VRNS earnings call for the period ending March 31, 2024.
Image source: The Motley Fool.
Varonis Systems (VRNS 1.87%)
Q1 2024 Earnings Call
May 06, 2024, 4:30 p.m. ET
Contents:
- Prepared Remarks
- Questions and Answers
- Call Participants
Prepared Remarks:
Operator
Greetings, and welcome to Varonis Systems Inc. first quarter 2024 earnings conference call. At this time, all participants are in a listen-only mode. A brief question-and-answer session will follow the formal presentation.
[Operator instructions] As a reminder, this conference is being recorded. It is now my pleasure to introduce your host, Mr. Tim Perz, investor relations. Thank you.
Mr. Perz, you may begin.
Tim Perz — Director, Investor Relations
Thank you, operator. Good afternoon. Thank you for joining us today to review Varonis’ first-quarter financial results. With me on the call today are Yaki Faitelson, chief executive officer; and Guy Melamed, chief financial officer and chief operating officer of Varonis.
After preliminary remarks, we will open the call to a question-and-answer session. During this call, we may make statements related to our business that would be considered forward-looking statements under federal securities laws, including projections of future operating results for our second quarter and full year ending December 31, 2024. Due to a number of factors, actual results may differ materially from those set forth in such statements. These factors are set forth in the earnings press release that we issued today under the section captioned Forward-Looking Statements, and these and other important risk factors are described more fully in our reports filed with the Securities and Exchange Commission.
We encourage all investors to read our SEC filings. These statements reflect our views only as of today and should not be relied upon as representing our views as of any subsequent date. Varonis expressly disclaims any obligation or undertaking to release publicly any updates or revisions to any forward-looking statements made herein. Additionally, non-GAAP financial measures will be discussed on this conference call.
A reconciliation to the most directly comparable GAAP financial measures is also available on our first quarter 2024 earnings press release and investor presentation, which can be found at www.varonis.com, in the Investor Relations section. Lastly, please note that a webcast of today’s call is available on our website in the Investor Relations section. With that, I’d like to turn the call over to our chief executive officer, Yaki Faitelson. Yaki?
Yaki Faitelson — Chief Executive Officer
Thanks, team, and good afternoon, everyone. Thanks for joining us to discuss our first-quarter results, which represented a strong start to the year. In addition to discussing the result, I would like to review our SaaS transition progress and the key drivers of our business for this year. But first, let me remind you why Varonis exists and the problems we solve.
Data is valuable, which is why bad actors want to steal it. Companies invest in security to protect the data, but securing it is very difficult. Varonis solves the problem by helping companies locate their sensitive data, visualize who has access to it, lock it down, and detect and respond to threats on it. And because of the sophisticated automation that we have built into our Varonis SaaS platform, customers spend very little time and effort to protect their data.
And now, with MDDR, we reduce this even more. This allows companies to collaborate safely and get the most value from their data while managing risk. Our first-quarter results reflect the sustained momentum of our SaaS transition and the positive reception of our Managed Data Detection and Response service or what we refer to as MDDR. ARR grew 17% to $560.3 million, and we generated $56.4 million free cash flow this quarter versus $35.7 million last year.
SaaS ARR now represents approximately 30% of total ARR. Guy will review our Q1 results and our updated guidance in more detail. I want to express how proud I am of the Varonis team. While the selling environment had stabilized, it remains challenging, and the Varonis team executed well during the first quarter.
And I believe that we are only scratching the surface of what lies ahead for us. The transition to a SaaS delivery model continues to show momentum because of the many benefits that our customers realize, and I will quickly remind you of a few. Customers can achieve automated outcomes, which means they can ensure the data is protected with very little effort. SaaS is quicker to deploy and operationalize because of significantly lower infrastructure and personnel investments.
In fact, it’s easier to maintain and upgrade. Additionally, there are three key benefits that we realize. They are shorter sales cycle, larger initial length, and margin benefit over time. In addition to our SaaS transition, I would like to discuss the three additional drivers of the business that I mentioned last quarter, which are our MDDR service, the adoption of enterprise generated AI, and increasing compliance requirements.
Today, I would like to focus on MDDR and gen AI. Last quarter, we introduced our MDDR service, which is the first managed service for monitoring and protecting critical data. It is a paid service that builds upon our proactive incident response offering by providing a service level agreement and around-the-clock coverage. It is important to note that this service is only possible for our SaaS customers because of the visibility and automation built into our SaaS platform.
We just began selling this offering in the first quarter, and we have already started to see great momentum with it. So, let me explain why this is already happening and why we view this as a game changer for our company. MDDR is a natural evolution of our platform and fills a significant unmet need in the market. One of the challenges officials face is that they don’t have the people to monitor and investigate alerts fast enough.
