since Q1 of 2016 and the third consecutive quarter of acceleration in our billings growth. We achieved this without a meaningful change in average contract length, which was approximately 24 months for the combined business. Both the FireEye Products and Mandiant Solutions businesses maintained focus and executed well in the quarter. We added 248 new logo customers, up 11% from Q2 of 2020, and closed 47 transactions greater than $1 million compared to 39 in Q2 of 2020. Combined revenue of $248 million was at the midpoint of our guidance range and increased 8% from Q2 of ’20. Total revenue growth was impacted by a decline in upfront term license revenue for Mandiant Solutions business as customers migrated from on-premise validation to the cloud-based Mandiant Advantage platform. I will go into more detail on this continuing ops — in the continuing ops revenue discussion area.

But if term license revenue had been consistent with historical trends, the Mandiant platform and cloud revenue would have been several million dollars higher. Gross margin of 73% and operating margin of 10% were both at the high end of our guidance ranges. We generated $0.09 in earnings per share and operating cash flow of $23 million. Now let’s look at the reported results for continuing operations for the Mandiant Solutions business.

Mandiant Solutions billings increased 44% from Q2 of 2020, with strong performance in both professional services and Platform, Cloud Subscription and Managed Services. We ended the quarter with record deferred revenue of $297 million. While we encourage you to look at revenue as the best metric to evaluate our professional services performance, it’s still worth noting that professional services billings were up 51% year-over-year in the quarter.

Professional services revenue performance was equally impressive, growing 26% year-over-year as we continue to scale our capacity. The Platform, Cloud Subscription and Managed Services category grew billings 37% year-over-year in the second quarter, bringing its first half 2021 growth to more than 50% over the first half of 2020. This impressive performance is largely organic as we are only now starting to close deals in the pipeline for Automated Defense.

We expect growth for this category to accelerate in the second half of the year from the Q2 growth rate. While we don’t guide billings because of the variations in contract lengths, timing of large renewals and other noise that can cause volatility in the year-over-year growth rates, we have a strong pipeline of new and renewable business as we head into our seasonally strong second half. I would not be surprised to report Platform, Cloud Subscription and Managed Services billings growth for the full year of 2021 approaching 50%. Growth in platform cloud billings was driven by solid results in intel and Managed Defense, which are both well established in the market, and growing momentum for the Mandiant Advantage platform following the integration of validation and Automated Defense modules.

Since billings are a leading indicator in ratable subscription models, the sustained growth in Mandiant Solutions subscription billings gives me confidence in our ability to accelerate our revenue growth in the future to levels consistent with the long-term model we outlined at the time of the divestiture announcement. Turning to the translation of our strong billings performance into revenue. While the integration of validation in Automated Defense into the cloud-based Mandiant Advantage platform is a big step in our transformation to a SaaS company and a huge positive for both customers and the company, it did create a headwind to revenue growth for the Platform, Cloud Subscription and Managed Services category in the second quarter. A little more detail will explain why?

Prior to the integration of validation module into the Mandiant Advantage platform, customers have the option of cloud or hybrid and on-premise deployments. Hybrid and on-premise deployments are sold as term licenses, fully renewable. But under ASC 606, revenue from the term licenses is recognized upfront rather than ratably. In Q2, with the launch of the Mandiant Advantage validation module, an increasing number of both new and renewal customers opted for the cloud deployment over on-premise.

As a result, upfront license revenue declined on both a sequential and year-over-year basis. This had the effect of suppressing the revenue growth rate for the Platform, Cloud Subscription and Managed Services category, which came in at 8% year-over-year growth. It is not always possible to forecast which way a customer will deploy in any given quarter, but the longer-term trend the cloud-based subscription is clear and a positive for our company and our financial model.

As a result, we encourage you to focus on the ratable revenue component of this category, which we expect to accelerate in Q3 and Q4 to the low 20% range in Q3 and mid-20% range in Q4 as we exit the year. This is consistent with the growth we saw in ARR for Mandiant Solutions, which increased 19% from the end of the Q2 of 2020 to $244 million. Looking at the second half of 2021, we expect to see a re-acceleration into the mid-20s.

Now let’s look at our operating expenses and margin. Accounting for discontinued operations related to the sale of FireEye Products business requires aggregation of all revenue and directly attributable costs to be aggregated into net income from discontinued operations, which is what you see on the face of our financial statements. Expenses for shared resources and shared programs, including nearly all our general and administrative and IT employees and events or marketing campaigns, are included in the expenses of continuing operations even if they support or benefit the discontinued operations.

