An Ark Full of Security

CyberArk Software Ltd. (NASDAQ:CYBR) of Israel has been on our acquisition list for 7 years. Like Noah's ark secured the human race, CyberArk wants to make us all safer. Our Seeking Alpha article about the identity security company appeared on S A on November 28, 2018; the share price was on the move up topping $68.35 each at the time of publication. The share price closed the second week of December ’23 near its 52-week high at $204.53 then slipped to $201.25 to close the second week of December '23.

In our opinion, current measures substantiate the stock’s Buy-rating status we, S A, and Wall Street analysts assign it at this time.

CyberArk stands out from its peers in several ways meaningful to investors. My associate, Dan Goldmeier, now VP of Sales & Marketing at start-up Hospice Tools in Chicago, worked with CyberArk in a former position at an Israeli software company. He rates CyberArk "a great company with some of the best tech for cybersecurity for governments and banks and enterprise companies. And the service to customers with boots on the ground is stellar."

In a survey by Gartner Peer Insights, CyberArk reviews rate it higher than Microsoft (MSFT) and 22 other well-known players in the field of Identity Security. CyberArk is "better at service and support, easier to integrate and deploy, and better evaluation and contracting."

A second reason for our gleam comes from the company's strategy of generating growing recurring revenue; that translates to good earnings and high margins. The quarterly gross profit margin over the last 3 quarters averages ~80% and 81.59% over all the years. That number is better than 85% of GPM of companies in the industry. CyberArk's operating and net margins rank lower than those of industry competitors but CyberArk is producing enough cash flow for the company liquidity ranking to place it mid-level among its peers.

Profile

According to Stockanalysis.com, CyberArk is the seventh largest, Israel-based, publicly traded, business on a U. S. exchange by market cap (~$8.39B) with annual revenue touching $700M.

A primary reason for the resiliency of Israel's stocks is that most of the above companies have R&D and marketing offices overseas and customers are worldwide. Overseas locations operationally support CyberArk's Israel and West Bank locations. Its operations, productivity, and output are minimally affected by the war.

CyberArk Software develops, markets, and sells software security programs and services. It is building subscription revenue, too.

Brand names include

• Privileged Access protects against attacks involving privileged access;
• Vendor Privileged Access combines PAM and Remote Access for third-party vendors;
• Endpoint Privilege Manager is a SaaS solution that secures privileges on the endpoint;
• Cloud Security is a SaaS solution that cuts risks arising from excessive privileges in cloud environments.
• Identity and Workforce Access covers workforce identity security by offering adaptive multi-factor authentication (MFA), single sign-on, secure Web sessions, workforce password management, application gateway, identity lifecycle management, directory services customer identity services, and more.
• Secrets Management manages the credentials used by third-party solutions and Secrets Manager Conjur secures cloud-native applications to develop AWS secrets.

Customers include financial services, manufacturing, insurance, healthcare, energy and utilities, transportation, retail, technology, and telecommunications industries. Private customers and government agencies are reached through CyberArk’s direct sales force, channel sales, security service providers, and advisory partners.

The company was founded in 1999 when Israel’s burgeoning tech industry engendered its tag name, the Start-Up Nation. Late this year, CyberArk was named an Overall Leader in the KuppingerCole Analysts AG 2023 “Leadership Compass: Access Management” report. “The company’s overall leadership position is based on the strength of its CyberArk Identity offering across the report’s product, innovation and market categories.”

CyberArk’s growth is partly attributable to its acquisition of 7 companies in software and IT at a cost of nearly $145M over the years. S A reports investment firm Wedbush Securities recently cited CyberArk among the global leaders likely to benefit from increased Washington spending next year on security and risk management; it projects total spending of $215B in ’24 or +14% Y/Y. Israel’s cybersecurity firms and government are projected to report revenue to grow in 2024 at an annual CAGR average of 11.66% hitting a market volume of $1.5B by FY ’28. This might be an underestimation considering how significantly cybersecurity firms are aiding in Israel’s anti-terror war effort.