Now, with MDDR, we take this burden from customers and put it on us. If we see a threat anywhere within our MDDR customer base, we can stop it and simply notify the customer after the problem has been solved. We can do this because we pioneered the use of machine learning for data security and user behavior analysis, giving us years of experience building highly accurate threat models. Our team leverages the significant automation plus our unique metadata telemetry such as data sensitivity, access events, and permissions that allow us to detect if data is under attack and to catch threats missed by others.
I’ve also been asked to clarify the value that MDDR service provides to customers that already have an endpoint detection and response service or a managed detection and response service. The answer is actually very simple. When the perimeter fails, we believe that we are best positioned to save companies because we have been monitoring the data inside that perimeter ever since we started. Companies sometimes pay millions for other threat detection and response services, but when an incident happens, the services that don’t focus on data can only show you when the attack began.
They struggle to answer the most important question: Was any data stolen? MDRs and EDRs can reveal how a bad actor gained access and what tactics they used to get in but cannot tell a customer if any data was taken. The situation is like discovering a bank was robbed but having no certainty about the most important elements: whether money was stolen or if the vault remains secure. This blindness is why organizations with sophisticated security stocks can still fall victim to data breaches and insider threats or attacks that bypass the perimeter. Without Varonis, data is usually far too accessible to anyone or anything inside the perimeter and isn’t closely monitored.
This means more data is likely to be breached, and companies have a harder time quantifying what was taken during a breach, making the liability much higher. Varonis customers automatically shrink their blast radius, which reduces the potential damage that an insider can do and forces bad actors to work harder to get to sensitive data, giving us more opportunities to catch them. With MDDR, we often catch bad actors before they get to data. And because we watch the data, we are able to quickly quantify the damage.
This means we can stop the breach and limit their exposure and their potential liability. This is why no matter what platform a customer has, they will still need MDDR. To finish our bank robbery example, Varonis MDDR watches the money around the clock and can tell the bank manager that their money is safe, and the vault is secure. Now, I would like to touch on our generative AI opportunity.
This technology presents tremendous productivity opportunities, but in order to reap the benefits of it, you need strong data security. For example, AI can reveal critical data to the wrong machines and people because most generative AI tools utilize existing access controls, which most organizations haven’t locked down, leaving them overexposed. Companies also need to prevent sensitive data from being used in large language models, and hackers will leverage these tools to steal important data more easily. Bottom line, generative AI is forcing organizations to take a hard look at their data security strategy.
This is why you can continue to see generative AI coming up in so many of our customers conversations as organizations try to understand how they can safely realize the productivity benefits. So, far, companies are taking a very careful approach and are thoughtfully considering these potential risks before expanding from the pilot phase into organizationwide rollouts. As a result, we expect the near-term adoption of a wide-scale AI to be measured as companies gain comfort around how they can secure their data. Overall, the feedback we are hearing from customers only serves to strengthen the conviction we have in our ability to benefit from this enormous secular tailwind.
Our partnership with Microsoft is progressing well, and one month ago, we announced the industry-first cybersecurity solution for Microsofts 365 Copilot. This will be sold as an add-on to our existing Microsoft 365 SaaS package and allows organizations to monitor Copilot data access in real time, detect abnormal Copilot interactions, and automatically limit sensitive data accessible by both humans and AI agents. In addition to the enhancement to our platform, we are seeing gen AI act as a catalyst for conversations with prospects. And although we aren’t yet seeing material ARR from gen AI-related deals, we are seeing healthy pipeline build with respect to this opportunity.
With that, I would like to briefly discuss a couple of key customer wins from Q1. A large university and their affiliated hospital system with 6,000 employees became a Varonis SaaS and MDDR customer this quarter. A broad mandate to secure sensitive data led to a risk assessment where we discovered 4 million sensitive records and 2 million instances of student and patient PII exposed to everyone in the organization. This university evaluated several CSPM and DSPM and legacy data security solutions but ultimately purchased Varonis SaaS package with MDDR protection for the UNIX and hybrid Windows environment.
With our automation and unique data-centric telemetry, Varonis MDDR will supplement the existing MDR and MSSP vendors by providing protection that is focused on securing their most valuable asset, the data. We are also seeing strong engagement from existing customers. A broadband provider initially became a customer in 2014 with the goal of identifying and remediating overexposed sensitive data and enhancing their threat detection capabilities. With our self-hosted offering, this required some customer effort and meaningful infrastructure investments.
This customer converted to Varonis SaaS with MDDR protection for their hybrid Windows environment. They will benefit from our automated remediation and will realize infrastructure savings while freeing their security team that will monitor and respond to alerts. In summary, Varonis is off to a strong start, driven by the automated outcomes that customers receive from our SaaS platform and our recently introduced MDDR offering, which we believe is a game changer for our company. We are excited to capitalize on the tailwind of MDDR, gen AI, and increasing data-centric compliance regulation as we capture our significant market opportunity.
With that, let me turn the call over to Guy. Guy?
