Check Point Software Technologies Ltd.

Check Point Software Technologies Ltd.

$181.75
-0.24 (-0.13%)
NASDAQ Global Select
USD, IL
Software - Infrastructure

Check Point Software Technologies Ltd. (CHKP) Q4 2020 Earnings Call Transcript

Published at 2021-02-03 14:47:03
Kip Meintzer
I'd like to welcome you to our Fourth Quarter and Full Year 2020 Financial Results Video Conference. At this time all participants are in listen-only mode during the formal presentation, which will be followed by a question-and-answer session. Joining me remotely today on the call are Gil Shwed, Founder and CEO along with our CFO and COO, Tal Payne. As a reminder, the video conference is live on our website and is recorded for replay. To access the live conference replay information please visit the company’s website at checkpoint.com. For your convenience the replay will be available on our website. If you’d like to reach us after the call, please contact investor relations by e-mail at Kip@checkpoint.com.
Tal Payne
Great Kip, thank you. And good morning and good afternoon to everyone joining us on the call today. I am pleased to begin the review of the fourth quarter and the full year. Revenues for the fourth quarter increased by 4% year-over-year reaching $564 million and our non-GAAP EPS grew by 7% to $2.17 both above the mid-point of our guidance. Before I proceed further into the numbers, let me remind you that our GAAP financial results include stock-based compensation charges, amortization of acquired intangible assets and acquisition related expenses, as well as the related tax effect. Keep in mind as applicable non-GAAP information is presented excluding these items.
Gil Shwed
Thank you, Tal, and happy belated New Year for to all of you joining us on the call today. I hope that you are in your family are safe and healthy. I’m glad to report the results for 2020. What a year it was. As you've heard from Tal, we delivered good numbers for the fourth quarter and for the entire year. But more important is what we achieved throughout the year. Despite the pandemic, we launched an entirely new product line for our core network security business, the quantum family and the results are quite positive from negative product growth in 2019 to positive one in 2020. Our cloud business delivered double digit growth in 2020, a trend that intensified in the second half of the year. Finally our Infinity Solution, we delivered the industry only presented architecture for cyber security across the entire spectrum of attack connectors, network cloud and endpoint more than double its number of customers in contract value. We've augumented all our products families with plenty of technology, serverless protection for cloud IoT and autonomous Threat Prevention on the network, EDR capabilities for the endpoint and our new Infinity Stock security research and management tool, just to name a few key technologies that are now part of our products in Infinity architecture. The importance of cyber and the Internet has risen significantly over the last year. The network became the lifeline of our lives and businesses. And I believe I've said it before, but our industry can be proud, we kept the world running. The world face big increases in traffic and with that it also faced a huge increase in cyber-attack. I can go on and on and describe our achievement in 2020. But I'd like to focus more on talking about the state of cyber security and our plan for 2021. I've been speaking about the fifth generation or Gen 5 cyber-attacks for the past couple of years. 2020 demonstrated that it is not a theory or a projection, but the Gen 5 attacks are here sophisticated, multi vector attacks that are fully morphing, disguise themselves very well, start the attack in one place, and end a few steps later deep in the enterprise, which was the hallmark of many of the attacks in 2020, including the Emotet board that was one of the most popular launch pad for attacks last year, the Emotet network was taken down in a sophisticated operation involving the law enforcement agents from eight countries, great achievement for cyber law enforcement, but also an important signal for all of us.
Kip Meintzer
Thank you, Gil. Before we begin with the Q&A session, due to content constraints, and in consideration of other participants, please limit yourself to one question. If you run into technical difficulty, please type your question into the chat. Our first question today is going to come from Adam Tindle from Raymond James, followed by Fatima Boolani from UBS Equities. Adam?
Adam Tindle
Okay. Thanks, Kip. I just wanted to start with the near term and long term repercussions of Sunburst and maybe Tal could start on the near term. Could you maybe talk about the cadence of Q4? Did you see any acceleration in conjunction with this? Looks like you're guiding revenue above seasonal in Q1 based on what I can tell from the quick math here. So just wondering if maybe there's some bursting that you're seeing to give you confidence and that above seasonal. And then maybe Gil can tackle the long term. Just speak to the repercussions for security architecture changes. And does this open opportunity for M&A for Check Point? Or do you think you can attack it with your existing portfolio? Thank you.
