Draft no. 2 confidentially submitted to the Securities and Exchange Commission on June 6, 2018.

This draft registration statement has not been publicly filed with the Securities and Exchange Commission and all information herein remains strictly confidential.

Registration Statement No. 333-          

UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

WASHINGTON, D.C. 20549

FORM S-1

REGISTRATION STATEMENT

UNDER

THE SECURITIES ACT OF 1933

TENABLE HOLDINGS, INC.

(Exact name of registrant as specified in its charter)

7021 Columbia Gateway Drive, Suite 500

Columbia, Maryland 21046

(410) 872-0555

(Address, including zip code, and telephone number, including area code, of registrant’s principal executive offices)

Amit Y. Yoran

Chief Executive Officer

Tenable Holdings, Inc.

7021 Columbia Gateway Drive, Suite 500

Columbia, Maryland 21046

(410) 872-0555

(Name, address, including zip code, and telephone number, including area code, of agent for service)

Copies to:

Approximate date of commencement of proposed sale to the public: As soon as practicable after the effective date of this registration statement.

If any of the securities being registered on this Form are to be offered on a delayed or continuous basis pursuant to Rule 415 under the Securities Act of 1933, as amended, check the following box.  ☐

If this Form is filed to register additional securities for an offering pursuant to Rule 462(b) under the Securities Act, check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering.  ☐

If this Form is a post-effective amendment filed pursuant to Rule 462(c) under the Securities Act, check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering.  ☐

If this Form is a post-effective amendment filed pursuant to Rule 462(d) under the Securities Act, check the following box and list the Securities Act registration number of the earlier effective registration statement for the same offering.  ☐

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company” and “emerging growth company” in Rule 12b-2 of the Exchange Act.

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 7(a)(2)(B) of the Securities Act.  ☒

CALCULATION OF REGISTRATION FEE

The registrant hereby amends this Registration Statement on such date or dates as may be necessary to delay its effective date until the registrant shall file a further amendment that specifically states that this Registration Statement shall thereafter become effective in accordance with Section 8(a) of the Securities Act of 1933, as amended, or until the Registration Statement shall become effective on such date as the Securities and Exchange Commission, acting pursuant to said Section 8(a), may determine.

The information in this prospectus is not complete and may be changed. We may not sell these securities until the registration statement filed with the Securities and Exchange Commission is effective. This prospectus is not an offer to sell these securities and we are not soliciting offers to buy these securities in any state where the offer or sale is not permitted.

PRELIMINARY PROSPECTUS

(Subject to Completion) Issued                 , 2018

                 Shares

COMMON STOCK

Tenable Holdings, Inc. is offering                 shares of its common stock. This is our initial public offering, and no public market currently exists for our shares of common stock. We anticipate that the initial public offering price will be between $                and $                per share.

We intend to apply to list our common stock on the Nasdaq Global Market under the symbol “TNBL.”

We are an “emerging growth company” as defined under the U.S. federal securities laws and, as such, may elect to comply with certain reduced public company reporting requirements for this and future filings. Investing in our common stock involves risks. See “Risk Factors” beginning on page 13.

PRICE $                A SHARE

We have granted the underwriters the right to purchase up to an additional                  shares of common stock to cover over-allotments.

The Securities and Exchange Commission and state securities regulators have not approved or disapproved of these securities, or determined if this prospectus is truthful or complete. Any representation to the contrary is a criminal offense.

The underwriters expect to deliver the shares of common stock to purchasers on                , 2018.

                , 2018

TABLE OF CONTENTS

You should rely only on the information contained in this document and any free writing prospectus we may authorize to be delivered or made available to you. We and the underwriters have not authorized anyone to provide any information or to make any representations other than those contained in this prospectus or in any free writing prospectus prepared by us or on our behalf. We and the underwriters take no responsibility for, and can provide no assurance as to the reliability of, any other information that others may give you. This prospectus is an offer to sell only the shares offered hereby, but only under circumstances and in jurisdictions where it is lawful to do so. The information contained in this prospectus is current only as of its date, regardless of the time of delivery of this prospectus or any sale of shares of our common stock.

Through and including                , 2018 (25 days after the date of this prospectus), all dealers that effect transactions in our common stock, whether or not participating in this offering, may be required to deliver a prospectus. This delivery requirement is in addition to the dealer’s obligation to deliver a prospectus when acting as an underwriter and with respect to unsold allotments or subscriptions.

For investors outside the United States: We and the underwriters have not done anything that would permit this offering or the possession or distribution of this prospectus in any jurisdiction where action for those purposes is required, other than in the United States. Persons outside the United States who come into possession of this prospectus must inform themselves about, and observe any restrictions relating to, the offering of the shares of common stock and the distribution of this prospectus outside of the United States.

i

1

2

3

4

5

6

7

8

9

10

11

12

RISK FACTORS

Investing in our common stock involves a high degree of risk. You should consider carefully the risks and uncertainties described below, together with all of the other information in this prospectus, including our consolidated financial statements and related notes, before deciding whether to purchase shares of our common stock. The risks and uncertainties described below are not the only ones we face. Additional risks and uncertainties that we are unaware of, or that we currently believe are not material, may also become important factors that affect us. If any of the following risks are realized, our business, financial condition, results of operations and prospects could be materially and adversely affected. In that event, the price of our common stock could decline, and you could lose part or all of your investment.

Risks Related to Our Business and Industry

We have a history of losses and may not achieve or maintain profitability in the future.

We have historically incurred net losses, including net losses of $37.2 million, $41.0 million and $15.9 million in 2016, 2017 and the three months ended March 31, 2018, respectively. As of March 31, 2018, we had an accumulated deficit of $408.5 million. Because the market for our offerings is highly competitive and rapidly evolving and these solutions have not yet reached widespread adoption, it is difficult for us to predict our future results of operations. While we have experienced significant revenue growth in recent periods, we are not certain whether or when we will obtain a high enough volume of sales of our offerings to sustain or increase our growth or achieve or maintain profitability in the future. We also expect our costs to increase in future periods, which could negatively affect our future operating results if our revenue does not increase at a greater rate. In particular, we expect to continue to expend substantial financial and other resources on:

These investments may not result in increased revenue or growth in our business. If we are unable to increase our revenue at a rate sufficient to offset the expected increase in our costs, our business, financial position and results of operations will be harmed and we may not be able to achieve or maintain profitability over the long term. Additionally, we may encounter unforeseen operating expenses, difficulties, complications, delays and other unknown factors that may result in losses in future periods. If our revenue growth does not meet our expectations in future periods, our financial performance may be harmed, and we may not achieve or maintain profitability in the future.

We may not be able to sustain our revenue growth rate in the future.

From 2016 to 2017, our revenue grew from $124.4 million to $187.7 million, representing year-over-year growth of 51%. Our adoption of ASC 606 as of January 1, 2017 contributed three percentage points to that growth rate. From the three months ended March 31, 2017 to the three months ended March 31, 2018, our revenue grew from $40.5 million to $59.1 million, representing year-over-year growth of 46%. This growth was primarily from an increase in subscription revenue. Although we have experienced rapid growth historically and currently have high customer renewal rates, we may not continue to grow as rapidly in the future due to a decline in our renewal rates, failure to attract new customers or other factors. Any success that we may experience in the future will depend in large part on our ability to, among other things:

13

If we are unable to maintain consistent revenue or revenue growth, our stock price could be volatile, and it may be difficult to achieve and maintain profitability. You should not rely on our revenue for any prior quarterly or annual periods as any indication of our future revenue or revenue growth.

We may be unable to rapidly and efficiently adjust our cost structure in response to significant revenue declines, which could adversely affect our operating results.

We recognize substantially all of our revenue ratably over the term of our subscriptions and, to a lesser extent, perpetual licenses ratably over an expected period of benefit and, as a result, downturns in sales may not be immediately reflected in our operating results.

We recognize substantially all of our revenue ratably over the terms of our subscriptions with customers, which generally occurs over a one-year period and, for our perpetual licenses, over a five-year expected period of benefit. As a result, a substantial portion of the revenue that we report in each period will be derived from the recognition of deferred revenue relating to agreements entered into during previous periods. Consequently, a decline in new sales or renewals in any one period may not be immediately reflected in our revenue results for that period. This decline, however, will negatively affect our revenue in future periods. Accordingly, the effect of significant downturns in sales and market acceptance of our solutions and potential changes in our rate of renewals may not be fully reflected in our results of operations until future periods. This also makes it difficult for us to rapidly increase our revenue growth through additional sales in any period, as revenue from new customers generally will be recognized over the term of the applicable agreement.

We may not be able to scale our business quickly enough to meet our customers’ growing needs.

As usage of our enterprise platform grows, and as customers expand in size or expand the number of IT assets or IP addresses under their subscriptions, we may need to devote additional resources to improving our technology architecture, integrating with third-party systems and maintaining infrastructure performance. In addition, we will need to appropriately scale our sales and marketing headcount, as well as grow our third-party channel partner network, to serve our growing customer base. If we are unable to scale our business appropriately, it could reduce the attractiveness of our solutions to customers, resulting in decreased sales to new customers, lower renewal rates by existing customers or the issuance of service credits or requested refunds, each of which could hurt our revenue growth and our reputation. Even if we are able to upgrade our systems and expand our personnel, any such expansion will be expensive and complex, requiring management time and attention. We could also face inefficiencies or operational failures as a result of our efforts to scale our infrastructure. Moreover, there are inherent risks associated with upgrading, improving and expanding our information technology systems. We cannot be sure that the expansion and improvements to our infrastructure and systems will be fully or effectively implemented on a timely basis, if at all. These efforts may reduce revenue and our margins and adversely impact our financial results.

If our enterprise platform offerings do not interoperate with our customers’ network and security infrastructure or with third-party products, websites or services, our results of operations may be harmed.

Our enterprise platform offerings, Tenable.io and SecurityCenter, must interoperate with our customers’ existing network and security infrastructure. These complex systems are developed, delivered and maintained by

14

the customer and a myriad of vendors and service providers. As a result, the components of our customers’ infrastructure have different specifications, rapidly evolve, utilize multiple protocol standards, include multiple versions and generations of products and may be highly customized. We must be able to interoperate and provide our security offerings to customers with highly complex and customized networks, which requires careful planning and execution between our customers, our customer support teams and our channel partners. Further, when new or updated elements of our customers’ infrastructure or new industry standards or protocols, such as HTTP/2, are introduced, we may have to update or enhance our cloud platform and our other solutions to allow us to continue to provide service to customers. Our competitors or other vendors may refuse to work with us to allow their products to interoperate with our solutions, which could make it difficult for our cloud platform to function properly in customer networks that include these third-party products.

We may not deliver or maintain interoperability quickly or cost-effectively, or at all. These efforts require capital investment and engineering resources. If we fail to maintain compatibility of our cloud platform and our other solutions with our customers’ network and security infrastructures, our customers may not be able to fully utilize our solutions, and we may, among other consequences, lose or fail to increase our market share and experience reduced demand for our services, which would materially harm our business, operating results and financial condition.

If our solutions fail to detect vulnerabilities or incorrectly detect vulnerabilities, or if they contain undetected errors or defects, our brand and reputation could be harmed.

If our solutions fail to detect vulnerabilities in our customers’ cybersecurity infrastructure, or if our solutions fail to identify to new and increasingly complex methods of cyberattacks, our business and reputation may suffer. There is no guarantee that our solutions will detect all vulnerabilities, especially in light of the rapidly changing security landscape to which we must respond. Additionally, our solutions may falsely detect vulnerabilities or threats that do not actually exist. For example, our solutions rely on information provided by an active community of users who contribute new exploits, attacks and vulnerabilities. If the information from these third parties is inaccurate, the potential for false indications of security vulnerabilities increases. These false positives, while typical in the industry, may impair the perceived reliability of our offerings and may therefore adversely impact market acceptance of our products and could result in negative publicity, loss of customers and sales and increased costs to remedy any problem.

