Convequity

#microsegmentation #zerotrust #startups #networksecurity #privilegedaccess #cybersecurity

Scatter plot analysis on 61 stocks across enterprise software, consumer tech, and ecommerce, comparing each stock's Rule of X to its multiples: EV/(FCF-SBC), EV/FCF, and EV/GP. Rule of X (inc. SBC) = NTM growth * 2.3 + LTM ((FCF-SBC)/Revenue) Rule of X = NTM growth * 2.3 + LTM (FCF/Revenue) Key observations: 1st chart Showing EV/(FCF-SBC) vs. Rule of X (inc. SBC). Inverted line of best fit caused by stocks like Pinduoduo (PDD), Oscar Health (OSCR), MercadoLibre (MELI), Hims & Hers Health (HIMS), and Nu Holdings (NU) with high Rule of X but low EV/(FCF-SBC). These non-US and consumer-facing stocks are out-of-favor due to associated risks relating to currency, inflation, political instability, and/or poorer regulatory oversight vs the US. And also greater risks due the consumer sector being more vulnerable to the uncertain macro at present and in the future. 2nd chart Showing EV/(FCF-SBC) vs. Rule of X (inc. SBC) but excluding high Rule of X names. Consumer-facing stocks like SoFi Technologies (SOFI), Coupang (CPNG), and Li Auto (LI) buck the trend. Enterprise software stocks generally show expected correlation. Though it also seems that investors are valuing based on FCF rather than FCF-SBC for US-based enterprise software stocks. Zscaler (ZS), CyberArk (CYBR), and Procore (PCOR) have (FCF-SBC) as a % of revenue that is only just breakeven (less than 5%), while Monday (MNDY) is 18%. The 3rd chart supports this because MNDY's value based on FCF only is much closer to these names. 3rd chart Showing EV/FCF vs. Rule of X Snowflake (SNOW) appears fairly priced compared to peers like Cloudflare (NET). Comparing SNOW to NET highlights the former's attractiveness IMO - higher FCF margin, similar expected NTM growth, and arguably SNOW has a stronger moat. Also Meta Platforms (META) stands out for growth, low SBC, and strong cash flow generation. 4th chart Showing EV/GP vs. Rule of X. Perhaps the least insightful chart because it shows a mixture of stocks, some of which investors price based on FCF, and some of which are priced based on GP (or revenue). Summary It's possible the most attractive sector long-term is the consumer tech and ecommerce. However, the risks associated with these non-US names could actually turn out to be a value trap. IMO the better risk-reward is to identify the relatively attractive US-based enterprise software names. For us, we like MNDY and Fortinet (FTNT) as these seem like obvious lower hanging fruits (from a FCF-SBC perspective).

A look into how the recent Windows crash may affect CrowdStrike's business #CrowdStrike #Falcon #EDR #Microsoft #Windows #systemcrash #softwareupdates #businessanalysis

It's super impressive how Netskope has transitioned from an out-of-band player to do inline security as well. In early 2023, we were speculating on who would have the best background for advancing inline CASB and Next-Gen SWG. Would it be the SASE vendors with inline security backgrounds (Zscaler, Cloudflare, Palo Alto Networks) or the SASE vendors with out-of-band backgrounds (mostly Netskope but also Skyhigh Security)? Our gut feeling was that the out-of-band players might be able to advance the inline security (SWG and inline CASB) better than the inline players. Which is why we published quite a bit about Netskope at the time. This was because the out-of-band knowhow of data residing in cloud/SaaS seemed to be the biggest value-add to improving these technologies. There are innumerable types of data & 1000s of SaaS apps, numerous methods through which data can be accessed maliciously, and various strategies to protect and manage it. This breadth of knowledge far exceeds that of standalone SWG vendors, who primarily deal with HTTPS traffic and lists of approved or blocked URLs. No doubt this is why the likes of Zscaler and Cloudflare have needed to make acquisitions to obtain the out-of-band API-based security capabilities, while Netskope built its inline capabilities in-house. Now Netskope has unparalleled Next-Gen SWG capabilities that blends traditional SWG, CASB and DLP that protects and granularly controls users interacting with websites, managed apps, unmanaged apps (i.e., shadow IT), and custom apps on public cloud, which IMO is unrivalled by a wide margin.

We've just published Part 3 of our 15k word, four-part series on Cloudflare (NET). In Part 1 we discussed how application security is being influenced by the demand for API security requirements. Our take is that NET is well-positioned as the market continues to expand from WAF (Web Application Firewall) to WAAP (Web Application & API Protection) thanks to the ~50 million HTTP/S requests NET processes per second, of which a large portion flow through its API Gateway, thus supporting accurate ML anomaly detections of API behavior. However, as WAF has evolved to WAAP, we are also gradually seeing WAAP overlap with CNAPP (Cloud-Native Application Protection Platform), as it is becoming increasingly important to fix API vulnerabilities early in the software development process. It is also becoming accepted that to effectively stop API-based attacks you need runtime analytics combined with API pattern analysis, thus calling for the case of greater WAAP and CNAPP integration. As this trend will occur in the cloud, NET is not in a strong position to participate, nor is it in their best interests to spend time learning AWS/Azure when they aim to grow their Workers platform. In Part 2 we discuss NET's strengths and challenges in SASE (Secure Access Service Edge) and how they are competitively positioned for when the networking & NetSec industry further consolidates across the middle and last miles - which we have been referring to as 'SASE & Beyond'. Our take is, that while NET cannot be a true Single SASE vendor, it is competitively positioned to take market share but just needs to kick its top-down, channel-focused GTM into gear. In Part 3 we deep dive into NET's edge compute domain, discussing strengths and challenges vs. AWS, Fastly, Akamai, Vercel, and Netlify. We consider Prince's vision of the Connectivity Cloud, its limitations as a hyperscalers' alternative, and its infra limitations in offering GenAI. In Part 4 - to be published in a few days - we'll discuss what GTM changes are required for them to succeed in Act 2 (SASE, covered in Part 2) and Act 3 (edge compute, covered in Part 3), and provide a detailed valuation. Visit the Convequity website for public previews of Part 1, 2, and 3. Part 3 has a long public preview due to its length.

Rubrik's IPO marks the first cybersecurity vendor to go public in two years. Here is a simplified, high-level cybersecurity spectrum showing where Rubrik fits within the landscape. The cybersecurity arsenal has traditionally focused on preventive and detection/response measures. However, in recent years we've seen a shift to the left with developer security tools, proactive threat hunting, and infrastructure hunting to thwart phishing campaigns. Simultaneously, the industry is shifting to the right, rejuvenating backup and recovery solutions as a crucial last line of defense. Historically, these solutions primarily addressed natural, hardware failure, or self-inflicted disasters but weren't designed to defend against cyberattacks. The rise of ransomware has changed this, making backup and recovery pivotal for cyber defense. Next-gen backup/recovery players like Rubrik, Cohesity, and others are now positioned to serve as potentially impenetrable defenses against ransomware. We discuss this in more detail in IPO: Rubrik - Last Line Of Defense (Pt.1) available at Convequity dotcom.