More Good News

Q3 ’23 reported in November was one of the company’s best quarters. Demand for Identity Security is a global priority according to the CEO: “Total bookings growth accelerated and…significantly outpaced our guidance framework.” The engagement of customers on a subscription model resulted in “a break-out in terms of product ARR (annual recurring revenue) subscription growth, rising to a quarterly level," according to S A analyst Bert Hochfeld.

The shareholders were also told

"Subscription ARR reached $504 million growing 68% year-over-year. Total ARR reached $705 million growing 38%. We added a robust $52 million in net new ARR and we exceeded our guidance range across revenue, operating income and EPS with total revenue accelerating to 25% growth, reaching $191 million. Non-GAAP operating income came in at approximately $17 million, and we generated non-GAAP earnings per share of $0.42. Throughout the year, our team has personified excellence in execution, and we have navigated the macroeconomic landscape exceptionally well. While uncertainty persisted in the third quarter, we experienced a firming of the macro environment compared to the last few quarters. Our execution was even stronger in Q3, as seen in our meaningful top and bottom line outperformance… The velocity of our business is picking up as customers achieve faster time to value with our SaaS solutions."

We foresee significant revenue growth, and better and more consistent EPS upside over the next 2 years and into the future. Identity cybersecurity is an important part of risk management in public space security, as we discussed in a accurate article about Evolv Technologies Holdings, Inc. (EVLV). We think the increase in demand for CyberArk’s products and services on a subscription basis is going to positively affect the consensus FY ‘24 EPS forecast loss to between -$1.73-to -$2.38 from the 2023 consensus between -$2.31-to -$2.40 per share. Wells Fargo (WFC) recently upgraded its average target price from $201 to $231.

We see an opportunity for an average target share price of +$250 over the next 3 to 6 months with no impediments to ending this rally anytime soon.

Finally, media coverage and sentiment about CyberArk was bullish most of the year and seems to remain so.

Risks

In our 2018 article, we wrote, “CyberArk is a solid investment for small investors interested in the cybersecurity industry. There is plenty of room for growth and opportunities for climbing to the target prices set by institutional investors.” Little has changed except, to note, that S A downgraded its Quant Rating assessment this year to Hold, as the share price soared $100 from the end of 2022 lowering its valuation. We consider this new status a risk flag and investors need to watch valuation.

Another concern is the conflict in Gaza; when Israel was invaded by Hamas in October, the average share price of Israel-based firms dived around 14% to 16%. Shares of CyberArk sold for $171 each in Sep ’23, slipped to ~$156 in late October, but are back-up, as we predicted the share prices would be once initial economic-impact revisions were evaluated.

Third, corporate insiders do not own many shares and that is never reassuring to retail value investors. Hedge funds consistently bought the stock in the first quarter of 2023 and in greater quantities beginning in May ’23. Since the rally, funds have tended to sell, decreasing their holdings by 102K shares last quarter. At its peak number in Q1 ’23, 33 hedge funds owned shares, 27 in Q2, and 30 at the end of Q3 ’23.

We do not see any downward trend evolving yet despite the greatest risk which is the high valuation. The company holds $571.6M in debt but last reported $906.2M in cash and equivalents; plus, its market cap tops $8B. CyberArk’s net cash flow from operations is slightly up but so are liabilities. It is liquid enough to cover outstanding financial obligations. Short interest moved up to +5% on the share price rise with days to cover 3-to-4 down from +7 last August.

CyberArk is in a labor-intensive business competing for trained innovative-thinking employees. In February ’23, the company hired another 150 employees to keep R&D apace. Officials also announced the CEO of 18 years is stepping down, but we expect any new moves to be delayed until after the war on terrorists is settled.