Included in the Q2 operating expenses of continuing operations are approximately $15 million in expenses incurred to support the FireEye Products business and a further $3 million in expenses for shared program and other overhead that would have been allocated to FireEye Products business under segregated reporting for the combined company. The $80 million swing had the effect of reducing the operating margin of Mandiant Solutions business by approximately 16% and increasing the margin performance of the FireEye Products business by approximately 14%. The allocation of these cash expenses to continuing operations also reduced the reported cash flow results for continuing operations. Note that after the transaction closes, we expect most of these costs of shared resources incurred to support FireEye products to be reimbursed under the transition services agreement.

This means that the timing of the close will have a significant impact on Q4 operating results. Therefore, we are only providing Q3 guidance at this time. For the third quarter, we expect revenue for continuing operations of $118 million to $122 million using the same assumptions of approximately 50% professional services and 50% platform and cloud subscription mix and 10% of the platform cloud bucket expecting to be upfront term licenses. Since the majority of ratable revenue is already sitting in deferred revenue, variation in the mix of term licenses within billings is the biggest swing factor.

At 10% of platform cloud Billings, this represents a headwind to revenue of approximately $1 million to $2 million in Q3 compared to a year ago. Since the transaction is not expected to close before the fourth quarter, from an expense standpoint, we will continue to have the shared resources and programs in continuing operations. So we currently expect Q3 to look similar to Q2, plus incremental expense in sales and marketing for the ramping up of the Mandiant brand, which is reflected in our guidance. I know we’ve given you a lot of information here. So let me summarize by reiterating how confident we are about the future of Mandiant Solutions and our ability to drive accelerating growth and operating leverage after we get through this transition period and close the transaction.

I will now turn the call over to the operator for questions.

Questions and Answers:

Operator

[Operator Instructions] And our first question comes from Hamza Fodderwala from Morgan Stanley. Your line is open.

Hamza FodderwalaMorgan Stanley — Analyst

Hey guys. Thank you for taking my question. Frank, first question for you. There was quite a lot there. I just want to basically try to level set. So I imagine the ARR metric for the continuing operations, the Mandiant business, is going to be the key metric there. So it seems like the consulting portion of that ARR was quite strong. I think I heard 26% revenue growth. I’m not sure exactly what it was on an ARR basis? And then how fast is sort of the SaaS or the Managed Defense part of that business grow?

Frank VerdecannaExecutive Vice President, Chief Financial Officer and Chief Accounting Officer

Yes. So I think the way to look at it is, right now, in Mandiant Solutions, you have the professional services revenues that are not contributing to ARR but did grow 26% year-over-year from a revenue perspective. And then you’ve got the SaaS subscription part of Mandiant Solutions that did grow 19% year-over-year from an ARR basis. It also grew 37% from a billings basis.

Hamza FodderwalaMorgan Stanley — Analyst

Okay. Got it, got it. That’s helpful. And then just on the expectation for — so ARR growth to kind of accelerate in the mid-20s in the back half and then revenue growth to sort of accelerate. I think I heard low 20s in Q3 and mid-20s in Q4. What’s sort of driving the confidence in that other than perhaps, obviously, what’s the strong demand environment? Is it like maybe a couple more quarters until the sale of the go-to-market traction kind of get its feet underneath it, like out of the stand-alone Mandiant business?

Frank VerdecannaExecutive Vice President, Chief Financial Officer and Chief Accounting Officer

Yes. It’s really, if you look at the launch of the different Mandiant Advantage platform, we see the pipeline building up. We also see a lot of traction in some of the new offerings. A great example in the quarter, 25% of our new Managed Defense customers were customers that we are supporting on Microsoft Defender endpoint. So by opening up some of the different modules and different capabilities, we have a lot of confidence in the outlook for the next couple of quarters and beyond. And we see that in the pipeline. We also saw some very nice deals that we closed in July on the platform and cloud side.

Hamza FodderwalaMorgan Stanley — Analyst

Got it. And just on the go-to-market motion, is that — do you feel comfortable there from like a sales productivity standpoint as the stand-alone Mandiant business that the go-to-market motion that’s starting to hum along? Or is that going to take maybe a few more months?

Frank VerdecannaExecutive Vice President, Chief Financial Officer and Chief Accounting Officer

No. I think we’ve definitely seen it in the pipeline, and we’ve seen it in just the number of reps that are now selling some of the newer products. I think we have a lot of confidence that they’ve got their sea legs on selling the solution side. And post close of this transaction, I think we’re going to be in a really good spot from a capacity and productivity standpoint.