Our solutions may also contain undetected errors or defects when first introduced or as new versions are released. We have experienced these errors or defects in the past in connection with new solutions and product upgrades and we expect that these errors or defects will be found from time to time in the future in new or enhanced solutions after commercial release. Defects may cause our solutions to be vulnerable to attacks, cause them to fail to detect vulnerabilities, or temporarily interrupt customers’ networking traffic. Any errors, defects, disruptions in service or other performance problems with our solutions may damage our customers’ business and could hurt our reputation. If our solutions or fail to detect vulnerabilities for any reason, we may incur significant costs, the attention of our key personnel could be diverted, our customers may delay or withhold payment to us or elect not to renew or other significant customer relations problems may arise. We may also be subject to liability claims for damages related to errors or defects in our solutions. A material liability claim or other occurrence that harms our reputation or decreases market acceptance of our solutions may harm our business and operating results.

An actual or perceived security breach or theft of the sensitive data of one of our customers, regardless of whether the breach is attributable to the failure of our solutions, could adversely affect the market’s perception of our brand and our offerings and subject us to legal claims.

15

Our future quarterly results of operations are likely to fluctuate significantly due to a wide range of factors, which makes our future results difficult to predict.

Our revenue and results of operations have historically varied from period to period, and we expect that they will continue to do so as a result of a number of factors, many of which are outside of our control, including:

Any one of these or other factors discussed elsewhere in this prospectus, or the cumulative effect of some of these factors, may result in fluctuations in our revenue and operating results, meaning that quarter-to-quarter comparisons of our revenue, results of operations and cash flows may not necessarily be indicative of our future performance and may cause us to miss our guidance and analyst expectations and may cause our stock price to decline.

16

In addition, we have historically experienced seasonality in entering into agreements with customers. We typically enter into a significantly higher percentage of agreements with new customers, as well as renewal agreements with existing customers, in the third and fourth quarters. The increase in customer agreements for the third quarter is primarily attributable to U.S. government and related agencies, and the increase in the fourth quarter is primarily attributable to large enterprise account buying patterns typical in the software industry. We expect that seasonality will continue to affect our operating results in the future and may reduce our ability to predict cash flow and optimize the timing of our operating expenses.

We face intense competition.

The market for cybersecurity solutions is fragmented, intensely competitive and constantly evolving. We compete with a range of established and emerging cybersecurity software and services vendors, as well as homegrown solutions. With the introduction of new technologies and market entrants, we expect the competitive environment to remain intense going forward. Our competitors include: vulnerability management and assessment vendors, including Qualys and Rapid7; diversified security software and services vendors, including IBM; endpoint security vendors with nascent vulnerability assessment capabilities, including Tanium and CrowdStrike; and providers of point solutions that compete with some of the features present in our solutions. We also compete against internally-developed efforts that often use open source solutions.

Some of our actual and potential competitors have significant advantages over us, such as longer operating histories, significantly greater financial, technical, marketing or other resources, stronger brand and business user recognition, larger intellectual property portfolios and broader global distribution and presence. In addition, our industry is evolving rapidly and is becoming increasingly competitive. Larger and more established companies may focus on cybersecurity and could directly compete with us. Smaller companies could also launch new products and services that we do not offer and that could gain market acceptance quickly.

Our competitors may be able to respond more quickly and effectively than we can to new or changing opportunities, technologies, standards or customer requirements. With the introduction of new technologies, the evolution of our offerings and new market entrants, we expect competition to intensify in the future. In addition, some of our larger competitors have substantially broader product offerings and can bundle competing products and services with other software offerings. As a result, customers may choose a bundled product offering from our competitors, even if individual products have more limited functionality than our solutions. These competitors may also offer their products at a lower price as part of this larger sale, which could increase pricing pressure on our offerings and cause the average sales price for our offerings to decline. These larger competitors are also often in a better position to withstand any significant reduction in capital spending, and will therefore not be as susceptible to economic downturns. One component of our enterprise platform involves assessing Cyber Exposure in a public cloud environment. We are dependent upon the public cloud providers to allow our solutions to access their cloud offerings. If one or more cloud providers elected to offer exclusively their own cloud security product or otherwise eliminate the ability of our solutions to access their cloud on behalf of our customers, our business and financial results could be harmed.

Furthermore, our current and potential competitors may establish cooperative relationships among themselves or with third parties that may further enhance their resources and products and services offerings in the markets we address. In addition, current or potential competitors may be acquired by third parties with greater available resources. As a result of such relationships and acquisitions, our current or potential competitors might be able to adapt more quickly to new technologies and customer needs, devote greater resources to the promotion or sale of their products and services, initiate or withstand substantial price competition, take advantage of other opportunities more readily or develop and expand their product and service offerings more quickly than we do. For all of these reasons, we may not be able to compete successfully against our current or future competitors.

17

If we do not continue to innovate and offer solutions that address the dynamic cybersecurity landscape, we may not remain competitive.

The cybersecurity market is characterized by very rapid technological advances, changes in customer requirements, frequent new product introductions and enhancements and evolving industry standards. Our success also depends on continued innovation to provide features that make our solutions responsive to the cybersecurity landscape. While we continue to invest significant resources in research and development in order to ensure that our solutions continue to address the cyber security risks that our customers face, the introduction of solutions and services embodying new technologies could render our existing solutions or services obsolete or less attractive to customers. In addition, developing new solutions and product enhancements is expensive and time-consuming, and there is no assurance that such activities will result in significant cost savings, revenue or other expected benefits. For example, we plan to release a new product, Tenable.io Lumin, in late 2018, and there can be no assurance that product will offer the benefits we expect or generate customer interest. If we spend significant time and effort on research and development and are unable to generate an adequate return on our investment, our business and results of operations may be materially and adversely affected. Further, we may not be able to successfully anticipate or adapt to changing technology or customer requirements or the dynamic threat landscape on a timely basis, or at all, which would impair our ability to execute on our business strategy.

Our business and results of operations depend substantially on our customers renewing their subscriptions with us and expanding the number of IT assets or IP addresses under their subscriptions. Any decline in our customer renewals, terminations or failure to convince our customers to expand their use of subscription offerings would harm our business, results of operations, and financial condition.

Our subscription offerings are term-based and a majority of our subscription contracts entered into in 2017 were for one year in duration. In order for us to maintain or improve our results of operations, it is important that a high percentage of our customers renew their subscriptions with us when the existing subscription term expires, and renew on the same or more favorable terms. Our customers have no obligation to renew their subscriptions, and we may not be able to accurately predict customer renewal rates. In addition, the growth of our business depends in part on our customers expanding their use of subscription offerings and related services. Historically, some of our customers have elected not to renew their subscriptions with us for a variety of reasons, including as a result of changes in their strategic IT priorities, budgets, costs and, in some instances, due to competing solutions. Our retention rate may also decline or fluctuate as a result of a number of other factors, including our customers’ satisfaction or dissatisfaction with our software, the increase in the contract value of subscription and support contracts from new customers, the effectiveness of our customer support services, our pricing, the prices of competing products or services, mergers and acquisitions affecting our customer base, global economic conditions, and the other risk factors described in this prospectus. Additionally, many of our customers, including certain top customers, have the right to terminate their agreements with us for convenience and for other reasons. We cannot assure you that customers will maintain their agreements with us, renew subscriptions or increase their usage of our software. If our customers do not maintain or renew their subscriptions or renew on less favorable terms, or if we are unable to expand our customers’ use of our software, our business, results of operations, and financial condition may be harmed.

In addition, while customers are typically invoiced in advance, including multi-year contracts, and our contracts generally do not provide for refunds during the subscription or maintenance period, a small number of customers could take the position that provisions in their customer agreements give them the right to terminate their agreement with us, or allege a material breach of their agreement with us, due to or in connection with the sale of our common stock. Early termination of these customer agreements for these reasons would generally only allow us to retain fees already paid by the customer for services rendered prior to the termination. Termination of these agreements, or allegations that we have breached one of these agreements with them, could decrease our customer revenue and increase legal and administrative costs.

18

Our brand, reputation and ability to attract, retain and serve our customers are dependent in part upon the reliable performance of our solutions and network infrastructure.

We have experienced, and may in the future experience, disruptions, outages and other performance problems due to a variety of factors, including infrastructure changes, human or software errors, capacity constraints and fraud or cybersecurity attacks. In some instances, we may not be able to identify the cause or causes of these performance problems within an acceptable period of time.

Prolonged delays or unforeseen difficulties in connection with adding capacity or upgrading our network architecture when required may cause our service quality to suffer. Problems with the reliability or security of our systems could harm our reputation. Damage to our reputation and the cost of remedying these problems could negatively affect our business, financial condition, and operating results.

Any disruptions or other performance problems with our solutions could harm our reputation and business and may damage our customers’ businesses. Interruptions in our service delivery might reduce our revenue, cause us to issue credits to customers, subject us to potential liability and cause customers to not renew their purchases of our solutions.

We must maintain and enhance our brand.

We believe that developing and maintaining widespread awareness of our brand in a cost-effective manner is critical to achieving widespread acceptance of our enterprise platform and attracting new customers. Brand promotion activities may not generate customer awareness or increase revenue and, even if they do, any increase in revenue may not offset the expenses we incur in building our brand. If we fail to successfully promote and maintain our brand, or incur substantial expenses, we may fail to attract or retain customers necessary to realize a sufficient return on our brand-building efforts, or to achieve the widespread brand awareness that is critical for broad customer adoption of our solutions.

We rely on third parties to maintain and operate certain elements of our network infrastructure.

We utilize data centers located in North America, Europe and Asia to operate and maintain certain elements of our own network infrastructure. Some elements of this complex system are operated by third parties that we do not control and that could require significant time to replace. We expect this dependence on third parties to continue. For example, Tenable.io is hosted on Amazon Web Services, or AWS, which provides us with computing and storage capacity. Interruptions in our systems or the third-party systems on which we rely, particularly AWS, whether due to system failures, computer viruses, physical or electronic break-ins or other factors, could affect the security or availability of our solutions, network infrastructure and website.

Our existing data center facilities and third-party hosting providers have no obligations to renew their agreements with us on commercially reasonable terms or at all, and certain of the agreements governing these relationships may be terminated by either party at any time, with no or limited notice. For example, our agreement with AWS allows AWS to terminate the agreement with 30 days’ written notice. Although we expect that we could receive similar services from other third parties, if any of our arrangements with third parties, including AWS, are terminated, we could experience interruptions on our platform and in our ability to make our platform available to customers, as well as downtime, delays and additional expenses in arranging alternative cloud infrastructure services.

It is possible that our customers and potential customers would hold us accountable for any breach of security affecting third parties’ infrastructure. We may incur significant liability from those customers and from third parties with respect to any such breach. Because our agreement with AWS limits their liability for damages, we may not be able to recover a material portion of our liabilities to our customers and third parties from AWS in the event of any breach affecting AWS systems.

19

If we continue to grow, we may not be able to manage our growth effectively.

We have recently experienced a period of rapid growth in our headcount and operations. In particular, we grew from 751 employees as of December 31, 2016 to 984 employees as of December 31, 2017 and to 1,054 employees as of March 31, 2018. We have also significantly increased the size of our customer base over the last several years. We anticipate that we will continue to significantly expand our operations and headcount in the near term. Our growth has placed, and future growth will place, a significant strain on our management, administrative, operational and financial infrastructure. Our success will depend in part on our ability to manage this growth effectively. To manage the expected growth of our operations and personnel, we will need to continue to improve our operational, financial and management controls and our reporting systems and procedures. Failure to effectively manage our growth could result in difficulty or delays in deploying our solutions and services to customers, declines in quality or customer satisfaction, increases in costs, difficulties in introducing new features or other operational difficulties. Any of these difficulties could adversely impact our business performance and results of operations.

Our rapid growth also makes it difficult to evaluate our future prospects. Our ability to forecast our future operating results is subject to a number of uncertainties, including our ability to plan for and model future growth. If our assumptions regarding these uncertainties, which we use to plan our business, are incorrect or change in reaction to changes in our markets, or if we do not address these risks successfully, our operating and financial results could differ materially from our expectations, our business could suffer and the trading price of our stock may decline.

Organizations may be reluctant to purchase our enterprise platform offerings that are cloud-based due to the actual or perceived vulnerability of cloud solutions.