Guy Melamed — Chief Financial Officer and Chief Operating Officer
Thanks, Yaki. Good afternoon, everyone. Thank you for joining us today. We are pleased with how our team performed in the first quarter, and the continued momentum of Varonis SaaS furthers our confidence in completing the transition in 2026, one year earlier than our initial timeline.
At the end of Q1, SaaS represented approximately 30% of our total company ARR, driven by strong contributions from new logos and existing customer conversions. As Yaki mentioned, the other key driver of our business this quarter was MDDR. This paid offering is an evolution of proactive incident response that comes with an SLA and assurance that Varonis will respond to ransomware attacks within 30 minutes. MDDR has been extremely well received in the first quarter, driving new business, increasing deal sizes, and simplifying the conversation with customers.
In addition to MDDR, nearly every customer conversation we have touches on generative AI, which reinforces our view of this secular tailwind. We’re seeing healthy leading indicators with respect to the opportunity, but as we discussed previously, we continue to expect the adoption of gen AI will be measured. As we look ahead of the rest of this year, we’re excited to begin Phase 2 in earnest in the second half of 2024, which will be focused on converting our installed base of on-prem subscription customers to our SaaS platform. As a reminder, we expect that the ramp-up of this phase will not be linear, and momentum should grow in each quarter and further accelerate in 2025 and 2026.
In the first quarter, ARR grew 17% year over year to $560.3 million, and we generated $56.4 million of free cash flow, which was up from $35.7 million over the same period last year. These metrics demonstrate our commitment to balancing top-line growth with improving cash flow generation during the transition. Turning now to our first-quarter results in more detail. As a reminder, the leading indicators of our transition are ARR, free cash flow, and ARR contribution margin.
As we have said many times, the faster we progress through the transition, the more headwinds we will experience to our traditional income statement metrics. But we view this in a positive light. In the first quarter, we continued to see stabilization of the macro environment. Heightened deal scrutiny persisted, but we are seeing positive momentum, especially with regard to the adoption of SaaS and MDDR.
Q1 total revenues were $114 million, up 6% year over year. During the quarter, as compared to the same quarter last year, we had approximately a 9% headwind to our year-over-year revenue growth rate as a result of having increased SaaS sales in our booking mix, which are recognized ratably versus the upfront recognition of our on-prem subscription products. As we have done in the past, we are committed to being as transparent as possible throughout the transition, which includes providing you with the key metrics that track our progress during the next phase. This quarter, we’re providing SaaS revenue for the first time, a metric that we will provide going forward.
We will continue to provide SaaS as a percentage of total ARR each quarter until we successfully complete the transition. In the first quarter, SaaS revenues were $34 million, term license subscription revenues were $56 million, and maintenance and services revenues were $24.1 million as our renewal rates were, again, over 90%. Moving down the income statement. I’ll be discussing non-GAAP results going forward.
Gross profit for the first quarter was $95 million, representing a gross margin of 83.3% compared to 86.5% in the first quarter of 2023. Gross margin continues to track ahead of our expectations, and the change is primarily due to the much higher mix of SaaS revenues versus last year, which caused a revenue headwind due to the ratable recognition of SaaS versus the upfront recognition of on-prem subscription licenses. The recognition of compute costs associated with our increased SaaS revenues and increased hiring in certain departments within COGS to service the anticipated strong ramp in MDDR drove the remainder of the change. Operating expenses in the first quarter totaled $105.6 million.
As a result, first-quarter operating loss was negative $10.6 million or an operating margin of negative 9.3%. This compares to an operating loss of $4.3 million or an operating margin of negative 4% in the same period last year. During the first quarter, as compared to the same quarter last year, we had approximately an 8% headwind to our operating margin as a result of having increased SaaS sales in our booking mix, which are recognized fully ratable versus the upfront recognition of our on-prem subscription product. First-quarter ARR contribution margin was 13.7%, up from 5.6% last year.
The significant leverage improvement even during the early stages of the transition reflects our ability to drive strong incremental margins while growing ARR and transitioning to SaaS. During the quarter, we had financial income of approximately $8.2 million, driven primarily by interest income on our cash, deposits, and investments in marketable securities. Net loss for the first quarter of 2024 was negative $3.7 million or negative $0.03 per basic and diluted share compared to net loss of $0.1 million or net loss of $0.00 per basic and diluted share for the first quarter of 2023. This is based on 110 million and 108.4 million basic and diluted shares outstanding for Q1 2024 and Q1 2023, respectively.
As of March 31st, 2024, we had $774.4 million in cash, cash equivalents, short-term deposits, and marketable securities. For the three months ended March 31st, 2024, we generated $56.7 million of cash from operations compared to $36.8 million generated in the same period last year. And capex was $0.3 million compared to $1.1 million last year. Turning now to our updated 2024 guidance in more detail.