Kevin MandiaChief Executive Officer and Board Director

Yes. We’ve done a great job of educating the sales force. I mean they’re less than 2 months removed from not aware of the divestiture. So you’re going to get a little bit of disruption there, but they’re back and on target, and they’re incented to sell FireEye Products and Mandiant Solutions. And right now, what I see when you have an alignment of strategy, you get a focus. The folks that will be on a go-forward basis on Mandiant will be, I think, way more productive selling things like we’re number one in intelligence. We’re number one in incident response. We’re creating a automated defense based on our number one intelligence and our number 1 breach intelligence. With focus, will come better results. So we’re doing all the right things there to get that focus and to get the training that our sales professionals need.

Hamza FodderwalaMorgan Stanley — Analyst

Got it. Thank you.

Operator

And our next question comes from Catharine Trebnick from Colliers. Your line is open.

Catharine TrebnickColliers — Analyst

Just could you maybe reiterate where you think you are with all these hyper threats coming on and how all these hyper threats coming on and how well you’re doing with the federal government because — and I didn’t expect to be this early in the queue, so sorry about that?

Kevin MandiaChief Executive Officer and Board Director

We’ve always had a very strong tie in with the federal government, both here in the United States and other governments based on being a security company, and based on having a services component as well, where a lot of governments prefer to buy technology along with some services to go with it. And when you look at our threat intelligence capability, we want to be in the hot zones and work with those agencies that matter during times of duress in cyberspace.

So I’m confident in our federal government business. I’m confident in our relevance there. And when you look at our strategy, it’s very simple. Every day, as we’re having this conversation, we’re responding to over 150 security incidents. Clearly, there’s a gap in cybersecurity. And all we are doing is taking that capability to find the needle in the haystack that we have with hundreds and hundreds of consultants and automating it and putting it inside of every single security operation with software. So that strategy is sound. We all know that almost every single human skill over time is going to be replicated by machine intelligence, and that’s what we’re doing here. So getting back to your question, Catharine, we have great relationships with numerous governments, and I intend to see that part of our business always grow.

Catharine TrebnickColliers — Analyst

All right. Thanks.

Operator

And your next question comes from Brian Essex from Goldman Sachs. Your line is open.

Brian EssexGoldman Sachs — Analyst

Hi good afternoon and thank you for taking the question. I guess maybe, Kevin, to start off, you mentioned, I guess, opening the modules to other providers. And as you kind of untether, the business from the Legacy product business. Now, how far are you along the path of developing those relationships with partners that you know that you might be more creative with and how do we — how that roadmap look with regards to building relationships further.

Kevin MandiaChief Executive Officer and Board Director

Yeah. So we got a lot of work to do. We’re just getting started but I was very encouraged I’ve you picked up on where I think it was April we had Windows Defender and Managed Defense, and it was literally 25% of our net new logos where our Managed Defense experts supporting the Windows Defender endpoint. So we got to get the second one in the hopper, then the third, then the fourth. Decoupling Mandiant expertise from FireEye Products is one of the key purposes behind the strategy of divestiture.

And we are seeing with Windows Defender, that’s our first big technical partnership, and we just got to get in the queue. And I know John Waters and the team are laser-focused on the technical partnerships that we need to have. Now Automated Defense, how we’re bringing all these partnerships to market is with our Automated Defense. It already works with 70-or-more third-party technologies. But we like to get it — Frank used the phrase sea legs.

Before we just roll that out in a managed capacity, we like to test it and do a bunch of things first and make sure it scales. So, when does Defender check in the go box? We’re hoping to launch a couple of these every few quarters and keep expanding and expanding what we can support, and do it in a strategic order as well. There are certain products that are getting widespread adoption, that are more effective than others, and we want to make sure we could support those and overlay Mandiant Intelligence and expertise on top of those. So, stay tuned, but we certainly intend to – we expect to expand beyond just one endpoint between now and the end of the year.

Brian EssexGoldman Sachs — Analyst

Got it. That’s helpful. Maybe to follow up. How is this being communicated to the channel? I know you mentioned the direct sales force and the education effort there. But is the channel — I guess, how far along are they in terms of understanding the shift in go-to-market and how they might be able to open up as well with some more of these partners?

Kevin MandiaChief Executive Officer and Board Director

There’s no doubt. I can answer both your questions with — I feel like we’re in the first phase of those. In other words, when I look at FireEye in aggregate, we were more structured for the controls product side of our business when it came to our channel and our partnerships. As Mandiant becomes a separate entity — we just hired Aaron Joe from the FBI to lead some of our strategic partnerships with the government. You’re going to see us build out an additional capability and prioritization of who are our strategic partners, who are our channel partners.

