Tenable Announces Intent to Acquire Alsid

Investor Q&A

The pending combination of Tenable and Alsid will bring together two pioneers in risk-based vulnerability management and Active Directory security. Both advanced threats and more common hacks have long-focused on active directory as a means to enable lateral movement and establish persistence. Over the last 12 months with the WFH trend, and now SunBurst, the importance of users and what they can do or have access to has never been more instrumental to risk management. 


Show All
Why Active Directory?
Active Directory security is a complex problem and seldom done securely. As we've seen with the flurry of hacks, ranging from the sophisticated SolarWinds compromise all the way down to typical ransomware attacks, bad actors go after the Active Directory infrastructure to gain lateral movement and establish persistence. This risk has never been more acute than it is today. With so many people working remotely and often using personal devices to connect to corporate systems, Active Directory is playing a critical role in managed single sign on. We believe that tightly controlling the privileges of accounts, particularly in Active Directory environments, is as foundational to reducing risk to the business as the basic blocking and tackling of configuration management and deploying security updates. 
Why now?
Understanding account access to systems and how those cascade across compute environments is a strategic and important complement to vulnerability management and systems hygiene, and is increasingly imperative to holistically managing risk, especially in complex cloud and hybrid environments. With more employees working remotely, it is an ideal time for organizations to increasingly focus on securing accounts  -- employees, service contractors, temporary workers, and others -- and their access to and permissions within Active Directory as strategic to their cybersecurity posture. 
What does Alsid do?
Alsid for Active Directory monitors the security of Active Directory in real time. By identifying weaknesses in the pathways with a lightweight, agentless approach, Alsid rapidly recommends remediations that disrupt any possible attack path without deploying disruptive agents that could introduce risk into the environment. The solution continuously and non-disruptively discovers new attack pathways and detects ongoing attacks in real time, recommending remediations without the need to deploy agents or leverage privileged accounts. 
Where is Alsid located and who founded it?
Alsid is headquartered in Paris, France. Alsid was founded in 2016 by two former incident responders from the French National Cybersecurity Agency (ANSSI), Emmanuel Gras and Luc Delsalle, who will be joining the Tenable team to help lead the operations going forward. 
Why is this solution important to Tenable and to Vulnerability Management?
This acquisition will extend the breadth of Tenable’s leadership in risk-based vulnerability management to accounts, managing account privileges in the same way as IT assets and risk. Following the acquisition of Alsid, Tenable's coverage will include Active Directory security for even the most complex enterprise user environments, combining vulnerability data, threat intelligence and account permissions for a more holistic view of risk and the ability to predict which issues to fix first. We view the acquisition of Alsid as a natural extension into user access and permissioning. Once completed, this acquisition will be a strategic complement to our Cyber Exposure vision to help organizations understand and reduce cyber risk across the entire attack surface.
Are companies shifting from on prem Active Directory to the cloud? Will you be competitive in the cloud/with Microsoft Azure deployments?
Active Directory deployments remain largely on-prem today with some workloads shifting to Azure AD. Most of our large enterprise customers maintain a hybrid Active Directory deployment. This is one reason why the acquisition of Alsid is so compelling. They fully support these complex hybrid deployments. We believe this is critically important because Alsid’s platform secures existing on-prem and hybrid environments. 
Show All
Are you bringing over some pipeline and some capacity?
We are excited about welcoming their talented, specialized team of Active Directory security professionals following the closing. The company has been largely focused on product development, but we expect to be able to bring over a building pipeline, Active Directory expertise in sales and sales engineering and a customer base, including many overlapping customers. The exciting opportunity here will be to leverage our distribution channels and enable our salesforce to sell the product over the longer term.  
Do you anticipate the Active Directory security product would have the same buyer as VM?
We do. We believe the teams focused on auditing and securing Active Directory are largely the same buyer as VM and the office of the CISO. The purchase is often in collaboration with IT/Identity teams but frequently the security of the Active Directory falls under the CISO office.
Who are Alsid’s target customers?
Alsid’s capabilities are broadly applicable, but where we believe they really shine is in complex organizations with multiple domains and business units, often with a history of acquisitions and correspondingly complex Active Directory deployments. Alsid’s go-to-market motion has been focused on large enterprises, very much in line with our GTM.
Financial and Legal
Show All
When do you expect the deal to close?
We expect the deal to close early in the second quarter, subject to customary closing conditions and the regulatory approval of the Ministry of the Economy in France.
How does Alsid sell their solutions?
Alsid has a Software-as-a-Service (SaaS) solution and an on-premise deployment option but both are sold via an annual prepaid subscription model. 
What is the revenue model?
Alsid has not yet adopted ASC 606, but we anticipate ratable revenue recognition treatment for their SaaS offering, consistent with our model. For the on-premise offering, we expect to recognize revenue related to the license at the time of delivery and revenue related to ongoing updates and support over the term of the arrangement. 
What is the overall growth profile of the company?
Subject to closing in early Q2, Alsid is expected to contribute approximately one percentage point of growth to revenue and calculated current billings in 2021. While we have announced our intent to acquire the company, given the normal course of approvals for the Ministry of Economy in France, we expect to close the acquisition early in the second quarter and look forward to updating you on our next earnings call.
What are the expected transaction costs associated with the deal?
We expect to incur $3-4M in acquisition-related expenses, including transaction expenses over the course of the first and second quarters in 2021.  Consistent with prior practice, we plan to exclude these costs from our non-GAAP results.
What is the anticipated impact on OpEx?
Alsid has approximately 100 employees, located primarily in France. While many of these employees are Active Directory-focused product engineers, there are a number of GTM teams in other countries that have been added recently to capture the global demand. We anticipate the incremental opex will be in the range of $15-20M for the stub period but we will provide a better estimate on our next earnings call once the deal closes.
Do you expect the same impact on free cash flow as OpEx?
FCF in 2021 is expected to be impacted to a lesser extent than the impact to OpEx and expected to be accretive some time in 2022. The acquisition is not expected to impact our free cash flow generation over the longer term nor our ability to expand our free cash flow margin for the year. 
How can I learn more?
Please feel free to reach out to us at https://investors.tenable.com/investor-resources/contact-ir and you can listen to our fireside chat at the Goldman Sachs conference held on February 10th at 9:40am. 

Forward Looking Statements
This Q&A contains forward-looking information related to Tenable, Alsid and the potential acquisition that involves substantial risks, uncertainties and assumptions that could cause actual results to differ materially from those expressed or implied by such statements. Forward-looking statements in this communication include, among other things, statements about the potential benefits of the acquisition, anticipated earnings enhancements, anticipated capital expenditures and product developments and other possible or assumed business strategies, potential growth opportunities, new products and potential market opportunities. Risks and uncertainties include, among other things, our ability to successfully integrate Alsid’s operations; our ability to implement our plans, forecasts and other expectations with respect to Alsid’s business; our ability to realize the anticipated benefits of the acquisition, including the possibility that the expected benefits from the acquisition will not be realized or will not be realized within the expected time period; our ability to consummate the transaction pursuant to the terms and in accordance with the timing described in this Q&A; failure to obtain necessary regulatory approvals (and the risk that such approvals may result in the imposition of conditions that could adversely affect the combined company or the expected benefits of the transaction); disruption from the acquisition making it more difficult to maintain business and operational relationships; the inability to retain key employees; the negative effects of the consummation of the acquisition on the market price of our common stock or on our operating results; unknown liabilities; attracting new customers and maintaining and expanding our existing customer base, our ability to scale and update our platform to respond to customers’ needs and rapid technological change, increased competition on our market and our ability to compete effectively, and expansion of our operations and increased adoption of our platform internationally.

Additional risks and uncertainties that could affect our financial results are included in the section titled “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations” in our Annual Report on Form 10-K for the year ended December 31, 2019, our quarterly report on Form 10-Q for the quarter ended September 30, 2020 and other filings that we make from time to time with the Securities and Exchange Commission which are available on the SEC’s website at www.sec.gov. In addition, any forward-looking statements contained in this communication are based on assumptions that we believe to be reasonable as of this date. Except as required by law, we assume no obligation to update these forward-looking statements, or to update the reasons if actual results differ materially from those anticipated in the forward-looking statements.