Gil Shwed
Tal, go ahead.
Tal Payne
Yes, so I wouldn't say I saw something specific relating to that. Q1 guidance is based, a lot of it is mathematical in the sense that some of its coming from the deferred revenue. So we know already how much we have in hand, both in the subscription and in the support. And the product is area we have the range where you can be higher or lower depends on what will show up in the in the product revenue, so it's not relating really to any increased demand or decrease demand, we see in the market. We expect it to be in line with our expectations.
Gil Shwed
And again, for the strategic impact for the first, I think it's highlighted the fact that these attacks sophisticated, describe themselves very well, through Gen 5 attack like with describing this is really this is something we have to say. Is it going to have a direct impact on our revenues? I hope it will, because I think we're the only one that can actually address it. Companies were like frozen we -- what should we do? A company has invested tons of their energy, just investigating what happened six months before trying to realize if they were a tax, by the way. I think it's very hard to know. Sunburst was in most companies cannot know if they were affected by it. It got in, did what he did. And in many organizations he just deleted itself and left almost no traces. But I and again, I think the secret again to it is not to know that we were hacked and your secrets were stolen there six months ago. The key is to present it and make sure that whatever gets inside doesn't proliferate, doesn't cause damage. And that's all about prevention. And I think we're doing that. We're doing that quite effectively. And I think we can face these attacks. And I think our challenge remains to show customers the huge difference in deploying our technology and deploying our solution compared to everything else that I know in the marketplace.
Tal Payne
Okay, and maybe I'll repeat the guidance, since I'm not sure everyone heard it. So for the first quarter, $485 million to $515 million, and non-GAAP EPS in the range of $1.45 to $1.55. GAAP EPS $0.22 below and for the year $2.80 billion to $2.180 billion. And the EPS non-GAAP $6.45 to $6.85. GAAP EPS expected to be $0.90 lower.
Adam Tindle
Thank you. High end of revenue guidance $515 not $550?
Tal Payne
$485 to $515. Yes.
Adam Tindle
I heard $550. Okay, that's helpful. Thank you.
Kip Meintzer
All right. Our next question is going to come from Fatima Boolani, followed by Brad Zelnick at Credit Suisse.
Fatima Boolani
Good morning, thank you for taking the question. Gil, maybe I’ll start with you very quickly. You were very explicit that 2021 is going to be characterized by investments in R&D, and sales and marketing. And so as I think about the new product families, and the vision you have around your new product families, can you talk to us around how that's going to impact your go-to-market efforts, specifically around any changes to incentives, compensation structures to your direct sales force, and how this is going to move down the pike with some of your channel partners as you build and continue to build your channel partner relationship. And then another quick follow up for policies .
Gil Shwed
So first, in terms of our go-to-market, I mean, the general structure remains the same. And we have a big and good sales organization that doesn't need the major changes need some small ones. We do have two overlays, one which will focus on the CloudGuard the technology and another overlay that supports the sale with regards to the new user centric security. We haven't formally launched the name for that. But you'll see that in a couple of weeks. And I think that's going to be a very, very focused approach. So now if before again, if I'm a sales guy, or if I'm a customer, and I need a solution, Check Point probably has that solution amongst the 280 different technologies. Now, it's extremely simple. If you want Cloud, CloudGuard is the solution. If you want something about remote connectivity, and user Harmony is the solution. And that will work both in positioning it, in getting the technologies in it. And by the way, also in the ability to sell it because some of the solutions are going to be much simpler to purchase, like one price for the entire suite and not having to deal with a tons of different skews in the sizing for the different elements. And of course, if you need a network solution, it's part of the Quantum family which still remains, and by the way, has a huge potential in it for the main markets. I think from a-go-to market, which is a very good strategy and to that Infinity that enables customers to get the full architecture. And again, Infinity is still small, but it's growing fast. And again, I think Tal mentioned, doubled the number of customers, doubled the contract value last year. So I mean, it's a – it’s hitting on all the rights on all the right things, still a way to go still few years before all these three companies will become the huge part of the business. But I think we're now seeing that it's -- I mean, when we analyze our internal measures and everything in 2020 and in 2021, we're going to be very important for the growth. And if they will be successful, we will see their impact on the overall business. So I think overall, it has good impact. By the way, I think everything that I've said now is not just for our sales force. It for the customer. It's for the partners, for everyone. Again, you're a partners, you have the cloud issue, you don't know all the different -- few 100 vendors, dozens of solution. CloudGuard is a good solution. Quantum is a good solution. And I mean, for connectivity and end user, good family for that. So I think it will make things much simpler for everyone. For the customer, again, I got feedback from customers that say, now it's simple for me. Now I understand that I need that solution.