Some organizations, including those in the defense industry and highly regulated industries such as healthcare and financial services, have historically been reluctant to use cloud-based solutions for cybersecurity because they have concerns regarding the risks associated with the reliability or security of the technology delivery model associated with these solutions. If we or other software companies with cloud-based offerings experience security incidents, breaches of customer data, disruptions in service delivery or other problems, the market for cloud-based solutions as a whole may be negatively impacted, which in turn would negatively impact our revenue and our growth prospects.

Our sales cycle is long and unpredictable.

The timing of sales of our offerings is difficult to forecast because of the length and unpredictability of our sales cycle, particularly with large enterprises and with respect to certain of our solutions. We sell our solutions primarily to IT departments that are managing a growing set of user and compliance demands, which has increased the complexity of customer requirements to be met and confirmed during the sales cycle and prolonged our sales cycle. Our average sales cycle with an enterprise customer is approximately four months. Further, the length of time that potential customers devote to their testing and evaluation, contract negotiation and budgeting processes varies significantly, depending on the size of the organization and nature of the product or service under consideration. In addition, we might devote substantial time and effort to a particular unsuccessful sales effort, and as a result, we could lose other sales opportunities or incur expenses that are not offset by an increase in revenue, which could harm our business. 

We rely on our third-party channel partner network of distributors and resellers to generate a substantial amount of our revenue.

Our success is dependent in part upon establishing and maintaining relationships with a variety of channel partners that we utilize to extend our geographic reach and market penetration. We use a two-tiered, indirect fulfillment model whereby we sell our products and services to our distributors, which in turn sell to our resellers, which then sell to our end users, which we call customers. We anticipate that we will continue to rely

20

on this two-tiered sales model in order to help facilitate sales of our offerings as part of larger purchases in the United States and to grow our business internationally. In 2016, 2017 and the three months ended March 31, 2017 and 2018, we derived 80%, 83%, 80% and 86%, respectively, of our revenue from subscriptions and perpetual licenses sold through channel partners, and the percentage of revenue derived from channel partners may increase in future periods. Ingram Micro, Inc., a distributor, accounted for 42%, 45%, 41% and 45% of our revenue in 2016, 2017 and the three months ended March 31, 2017 and 2018, respectively, and 51% of our accounts receivable as of each of December 31, 2016 and 2017 and 45% as of March 31, 2018. Our agreements with our channel partners, including our agreement with Ingram Micro, are non-exclusive and do not prohibit them from working with our competitors or offering competing solutions, and some of our channel partners may have more established relationships with our competitors. Similarly, our channel partners have no obligations to renew their agreements with us on commercially reasonable terms or at all, and certain of the agreements governing these relationships may be terminated by either party at any time, with no or limited notice. For example, our agreement with Ingram Micro allows Ingram Micro to terminate the agreement in their discretion upon 30 days’ written notice to us. If our channel partners choose to place greater emphasis on products of their own or those offered by our competitors or a result of an acquisition, competitive factors or other reasons do not continue to market and sell our solutions in an effective manner or at all, our ability to grow our business and sell our solutions, particularly in key international markets, may be adversely affected. In addition, our failure to recruit additional channel partners, or any reduction or delay in their sales of our solutions and professional services or conflicts between channel sales and our direct sales and marketing activities may harm our results of operations. Finally, even if we are successful, our relationships with channel partners may not result in greater customer usage of our solutions and professional services or increased revenue.

A portion of our revenue is generated from subscriptions and perpetual licenses sold to domestic governmental entities, foreign governmental entities and other heavily regulated organizations, which are subject to a number of challenges and risks.

A portion of our revenue is generated from subscriptions and perpetual licenses sold to governmental entities in the United States. Additionally, many of our current and prospective customers, such as those in the financial services, energy, insurance and healthcare industries, are highly regulated and may be required to comply with more stringent regulations in connection with subscribing to and implementing our enterprise platform. Selling licenses to these entities can be highly competitive, expensive and time-consuming, often requiring significant upfront time and expense without any assurance that we will successfully complete a sale. Governmental demand and payment for our enterprise platform may also be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our enterprise platform. In addition, governmental entities have the authority to terminate contracts at any time for the convenience of the government, which creates risk regarding revenue anticipated under our existing government contracts.

Further, governmental and highly regulated entities often require contract terms that differ from our standard customer arrangements, including terms that can lead to those customers obtaining broader rights in our solutions than would be expected under a standard commercial contract and terms that can allow for early termination. The U.S. government will be able to terminate any of its contracts with us either for its convenience or if we default by failing to perform in accordance with the contract schedule and terms. Termination for convenience provisions would generally enable us to recover only our costs incurred or committed, settlement expenses, and profit on the work completed prior to termination. Termination for default provisions do not permit these recoveries and would make us liable for excess costs incurred by the U.S. government in procuring undelivered items from another source. Contracts with governmental and highly regulated entities may also include preferential pricing terms. In the United States, federal government agencies may promulgate regulations, and the President may issue executive orders, requiring federal contractors to adhere to different or additional requirements after a contract is signed. If we do not meet applicable requirements of law or contract, we could be subject to significant liability from our customers or regulators. Even if we do meet these requirements, the additional costs associated with providing our enterprise platform to government and highly regulated customers

21

could harm our operating results. Moreover, changes in the underlying statutory and regulatory conditions that affect these types of customers could harm our ability to efficiently provide them access to our enterprise platform and to grow or maintain our customer base. In addition, engaging in sales activities to foreign governments introduces additional compliance risks, including risks specific to the U.S. Foreign Corrupt Practices Act of 1977, as amended, or the FCPA, the U.K. Bribery Act 2010 and other similar statutory requirements prohibiting bribery and corruption in the jurisdictions in which we operate.

Some of our revenue is derived from contracts with U.S. government entities, as well as subcontracts with higher-tier contractors. As a result, we are subject to federal contracting regulations, including the Federal Acquisition Regulation, or the FAR. Under the FAR, certain types of contracts require pricing that is based on estimated direct and indirect costs, which are subject to change.

In connection with our U.S. government contracts, we may be subject to government audits and review of our policies, procedures, and internal controls for compliance with contract terms, procurement regulations, and applicable laws. In certain circumstances, if we do not comply with the terms of a contract or with regulations or statutes, we could be subject to contract termination or downward contract price adjustments or refund obligations, could be assessed civil or criminal penalties, or could be debarred or suspended from obtaining future government contracts for a specified period of time. Any such termination, adjustment, sanction, debarment or suspension could have an adverse effect on our business.

In the course of providing our solutions and professional services to governmental entities, our employees and those of our channel partners may be exposed to sensitive government information. Any failure by us or our channel partners to safeguard and maintain the confidentiality of such information could subject us to liability and reputational harm, which could materially and adversely affect our results of operations and financial performance.

We may need to reduce our prices or change our pricing model to remain competitive.

Subscriptions and perpetual licenses to our enterprise platform are generally priced based on the number of IP addresses that can be monitored, or the total IT assets that can be monitored. We expect that we may need to change our pricing from time to time. As competitors introduce new products that compete with ours or reduce their prices, we may be unable to attract new customers or retain existing customers based on our historical pricing. We also must determine the appropriate price to enable us to compete effectively internationally. Moreover, mid- to large-size enterprises may demand substantial price discounts as part of the negotiation of sales contracts. As a result, we may be required or choose to reduce our prices or change our pricing model, which could adversely affect our business, operating results and financial condition.

Our pricing model subjects us to various challenges that could make it difficult for us to derive expected value from our customers.

Our enterprise platform offerings are generally priced based on the number of IT assets or IP addresses that a customer chooses to monitor. As the amount of IT assets or IP addresses within our customers’ organizations grows, we may face pressure from our customers regarding our pricing, which could adversely affect our revenue and operating margins.

Our subscription agreements and perpetual licenses generally provide that we can audit our customers’ use of our offerings to ensure compliance with the terms of such agreement or license and monitor an increase in IT assets and IP addresses being monitored. However, a customer may resist or refuse to allow us to audit their usage, in which case we may have to pursue legal recourse to enforce our rights under the agreement or license, which would require us to spend money, distract management and potentially adversely affect our relationship with our customers and users.

22

If our enterprise platform offerings do not achieve sufficient market acceptance, our results of operations and competitive position will suffer.

We spend substantial amounts of time and money to research and develop and enhance our enterprise platform offerings to meet our customers’ rapidly evolving demands. In addition, we invest in efforts to continue to add capabilities to our existing products and enable the continued detection of new network vulnerabilities. We typically incur expenses and expend resources upfront to market, promote and sell our new and enhanced offerings. Therefore, when we develop and introduce new or enhanced offerings, they must achieve high levels of market acceptance in order to justify the amount of our investment in developing and bringing them to market. For example, if Tenable.io does not garner widespread market adoption and implementation, our operating results and competitive position could suffer.

Further, we may make enhancements to our offerings that our customers do not like, find useful or agree with. We may also discontinue certain features, begin to charge for certain features that are currently free or increase fees for any of our features or usage of our offerings.

Our new offerings or enhancements and changes to our existing offerings could fail to attain sufficient market acceptance for many reasons, including:

If our new or enhanced offerings do not achieve adequate acceptance in the market, our competitive position will be impaired, and our revenue will be diminished. The adverse effect on our operating results may be particularly acute because of the significant research, development, marketing, sales and other expenses we will have incurred in connection with the new or enhanced offerings.

Our strategy of offering and deploying our solutions in the cloud, on-premises environments or using a hybrid approach causes us to incur increased expenses and may pose challenges to our business.

We offer and sell our enterprise platform for use in the cloud, on-premises environments or using a hybrid approach using the customer’s own infrastructure. Our cloud offering enables our customers to eliminate the burden of provisioning and maintaining infrastructure and to scale their usage of our solutions quickly, while our on-premises offering allows for the customer’s complete control over data security and software infrastructure. Historically, our solutions were developed in the context of the on-premises offering, and we have less operating experience offering and selling subscriptions to our solutions via our cloud offering. Although a substantial majority of our revenue has historically been generated from customers using our solutions on an on-premises basis, our customers are increasingly adopting our cloud offering. We expect that our customers will continue to move to our cloud offering and that it will become more central to our distribution model. We expect our gross profit to increase in absolute dollars and our gross margin to decrease to the extent that revenue from our cloud-based subscriptions increases as a percentage of total revenue, although our gross margin could fluctuate from period to period. To support both on-premises environments and cloud instances of our product, our support team must be trained on and learn multiple environments in which our solution is deployed, which is more expensive than supporting only a cloud offering. Moreover, we must engineer our software for an on-premises environment,

23

cloud offering and hybrid installation, which we expect will cause us additional research and development expense that may impact our operating results. As more of our customers transition to the cloud, we may be subject to additional competitive pressures, which may harm our business. We are directing a significant portion of our financial and operating resources to implement a robust and secure cloud offering for our customers, but even if we continue to make these investments, we may be unsuccessful in growing or implementing our cloud offering in a way that competes successfully against our current and future competitors and our business, results of operations and financial condition could be harmed.

Our customers’ increased usage of our cloud-based offerings requires us to continually improve our computer network and infrastructure to avoid service interruptions or slower system performance.

As usage of our cloud-based offerings grows and as customers use them for more complicated applications, increased assets and with increased data requirements, we will need to devote additional resources to improving our platform architecture and our infrastructure in order to maintain the performance of our cloud offering. Any failure or delays in our computer systems could cause service interruptions or slower system performance. If sustained or repeated, these performance issues could reduce the attractiveness of our enterprise platform to customers. These performance issues could result in lost customer opportunities and lower renewal rates, any of which could hurt our revenue growth, customer loyalty and reputation.

A component of our growth strategy is dependent on our continued international expansion, which adds complexity to our operations.