For the second quarter of 2024, we expect total revenues of $123 million to $126 million, representing growth of 7% to 9%; non-GAAP operating loss of negative $6 million to negative $5 million; and non-GAAP net loss per basic and diluted share in the range of negative $0.03 to negative $0.02. This assumes 111.7 million basic and diluted shares outstanding. For the full year 2024, we now expect ARR of $622 million to $628 million, representing growth of 15% to 16%; free cash flow of $70 million to $75 million; total revenues of $536 million to $546 million, representing growth of 7% to 9%; non-GAAP operating income of $9 million to $14 million; non-GAAP net income per diluted share in the range of $0.13 to $0.16. This assumes 128.4 million diluted shares outstanding.
In summary, we are encouraged by the continued momentum of Varonis SaaS and initial reception of MDDR. The growing demand for these offerings is strengthening our ARR performance and cash flow generation as we move through the second phase of our transition, which we believe will unlock meaningful value for both our customers and our company. With that, we will be happy to take questions. Operator?
Questions & Answers:
Operator
Thank you. We will now be conducting a question-and-answer session. [Operator instructions] As a reminder, please restrict yourself to one question and no follow-up. One moment, please, while we poll for questions.
The first question comes from the line of Saket Kalia with Barclays. Please go ahead.
Saket Kalia — Barclays — Analyst
OK, great. Hey, guys, thanks for taking my questions here, and nice start to the year here on ARR.
Yaki Faitelson — Chief Executive Officer
Thank you.
Saket Kalia — Barclays — Analyst
Yaki, I’d love to just start with MDDR, and maybe the question is, what’s been the initial — you touched on this a little bit, but what’s been the initial feedback that you’re getting from customers on the offering? It seems like it’s off to a good start. And then Guy just related to that. Can you just talk about to what extent is MDDR maybe pulling through more interest in SaaS since it’s only available to SaaS customers? Does that make sense?
Yaki Faitelson — Chief Executive Officer
Definitely. So, in terms of MDDR, the customer feedback and the facts that are really behind it are drastically exceeding our expectations. And effectively, attacks can come from anywhere in any device but only going in one direction, which is the data. So, perimeter security is great, and there are many amazing companies.
But if you think in probabilities, there is high probability that your perimeter will fail, and once you have an identity, there is no perimeter anymore. You’re getting into the data. And we automatically understand how people need to use data and can stop these attacks and make sure that you will not have a data breach. You know, in our opinion, it’s the best way to avoid a data breach, and you are doing it completely automatically.
So, it just works extremely well as you have more platforms, and a lot of the way that we bundle it, edge and the other product, Active Directory, and Entra ID, it works extremely well. So, customers love it, and we are just, on a daily basis, saving them and stopping them from breaches. And we really believe that the data security platform is an MDDR. It’s the first thing that an organization needs to do and the last thing that will save you when everything else fails.
Guy Melamed — Chief Financial Officer and Chief Operating Officer
And Saket, you’re right that it’s only offered with a SaaS offering. It was definitely a key driver for our business this quarter. When you think about the MDDR, it’s been an evolution of the proactive incident response, and it comes with an SLA and kind of assurance that Varonis will respond to ransomware attacks within 30 minutes. So, it’s very compelling.
And when you look at kind of how it was received this quarter, it’s been extremely well received both from driving new business, increasing deal sizes, and simplifying the conversations for our customers.
Yaki Faitelson — Chief Executive Officer
But also to add a bit about what Guy said, when we build our SaaS solution, it was critical for us. You know, this is a software solution to build a lot of automation to make sure that we have tremendous force multiplier to our analysts. So, we build a lot of robots and using a lot of AI to make sure that our people are extremely productive. This is almost completely a service offering — a software offering.
Operator
Thank you. Mr. Kalia, please rejoin the queue for more questions. Next question comes from the line of Hamza Fodderwala with Morgan Stanley.
Please go ahead.
Unknown speaker
Hey, guys, this is John on for Hamza. For Yaki, just a question for you. How often is Microsoft Copilot coming up in your customer conversations versus three months ago? And is the expanded partnership with Microsoft Copilot driving more pipeline?
Yaki Faitelson — Chief Executive Officer
It’s front and center in every conversation. You know, Microsoft is still not pushing it full force to the customer base. You see that a lot of customers experimenting with it. I think I broke my record of seeing customers in Q1, and there is a very consistent theme.
They’re starting the Copilot evaluation and stopping it because it’s exposing a lot of critical data. So, just protecting these Copilots and then connecting to many sources is coming with each and every conversations. And I think that it’s just exposing the problems, and organizations understand that they need to take data security very seriously in order to benefit from the automation of this Copilots that are based on LLMs. It builds — it’s starting to build a good pipeline in the places that we engage with Microsoft.
It’s also starting to go in the right direction. But remember, Microsoft are still not pushing it full force. I believe that once they will have a quarter and we push it full force, it can have a big impact on the business. But you know, if the world wants to benefit from a Copilot and all these LLM robots, if you will, to get the productivity gains, they will need to take care of the data security problem.