Fatima Boolani
Tal, just very quickly for you. How should we see these efforts, consolidating around these three product families show up in this financials. Can give us just some finer points on how the revenue segmentation and growth trends within the revenue segmentation should trend over 2021?
Tal Payne
Shouldn't really changed. And remember, things happen not the next day, right? But the same thing. When you talk about the appliances, you're going to see the product line. When you talks about the subscription, it doesn't matter if it's a subscription that relates to the remote access, or is the subscription that relates to NGCP or NGFW or some plus. All of them are subscriptions, so all of them will be in the subscription line and support and support. Infinity is the only one -- not the only one, but the major one that when you do a transaction of Infinity, it's actually split between the entire lines. Some of it go into products, some of it going to support and some of which in subscription. And major part of it probably more than 50% going to the subscription line, because it encapsulate everything that Check Point has to offer, hence majority of it going to subscription line.
Kip Meintzer
Alright. Thank you Fatima. Our next question comes from Brad Zelnick at Credit Suisse, followed by Sterling Auty at JPMorgan. And please try to keep to the one question at a time going forward. Thank you.
Brad Zelnick
Great. Thank you so much. Kip, nice to see everybody and congrats on a really strong Q4. Gil, as we think about Sunburst and the future other supply chain attacks. At the end of the day, don't they all rely on lateral movements across the network? And if so, do you think this accelerates a broader shift to Zero Trust Security models? And can you maybe speak about not only how Check Point succeeds in a Zero Trust world, but also the extent to which it might be a headwind to the core business?
Gil Shwed
I think first you're absolutely right. These attacks underscored the importance of network segmentation of zero trust as all the network security capabilities at the end are the main capabilities to stop an attack. When we know that there is no way to where -- we are in the world that things can get in some way. What we need to do is to stop them and contain them that they are there. And network security is the most effective one. We can't get to know every workload in the world and every application in the world. We are trying by the way. We have plenty of technologies and plenty of market space to secure many workloads and we are doing that. But at the end of the day, the main one is the network security capabilities that see the attack and stop it right there and contain it. And I think that should provide us with an opportunity and more opportunity to our network security portfolio.
Brad Zelnick
Okay. Thank you. That's it for me.
Kip Meintzer
All right. Our next question, it was with Sterling Auty at JPMorgan, followed by Joel Fishbein from Truist Securities.
Sterling Auty
Yes. Thanks. Hi, guys. I want to return back to the go-to-market discussion. Wondering the success that you've seen in the Americas channel in particular in 2020. Was there anything that you did differently or any learnings that you can now take and apply to both Europe and Asia?
Gil Shwed
I think we've seen good traction and good cooperation with channels in America, but I think is the other way around. Asia and especially Europe are working better with the channel. And I think in America, we can learn from their cooperation that we have in Europe. I think it's now unified under our a head of worldwide channels. Frank, you may have seen some exposure to him. And I think we are trying to learn -- again, first every region and every place can learn from others. But I think Europe is the place when we have the best cooperation with the channel, the best point go-to-market. There's a lot of cooperation that we do can do, and do much more in the U.S. in getting to new customers and so on. And I think it's a little bit more challenging actually in the U.S. than in other places.
Sterling Auty
Thank you.