Now we have some already, and there was always overlap between — some overlap between the FireEye channel partners and the Mandiant channel partners. But we’re going to get more clarity on which ones will serve the Mandiant controls agnostic business potentially better than some of the channel partners that look to just sell controls. So that’s my long-winded answer of saying we’re in the first inning on a lot of this, and you’re going to see us make tremendous progress over the next few quarters on it.

Brian EssexGoldman Sachs — Analyst

Got it. That’s helpful. Thank you.

Operator

And our next question comes from Rustam Kanga from JMP Securities. Your line is open.

Rustam KangaJMP Securities — Analyst

Hi guys. Just one for me, kind of piggybacking on Brian’s question. How do you foresee the relationship with the channel kind of moving forward given that the majority of the product piece is going to be managed by Symphony? And traditionally, that’s kind of the area that the resellers that we’ve spoken to have been geared towards, and our feedback from the resellers suggest they have kind of more limited exposure to the professional services piece. So I’m just curious how we should think about the channel from the Mandiant perspective?

Frank VerdecannaExecutive Vice President, Chief Financial Officer and Chief Accounting Officer

Rustam, I’ll start with — this is Frank. That — if you look at the Mandiant Solutions business, half of the business, and increasingly more over time, is SaaS subscription business, which does fit the channel really well. So I think you’ll see us continue to have a strong relationship on the partner — with partners on that side of the business. And then I think there’s going to be a lot of wraparound services that our partners can do on top of a lot of the subscription offerings. So we look at it as an opportunity to really grow channel partner relationships on the stand-alone side on the Mandiant side. And I know that from the products perspective, they see a lot of opportunities for working with MSSPs and other service organizations as well.

Rustam KangaJMP Securities — Analyst

Thank you guys. Very helpful.

Operator

[Operator Instructions] And our next question comes from Saket Kalia from Barclays. Your line is open.

Saket KaliaBarclays — Analyst

Okay, great. Hey guys. Thanks for taking my questions here. Hey Kevin, hey Frank. Hey Frank maybe just to start with you. Realizing there’s a lot going on, so it might be early to talk about this. But could you maybe just go one level deeper, broad brush, into sort of the makeup of platform and cloud for continuing operations in terms of how much of that – i.e. the SaaS business, how much of that is from intelligence versus Managed Defense versus validation? Any broad brushes that you could share?

Frank VerdecannaExecutive Vice President, Chief Financial Officer and Chief Accounting Officer

Yes. So on the platform cloud side, you’ve got Managed Defense and intel from a billings and revenue perspective being the larger components of it. But then you’ve got validation and Automated Defense expecting to have much larger growth rates and then over time, getting to be similar sizes. So we’ve obviously had intel and Managed Defense for quite some time, and so we’ve built a pretty big base of customers and revenue there. But a lot of the growth is going to be coming in some of the new modules like validation and Automated Defense.

Saket KaliaBarclays — Analyst

Got it. Got it. That makes a lot of sense. Kevin, maybe for you just off that point. How do you kind of think about the competitive backdrop for the threat intel business? I mean, I imagine that Mandiant has an advantage, I guess, pun intended, right? I guess Mandiant has an advantage with the incident response business. But how do you sort of think about all the noise out there with other folks that have threat intel as well? Does that make sense?

Kevin MandiaChief Executive Officer and Board Director

You always — whatever you do, you want to be the best in rolled out, and that’s what you strive to do. And every time I see third-party validation of our intel, we’re in the top right of those quadrants. I can’t speak for the other intel, that’s out there because we don’t depend on it. We don’t rely on it, and we prefer having first-hand knowledge of the intelligence that we produce. The only way to get that firsthand intelligence is to have hundreds of responders out there on the front lines. I can tell you how I measure, how well we’re doing with intel is if I wake up and see a headline, I’m calling Jurgen Kutcher, who runs our professional services, hey, are we on the ground there? And when I get 90% of the time, it seems like every time I see a headline, we’re on the ground responding firsthand.

My next question is, hey, are our customers safe from this? Have we already built the detections into our technology? I’m not getting distracted by what other folks are doing. There may be good offerings out there. On any given day, one company may be on the front lines with intel all other companies don’t have. All I know is, we were structured and it’s strategically important to respond to security breaches to have the best intel. So that’s what we did. And then to augment that, we have nearly 300 threat analysts that speak over 30 languages in over 25 countries. I am confident that, that doesn’t exist in the private sector anywhere else. So, if somebody wants to say they’re in a threat intelligence business, I’d be interested in how — do they have a global infrastructure doing collections like we do.