We market and sell our solutions and professional services throughout the world and have personnel in many parts of the world. International operations generated 31% and 33% of our revenue in 2017 and the three months ended March 31, 2018, respectively. Our growth strategy is dependent, in part, on our continued international expansion. We expect to conduct a significant amount of our business with organizations that are located outside the United States, particularly in Europe and Asia. We cannot assure that our expansion efforts into international markets will be successful in creating further demand for our solutions and professional services outside of the United States or in effectively selling our solutions and professional services in the international markets that we enter. Our current international operations and future initiatives will involve a variety of risks, including:

24

Our business, including the sales of our solutions and professional services by us and our channel partners, may be subject to foreign governmental regulations, which vary substantially from country to country and change from time to time. Our failure, or the failure by our channel partners, to comply with these regulations could adversely affect our business. Further, in many foreign countries it is common for others to engage in business practices that are prohibited by our internal policies and procedures or U.S. regulations applicable to us. Although we have implemented policies and procedures designed to comply with these laws and policies, there can be no assurance that our employees, contractors, channel partners and agents have complied, or will comply, with these laws and policies. Violations of laws or key control policies by our employees, contractors, channel partners or agents could result in delays in revenue recognition, financial reporting misstatements, fines, penalties or the prohibition of the importation or exportation of our solutions and could have a material adverse effect on our business and results of operations. If we are unable to successfully manage the challenges of international expansion and operations, our business and operating results could be adversely affected.

We rely on the performance of highly skilled personnel, including senior management and our engineering, professional services, sales and technology professionals.

We believe our success has depended, and continues to depend, on the efforts and talents of our senior management team and our highly skilled team members, including our sales personnel, professional services personnel and software engineers. We do not maintain key man insurance on any of our executive officers or key employees. From time to time, there may be changes in our senior management team resulting from the termination or departure of our executive officers and key employees. Our senior management and key employees are employed on an at-will basis, which means that they could terminate their employment with us at any time. The loss of any of our senior management or key employees could adversely affect our ability to build on the efforts they have undertaken and to execute our business plan, and we may not be able to find adequate replacements. We cannot ensure that we will be able to retain the services of any members of our senior management or other key employees.

Our ability to successfully pursue our growth strategy also depends on our ability to attract, motivate and retain our personnel. Competition for well-qualified employees in all aspects of our business, including sales personnel, professional services personnel and software engineers, is intense. Our recruiting efforts focus on elite universities and our primary recruiting competition are well-known, high-paying firms. Our continued ability to compete effectively depends on our ability to attract new employees and to retain and motivate existing employees. If we do not succeed in attracting well-qualified employees or retaining and motivating existing employees, our business would be adversely affected.

We must effectively develop and expand our sales and marketing capabilities.

Our ability to increase our customer base and achieve broader market acceptance of our Cyber Exposure solutions will depend to a significant extent on our ability to expand our sales and marketing operations. We plan

25

to continue expanding our sales force and our third-party channel partner network of distributors and resellers both domestically and internationally; however, there is no assurance that we will be successful in attracting and retaining talented sales personnel or strategic partners or that any new sales personnel or strategic partners will be able to achieve productivity in a reasonable period of time or at all. We also plan to dedicate significant resources to sales and marketing programs, including through electronic marketing campaigns and trade event sponsorship and participation. All of these efforts will require us to invest significant financial and other resources and our business will be harmed if our efforts do not generate a correspondingly significant increase in revenue.

We must offer high-quality support.

Our customers rely on our personnel for support of our enterprise platform. High-quality support is important for the renewal of our agreements with existing customers and to our existing customers expanding the number of IP addresses or IT assets under their subscriptions. The importance of high-quality support will increase as we expand our business and pursue new customers. If we do not help our customers quickly resolve issues and provide effective ongoing support, our ability to sell new software to existing and new customers would suffer and our reputation with existing or potential customers would be harmed.

Our growth depends in part on the success of our strategic relationships with third parties.

In order to grow our business, we anticipate that we will continue to depend on relationships with strategic partners to provide broader customer coverage and solution delivery capabilities. We depend on partnerships with market leading technology companies to maintain and expand our Cyber Exposure ecosystem by integrating third party data into our platform. For example, we developed our Industrial Security solution in partnership with Siemens. Identifying partners, and negotiating and documenting relationships with them, requires significant time and resources. Our agreements with our strategic partners generally are non-exclusive and do not prohibit them from working with our competitors or offering competing solutions. Our competitors may be effective in providing incentives to third parties to favor their products or services or to prevent or reduce subscriptions to our services. If our partners choose to place greater emphasis on products of their own or those offered by our competitors or do not effectively market and sell our product, our ability to grow our business and sell software and professional services may be adversely affected. In addition, acquisitions of our partners by our competitors could result in a decrease in the number of our current and potential customers, as our partners may no longer facilitate the adoption of our solutions by potential customers.

If we are unsuccessful in establishing or maintaining our relationships with third parties, our ability to compete in the marketplace or to grow our revenue could be impaired and our operating results may suffer. Even if we are successful, we cannot assure you that these relationships will result in increased customer usage of our solutions or increased revenue.

Catastrophic events may disrupt our business.

Our corporate headquarters are located in Columbia, Maryland. The area around Washington, D.C. could be subject to terrorist attacks. Additionally, we rely on our network and third-party infrastructure and enterprise applications, internal technology systems and our website for our development, marketing, operational support, hosted services and sales activities. In the event of a major hurricane, earthquake or catastrophic event such as fire, power loss, telecommunications failure, cyberattack, war or terrorist attack, we may be unable to continue our operations and may endure system interruptions, reputational harm, delays in our software development, lengthy interruptions in our services, breaches of data security and loss of critical data, all of which could have an adverse effect on our future operating results.

26

Future acquisitions could disrupt our business and adversely affect our business operations and financial results.

We have in the past acquired products and technologies from other parties, and we may choose to expand our current business by acquiring additional businesses or technologies in the future. Acquisitions involve many risks, including the following:

The occurrence of any of these risks could have a material adverse effect on our business operations and financial results. In addition, we may only be able to conduct limited due diligence on an acquired company’s operations. Following an acquisition, we may be subject to unforeseen liabilities arising from an acquired company’s past or present operations and these liabilities may be greater than the warranty and indemnity limitations that we negotiate. Any unforeseen liability that is greater than these warranty and indemnity limitations could have a negative impact on our financial condition. 

We may require additional capital to support business growth, and this capital might not be available on acceptable terms, if at all.

We expect that our existing cash and cash equivalents, together with the net proceeds that we receive in this offering, will be sufficient to meet our anticipated cash needs for working capital and capital expenditures for at least the next 12 months. However, we intend to continue to make investments to support our business growth and may require additional funds to respond to business challenges, including the need to develop new features or enhance our product, improve our operating infrastructure or acquire complementary businesses and technologies. Accordingly, we may need to engage in equity or debt financings to secure additional funds. If we raise additional funds through future issuances of equity or convertible debt securities, our existing stockholders could suffer significant dilution, and any new equity securities we issue could have rights, preferences and privileges superior to those of holders of our common stock. Our loan and security agreement with Silicon Valley Bank includes restrictive covenants relating to our capital raising activities and other financial and operational matters, which may make it more difficult for us to obtain additional capital and to pursue business opportunities, including potential acquisitions, and any debt financing that we secure in the future could have similar restrictive

27

covenants. We may not be able to obtain additional financing on terms favorable to us, if at all. If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly impaired, and our business may be adversely affected.

The nature of our business requires the application of complex revenue recognition rules. Significant changes in current principles will affect our consolidated financial statements and changes in financial accounting standards or practices may cause adverse, unexpected financial reporting fluctuations and harm our results of operations.

The accounting rules and regulations that we must comply with are complex and subject to interpretation by the Financial Accounting Standards Board, or FASB, the Securities and Exchange Commission, or SEC, and various bodies formed to promulgate and interpret appropriate accounting principles. In addition, many companies’ accounting disclosures are being subjected to heightened scrutiny by regulators and the public. Further, the accounting rules and regulations are continually changing in ways that could impact our financial statements.

For example, in May 2014, the FASB issued new accounting guidance on revenue recognition in the form of ASU No. 2014-09, Revenue from Contracts with Customers (Topic 606), or ASC 606. The core principle of ASC 606 is that an entity should recognize revenue to depict the transfer of promised goods or services to customers in an amount that reflects the consideration to which the entity expects to be entitled in exchange for those goods or services. We early adopted ASC 606 as of January 1, 2017. The most significant impact of adopting ASC 606 was the deferral of perpetual license revenue over an estimated economic life, including estimated maintenance renewal periods, whereas under previous guidance we recognized perpetual license revenue upon delivery of the perpetual license. The impact of the adoption of ASC 606 on our 2017 revenue was a net increase of $3.5 million after giving effect to the recognition of perpetual license revenue from prior year sales and the deferral of perpetual license revenue from 2017 sales. Additionally, the incremental costs of obtaining a contract with a customer are deferred and will be amortized over a longer estimated period of benefit, whereas under previous guidance such costs were recognized immediately or amortized over the contract term.

If our estimates or judgments relating to our critical accounting policies prove to be incorrect or financial reporting standards or interpretations change, our results of operations could be adversely affected.

The preparation of financial statements in conformity with generally accepted accounting principles in the United States, or U.S. GAAP, requires management to make estimates and assumptions that affect the amounts reported in the consolidated financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, as provided in “Management’s Discussion and Analysis of Financial Condition and Results of Operations.” The results of these estimates form the basis for making judgments about the carrying values of assets, liabilities and equity, and the amount of revenue and expenses that are not readily apparent from other sources. Significant assumptions and estimates used in preparing our consolidated financial statements include estimated economic life of perpetual licenses for revenue recognition, the estimated period of benefit for deferred commissions, income taxes and the related valuation allowance and stock-based compensation. Our results of operations may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions, which could cause our results of operations to fall below the expectations of securities analysts and investors, resulting in a decline in the trading price of our common stock.

Additionally, we regularly monitor our compliance with applicable financial reporting standards and review new pronouncements and drafts thereof that are relevant to us. As a result of new standards, changes to existing standards and changes in their interpretation, we might be required to change our accounting policies, alter our operational policies and implement new or enhance existing systems so that they reflect new or amended financial reporting standards, or we may be required to restate our published financial statements. Such changes

28

to existing standards or changes in their interpretation may have an adverse effect on our reputation, business, financial position and profit, or cause an adverse deviation from our revenue and operating profit target, which may negatively impact our financial results.

Our operating results may be negatively affected if we are required to pay additional state sales tax, value added, or other transaction taxes, and we could be subject to liability with respect to all or a portion of past or future sales.

We currently collect and remit sales and use, value added and other transaction taxes in certain of the jurisdictions where we do business based on our assessment of the amount of taxes owed by us in such jurisdictions. However, in some jurisdictions in which we do business, we do not believe that we owe such taxes, and therefore we currently do not collect and remit such taxes in those jurisdictions or record contingent tax liabilities in respect of those jurisdictions.

Further, due to uncertainty in the application and interpretation of applicable tax laws in various jurisdictions, we may be exposed to sales and use, value added or other transaction tax liability. A successful assertion that we are required to pay additional taxes in connection with sales of our solutions, or the imposition of new laws or regulations requiring the payment of additional taxes, would create increased costs and administrative burdens for us. If we are subject to additional taxes and determine to offset such increased costs by collecting and remitting sales taxes from our customers, or otherwise passing those costs through to our customers, companies may be discouraged from using our solutions. Any increased tax burden may decrease our ability or willingness to compete in relatively burdensome tax jurisdictions, result in substantial tax liabilities related to past sales or otherwise harm our business and operating results.

Our ability to use net operating losses to offset future taxable income may be subject to certain limitations.

As of December 31, 2017 we had federal, state and foreign net operating loss carryforwards, or NOLs, of $103.7 million, $38.6 million, and $18.4 million, respectively, available to offset future taxable income, which begin to expire in 2030. A lack of future taxable income would adversely affect our ability to utilize these NOLs before they expire.

In addition, under the provisions of the Internal Revenue Code of 1986, as amended, or the Internal Revenue Code, substantial changes in our ownership may limit the amount of pre-change NOLs that can be utilized annually in the future to offset taxable income. Section 382 of the Internal Revenue Code imposes limitations on a company’s ability to use NOLs if a company experiences a more-than-50-percent ownership change over a three-year testing period. Based upon our analysis as of December 31, 2017, we have determined that we do not expect these limitations to impair our ability to use our NOLs prior to expiration. However, if changes in our ownership occur in the future, our ability to use our NOLs may be further limited. For these reasons, we may not be able to utilize a material portion of the NOLs, even if we achieve profitability.