Kip Meintzer
And next call is going to be with Philip Winslow from Wells Fargo followed by Ben Bollin at Cleveland Research.
Philip Winslow
Hi. Thanks for taking my question. The question for Gil. Would you compare a Sunburst to let's say, fire attack like some of the things we saw at your target years ago? What do you think the implications? Or what's different this time in your mind versus this prior attacks that similarly were widespread. And in some cases very focused on specific companies. What's different this time? What do you think the ramifications are?
Gil Shwed
I think first, with each attack you learn new techniques and the level of creativity that the attackers there is unbelievable. I'm saying all the time. I'm meeting with our researchers, and seeing the vulnerabilities that they find in applications, in infrastructure, in everything, which is truly unbelievable. Maybe one day we should do a seminar for you guys to show you some of the -- or the researcher. I meet with them every week or two. And every time I'm getting shocked from the level of vulnerabilities that they find, and the attacks that are being found. I think what's unique about Sunburst is the fact that it was super, super professional. It hides itself very, very well. I mean, it was really hard to detect that. I think, by the way, what we will never know the extent of the damage and the information that was stolen, because we really saw which their team took a lot of stuff and in many or some organization it stayed in. Many organizations it simply erased itself and left almost no traces. Our researchers and all our Incident Response Team, all the teams, we have a very good security professional, helps many customers, analyzed many environments, and almost left no traces. And on the other hand, by the way, took something that was an internal attack. It's actually started from within the core network of the company with SolarWinds, and so on. And it took active directory certificates and took cloud certificates and use them to penetrate the cloud from the outside. So the cloud actually, in many cases remain vulnerable. Because by the way, the cloud in many cases is not shielded, as well with gateways and firewall like the core of the network, like the data center inside the network. So SolarWinds to that extent is -- Sunburst will remain an attack with -- I think we'll hear a lot more about it in the future, as more and more research will get published. So far, I think the world, not Check Point. The world in general knows -- doesn't know enough about that and who's behind it and what we've done. And I think that's the unique part. It was an attack which was seems like a state sponsored. We've all with a you know in a way sophistication. And especially with the fact that they left no traces and no information was leaked or disclosed, but find itself -- found itself into the wrong hands, for sure.
Philip Winslow
I think we all would want to hear from your researchers on webinar. I like that idea.
Gil Shwed
So we'll schedule that.
Kip Meintzer
Alright. Thank you, Philip. Our next question is coming from Ben Bollin followed by Shaul Eyal of Oppenheimer.
Ben Bollin
Good afternoon. Good morning. Thank you for taking the question. Could you tell us a little bit about maybe the mix of revenue and/or billings attributable to cloud and SaaS subscriptions in 4Q or for the year? And how this has developed over time? And then as you get more of that revenue mix over time, take us through the impact on support and maintenance revenue? Thank you.
Tal Payne
I'm not sure I understand what you mean, when you say the mix. Can you elaborate a bit?
Ben Bollin
So, if you look at Infinity Dome9. Can you take us through how much revenue you're generating from those products? And how that's developed? And then, where that's going?
Tal Payne
Okay. So, it's still not very big, but I'll just give you a sense. A cloud, when you say Dome9, its part of the CloudGuard solution. So you have mainly CloudGuard, yes, which is Dome9 in our yes solution. And we have a CloudGuard SAS when I call it all together the CloudGuard. It's over 10% of the subscription line already. So it's already quite material, but not material enough to pull on the number up enough. But that's a good trend because it is growing in a double digit and a fast double digit, it's over 50% growth. Then over time, it will become bigger and bigger. And we will see that the pulling all the numbers up. So Cloud is a great success. When you talk about a majority of it, if not all of it, is in the subscription line. I think very small portion might be broader, but I think majority by far is in the subscription. When you talk about Infinity, it's smaller, maybe about half, just for a high level size in the revenues already, which means, already also becoming a significant low 10s of millions in the revenues. So it's no longer one, two to three million, its already getting to a few low 10s of millions. And that's again growing also quite fast. I gave an example that when we signed the Infinity Total Protection transaction, the annual contract value of the customer can grow in 10s of percent or it can grow in 100s of percent, depends what was the starting point. If he had very few solutions of Check Point, and now he gets everything, it can grow in there 100s of percentage. And if it's there already was a customer that was very well covered then it can go maybe in 10s of percent. But that's a wonderful opportunity. Those dollars are showing up in three different lines. Because remember, it's provide to the customer everything we have. So yes, in that bucket product, the budget for the year, He gets all the subscription solutions of Check Point and he gets the support for the appliances. So that actually appears these all of the lines, although still majority of it probably over 50% is in the subscription line.