Guy Melamed — Chief Financial Officer and Chief Operating Officer
John, just to reemphasize what Yaki was saying in terms of the reported numbers for Q1, we didn’t see Copilot as part of the reported numbers in Q1, but definitely, when we look at all the leading indicators, they appear there, and we’re seeing pipeline increase for them,
Yaki Faitelson — Chief Executive Officer
There is still not a revenue impact, but we’re starting to see a pipeline impact and a lot of conversations. People are in the initial stages to figure out how to do it in the right way.
Unknown speaker
Great. Thank you.
Operator
Thank you. Next question comes from the line of Matt Hedberg with RBC. Please go ahead.
Matt Swanson — RBC Capital Markets — Analyst
Yeah, thank you. This is actually Matt Swanson on for Matt. I mean, it was great to hear some stabilization in the macro. It feels like it’s been a long time coming for all of us.
But you’ve done a really successful SaaS transition during a really uneven macro. And Yaki, you mentioned some of the advantages of SaaS, the lower infrastructure personnel costs, easier to maintain. Can you just kind of talk specifically for the SaaS transition, kind of headwinds and tailwinds of a challenging macro? Are there any parts of it that actually helped the transition when things are a little tougher?
Yaki Faitelson — Chief Executive Officer
The thing that — what happens is — what helps first is the reality, is that breaches almost always, not always but almost always, are data breaches, and the security industries be it upside down in the sense that you spend a fortune on perimeter security, and you just fail, you know, small failures, and then you have this massive blast radius, and you are completely exposed. Think about it. It’s like to have a — to do business with a bank that doesn’t have a ledger, can’t tell you what happened with the account and just can tell you that you have a strong password and from where you logged in, it doesn’t make any sense. And the other thing that happened with SaaS is primarily that it provides automated outcomes, and it really scales extremely well.
We took everything we learned from the on-prem, and we built just a lot of automation and a lot of coverage. And the customer’s 5%, 10% of the effort can get ten times more value. So, this is also the way it works. And I also think that slowly but surely, this everyday organization just realized that this is something that they need to do sooner rather than later.
And obviously, with AI and all the attacks that are always going toward the data, organizations understand that this is the way to go. It’s a gradual process, but we definitely feel that the technology is just fitting the reality. If you want to make sure that you don’t have a data breach, you need a data security platform with automated outcomes.
Operator
Thank you. Next question comes from the line of Fatima Boolani with Citi. Please go ahead. .
Fatima Boolani — Citi — Analyst
Good afternoon. Thank you for taking my questions. Guy, the question is for you. The ARR, I just wanted to dissect that a little bit.
So, a good start of the year considering we’re not totally out of the woods in the macro, but I wanted to better understand why some of this momentum, they’re not expecting to improve through the year given this was a seasonally slow quarter, and you have so much more demand and growth driver optionality as we look into the back half. So, would just love some of the puts and takes that you embedded into to the outlook in terms of not sort of rolling forward the upside in this quarter. Thank you.
Guy Melamed — Chief Financial Officer and Chief Operating Officer
I think that’s a great question, and I want to be very clear. We’re kind of — we’re raising our full-year ARR guidance because we feel really good about the rest of the year. When you look at kind of the way we raised ARR, it’s purely a mathematical kind of framework. If anything, I would say we feel more confident about Q1 than what we did 90 days ago.
So, if I walk you through the math of kind of the guidance itself, as you know, we only guide for annual ARR, and our 2024 net new ARR guidance was similar to previous year’s numbers. So, when you look at the net new ARR in Q1 2024, it was approximately $4 million higher than last year, which is exactly what we’re rolling over for the full-year midpoint of ARR guidance. When you look at kind of — and I’ve talked a lot about this in previous quarter, when you look at all the things that are working in our favor, we have a lot of things, whether it’s the environment MDDR Copilot. But you have to remember, Q1 is still the smallest quarter of the year, and our philosophy has always been not to bake in positivity before we actually see it translate into the numbers.
So, we want to see how things progress. We want to see how things move forward for the rest of the year. With Copilot and the SEC regulation, we have yet to see that positive impact to our reported numbers. With MDDR, we have started to see good momentum, but it’s still only one quarter in, which is why we’re taking a responsible approach.
And as we have done in the past and as we see the data that supports it, we will be happy to update our guidance.
Operator
Thank you. Next question comes from the line of Brian Essex with JPMorgan. Please go ahead.
Brian Essex — JPMorgan Chase and Company — Analyst
Good afternoon, and thank you for taking the question. Yaki, I was wondering if you could give us a little bit of an update. I think you talked a little about this last quarter, but you’ve got a lot of irons in the fire or incremental opportunities with — as we kind of approach the back end of the year. How do you think about incentivizing the sales force with regard to, you know, number one, new logo growth; number two, more proactive conversion of your installed base as you kick off Phase 2; and then number three, expansion into new adjacent markets with MDDR and Copilot? How do you — you know, maybe if you can categorize the magnitude of each of those levers and how you expect that to play out through the rest of the year.