Valuation

Regarding S A’s valuation F grade, a peek at the metrics reveals the share price rally puts them out-of-sync with sector mean numbers. For example, P/E non-GAAP forward is 261.6 versus the sector mean of 23.8; PEG non-GAAP is 11.89 versus 2.03; and EV to Sales TTM and FWD is around 11 to the sector’s mean of 2.88 and 2.81, respectively. EV/EBITDA gets an F standing at 1.88 to 15.3. CyberArk’s price to various metrics all rate a D- or F. Concomitantly, its Enterprise Value has steadily risen:

In our opinion, considering EV growth, past and potential revenue and earnings growth, liquidity, potential for generating recurring income, and other metrics, we conclude the shares selling at around $210 each is a reasonable fair value but other valuation gauges suggest there is potential for the share price to move up higher.

Granted, the current share price is on the expensive side of fair value; we think fair value will rise when its price-to-sales ratio becomes more balanced as the company grows, cuts debt, enjoys the results of lower loan interest rates, and Identity Security software grows in sophistication and effectiveness pushing massive industry growth.

More value lies in the potential for this Israeli tech company garnering M&A attention from a suitor. These deals are at a 9 year low because of the war but identity tech companies have learned a lot from the war making CyberArk potentially more valuable.

Takeaway

We see from the valuation metrics a rising risk from sell-offs to take profits as we near the end of the year and start a new one. But predictions are, for the most part, 2024 will be a big up year for the stock market. The demand for identity security is only going to increase. We do not see any other significant downward pressures over the next 6 months on the stock. CyberArk is facing few risks, is carrying through on its subscription strategy, and has the potential for tremendous growth worldwide. It is why the company gets a better Factor Grade for Momentum from 6 and 3 months earlier and we see the stock as a Buy opportunity even at +$200 per share.

With the Addition of New Passwordless Authentication Options, CyberArk Furthers Its Commitment to Helping Customers Reduce Credential Theft and Strengthen Productivity

CyberArk (NASDAQ: CYBR), the identity security company, today announced it has expanded passwordless authentication capabilities with new passkeys support. Now, CyberArk Identity customers can accelerate passwordless adoption and reduce cybersecurity risk by enabling the use of passkeys to easily access apps and websites using strong authentication methods like biometrics.

Stealing or abusing credentials to compromise identities is how most breaches begin. Passkeys extend a passwordless strategy to reduce the attack surface and minimize credential theft. The addition of passkeys provides CyberArk Identity customers with phishing-resistant, FIDO2-compliant credentials that replace passwords, providing the strongest level of protection against identity theft and account takeover and is a NIST Authentical Assurance Level (AAL3) authentication method. Additionally, passkeys work across user devices, and even work on those within physical proximity, improving user experiences by simplifying and speeding up authentication flows.

CyberArk Identity delivers a set of SaaS solutions designed to simplify enterprise identity and access management while providing a high level of security. Part of the CyberArk Identity Security Platform, CyberArk Identity helps today’s businesses overcome user authentication, authorization and identity management challenges accompanying business transformation initiatives. With the CyberArk platform, organizations can enable Zero Trust and least privilege with complete visibility, enabling every identity to access any resource more securely, located anywhere, from everywhere – and with intelligent privilege controls.

CyberArk Identity also provides support for YubiKey One Time Passcode (OTP). YubiKey is a widely used physical authentication device that complies with NIST 800-63B guidelines regarding Authentication Assurance Level 2 (AAL2). With the OTP generated by their YubiKey, users can securely authenticate to any application protected by CyberArk Identity.

“Passwords are the weakest link in the security chain, and they are often the root cause of data breaches and cyberattacks. By introducing passkeys for passwordless authentication, we are further enabling our customers to eliminate passwords from their authentication workflows,” said Gil Rapaport, general manager, Access, CyberArk. “CyberArk is committed to delivering the most comprehensive and innovative identity security solutions on the market. By extending passwordless authentication options, not only are we helping to eliminate password-based risk for our customers, but we are also improving productivity and the overall user experience.”