Kip Meintzer
Thanks, Ben. Our next question is from Shaul Eyal at Oppenheimer, followed by Gray Powell at BTIG.
Shaul Eyal
Thank you. Hi, good afternoon, guys. Gil, quick question on your threat intelligence capabilities. Are these homegrown solutions? Or are you partnering with some other companies? Maybe some emerging startups in Israel, outside of Israel? Just curious, how do you approach threat intelligence?
Gil Shwed
So first thing intelligence, you need to collect it from many, many sources, and that's something we learn. So our threat intelligence technologies is our own. We have amazing capabilities for research. But we are also cooperating and subscribing to many, many other services. I mean, some of which is cooperation, which is quite good. We're even by the way part of an organization which shared threat intelligence with other competitors, CTA, which is an organization. That's an industry wide organization between us and our direct competitors. We are subscribing to many other threat feeds from other companies. And we are cooperating with few startups that are providing threat intelligence, even though I'm not sure that we have a direct link or a direct subscription to their feed. But still the majority of the technology and most of our findings there is our own technology. We have by the way, plenty of sensors around the world that's find plenty of things. That's the nice thing about it. For example, when we analyze files that are being sent all around the world. And when we find the malicious file, immediately, the file signature or the file characteristics that derived from that is added to the threat count for all customers. And that happens in real time. So if we find one file in my mailbox, suddenly, millions of Check Point customers are being protected in the same second. And not only that by the way, it's not just knowing that this specific file is insecure. And by the way, this is the unique thing about threat cloud. In our solution, one endpoint will find the signature, the same endpoint, other endpoints might stop that file. Here if the file won't be downloaded on the web, the file won't pass through the network. We will have the ability to identify that everywhere. But on top of that, we will extract from these files many other what's called IOC. So for example, if that malware communicates with a command and control server somewhere over the internet, we can take down that command and control or stop the communication to that command and control for all customers worldwide. And I think that's the unique thing about our threat cloud and what's behind the lot of our threat intelligence.
Shaul Eyal
Thank you.
Kip Meintzer
Thank you, Shaul. Our next question is going to come from Gray Powell at BTIG, followed by Rob Owens of Piper Sandler.
Gray Powell
Okay, great. Thanks for taking the question. This might sound like I'm getting a little bit into the weeds here, but actually looking for more of a high level answer. If I just kind of run through the numbers. If I take correct billings, and I back out product revenue, it sort of proxy for annual subscription or annual recurring billings? The growth there really accelerated nicely in Q4. It was actually the best performance we've seen from Check Point about three years. So can you just talk about the drivers there either in terms of attack subscription or on the cloud side? And just the overall sustainability of that trip.
Tal Payne
Are you basically calculating your implied booking?
Gray Powell
Yes.
Tal Payne
Okay. Just wanted to make sure I understand. So you're right, the implied booking was high. I think in the short term, it was 10%. And the total implied was about 8%. So it's very high. We did a very good booking. We did have a very good implied booking. We had a good quarter. You know that because we transitioning into Cloud, into Infinity, then it take time to see that translating into the P&L and into the revenues. So probably number one reason is that fact, we got a lot of Infinity in the cloud transaction and subscription in general. I gave a hint about the Infinity over $100 million booking, it's quite significant. So hopefully, it will continue this trend of these drivers. To remember, we defined the growth. When we talked about what we need to do in order to grow over time, we said it will take a while, but the three main pillars are Cloud, Infinity, and now we're talking also about remote access. Hopefully, they will start next year with a new plan that's Gil presented. So this is in line with our efforts to focus on those growth areas.