Uncertainties in the interpretation and application of the 2017 Tax Cuts and Jobs Act could materially affect our tax obligations and effective tax rate.

Forecasts of our income tax position and effective tax rate for financial accounting purposes are complex and subject to uncertainty because our income tax position for each year combines the effects of a mix of profits earned and losses incurred by us in various tax jurisdictions with a broad range of income tax rates, as well as changes in the valuation of deferred tax assets and liabilities, the impact of various accounting rules and changes to these rules and tax laws, the results of examinations by various tax authorities, and the impact of any acquisition, business combination or other reorganization or financing transaction. To forecast our global tax rate, we estimate our pre-tax profits and losses by jurisdiction and forecast our tax expense by jurisdiction. If the mix of profits and losses, our ability to use tax credits, our assessment of the need for valuation allowances, or

29

effective tax rates by jurisdiction is different than those estimated, our actual tax rate could be materially different than forecasted, which could have a material impact on our results of business, financial condition and results of operations.

On December 22, 2017, U.S. Federal tax reform was enacted with the signing of the Tax Cuts and Jobs Act, or TCJA. Notable provisions of the TCJA include significant changes to corporate taxation, including reduction of the corporate tax rate from a top marginal rate of 35% to a flat rate of 21%, limitation of the tax deduction for interest expense to 30% of adjusted earnings (except for certain small businesses), limitation of the deduction for net operating losses to 80% of current year taxable income and elimination of net operating loss carrybacks, one time taxation of offshore earnings at reduced rates regardless of whether they are repatriated, elimination of U.S. tax on foreign earnings (subject to certain important exceptions), immediate deductions for certain new investments instead of deductions for depreciation expense over time, and modifying or repealing many business deductions and credits.

While the changes from the TCJA are generally effective beginning in 2018, U.S. GAAP accounting for income taxes requires the effect of a change in tax laws or rates to be recognized in income from continuing operations for the period that includes the enactment date. Due to the complexities involved in accounting for the enactment of the TCJA, the Securities and Exchange Commission published Staff Accounting Bulletin No. 118, which allows us to record provisional amounts in earnings for the year ended December 31, 2017. Where reasonable estimates can be made, the provisional accounting should be based on such estimates. When no reasonable estimate can be made, the provisional accounting may be based on the tax law in effect before the TCJA. We are required to complete our tax accounting for the TCJA in the period when we have obtained, prepared, and analyzed the information to complete the income tax accounting, or by December 22, 2018, whichever date comes first.

We have not completed our accounting for the tax effects of enactment of the TCJA; however, as we describe in Note 10 to our consolidated financial statements appearing elsewhere in this prospectus, we have made reasonable estimates of the effects of the TCJA in certain cases in our financial statements that are included as a component of income tax expense. The U.S. Department of Treasury has broad authority to issue regulations and interpretative guidance that may significantly impact how we will apply the law and impact our results of operations in the period issued. As additional regulatory guidance is issued by the applicable taxing authorities, as accounting treatment is clarified, as we perform additional analysis on the application of the law, and as we refine estimates in calculating the effect, our final analysis, which will be recorded in the period completed, may be different from our current provisional amounts, which could materially affect our tax obligations and effective tax rate.

We are subject to anti-corruption laws, anti-bribery and similar laws with respect to our domestic and international operations, and non-compliance with such laws can subject us to criminal and/or civil liability and materially harm our business and reputation.

We are subject to the FCPA, the U.S. domestic bribery statute contained in 18 U.S.C. § 201, the U.S. Travel Act, the U.K. Bribery Act 2010, and other anti-corruption laws in countries in which we conduct activities. Anti-corruption laws are interpreted broadly and prohibit our company from authorizing, offering, or providing, directly or indirectly, improper payments or benefits to recipients in the public or private sector. We use third-party law firms, accountants, and other representatives for regulatory compliance, sales, and other purposes in several countries. We sell directly and indirectly, via third-party representatives, to the U.S. and non-U.S. government sectors, and our employees and third-party representatives interact with government officials. We can be held liable for the corrupt or other illegal activities of these third-party representatives, our employees, contractors, and other agents, even if we do not explicitly authorize such activities. Noncompliance with these laws could subject us to whistleblower complaints, investigations, sanctions, settlements, prosecution, other enforcement actions, disgorgement of profits, significant fines, damages, other civil and criminal penalties or injunctions, suspension and/or debarment from contracting with certain persons, the loss of export privileges,

30

reputational harm, adverse media coverage, and other collateral consequences. If any subpoenas or investigations are launched, or governmental or other sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation, our reputation, business, results of operations and financial condition could be materially harmed. In addition, responding to any action will likely result in a materially significant diversion of management’s attention and resources and significant defense costs and other professional fees. Enforcement actions and sanctions could further harm our business, results of operations, and financial condition. Moreover, as an issuer of securities, we also are subject to the accounting and internal controls provisions of the FCPA. These provisions require us to maintain accurate books and records and a system of internal controls sufficient to detect and prevent corrupt conduct. Failure to abide by these provisions may have an adverse effect on our business, operations or financial condition.

We are subject to governmental export and import controls and economic and trade sanctions that could impair our ability to conduct business in international markets and subject us to liability if we are not in compliance with applicable laws and regulations.

The United States and other countries maintain and administer export and import laws and regulations. Our products are subject to U.S. export control and import laws and regulations, including the U.S. Export Administration Regulations, U.S. Customs regulations, and various economic and trade sanctions administered by the U.S. Treasury Department’s Office of Foreign Assets Control. We are required to comply with these laws and regulations. If we fail to comply with such laws and regulations, we and certain of our employees could be subject to substantial civil or criminal penalties, including the possible loss of export or import privileges; fines, which may be imposed on us and responsible employees or managers; and, in extreme cases, the incarceration of responsible employees or managers. Obtaining the necessary authorizations, including any required license, for a particular sale may be time-consuming, is not guaranteed and may result in the delay or loss of sales opportunities. In addition, changes in our solutions, or changes in applicable export or import laws and regulations may create delays in the introduction and sale of our products in international markets or, in some cases, prevent the export or import of our solutions to certain countries, governments or persons altogether. Any change in export or import laws and regulations or economic or trade sanctions, shift in the enforcement or scope of existing laws and regulations, or change in the countries, governments, persons or technologies targeted by such laws and regulations could also result in decreased use of our products, or in our decreased ability to export or sell our products to existing or potential customers. Any decreased use of our products or limitation on our ability to export or sell our products would likely adversely affect our business, financial condition, and results of operations.

Furthermore, we incorporate encryption technology into certain of our solutions. Various countries regulate the import of certain encryption technology, including import permitting and licensing requirements, and have enacted laws that could limit our ability to distribute our solutions or could limit our customers’ ability to implement our solutions in those countries. Encrypted products and the underlying technology may also be subject to export control restrictions. Governmental regulation of encryption technology and regulation of imports or exports of encryption solutions, or our failure to obtain required import or export approval for our solutions, could harm our international sales and adversely affect our revenue. Compliance with applicable laws and regulations regarding the export and import of our solutions, including with respect to new solutions or changes in existing solutions, may create delays in the introduction of our solutions in international markets, prevent our customers with international operations from deploying our solutions globally or, in some cases, could prevent the export or import of our solutions to certain countries, governments, entities or persons altogether.

Moreover, U.S. export control laws and economic sanctions programs prohibit the shipment of certain products and services to countries, governments and persons that are subject to U.S. economic embargoes and trade sanctions. Any violations of such economic embargoes and trade sanction regulations could have negative consequences, including government investigations, penalties and reputational harm.

31

Risks Related to Government Regulation, Data Collection and Intellectual Property

Our business could be adversely affected if our employees cannot obtain and maintain required security clearances or we cannot establish and maintain a required facility security clearance.

Certain U.S. government contracts may require our employees to maintain various levels of security clearances, and may require us to maintain a facility security clearance, to comply with Department of Defense, or DoD, requirements. The DoD has strict security clearance requirements for personnel who perform work in support of classified programs. Obtaining and maintaining security clearances for employees involves a lengthy process, and it is difficult to identify, recruit and retain employees who already hold security clearances. If our employees are unable to obtain security clearances in a timely manner, or at all, or if our employees who hold security clearances are unable to maintain their clearances or terminate employment with us, then a customer requiring classified work could terminate an existing contract or decide not to renew the contract upon its expiration. To the extent we are not able to obtain or maintain a facility security clearance, we may not be able to bid on or win new classified contracts, and existing contracts requiring a facility security clearance could be terminated.

Any failure to protect our proprietary technology and intellectual property rights could substantially harm our business and operating results.

Our success and ability to compete depend in part on our ability to protect our proprietary technology and intellectual property. To safeguard these rights, we rely on a combination of patent, trademark, copyright and trade secret laws and contractual protections in the United States and other jurisdictions, all of which provide only limited protection and may not now or in the future provide us with a competitive advantage.

As of March 31, 2018, we had 14 issued patents and three patent applications pending in the United States relating to our technology. We cannot assure you that any patents will issue from any patent applications, that patents that issue from such applications will give us the protection that we seek or that any such patents will not be challenged, invalidated or circumvented. Any patents that may issue in the future from our pending or future patent applications may not provide sufficiently broad protection and may not be enforceable in actions against alleged infringers. Obtaining and enforcing software patents in the United States is becoming increasingly challenging. Any patents we have obtained or may obtain in the future may be found to be invalid or unenforceable in light of recent and future changes in the law. We have registered the “Tenable,” “Nessus” and “Tenable.io” names and our Tenable logo in the United States and certain other countries. We have registrations and/or pending applications for additional marks in the United States; however, we cannot assure you that any future trademark registrations will be issued for pending or future applications or that any registered trademarks will be enforceable or provide adequate protection of our proprietary rights. While we have copyrights in our software we do not typically register such copyrights with the Copyright Office. This failure to register the copyrights in our software may preclude us from obtaining statutory damages for infringement under certain circumstances. We also license software from third parties for integration into our software, including open source software and other software available on commercially reasonable terms. We cannot assure you that such third parties will maintain such software or continue to make it available.

In order to protect our unpatented proprietary technologies and processes, we rely on trade secret laws and confidentiality and invention assignment agreements with our employees, consultants, strategic partners, vendors and others. Despite our efforts to protect our proprietary technology and trade secrets, unauthorized parties may attempt to misappropriate, copy, reverse engineer or otherwise obtain and use them. In addition, others may independently discover our trade secrets, in which case we would not be able to assert trade secret rights, or develop similar technologies and processes. Further, several agreements may give customers limited rights to access portions of our proprietary source code, and the contractual provisions that we enter into may not prevent unauthorized use or disclosure of our proprietary technology or intellectual property rights and may not provide an adequate remedy in the event of unauthorized use or disclosure of our proprietary technology or intellectual property rights. Moreover, policing unauthorized use of our technologies, trade secrets and intellectual property

32

is difficult, expensive and time-consuming, particularly in foreign countries where the laws may not be as protective of intellectual property rights as those in the United States and where mechanisms for enforcement of intellectual property rights may be weak. To the extent that we expand our activities outside of the United States, our exposure to unauthorized copying and use of our solutions and proprietary information may increase. We may be unable to determine the extent of any unauthorized use or infringement of our solutions, technologies or intellectual property rights.

There can be no assurance that the steps that we take will be adequate to protect our proprietary technology and intellectual property, that others will not develop or patent similar or superior technologies, solutions or services, or that our trademarks, patents, and other intellectual property will not be challenged, invalidated or circumvented by others. Furthermore, effective trademark, patent, copyright, and trade secret protection may not be available in every country in which our software is available or where we have employees or independent contractors. In addition, the legal standards relating to the validity, enforceability, and scope of protection of intellectual property rights in internet and software-related industries are uncertain and still evolving.

In order to protect our intellectual property rights, we may be required to spend significant resources to monitor and protect these rights. Litigation brought to protect and enforce our intellectual property rights could be costly, time-consuming and distracting to management and could result in the impairment or loss of portions of our intellectual property. Furthermore, our efforts to enforce our intellectual property rights may be met with defenses, counterclaims and countersuits attacking the validity and enforceability of our intellectual property rights. Our failure to secure, protect and enforce our intellectual property rights could seriously adversely affect our brand and adversely impact our business.