Saket KaliaBarclays — Analyst

Got it. Got it. And if I could squeeze in one more, maybe for you, Frank. Kind of just a similar question just on makeup but maybe shifting to the services business. I guess, how do you think about sort of the subcategories within that services line? I think we all think about incident response. But any sort of broad brush on kind of how much is IR versus training versus anything else that might be in that line?

Frank VerdecannaExecutive Vice President, Chief Financial Officer and Chief Accounting Officer

Yes. So Saket, we’ve historically said we’ve been around 35% of incident response. Last couple of quarters, Q1 and beginning in Q2, we were closer to 40% incident response. And then the balance of that really is made up of all the strategic consulting services like compromise assessments, red teaming, strategic program assessments.

Kevin MandiaChief Executive Officer and Board Director

Yes. The other thing, Saket, yes, that’s important to realize, a lot of people — and I’ve said this before, they’ll think incident response is so darn tactical. You just bungee in and you figure out what happened, write a report on what to do about it and get out of Dodge. I would argue incident response is at the highest end of the food chain. You know routers, you know windows, you know UNIX, you know infrastructure, you know identity management, you know all of it when you respond. So that makes you unbelievably capable at strategic consulting. So that’s why I reported in my affirmative remarks, my direct remarks upfront that we saw, now I’m flipping back to it, 45% revenue growth in our strategic services in the first half of this year over last year. It’s because whenever IR — let’s just say we have world peace overnight, and there’s no inbound IRs. We can repurpose every one of those people, for the most part, to strategic services or red teaming and all the skills are overlapped. That’s his role. So that’s the good news with incident response consultants. They can play free safety and pretty much do any of the services that we have.

Frank VerdecannaExecutive Vice President, Chief Financial Officer and Chief Accounting Officer

And I think you see that, Saket, in our deferred revenue balances on the services side was – we ended the quarter at a record $109 million. So we are building – even in addition to kind of the 1/3 of the business that’s IR, we’re building a lot of backlog for all these additional strategic consulting arrangements.

Saket KaliaBarclays — Analyst

Got it. Very helpful. Thanks guys.

Frank VerdecannaExecutive Vice President, Chief Financial Officer and Chief Accounting Officer

Hey thank you.

Operator

And that concludes our question-and-answer session. I’ll now turn the call back over to the presenters for final remarks.

Kevin MandiaChief Executive Officer and Board Director

Well, first, I want to thank the FireEye employees. We had a heck of a quarter. When you look at the quarter and what we had to accomplish with the divestiture, we had to go through a lot of speed bumps, and all of our jobs doubled during the quarter. We’re doing all the right things. We have an alignment of strategy for Mandiant. And when you have an alignment of strategy, you actually have an easier execution path. So I’m very confident in what we’ve done. Very excited second half of the year. But I just want to end this call with a thank you to the FireEye employees for staying steadfast and staying focused. And thank you to all of you for joining us on this call. Look forward to speaking with you in 90 days.

Operator

[Operator Closing Remarks]

Disclaimer

This transcript is produced by AlphaStreet, Inc. While we strive to produce the best transcripts, it may contain misspellings and other inaccuracies. This transcript is provided as is without express or implied warranties of any kind. As with all our articles, AlphaStreet, Inc. does not assume any responsibility for your use of this content, and we strongly encourage you to do your own research, including listening to the call yourself and reading the company’s SEC filings. Neither the information nor any opinion expressed in this transcript constitutes a solicitation of the purchase or sale of securities or commodities. Any opinion expressed in the transcript does not necessarily reflect the views of AlphaStreet, Inc.

© COPYRIGHT 2021, AlphaStreet, Inc. All rights reserved. Any reproduction, redistribution or retransmission is expressly prohibited.

Most Popular

Broadcom (AVGO) thrives on growing AI business. Is the stock a buy?

Broadcom, Inc. (NASDAQ: AVGO), a leading provider of semiconductor solutions for wired and wireless communications, recently impressed the market with upbeat financial outlook highlighting strong prospects for its AI business

After a weak first half, will NIKE (NKE) hit the recovery path this year?

After a prolonged slowdown, NIKE, Inc. (NYSE: NKE) is working on a turnaround plan to regain the brand’s strength. In recent years, the sneaker giant’s overall performance has not been

Lennar (LEN): Even the best-laid plans can go wrong

Shares of Lennar Corporation (NYSE: LEN) stayed green on Monday. The stock has dropped 25% over the past three months. The homebuilder delivered underwhelming results for the fourth quarter of

Add Comment
Loading...
Cancel
Viewing Highlight
Loading...
Highlight
Close
Top