Gray Powell
Got it. Okay. Thank you very much.
Kip Meintzer
We'll go to Rob. Next, followed by Michael Turits at KeyBanc. Sorry, guys.
Rob Owens
That's all right. Thank you guys. As we contemplate kind of this shift towards more remote user and potentially more user centric models? Does this potentially change the pricing dynamic for Check Point moving forward and then have TAM implications moving forward? Thanks.
Gil Shwed
I think we definitely grow the addressable market. I specifically didn't talk about the right size, because all the sizes about remote access and endpoint security are giant markets and not attempting to take on all these markets and replace all the solutions there. We are focusing on the new world of connecting the mobile workforce of connecting work from everywhere, work from anywhere, any way we want to call it and securing that. Again, I think it's many, many different categories. And I think what we've found, what we analyzed the market trend is A, this market, which wasn't the top priority for customers, shifted from mid or low priority into the top priority on customer mindset. And we have all the technologies, it's unbelievable. I mean, when we looked at our portfolio, we found out that we have let's say more than a dozen solutions with address all the elements. So now we need to take them, put them together, we're still in work what we need to do, I'm not trying to say that it's trivial. It's not. But I think what we have what no other company. And just remember by the way, we completed another acquisition that sealed in a -- I think it was September or October, the acquisition of Odo. So we were very, very active on that. And now, we all came together and say, no, it doesn't need to be a dozen different solutions. One point solution for every one point problem, but unified one. And I think it can change the whole thing. The pricing dynamics, the simplicity, everything around it, because we will make it very, very simple to where to acquire and to where implement and mainly to get the security level.
Kip Meintzer
Thanks, Rob. Appreciated. Our next caller is Michael Turits with Keybanc followed by Saket Kalia from Barclays.
Michael Turits
Thanks. So congrats, Tal and everybody. So I just want to ask a product, which as you pointed out was really strong this year and turning -- coming back to a positive. Was there a lag in people's abilities to refresh firewalls last year? And does that start to come back? And if so, why wouldn't that provide a little bit more visibility into Q1 and potential for upside to revenue given strong billings this quarter?
Gil Shwed
First in terms of the product business, in many cases, we supply the product right away. So actually where we have the deferred revenues and their predictability is more on all the other subscription line. Products we are usually very fast to supply them even within the last few days of the quarter. As for last year on one hand we saw some demand, some increased demand for capacity. For example, in April -- in March, we saw companies that are pushing big orders not for these specific customers -- big orders to increase capacity on the network. On the other end, customers generally last year tried to avoid getting into the data center because we were all working from home and we didn't want to touch anything physical unless it's absolutely necessary. So I think last year was characterized by somewhat of a slowdown of everything that's physical, despite whether people turn from negative into positive, which means that it has potential. My belief, by the way, is that the market for network security and gateways and firewall has a huge potential. But the main point, when we -- and the most effective point to block this new cyber pandemic attacks, we really need that.
Kip Meintzer
Thanks, Michael. Our next question is going to come from Saket Kalia from Barclays followed by our last question from Brian Essex of Goldman Sachs. Go ahead, Saket.
Saket Kalia
Hey, great. Can you hear me okay, Kip?
Kip Meintzer
Yes.
Saket Kalia
Okay. Excellent. Thanks for taking my question here, guys, and fitting me in. Tal, maybe the question is for you. That was a nice little hint that you provided just on IPP bookings, I think crossing 100 million this year. The question is, can you just talk about how big they were last year? And and also touch on what's prompting customers to opt for IPP when buying network security versus buying buying them under sort of the traditional pricing model? Does that make sense?
Tal Payne
The first question I got. Yes. Can you hear me? Yes. The first question, I got it score significantly over 100%. I don't remember the exact number. But it was a significant growth. And and the second part of the question, what was that?
Saket Kalia
The second question is what do you think is prompting customers to go for ITP pricing versus buying firewalls sort of in a traditional model?