Yaki Faitelson — Chief Executive Officer
You know, MDDR and Copilot are relevant to every Varonis existing customer and prospect and really help us to gain market share as they expand the platform in the base. So, this is something that is working very well for us. But we also have just so many ways to add value to customers, with everything that we are doing with the cloud on the SaaS side and on the IS side. We really see our customers getting extremely fast to these automated outcomes.
Guy Melamed — Chief Financial Officer and Chief Operating Officer
And I’ll give the color from a commission perspective. What we have seen from a conversion perspective is that it’s happening in a natural way. When you look at the uplift, obviously, it’s beneficial for the customers because they’re getting a much better product. But it’s also beneficial for our sales force because anything on top of that renewal goes toward their quota.
So, at the beginning of this year, we didn’t change the incentive for the conversion because it is happening kind of in that natural element, which is great for us and is working great for our customers. What we did do, because new logos is such an important component on fueling our growth for the years ahead, is we actually doubled down on the commission plan from a sense of ensuring that reps are focused on acquiring new customers. And in order for them to make real significant money, they will have to focus on new customers. They’ll be able to make money without it, but in order to make real big money, they have to focus on new customers as well.
And when you look at the offering itself, the SaaS offering has actually eliminated two of the biggest objections that we’ve used to see, and that’s that customers don’t have the people to support the platform or companies don’t necessarily want to buy the hardware. So, in a way, that change of comp plan actually works really well with the offering that we have. And when you think about that combination, it’s something that we’ve seen work very well for us in Q1.
Operator
Thank you. Next question comes from the line of Roger Boyd with UBS. Please go ahead.
Roger Boyd — UBS — Analyst
Great. Thanks for taking my questions. A lot of talk around the momentum that’s in the pipeline around Microsoft 365 Copilot. But Yaki, I’m wondering if you’re starting to see interest from the install base around securing other copilots in other gen AI applications like those in Salesforce or GitHub.
It’s come up with a few customers. Just wondering if that’s showing up in the pipeline or customer conversations with any sort of momentum. Thanks.
Yaki Faitelson — Chief Executive Officer
Yeah, without a doubt and even much more because people understand that they want this copilot for almost every platform that they have. So, we see it on the SaaS, stuff like Salesforce, GitHub, Jira, and others, and obviously, they will have connectors for, you know, things like Box. And Google has Gemini. So, you see all these copilots, and even sometimes, people have their own, you know, a private instance of OpenAI and just putting the data on SharePoint or an S3 bucket or Azure Blob.
We’re adding a lot of value. And the other thing that that we are doing in Copilot, we extended it to look at the queries themselves, risk users and all the other logs. So, it’s really working from every angle. And the other thing that was also a surprise for us is once you are using these technologies, the speed that you are exposing critical data, it unbelievable.
Not exposing and creating critical data. So, it’s definitely very interesting for us and just immediately exposing the problem and also enhancing it.
Operator
Thank you. Next question comes from the line of Shaul Eyal with TD Cowen. Please go ahead.
Shaul Eyal — TD Cowen — Analyst
Thank you. Good afternoon, guys. Congrats on the ongoing SaaS transition and the overall results. Guy or Yaki, I wanted to ask about the mix between existing customers and new logos this quarter.
Can you double-click on this item? And maybe, Yaki, specifically for you, you know, you’re often being asked about the competitive arena. Typically, the case for Varonis is limited scope of competition, but with many security companies in many categories buying small DSPM assets, what’s — what are you seeing out there from the overall — aside from the overall market validation? Thank you.
Guy Melamed — Chief Financial Officer and Chief Operating Officer
So, Shaul, I’ll start with the first question. When you look at the results in Q1, the majority of our new ACV in Q1 was driven by new logos. And as I said before, SaaS is really opening up new markets for us because it’s eliminating the two biggest pushbacks we used to get, one being companies don’t have the people to support the risk. And number two, they don’t want to buy the hardware.
So, the changes we made to the comp plan, which I discussed in one of the previous questions, together with the simplicity of the story and the benefits of the products are really working. And the new logo activity was really healthy.
Yaki Faitelson — Chief Executive Officer
On our end, in the traditional areas that we’re really completely dominating, which is all the NAS devices, Active Directory, Entra ID, you know, 365, Salesforce.com, Google, Box, all of this, nothing changed. But one thing that changed for us, the companies that you mentioned primarily, they are focusing on the IS side, which is AWS and Azure, and we build a product that we believe is the best in the market in this area. And we are there in the places that we are installing, we see that we have very good results. And we anticipate that in these places, you know, we’ll see competition that will create budget.
But in terms of scale and automated outcomes, I believe that we are well-positioned to take this market and win. So, overall, at this point, what’s going on in this market, we see that creating a lot of awareness and creating more and more budgets. And so far, this is very good for us in terms of overall awareness and sales motion.