CyberArk was named an Overall Leader in the KuppingerCole Analysts AG “Leadership Compass: Passwordless Authentication”1 report. CyberArk was highlighted as a “comprehensive, feature-rich and modern passwordless solution.” According to the report, CyberArk Identity stood out for advantages such as providing a solution for securing remote access and BYOD scenarios, flexible deployments, integration with CyberArk privileged access management solutions, strong partner ecosystem and proven scalability.

Passwordless authentication with passkeys is available now as part of the CyberArk Identity 23.11 release.

Additional Resources

About CyberArk

CyberArk (NASDAQ: CYBR) is the global leader in identity security. Centered on intelligent privilege controls, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud environments and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets. To learn more about CyberArk, visit https://www.cyberark.com, read the CyberArk blogs or follow on LinkedIn, X, Facebook or YouTube.

View source version on businesswire.com: https://www.businesswire.com/news/home/20231121808245/en/

CyberArk Elevates Passwordless Experience with New Passkeys Authentication

With the Addition of New Passwordless Authentication Options, CyberArk Furthers Its Commitment to Helping Customers Reduce Credential Theft and Strengthen Productivity

CyberArk (NASDAQ: CYBR), the identity security company, today announced it has expanded passwordless authentication capabilities with new passkeys support. Now, CyberArk Identity customers can accelerate passwordless adoption and reduce cybersecurity risk by enabling the use of passkeys to easily access apps and websites using strong authentication methods like biometrics.

Stealing or abusing credentials to compromise identities is how most breaches begin. Passkeys extend a passwordless strategy to reduce the attack surface and minimize credential theft. The addition of passkeys provides CyberArk Identity customers with phishing-resistant, FIDO2-compliant credentials that replace passwords, providing the strongest level of protection against identity theft and account takeover and is a NIST Authentical Assurance Level (AAL3) authentication method. Additionally, passkeys work across user devices, and even work on those within physical proximity, improving user experiences by simplifying and speeding up authentication flows.

CyberArk Identity delivers a set of SaaS solutions designed to simplify enterprise identity and access management while providing a high level of security. Part of the CyberArk Identity Security Platform, CyberArk Identity helps today’s businesses overcome user authentication, authorization and identity management challenges accompanying business transformation initiatives. With the CyberArk platform, organizations can enable Zero Trust and least privilege with complete visibility, enabling every identity to access any resource more securely, located anywhere, from everywhere – and with intelligent privilege controls.

CyberArk Identity also provides support for YubiKey One Time Passcode (OTP). YubiKey is a widely used physical authentication device that complies with NIST 800-63B guidelines regarding Authentication Assurance Level 2 (AAL2). With the OTP generated by their YubiKey, users can securely authenticate to any application protected by CyberArk Identity.

“Passwords are the weakest link in the security chain, and they are often the root cause of data breaches and cyberattacks. By introducing passkeys for passwordless authentication, we are further enabling our customers to eliminate passwords from their authentication workflows,” said Gil Rapaport, general manager, Access, CyberArk. “CyberArk is committed to delivering the most comprehensive and innovative identity security solutions on the market. By extending passwordless authentication options, not only are we helping to eliminate password-based risk for our customers, but we are also improving productivity and the overall user experience.”

CyberArk was named an Overall Leader in the KuppingerCole Analysts AG “Leadership Compass: Passwordless Authentication”1 report. CyberArk was highlighted as a “comprehensive, feature-rich and modern passwordless solution.” According to the report, CyberArk Identity stood out for advantages such as providing a solution for securing remote access and BYOD scenarios, flexible deployments, integration with CyberArk privileged access management solutions, strong partner ecosystem and proven scalability.

Passwordless authentication with passkeys is available now as part of the CyberArk Identity 23.11 release.

Additional Resources

About CyberArk

CyberArk (NASDAQ: CYBR) is the global leader in identity security. Centered on intelligent privilege controls, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud environments and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets. To learn more about CyberArk, visit https://www.cyberark.com, read the CyberArk blogs or follow on LinkedIn, X, Facebook or YouTube.

press@cyberark.com

View source version on businesswire.com: https://www.businesswire.com/news/home/20231121808245/en/