Tal Payne
So I think first to start before the pricing, it first starts with the need. So when the customers understand what we're relating to that, as the world become complex, and many customers need to adopt more and more solutions, it becomes very complementary to implement separate spread solutions for many different vendors in many different places with different management capabilities, and so on. So it first comes with the need of increasing your security while trying to keep it maybe I will say, as simple as you can, in a complicated world. The pricing is a complimentary to that where it says, you don't need now to negotiate with us 20 or 50 or 60 different features pricing one of them based on user one of them based on gateway, one of them based on throughput, one percentage of the enterprise installed base and so on. Here, you get one simple pricing. Tell me how many users you have, your price will be x numbers of dollars multiplied, very simple. And you can basically go and install in your pace, hopefully fast, everything you need in the organization. So I would think as a CTO and as a CFO, everyone, you will prefer that both from financial perspective and from simplicity perspective.
Saket Kalia
Very helpful.
Kip Meintzer
Thanks Saket. And our last question is coming from Brian Essex from Goldman Sachs. Let's see if he's. There he is.
Brian Essex
Hi. Thank you for fitting me in and I really appreciate it. Gil, I just have a question for you. I wanted to hit on the competitive dynamics you're seeing in the market, particularly given the product cycles that you've had, you have already, now already one, you've got Maestro, Quantum, Infinity. How much of that growth is in the installed base? And where do you see share coming from? Is this a dynamic where we have just an installed base of existing customers that you can help them -- where you can help them migrate to the next generation of threat prevention? Or do you see meaningful uptick from incremental customers on the platform? And where might those be coming from? Is it -- are we seeing, for example, shared ownership from larger legacy vendors like Cisco, or Juniper? Or are these kind of head to head competitive new wins in the next gen market? Just love a little bit of color what kind of around the competitive dynamics?
Gil Shwed
Sure. So first, my priority has been for the last few years about getting new customers, not just new -- now, still, the majority of our business, the vast majority is coming from our installed base both because these are the people that -- these are the people like us. Also we have a lot of enterprises that maybe by the way, small customers now in growing and becoming more major. Still we have an amazing set of competitive wins. And that's not just by the way against the older vendors in the marketplace, but also against some of the some other vendors in our marketplace. And we have a lot of nice wins, a lot of competitive wins when the customers actually evaluate the product actually, that, you know, they come up with a lot of technologies and being innovative and being cool. But at the end, we don't present the attack. Look at your instruction manual, they'll tell you, if you got infected by a fret, we will give you, we will give you an alert after it happened. After receiving them, we recommend that you disconnect the network, that's taken from the structure menu, all of our top competitors. And by the way, I'm seeing -- I'm seeing with some of it, by the way, how the world understanding the solution. And most of the solutions today in the marketplace are not deployed with the full capability, the footprint prevention capabilities on and with the full prevention on, which means that if we go to a customer and implement the product the right way, the product has reached 10 times more value. It also by the way, may be a little bit more complicated, maybe a little bit more challenging, operate because it does the work. When we replaced competitive product in some customers, the customer complained that it was complicated, but it wasn't as fast. And then we looked what we've done with the competitive product. And we've basically done nothing. It's like going with a, it's like going to a hospital with a serious heart condition. In one place, you’re being you know operated and get all the treatment. In the other end, we give you an aspirin and hope that it helps. So in many cases, our when people use our competitor's products, well don't use them to the extent we even need to use them. Most of the capabilities is how we use them. So I think overall, we've seen all of that. We had a very, very nice competitive wins in the last quarter. Some of the biggest names, by the way. We've seen it in healthcare, we've seen it in the hospital, we've seen it with companies that manufacture the, the COVID-19 vaccines. So we've seen very, very nice competitive wins when we took over competitors and replaced them with solutions that they actually provide prevention.
Brian Essex
All right. That’s it. Powerful, thank you.
Gil Shwed
Thanks, Brian.
Kip Meintzer
Thank you all for joining us today. That's going to conclude our call. We'll look forward to speaking to you throughout the quarter. And with that, I'll allow you guys to disconnect and have a great day. Bye bye.
Gil Shwed
Thank you very much.
Tal Payne
Thank you guys.