We may be subject to intellectual property rights claims by third parties, which are extremely costly to defend, could require us to pay significant damages and could limit our ability to use certain technologies.

Companies in the software and technology industries, including some of our current and potential competitors, own significant numbers of patents, copyrights, trademarks and trade secrets and frequently enter into litigation based on allegations of infringement or other violations of intellectual property rights. In addition, many of these companies have the capability to dedicate substantially greater resources to enforce their intellectual property rights and to defend claims that may be brought against them. The litigation may involve patent holding companies or other adverse patent owners that have no relevant product revenue and against which our patents may therefore provide little or no deterrence. In the past, we have been subject to allegations of patent infringement that were unsuccessful, and we expect in the future to be subject to claims that we have misappropriated, misused, or infringed other parties’ intellectual property rights, and, to the extent we gain greater market visibility or face increasing competition, we face a higher risk of being the subject of intellectual property infringement claims, which is not uncommon with respect to enterprise software companies. We may in the future be subject to claims that employees or contractors, or we, have inadvertently or otherwise used or disclosed trade secrets or other proprietary information of our competitors or other parties. To the extent that intellectual property claims are made against our customers based on their usage of our technology, we have certain obligations to indemnify and defend such customers from those claims. The term of our contractual indemnity provisions often survives termination or expiration of the applicable agreement. Large indemnity payments, defense costs or damage claims from contractual breach could harm our business, results of operations and financial condition.

There may be third-party intellectual property rights, including issued or pending patents that cover significant aspects of our technologies or business methods. Any intellectual property claims, with or without merit, could be very time-consuming, could be expensive to settle or litigate, could divert our management’s attention and other resources and could result in adverse publicity. These claims could also subject us to making substantial payments for legal fees, settlement payments, and other costs or damages, potentially including treble damages if we are found to have willfully infringed patents or copyrights. These claims could also result in our

33

having to stop making, selling, offering for sale, or using technology found to be in violation of a third party’s rights. We might be required to seek a license for the third-party intellectual property rights, which may not be available on reasonable terms or at all. Even if a license is available to us, we may be required to pay significant upfront fees, milestones or royalties, which would increase our operating expenses. Moreover, to the extent we only have a license to any intellectual property used in our solutions, there may be no guarantee of continued access to such intellectual property, including on reasonable terms. As a result, we may be required to develop alternative non-infringing technology, which could require significant effort and expense. If a third party is able to obtain an injunction preventing us from accessing such third-party intellectual property rights, or if we cannot license or develop technology for any infringing aspect of our business, we would be forced to limit or stop sales of our software or cease business activities covered by such intellectual property, and may be unable to compete effectively. Any of these results would adversely affect our business, results of operations, financial condition and cash flows.

Portions of our solutions utilize open source software, and any failure to comply with the terms of one or more of these open source licenses could negatively affect our business.

Our software contains software made available by third parties under so-called “open source” licenses. From time to time, there have been claims against companies that distribute or use open source software in their products and services, asserting that such open source software infringes the claimants’ intellectual property rights. We could be subject to suits by parties claiming that what we believe to be licensed open source software infringes their intellectual property rights. Use and distribution of open source software may entail greater risks than use of third-party commercial software, as open source licensors generally do not provide warranties or other contractual protections regarding infringement claims or the quality of the code. In addition, certain open source licenses require that source code for software programs that are subject to the license be made available to the public and that any modifications or derivative works to such open source software continue to be licensed under the same terms. Further, certain open source licenses also include a provision that if we enforce any patents against the software programs that are subject to the license, we would lose the license to such software. If we were to fail to comply with the terms of such open source software licenses, such failures could result in costly litigation, lead to negative public relations or require that we quickly find replacement software which may be difficult to accomplish in a timely manner.

Although we monitor our use of open source software in an effort both to comply with the terms of the applicable open source licenses and to avoid subjecting our software to conditions we do not intend, the terms of many open source licenses have not been interpreted by U.S. courts, and there is a risk that these licenses could be construed in a way that could impose unanticipated conditions or restrictions on our ability to commercialize our product or operate our business. By the terms of certain open source licenses, we could be required to release the source code of our software and to make our proprietary software available under open source licenses, if we combine or distribute our software with open source software in a certain manner. In the event that portions of our software are determined to be subject to an open source license, we could be required to publicly release the affected portions of our source code, re-engineer all, or a portion of, that software or otherwise be limited in the licensing of our software, each of which could reduce or eliminate the value of our product. Many of the risks associated with usage of open source software cannot be eliminated, and could negatively affect our business, results of operations and financial condition.

Risks Related to Our Common Stock and this Offering

Our stock price may be volatile, and you may lose some or all of your investment.

There has been no public market for our common stock prior to this offering. The initial public offering price for the shares of our common stock will be determined by negotiations between us and the representatives of the underwriters and may not be indicative of the market price of our common stock following this offering. The market price of our common stock following this offering may fluctuate substantially and may be lower than

34

the initial public offering price. The market price of our common stock following this offering will depend on a number of factors, including those described in this “Risk Factors” section, many of which are beyond our control and may not be related to our operating performance. These fluctuations could cause you to lose all or part of your investment in our common stock, since you might not be able to sell your shares at or above the price you paid in this offering. Factors that could cause fluctuations in the market price of our common stock include the following:

Recently, the stock markets have experienced extreme price and volume fluctuations that have affected and continue to affect the market prices of equity securities of many companies. These fluctuations have often been unrelated or disproportionate to the operating performance of those companies. Broad market and industry fluctuations, as well as general economic, political, regulatory and market conditions, may negatively impact the market price of our common stock. If the market price of our common stock after this offering does not exceed the initial public offering price, you may lose some or all of your investment. In the past, companies that have experienced volatility in the market price of their securities have been subject to securities class action litigation. We may be the target of this type of litigation in the future, which could result in substantial costs and divert our management’s attention.

35

No public market for our common stock currently exists, and an active public trading market may not develop or be sustained following this offering.

Prior to this offering, there has been no public market or active private market for our common stock. Application has been made to list our common stock on the Nasdaq Global Market; however, an active public trading market may not develop following the completion of this offering or, if developed, may not be sustained. The lack of an active market may impair your ability to sell your shares at the time you wish to sell them or at a price that you consider reasonable. The lack of an active market may also reduce the fair value of your shares. An inactive market may also impair our ability to raise capital to continue to fund operations by selling shares and may impair our ability to acquire other companies or technologies by using our shares as consideration. We cannot predict the prices at which our common stock will trade. The initial public offering price of our common stock will be determined by negotiations between us and the underwriters and may not bear any relationship to the market price at which our common stock will trade after this offering or to any other established criteria of the value of our business and prospects.

If securities or industry analysts do not publish research or reports about our business, or publish negative reports about our business, our stock price and trading volume could decline.

The trading market for our common stock will depend, in part, on the research and reports that securities or industry analysts publish about us or our business. We do not control these analysts or the content and opinions included in their reports. As a new public company, we may be slow to attract research coverage and the analysts who publish information about our common stock will have had relatively little experience with our company, which could affect their ability to accurately forecast our results and make it more likely that we fail to meet their estimates. If our financial performance fails to meet analyst estimates or one or more of the analysts who cover us downgrade our shares or change their opinion of our shares, our share price would likely decline. In addition, the stock prices of many companies in the technology industry have declined significantly after those companies have failed to meet, or significantly exceed, the financial guidance publicly announced by the companies or the expectations of analysts. If our financial results fail to meet, or exceed, our announced guidance or the expectations of analysts or public investors, analysts could downgrade our common stock or publish unfavorable research about us. If one or more of these analysts cease coverage of our company or fail to regularly publish reports on us, we could lose visibility in the financial markets, which could cause our share price or trading volume to decline.

Sales of substantial amounts of our common stock in the public markets, or the perception that they might occur, could reduce the price that our common stock might otherwise attain and may dilute your voting power and your ownership interest in us.

After this offering, there will be                 shares of our common stock outstanding, assuming no exercise of the underwriters’ over-allotment option. Sales of a substantial number of shares of our common stock in the public market after this offering, or the perception that these sales might occur, could depress the market price of our common stock, impair our ability to raise capital through the sale of additional equity securities and make it more difficult for you to sell your common stock at a time and price that you deem appropriate. Of our issued and outstanding shares of our common stock, all of the shares sold in this offering will be freely transferable without restrictions or further registration under the Securities Act of 1933, as amended, or the Securities Act, except for any shares acquired by our affiliates, as defined in Rule 144 under the Securities Act. The remaining shares outstanding after this offering will be restricted as a result of securities laws, lock-up agreements or other contractual restrictions that restrict transfers for 180 days after the date of this prospectus.

Additionally, following the completion of this offering, stockholders holding approximately                 shares of our common stock outstanding, will, after the expiration of the lock-up periods specified above, have the right, subject to various conditions and limitations, to include their shares of our common stock in registration statements relating to our securities. If the offer and sale of these shares are registered, they will be freely

36

tradable without restriction under the Securities Act. Shares of common stock sold under such registration statements can be freely sold in the public market. In the event such registration rights are exercised and a large number of shares of common stock are sold in the public market, such sales could reduce the trading price of our common stock. See “Description of Capital Stock—Registration Rights” and “Shares Eligible for Future Sale—Lock-Up Agreements” for a more detailed description of these registration rights and the lock-up period.

We intend to file a registration statement on Form S-8 under the Securities Act to register the total number of shares of our common stock that may be issued under our equity incentive plans. See “Shares Eligible for Future Sale—Form S-8 Registration Statements” for a more detailed description of the shares of common stock that will be available for future sale upon the registration and issuance of such shares, subject to any applicable vesting or lock-up period or other restrictions provided under the terms of the applicable plan and/or the option agreements entered into with the option holders.

In addition, in the future we may issue common stock or other securities convertible into shares of our common stock from time to time in connection with a financing, acquisition, investment or otherwise. The number of new shares of our common stock issued in connection with raising additional capital could constitute a material portion of the then outstanding shares of our common stock, which could result in substantial dilution to our existing stockholders and cause the market price of our common stock to decline.

Concentration of ownership among our existing directors, executive officers and holders of 5% or more of our outstanding common stock may prevent new investors from influencing significant corporate decisions, including the ability to influence the outcome of director elections and other matters requiring stockholder approval.

Following this offering, our directors, executive officers and holders of more than 5% of our common stock, some of whom are represented on our board of directors, together with their affiliates will beneficially own     % of the voting power of our outstanding capital stock. As a result, these stockholders will, immediately following this offering, be able to determine the outcome of matters submitted to our stockholders for approval, including the election of directors and approval of significant corporate transactions. Some of these persons or entities may have interests that are different from yours, and this ownership could affect the value of your shares of common stock if, for example, these stockholders elect to delay, defer or prevent a change in corporate control, merger, consolidation, takeover or other business combination. This concentration of ownership may also adversely affect the market price of our common stock.

We have broad discretion to determine how to use the funds raised in this offering, and we may use them in ways that may not enhance our operating results or the price of our common stock.

The principal purposes of this offering are to increase our capitalization and financial flexibility, to create a public market for our stock and thereby enable access to the public equity markets for our employees and stockholders, to obtain additional capital and to increase our visibility in the marketplace. We currently intend to use a significant portion of the net proceeds from this offering for general corporate purposes, including for any of the purposes described in “Use of Proceeds.” However, we do not currently have any specific or preliminary plans for the net proceeds from this offering and will have broad discretion in how we use the net proceeds of this offering. We could spend the proceeds from this offering in ways that our stockholders may not agree with or that do not yield a favorable return. You will not have the opportunity as part of your investment decision to assess whether the net proceeds are being used appropriately. Investors in this offering will need to rely upon the judgment of our management with respect to the use of proceeds. If we do not use the net proceeds that we receive in this offering effectively, our business, financial condition, results of operations and prospects could be harmed, and the market price of our common stock could decline.

37

The requirements of being a public company may strain our resources, divert management’s attention and affect our ability to attract and retain qualified board members.