Operator
Thank you. Next question comes from the line of Joseph Gallo with Jefferies. Please go ahead.
Annick Baumann — Jefferies — Analyst
Hi. This is Annick Baumann on for Joe Gallo. Thank you for taking our question. You guys launched many new products last quarter, including Snowflake and Salesforce Protection and things like that.
Can you just talk quantitatively — sorry, qualitatively about the traction you were seeing there?
Yaki Faitelson — Chief Executive Officer
I think that in terms of everything we’re doing in IS, we very fast see a lot of traction. The other thing that is very interesting, like Snowflake and other data repositories, they are massive. So, everything we — the core technology that we have to analyze metadata to do it, it’s scale is working extremely well. And all the connectivity to the MDDR has very exciting prospect.
So, really, at this point, we see good prospect to everything we have done on the engineering side, and we’re also very proud of the teams in the rapid release cycle of features and products.
Operator
Thank you. Next question comes from the line of Jason Ader with William Blair. Please go ahead.
Jason Ader — William Blair and Company — Analyst
Yeah, thank you. Good afternoon, guys. I just wanted to ask about MDDR again more specifically. I mean, I know you recently announced it clearly has exceeded your expectations.
You’re thrilled about the early demand. Can you just talk about the pricing model that you use, what type of uplift it could create on your SaaS business, and then maybe any early metrics on attach rate?
Guy Melamed — Chief Financial Officer and Chief Operating Officer
Yeah. I think that’s a great question, and we talked a little bit about it last quarter when we introduced MDDR. When you think about our goal, at the end of the day, it’s to protect our customers. And when you look at the MDDR offering, it’s really resonating within our customers, and the value there is very clear.
So, at the end of the day, with that value that we provide customers, we’re trying to extract dollars from them and increase customer lifetime value. And there are two ways to do it. Either you allow customers to buy additional licenses, and then your MDDR pricing is somewhat reduced as long as they buy and increase the ASP, or if they only want the MDDR, then that pricing of MDDR stand-alone is significantly higher. What we’re seeing is that customer — our customers are embracing the package itself, and they’re buying it as part of additional licenses that could give them additional benefit.
And that allows us to increase the ASP. It’s still very early. So, I don’t want to give out numbers and kind of go through the exercise of kind of the uplift that we’re getting there. But we’re seeing our ASPs increase in a very healthy way.
And the value that we can provide with that platform is significant.
Yaki Faitelson — Chief Executive Officer
The MDDR essentially is our ability to make sure that — to fulfill our promise to the world that if you have us, most probably, you are not going to have a data breach. And the key is the MDDR — the customers will have as much coverage as possible. And with that, we will be able to protect them automatically.
Jason Ader — William Blair and Company — Analyst
So, you think ultimately, like most of your customers will take this?
Guy Melamed — Chief Financial Officer and Chief Operating Officer
We believe that every customer needs to get it, and I think it’s going to be a gradual process. But I can say that initially, the way it started was extremely encouraging from our perspective, and the conversations that we’re having for the rest of the year on MDDR are also extremely positive.
Operator
Thank you. Next question comes from the line of Shrenik Kothari with Baird. Please go ahead.
Shrenik Kothari — Robert W. Baird and Company — Analyst
Yeah, thanks for taking my question. So, Yaki, you touched upon gen AI. I just wanted to double-click. You said healthy leading indicators with respect to gen AI, but adoption are expected to be measured as the companies are considering potential risk.
And it looks like, of course, it’s data security, the center of it, and mostly copilot adoptions kind of getting installed due to security concerns. So, it almost seems it should even further drive demand for you guys in the current stage of kind of pre gen AI adoption from a data prep and governance standpoint to help them arrive at a point where they can adopt copilot. So, just curious why the pipeline would not start kind of flowing through to deals already if you are offering what they need right now at this point of time. If you can please help us understand.
Thank you.
Yaki Faitelson — Chief Executive Officer
Organizations are still in the very early innings of how to use this LLM-based tools. The reality is that in order to reap the productivity benefits of these new products, you need to make sure that you have data security in place because if not, you can have horrible consequences, but it’s still doing it in a very measured way. They are still testing, and we believe that once — you know, it didn’t reflect in Q1 revenues, but it’s definitely starting to impact the pipeline. And we believe that over time, it can — it has the potential to be a real tailwind for the business.
Operator
Thank you. Next question comes from the line of Junaid Siddiqui with Truist. Please go ahead.
Junaid Siddiqui — Truist Securities — Analyst
Great. Thank you for taking my question. Just had a question regarding opportunities in the channel. Any particular areas of emphasis you’re focusing on, be it MSPs or IS, as you transition to a predominantly SaaS company?
Yaki Faitelson — Chief Executive Officer
Well, you know, we’re working with everyone, definitely a channel-focused company. The one thing we see is a SaaS solution that is much — that is reducing all the friction in the installation, in the time to value and ongoing value, the story becoming simpler, and the overall offering more strategic. So, it’s just more compelling to partner with us.