As a public company, we will be subject to the reporting and corporate governance requirements of the Exchange Act, the listing requirements of the Nasdaq Stock Market and other applicable securities rules and regulations, including the Sarbanes-Oxley Act and the Dodd-Frank Wall Street Reform and Consumer Protection Act. Compliance with these rules and regulations will increase our legal and financial compliance costs, make some activities more difficult, time-consuming or costly and increase demand on our systems and resources, particularly after we are no longer an “emerging growth company” as defined in the JOBS Act. Among other things, the Exchange Act requires that we file annual, quarterly and current reports with respect to our business and results of operations and maintain effective disclosure controls and procedures and internal control over financial reporting. In order to improve our disclosure controls and procedures and internal control over financial reporting to meet this standard, significant resources and management oversight may be required. As a result, management’s attention may be diverted from other business concerns, which could harm our business, financial condition, results of operations and prospects. Although we have already hired and are in the process of hiring, additional personnel to help comply with these requirements, we may need to further expand our legal and finance departments in the future, which will increase our costs and expenses.

In addition, changing laws, regulations and standards relating to corporate governance and public disclosure are creating uncertainty for public companies, increasing legal and financial compliance costs and making some activities more time-consuming. These laws, regulations and standards are subject to varying interpretations, in many cases due to their lack of specificity, and, as a result, their application in practice may evolve over time as new guidance is provided by regulatory and governing bodies. This could result in continuing uncertainty regarding compliance matters and higher costs necessitated by ongoing revisions to disclosure and governance practices. We intend to invest resources to comply with evolving laws, regulations and standards, and this investment may result in increased general and administrative expense and a diversion of management’s time and attention from revenue-generating activities to compliance activities. If our efforts to comply with new laws, regulations and standards differ from the activities intended by regulatory or governing bodies, regulatory authorities may initiate legal proceedings against us and our business and prospects may be harmed. As a result of disclosure of information in the filings required of a public company and in this prospectus, our business and financial condition will become more visible, which may result in threatened or actual litigation, including by competitors and other third parties. If such claims are successful, our business, financial condition, results of operations and prospects could be materially harmed, and even if the claims do not result in litigation or are resolved in our favor, these claims, and the time and resources necessary to resolve them, could divert the resources of our management and materially harm our business, financial condition, results of operations and prospects.

We also expect that being a public company and these new rules and regulations will make it more expensive for us to obtain director and officer liability insurance, and we may be required to accept reduced coverage or incur substantially higher costs to obtain coverage. These factors could also make it more difficult for us to attract and retain qualified executive officers and members of our board of directors, particularly to serve on our audit committee and compensation committee.

In addition, as a result of our disclosure obligations as a public company, we will have reduced strategic flexibility and will be under pressure to focus on short-term results, which may materially and adversely affect our ability to achieve long-term profitability.

We do not intend to pay dividends for the foreseeable future and, as a result, your ability to achieve a return on your investment will depend on appreciation in the price of our common stock.

We have never declared or paid any cash dividends on our common stock and do not intend to pay any cash dividends in the foreseeable future. We anticipate that we will retain all of our future earnings for use in the

38

development of our business and for general corporate purposes. Any determination to pay dividends in the future will be at the discretion of our board of directors. Accordingly, investors must rely on sales of their common stock after price appreciation, which may never occur, as the only way to realize any future gains on their investments. In addition, our loan and security agreement with Silicon Valley Bank contains restrictive covenants that prohibit us, subject to certain exceptions, from paying dividends on our common stock.

If you purchase shares of our common stock in this offering, you will incur immediate and substantial dilution in the book value of your shares.

Investors purchasing common stock in this offering will pay a price per share that substantially exceeds the historical net tangible book value per share, which was $(17.60) per share of common stock as of March 31, 2018. As a result of the dilution to investors purchasing shares in this offering, investors may receive significantly less than the purchase price paid in this offering, if anything, in the event of our liquidation.

Furthermore, if the underwriters exercise their over-allotment option in full, outstanding options are exercised, we issue awards to our employees under our equity incentive plans or we otherwise issue additional shares of our common stock, you could experience further dilution. See “Dilution” for more information.

Anti-takeover provisions in our charter documents and under Delaware law could make an acquisition of us more difficult, limit attempts by our stockholders to replace or remove members of our board of directors and our current management and could negatively impact the market price of our common stock.

Our amended and restated certificate of incorporation and amended and restated bylaws that will be in effect upon completion of this offering contain provisions that could delay or prevent a change in control of our company. These provisions could also make it difficult for stockholders to elect directors that are not nominated by the current members of our board of directors or take other corporate actions, including effecting changes in our management. These provisions include:

39

These provisions may prohibit large stockholders, in particular those owning 15% or more of our outstanding voting stock, from merging or combining with us for a certain period of time. See “Description of Capital Stock—Anti-Takeover Provisions.”

Our amended and restated certificate of incorporation to be effective in connection with the closing of this offering will provide that the Court of Chancery of the State of Delaware or the U.S. federal district courts will be the exclusive forums for substantially all disputes between us and our stockholders, which could limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us or our directors, officers or other employees.

Our amended and restated certificate of incorporation to be effective in connection with the closing of this offering provides that the Court of Chancery of the State of Delaware is the sole and exclusive forum for any derivative action or proceeding brought on our behalf, any action asserting a breach of fiduciary duty owed by any of our directors, officers or other employees to us or our stockholders, any action asserting a claim against us arising pursuant to any provisions of the Delaware General Corporation Law, our amended and restated certificate of incorporation or our amended and restated bylaws, or any action asserting a claim against us that is governed by the internal affairs doctrine. Our amended and restated certificate of incorporation further provides that the U.S. federal district courts will be the exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act. These choice of forum provisions may limit a stockholder’s ability to bring a claim in a judicial forum that it finds favorable for disputes with us or our directors, officers or other employees, which may discourage such lawsuits. Some companies that adopted a similar federal district court forum selection provision are currently subject to a suit in the Chancery Court of Delaware by stockholders who assert that the provision is not enforceable. If a court were to find either choice of forum provision contained in our amended and restated certificate of incorporation to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such action in other jurisdictions, which could adversely affect our results of operations and financial condition.

We are an “emerging growth company” and we cannot be certain if the reduced reporting and disclosure requirements applicable to emerging growth companies will make our common stock less attractive to investors.

We are an “emerging growth company,” as defined in the JOBS Act, and we may take advantage of certain exemptions from various reporting requirements that are applicable to other public companies that are not “emerging growth companies” including, but not limited to, the auditor attestation requirements of Section 404 of the Sarbanes-Oxley Act, reduced disclosure obligations regarding executive compensation in our periodic reports and proxy statements, and exemptions from the requirements of holding a nonbinding advisory vote on executive compensation and stockholder approval of any golden parachute payments not previously approved. We may take advantage of these exemptions until we are no longer an emerging growth company. We would cease to be an emerging growth company upon the earliest to occur of: (1) the first fiscal year following the fifth anniversary of our initial public offering; (2) the first fiscal year after our annual gross revenue is $1.07 billion or more; (3) the date on which we have, during the previous three-year period, issued more than $1.0 billion in non-convertible debt securities; or (4) as of the end of any fiscal year in which the market value of our common stock held by non-affiliates exceeded $700.0 million as of the end of the second quarter of that fiscal year. We cannot predict if investors will find our common stock less attractive if we choose to rely on these exemptions. If some investors find our common stock less attractive as a result, there may be a less active trading market for our common stock and our stock price may be more volatile.

40

SPECIAL NOTE REGARDING FORWARD-LOOKING STATEMENTS

This prospectus contains forward-looking statements that involve substantial risks and uncertainties. The forward-looking statements are contained principally in the sections of this prospectus entitled “Prospectus Summary,” “Risk Factors,” “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and “Business,” but are also contained elsewhere in this prospectus. In some cases, you can identify forward-looking statements by the words “anticipate,” “believe,” “continue,” “could,” “estimate,” “expect,” “intend,” “may,” “might,” “objective,” “ongoing,” “plan,” “predict,” “project,” “potential,” “should,” “will,” or “would,” or the negative of these terms, or other comparable terminology intended to identify statements about the future. These statements involve known and unknown risks, uncertainties and other factors that may cause our actual results, levels of activity, performance or achievements to be materially different from the information expressed or implied by these forward-looking statements. These statements are inherently uncertain and investors are cautioned not to unduly rely upon these statements. In addition, statements that “we believe” and similar statements reflect our beliefs and opinions on the relevant subject. The forward-looking statements and opinions contained in this prospectus are based upon information available to us as of the date of this prospectus and, while we believe such information forms a reasonable basis for such statements, such information may be limited or incomplete, and our statements should not be read to indicate that we have conducted an exhaustive inquiry into, or review of, all potentially available relevant information. Forward-looking statements include statements about:

We caution you that the foregoing list may not contain all of the forward-looking statements made in this prospectus.

41

You should refer to the “Risk Factors” section of this prospectus for a discussion of important factors that may cause our actual results to differ materially from those expressed or implied by our forward-looking statements. As a result of these factors, we cannot assure you that the forward-looking statements in this prospectus will prove to be accurate. Furthermore, if our forward-looking statements prove to be inaccurate, the inaccuracy may be material. In light of the significant uncertainties in these forward-looking statements, you should not regard these statements as a representation or warranty by us or any other person that we will achieve our objectives and plans in any specified time frame or at all. We undertake no obligation to publicly update any forward-looking statements, whether as a result of new information, future events or otherwise, except as required by law. The Private Securities Litigation Reform Act of 1995 and Section 27A of the Securities Act of 1933, as amended, or the Securities Act, do not protect any forward-looking statements that we make in connection with this offering.

You should read this prospectus and the documents that we reference in this prospectus and have filed as exhibits to the registration statement, of which this prospectus is a part, completely and with the understanding that our actual future results may be materially different from what we expect. We qualify all of our forward-looking statements by these cautionary statements.

42

INDUSTRY AND MARKET DATA

Information contained in this prospectus concerning our industry and the market in which we operate, including our general expectations and market position, market opportunity and market size is based on information from various sources, including independent industry publications by International Data Corporation, or IDC, Gartner, Inc., or Gartner, and Cisco. In presenting this information, we have also made assumptions based on such data and other similar sources, and on our knowledge of, and in our experience to date in, the markets for our services. This information involves a number of assumptions and limitations, and you are cautioned not to give undue weight to such estimates. Although neither we nor the underwriters have independently verified the accuracy or completeness of any third-party information, we believe the market position, market opportunity and market size information included in this prospectus is reliable. The industry in which we operate is subject to a high degree of uncertainty and risk due to a variety of factors, including those described in the “Risk Factors” section. These and other factors could cause results to differ materially from those expressed in the estimates made by the independent parties and by us.

The Gartner report described herein, or the Gartner Report, represents research opinion or viewpoints published, as part of a syndicated subscription service, by Gartner, and are not representations of fact. Each Gartner Report speaks as of its original publication date (and not as of the date of this prospectus) and the opinions expressed in the Gartner Report are subject to change without notice.

This prospectus makes various references to the following research opinions published by IDC:

43

USE OF PROCEEDS

We estimate that the net proceeds from our issuance and sale of                  shares of our common stock in this offering will be approximately $         million, or approximately $         million if the underwriters exercise their over-allotment option in full, based upon an assumed initial public offering price of $         per share, the midpoint of the price range set forth on the cover page of this prospectus, after deducting estimated underwriting discounts and commissions and estimated offering expenses payable by us.

Each $1.00 increase or decrease in the assumed initial public offering price of $         per share, the midpoint of the price range set forth on the cover page of this prospectus, would increase or decrease the net proceeds to us from this offering by approximately $         million, assuming that the number of shares offered by us, as set forth on the cover page of this prospectus, remains the same, and after deducting estimated underwriting discounts and commissions and estimated offering expenses payable by us. We may also increase or decrease the number of shares we are offering. A 1,000,000 share increase or decrease in the number of shares offered by us would increase or decrease the net proceeds to us from this offering by approximately $         million, assuming that the assumed initial offering price to the public remains the same, and after deducting estimated underwriting discounts and commissions and estimated offering expenses payable by us. We do not expect that a change in the initial price to the public or the number of shares by these amounts would have a material effect on the uses of the proceeds from this offering, although it may accelerate the time at which we will need to seek additional capital.