Operator
Thank you. Next question comes from the line of Rudy Kessinger with D.A. Davidson. Please go ahead.
Rudy Kessinger — D.A. Davidson — Analyst
Hey, thanks for taking my questions, guys. Guy, I don’t know if you gave it earlier or not. I joined a little late, but can you share how much of your existing ARR converted to SaaS this quarter, or just directionally, did you convert more or less in Q1 than you did in Q4?
Guy Melamed — Chief Financial Officer and Chief Operating Officer
We talked a little bit about it, but I’ll give you more color. When we look at the results in Q1, we were really happy with the conversions in Q1. They really helped us get to SaaS — where you look at kind of SaaS coming 30% of total ARR, or when you look at the number, it’s actually $165.5 million. When we look at the metric itself, we didn’t talk about the actual dollar value of the conversions because the metric you should focus on is SaaS ARR because that really measures the progress in completing the transition, which is one of our overarching goals.
But SaaS ARR was very strong in Q1, and the existing customer conversions obviously played into that.
Operator
Thank you. Next question comes from the line of Stefan Schwarz with Wells Fargo. Please go ahead.
Stefan Schwarz — Wells Fargo Securities — Analyst
This is Stefan on for Andy Nowinski. Thanks for taking my question. I wanted to ask about your focus on new logos, maybe the role that MDDR can play into that. How much education maybe do you need to do to make that a driver of new logos, and is it something that you’re thinking about?
Guy Melamed — Chief Financial Officer and Chief Operating Officer
It’s very clear that MDDR can help with new logos because it keeps the conversation very, very simple. When you go to a prospect and you’re talking about an SLA that assures Varonis will respond to a ransomware attack within 30 minutes, you get the customer’s interest. And in a way, the whole purpose of MDDR is to allow us to help the customer and protect them in a way that doesn’t require the same head count that they had to have if we were selling them the on-prem subscription solution. So, MDDR definitely fits within our offering in the simplicity and kind of doubles down on the SaaS simplicity that we had there.
And that allows us to target new customers. And I think that that story, together with the way we structured the comp plan, where reps, in order to make real money, need to focus there, I think that’s working really well.
Operator
Thank you. Next question comes from the line of Joshua Tilton with Wolfe Research. Please go ahead.
Unknown speaker
Hey, this is Patrick on for Josh. Thanks for taking my question. Sort of piggybacking off of a few questions earlier around the healthy pipeline build with respect to AI and sort of asking it a different way, can you kind of talk about — and I know it’s early, but talk about the sales cycles you’re sort of expecting to see around the Copilot offering? Do you expect them to be sort of in line with what you see with the rest of the business or potentially longer as customers are sort of pushing off adoption of AI? Thanks.
Yaki Faitelson — Chief Executive Officer
So, still early. We can’t say how it’s going to affect the sales cycles. But I will tell you that what is happening is it’s take the problem that they have and just expose it immediately. It will be — organizations will take a lot of risk to use this AI tool without proper data security in place.
But we still need to see how it will play out. The reality that I think that organizations slowly but surely understand that without a solution like ours, they can’t be protected from data breaches. And it’s always about a data breach. It can come from insider and APTs, people trying to get credentials.
Once you have an identity, there is no perimeter anymore, and people are not — and bad actors are not doing anything that is very sophisticated, just trying starting to take data. And we believe that we are the best solution to make sure that you will not have a data breach. And I also think that gradually, the marketplace understand it because they look at what’s going on. You see attacks that are more sophisticated.
They are always about the data while organizations are spending a fortune on perimeter security, and this is something that is just not sustainable.
Operator
Thank you. Ladies and gentlemen, we have reached the end of question-and-answer session. I would now like to turn the floor over to Tim Perz for closing comments.
Tim Perz — Director, Investor Relations
Thanks for the interest in Varonis. We look forward to meeting with you all at the conferences this quarter.
Operator
[Operator signoff]
Duration: 0 minutes
Call participants:
Tim Perz — Director, Investor Relations
Yaki Faitelson — Chief Executive Officer
Guy Melamed — Chief Financial Officer and Chief Operating Officer
Saket Kalia — Barclays — Analyst
Unknown speaker
Matt Swanson — RBC Capital Markets — Analyst
Fatima Boolani — Citi — Analyst
Brian Essex — JPMorgan Chase and Company — Analyst
Roger Boyd — UBS — Analyst
Shaul Eyal — TD Cowen — Analyst
Annick Baumann — Jefferies — Analyst
Jason Ader — William Blair and Company — Analyst
Shrenik Kothari — Robert W. Baird and Company — Analyst
Junaid Siddiqui — Truist Securities — Analyst
Rudy Kessinger — D.A. Davidson — Analyst
Stefan Schwarz — Wells Fargo Securities — Analyst
More VRNS analysis
All earnings call transcripts