The principal purposes of this offering are to increase our financial flexibility, create a public market for our common stock and facilitate our future access to the capital markets. Although we have not yet determined with certainty the manner in which we will allocate the net proceeds of this offering, we expect to use the net proceeds from this offering for working capital and other general corporate purposes, including continuing to invest in sales and marketing and in our solutions and increasing international expansion.

We may also use a portion of the proceeds from this offering for acquisitions or strategic investments in complementary businesses or technologies, although we do not currently have any plans for any such acquisitions or investments. We have not allocated specific amounts of net proceeds for any of these purposes.

The expected use of net proceeds from this offering represents our intentions based upon our present plans and business conditions. We cannot predict with certainty all of the particular uses for the proceeds of this offering or the amounts that we will actually spend on the uses set forth above. Accordingly, our management will have significant flexibility in applying the net proceeds of this offering. The timing and amount of our actual expenditures will be based on many factors, including cash flows from operations and the anticipated growth of our business. Pending their use, we intend to invest the net proceeds of this offering in a variety of capital-preservation investments, including short- and intermediate-term, interest-bearing, investment-grade securities and government securities.

44

DIVIDEND POLICY

We have never declared or paid any dividends on our common stock. In addition, our loan and security agreement with Silicon Valley Bank contains restrictive covenants that prohibit us, subject to certain exceptions, from paying dividends on our common stock, and future debt securities or other financing arrangements could contain similar or more restrictive negative covenants. We currently intend to retain all available funds and any future earnings for the operation and expansion of our business. Accordingly, following this offering, we do not anticipate declaring or paying cash dividends in the foreseeable future. The payment of any future dividends will be at the discretion of our board of directors and will depend on our results of operations, capital requirements, financial condition, prospects, contractual arrangements, any limitations on payment of dividends present in our current and future debt agreements, and other factors that our board of directors may deem relevant.

45

CAPITALIZATION

The following table sets forth our cash and cash equivalents and our capitalization as of March 31, 2018:

You should read this table together with “Selected Consolidated Financial Data,” “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and our consolidated financial statements and the related notes appearing elsewhere in this prospectus.

46

The outstanding share information in the table above excludes:

47

DILUTION

If you invest in our common stock, your interest will be diluted to the extent of the difference between the initial public offering price per share of our common stock and the pro forma as adjusted net tangible book value per share of our common stock immediately after the closing of this offering.

Our historical net tangible book value as of March 31, 2018 was $(436.5) million, or $(17.60) per share of common stock. Our historical net tangible book value per share represents our total tangible assets less our total liabilities and preferred stock (which is not included within stockholders’ deficit), divided by the number of shares of common stock outstanding as of March 31, 2018.

Our pro forma net tangible book value as of March 31, 2018 was $(158.5) million, or $(1.98) per share of common stock. Pro forma net tangible book value per share represents our total tangible assets less our total liabilities, divided by the number of shares of common stock outstanding as of March 31, 2018, after giving effect to the conversion of all outstanding shares of our preferred stock into an aggregate of 55,385,854 shares of common stock immediately prior to the closing of this offering as if such conversion had occurred on March 31, 2018.

Our pro forma as adjusted net tangible book value represents our pro forma net tangible book value, plus the effect of the sale of                 shares of common stock in this offering at an assumed initial public offering price of $         per share, the midpoint of the price range set forth on the cover page of this prospectus, after deducting estimated underwriting discounts and commissions and estimated offering expenses payable by us. Our pro forma as adjusted net tangible book value as of March 31, 2018 was $         million, or $         per share of common stock. This amount represents an immediate increase in pro forma net tangible book value of $         per share to our existing stockholders and an immediate dilution of $         per share to investors participating in this offering. We determine dilution per share to investors participating in this offering by subtracting pro forma as adjusted net tangible book value per share after this offering from the assumed initial public offering price per share paid by investors participating in this offering.

The following table illustrates this dilution on a per share basis to new investors:

The pro forma as adjusted dilution information discussed above is illustrative only and will change based on the actual initial public offering price and other terms of this offering determined at pricing. Each $1.00 increase or decrease in the assumed initial public offering price of $         per share, the midpoint of the price range set forth on the cover page of this prospectus, would increase or decrease the pro forma as adjusted net tangible book

48

value per share by $         per share and the dilution per share to investors participating in this offering by $         per share, assuming that the number of shares offered by us, as set forth on the cover page of this prospectus, remains the same and after deducting estimated underwriting discounts and commissions and estimated offering expenses payable by us. We may also increase or decrease the number of shares we are offering. A 1,000,000 share increase in the number of shares offered by us, as set forth on the cover page of this prospectus, would increase the pro forma as adjusted net tangible book value per share by $         and decrease the dilution per share to investors participating in this offering by $        , assuming the assumed initial public offering price of $         per share, the midpoint of the price range set forth on the cover page of this prospectus, remains the same and after deducting estimated underwriting discounts and commissions and estimated offering expenses payable by us. A 1,000,000 share decrease in the number of shares offered by us, as set forth on the cover page of this prospectus, would decrease the pro forma as adjusted net tangible book value per share after this offering by $         and increase the dilution per share to new investors participating in this offering by $        , assuming the assumed initial public offering price of $         per share, the midpoint of the price range set forth on the cover page of this prospectus, remains the same and after deducting estimated underwriting discounts and commissions and estimated offering expenses payable by us.

If the underwriters exercise their over-allotment option in full to purchase an additional                 shares of our common stock in this offering, the pro forma as adjusted net tangible book value of our common stock would increase to $         per share, representing an immediate increase to existing stockholders of $         per share and an immediate dilution of $         per share to investors participating in this offering.

The following table summarizes as of March 31, 2018, on the pro forma as adjusted basis described above, the number of shares of our common stock, the total consideration and the average price per share (1) paid to us by our existing stockholders and (2) to be paid by investors purchasing our common stock in this offering at an assumed initial public offering price of $         per share, the midpoint of the price range set forth on the cover page of this prospectus, before deducting estimated underwriting discounts and commissions and estimated offering expenses payable by us.

The outstanding share information used in the computations above excludes:

49

To the extent that outstanding options or warrants are exercised, new options or other securities are issued under our equity incentive plans, or we issue additional shares of common stock in the future, there will be further dilution to investors participating in this offering. In addition, we may choose to raise additional capital because of market conditions or strategic considerations, even if we believe that we have sufficient funds for our current or future operating plans. If we raise additional capital through the sale of equity or convertible debt securities, the issuance of these securities could result in further dilution to our stockholders.

50

SELECTED CONSOLIDATED FINANCIAL DATA

We derived the selected consolidated statements of operations data for the years ended December 31, 2016 and 2017 and the selected consolidated balance sheet data as of December 31, 2016 and 2017 from our audited consolidated financial statements included elsewhere in this prospectus. In order to provide additional historical financial information, we have included supplemental consolidated statements of operations data for the year ended December 31, 2015, which is derived from the consolidated statement of operations and comprehensive loss for the year ended December 31, 2015, and consolidated balance sheet data as of December 31, 2015, in each case from our audited financial statements not included elsewhere in this prospectus. We derived the selected consolidated statements of operations data for the three months ended March 31, 2017 and 2018 and the selected consolidated balance sheet data as of March 31, 2018 from the unaudited consolidated financial statements included elsewhere in this prospectus. Our unaudited interim consolidated financial statements have been prepared on the same basis as our audited consolidated financial statements and reflect, in the opinion of management, all adjustments of a normal, recurring nature that are necessary for a fair presentation of our unaudited interim consolidated financial statements. Our historical results are not necessarily indicative of the results to be expected in the future, and our operating results for the three months ended March 31, 2018, are not necessarily indicative of the results that may be expected for the entire year ending December 31, 2018.

When you read this selected consolidated financial data, it is important that you read it together with the historical consolidated financial statements and related notes to those statements, as well as “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” included elsewhere in this prospectus.

51

Non-GAAP Financial Measures

To supplement our consolidated financial statements, which are prepared and presented in accordance with GAAP, we use certain non-GAAP financial measures, as described below, to understand and evaluate our core operating performance. These non-GAAP financial measures, which may be different than similarly titled measures used by other companies, are presented to enhance investors’ overall understanding of our financial performance and should not be considered a substitute for, or superior to, the financial information prepared and presented in accordance with GAAP.

We believe that these non-GAAP financial measures provide useful information about our financial performance, enhance the overall understanding of our past performance and future prospects and allow for greater transparency with respect to important metrics used by management for financial and operational decision-making. We are

52

presenting these non-GAAP metrics to assist investors in seeing our financial performance using a management view and because we believe that these measures provide an additional tool for investors to use in comparing our core financial performance over multiple periods with other companies in our industry.

Calculated Current Billings

We use the non-GAAP measure of calculated current billings, which we believe is a key metric to measure our periodic performance. Given that most of our customers pay in advance, we typically recognize a majority of the related revenue ratably over time. We use calculated current billings to measure and monitor our ability to provide our business with the working capital generated by upfront payments from our customers.

Calculated current billings consists of our total revenue recognized in a period plus the change in current deferred revenue in the corresponding period. While we believe that calculated current billings provides valuable insight into the cash that will be generated from sales of our subscriptions, this metric may vary from period-to-period for a number of reasons, and therefore has a number of limitations as a quarter-to-quarter or year-over-year comparative measure. These reasons include, but are not limited to (i) a variety of customer contractual terms could result in some periods having a higher proportion of multi-year prepayments than other periods, (ii) an increasing number of large sales transactions, for which the timing of executing these large transactions has and will continue to vary, with some transactions occurring in quarters subsequent to or in advance of those that we anticipated and (iii) fluctuations in payment terms affecting the billings recognized in a particular period. Because of these and other limitations, you should consider calculated current billings along with revenue and our other GAAP financial results.

The following table presents a reconciliation of revenue, the most directly comparable financial measure calculated in accordance with GAAP, to calculated current billings, for each of the periods presented:

Adjusted EBITDA

We use the non-GAAP financial measure of adjusted EBITDA and believe it is a measure widely used by securities analysts and investors to evaluate the financial performance of our company and other companies. We believe that adjusted EBITDA is an important measure for evaluating our performance because it facilitates comparisons of our core operating results from period to period by removing the impact of stock-based compensation, recapitalization costs, depreciation and amortization (including amortization of acquired intangibles), interest expense, interest income and other income (expense), net, and (benefit from) provision for income taxes. Additionally, we base certain of our forward-looking statements and budgets on adjusted EBITDA.

53

The following table presents a reconciliation of net loss, the most directly comparable financial measure calculated in accordance with GAAP, to adjusted EBITDA for each of the periods presented:

There are a number of limitations related to the use of adjusted EBITDA as compared to net loss, including that adjusted EBITDA excludes stock-based compensation expense and depreciation and amortization, which has been, and will continue to be for the foreseeable future, significant recurring expenses in our business. In addition, stock-based compensation is an important part of our compensation strategy.

Adjusted Net Loss and Adjusted Net Loss Per Share

We use the non-GAAP financial measures of adjusted net loss and adjusted net loss per share, which exclude the effect of the accretion of our Series A and B redeemable convertible preferred stock, stock-based compensation expense, amortization of intangible assets, recapitalization costs and the related tax impact. We believe that these non-GAAP measures provide important information to management and investors because they facilitate comparisons of our core operating results over multiple periods.

54

The following table presents a reconciliation of net loss, and net loss per share attributable to common stockholders, the most comparable financial measures calculated in accordance with GAAP, to adjusted net loss and adjusted net loss per share for each of the periods presented:

Free Cash Flow

We use the non-GAAP measure of free cash flow, which we define as GAAP net cash flows from operating activities reduced by purchases of property and equipment. We believe free cash flow is an important liquidity measure of the cash (if any) that is available, after purchases of property and equipment, for operational expenses, investment in our business, and to make acquisitions. Free cash flow is useful to investors as a liquidity measure because it measures our ability to generate or use cash. Once our business needs and obligations are met, cash can be used to maintain a strong balance sheet and invest in future growth.

55

The following table summarizes our cash flows for the periods presented and presents a reconciliation of net cash from operating activities, the most directly comparable financial measure calculated in accordance with GAAP, to free cash flow, for each of the periods presented: