Check Point® Software Technologies Ltd. (NASDAQ: CHKP), today announced its financial results for the fourth quarter and full year ended December 31, 2019.
Fourth Quarter 2019
- Total Revenues: $544 million, a 3 percent increase year over year
- GAAP Operating Income: $249 million, representing 46 percent of revenues
- Non-GAAP Operating Income: $280 million, representing 51 percent of revenues
- GAAP EPS: $1.84, a 21 percent increase year over year
- Non-GAAP EPS: $2.02, a 21 percent increase year over year
Full Year 2019
- Total Revenues: $1,995 million, a 4 percent increase year over year
- GAAP EPS: $5.43, a 5 percent increase year over year
- Non-GAAP EPS: $6.13, a 7 percent increase year over year
“We closed out the last decade with nearly two billion dollars in annual revenues and over one billion dollars in non-GAAP operating income. Over the last decade we introduced our security-as-a-service subscription model, which delivers the most advanced technologies in cyber. In 2019, subscription reached over six hundred million dollars in revenues and was driven by cloud, mobile and zero-day advanced threat prevention technologies,” said Gil Shwed, Founder and CEO of Check Point Software Technologies. “We began the new decade with the introduction of Infinity NEXT, the industry’s most comprehensive cyber security platform with over 60 security technologies that support over 50 types of assets including operating systems, cloud workloads, IoT devices, mobile devices and network of any type.” Shwed concluded.
Financial Highlights for the Fourth Quarter of 2019
- Total Revenues: $544 million compared to $526 million in the fourth quarter of 2018, a 3 percent increase year over year.
- GAAP Operating Income: $249 million compared to $250 million in the fourth quarter of 2018, representing 46 percent and 48 percent of revenues in the fourth quarter of 2019 and 2018, respectively.
- Non-GAAP Operating Income: $280 million compared to $279 million in the fourth quarter of 2018, representing 51 percent and 53 percent of revenues in the fourth quarter of 2019 and 2018, respectively.
- GAAP Taxes on income (tax benefit): $3.1 million tax benefit compared to $29 million tax expenses in the fourth quarter of 2018.
- GAAP Net Income & Earnings per Diluted Share: GAAP net income was $272 million compared to $238 million in the fourth quarter of 2018. GAAP earnings per diluted share were $1.84 compared to $1.51 in the fourth quarter of 2018, a 21 percent increase year over year.
- Non-GAAP Net Income & Earnings per Diluted Share: Non-GAAP net income was $299 million compared to $264 million in the fourth quarter of 2018. Non-GAAP earnings per diluted share were $2.02 compared to $1.68 in the fourth quarter of 2018, a 21 percent increase year over year.
- Deferred Revenues: As of December 31, 2019, deferred revenues were $1,387 million compared to $1,338 million as of December 31, 2018, a 4 percent increase year over year.
- Cash Balances, Marketable Securities & Short Term Deposits: $3,949 million as of December 31, 2019, compared to $4,039 million as of December 31, 2018.
- Cash Flow: Cash flow from operations of $246 million compared to $249 million in the fourth quarter of 2018.
- Share Repurchase Program: During the fourth quarter of 2019, the company repurchased approximately 2.9 million shares at a total cost of approximately $325 million. Today, we announced a $2 billion extension to the share repurchase program with authorization to repurchase up to $325 million each quarter.
Financial Highlights for the Year Ended December 31, 2019
- Total Revenues: $1,995 million compared to $1,916 million in 2018, a 4 percent increase year over year.
- GAAP Operating Income: $882 million compared to $914 million in 2018, representing 44 percent and 48 percent of revenues in 2019 and 2018, respectively.
- Non-GAAP Operating Income: $1,003 million compared to $1,015 million in 2018, representing 50 percent and 53 percent of revenues in 2019 and 2018, respectively.
- GAAP Taxes on Income: $137 million compared to $158 million in 2018.
- GAAP Net Income and Earnings per Diluted Share: GAAP net income was $826 million compared to $821 million in 2018. GAAP earnings per diluted share were $5.43 compared to $5.15 in 2018, a 5 percent increase year over year.
- Non-GAAP Net Income and Earnings per Diluted Share: Non-GAAP net income was $933 million compared to $911 million in 2018. Non-GAAP earnings per diluted share were $6.13 compared to $5.71 in 2018, a 7 percent increase year over year.
- Cash Flow: Cash flow from operations of $1,102 million compared to $1,130 million in 2018.
- Share Repurchase Program: During 2019, we purchased approximately 11.2 million shares at a total cost of approximately $1,278 million.
For information regarding the non-GAAP financial measures discussed in this release, as well as a reconciliation of such non-GAAP financial measures to the most directly comparable GAAP financial measures, please see “Use of Non-GAAP Financial Information” and “Reconciliation of GAAP to Non-GAAP Financial Information.”
Check Point business highlights includes key announcements for 2019 to date addressing architecture, network security, threat prevention, cloud, workload and IOT security.
Consolidated Security Architecture
Infinity NEXT is the industry’s most complete, consolidated security architecture. Infinity NEXT utilizes cloud native architecture and is designed to protect any asset, anywhere via innovative Nano Agent technology and a full spectrum of over 60 adaptive threat prevention security practices delivered as a service.
R80 is the industry’s most advanced threat prevention and security management software for data centers, cloud, mobile, endpoint and IoT. The new R80.40 software has over 100 new features, including inspection of SSH and HTTP/2 protocols, optimal CPU utilization based on dynamic workloads technology, zero-touch deployment for new appliances, and IoT policy and enforcement.
Quantum Security Gateways
The new Quantum Security Gateways include six new Security Gateways which feature Check Point’s ThreatCloud and SandBlast Zero-Day Protection. The new range includes the 3600, 6200, 6600 and 6900 Quantum Security Gateways, and the Check Point Maestro Gateways 16000 and 26000 Turbo Hyperscale, which delivers 120Gbps of Gen V Threat Prevention throughput.
New series of small and medium business appliances set new standards of protection against the most advanced fifth-generation cyberattacks, and offer unrivalled ease of deployment and management with up to two times more performance from previous generations. The 1550 Gateway offers 450Mbps of threat prevention performance, and the 1590 Gateway offers 660Mbps.
Check Point Maestro is a revolutionary new architecture that enables businesses of any size to enjoy the power of cloud-grade elasticity and resiliency in a security platform. Maestro enables seamless expansion of existing security gateways to hyper scale capacity by allowing businesses to expand from one gateway up to 52 gateways in minutes and realize the performance of massive Terabits/second firewall throughput.
Check Point CloudGuard Connect and CloudGuard Edge deliver top-rated Threat Prevention updated in real-time with the latest ThreatCloud intelligence, flexibility to deploy branch office security in minutes from the cloud or on-premise, seamless integration with leading SD-WAN providers like VMware and Silver Peak, and a unified threat and access management platform that can significantly reduce operational expense.
Malware DNA accelerates Zero-Day Threat Prevention. New engine scans unknown malware for code patterns that match existing known malware, further accelerating the identification and blocking of previously undiscovered malware, and reducing response times.
NSS Labs tested Check Point’s Next Gen Firewall Security Gateway, Threat Prevention and Advanced Endpoint Security, earning the solution a “Recommended” rating for its security effectiveness and TCO per protected Mbps. The rating further validates Check Point’s ongoing ability to protect organizations by preventing the most advanced cyber-attacks.
SandBlast Mobile Recognized as Security Leader
Check Point achieved a 99% security rating in Miercom’s Mobile Threat Defense (MTD) Industry Assessment for its solution, SandBlast Mobile, surpassing all tested vendors’ solutions.
Cloud & Workload Security
CloudGuard Log.ic provides threat protection and context-rich security intelligence in the public cloud, enabling operations teams to see every IaaS and PaaS asset, understand cloud activities, and easily launch forensics.
Check Point announced a new Serverless security technology. Check Point is first to market with a consolidated security solution for cloud workload protection (CWPP) and security posture management (CSPM), delivering continuous serverless security with unmatched run time protection and application hardening. Protego, an Israeli startup, provides a serverless security technology that prevents malicious attacks on serverless functions in run time, and prevents vulnerable code from being deployed into production.
Check Point delivers fully Integrated Cloud security for Kubernetes – extended the capabilities of its CloudGuard cloud security platform to support Kubernetes computing services, including Amazon Elastic Kubernetes Service (Amazon EKS) and Amazon Elastic Container Service (Amazon ECS). Customers can ensure that their Kubernetes configurations continuously comply with established container security baselines and secures traffic between Kubernetes and on premise or cloud assets using IPsec VPN
Check Point announced new IoT cyber security technology. Check Point provides a consolidated security solution that hardens and protects the firmware of IoT devices and is designed to make them secure against the most sophisticated attacks. The technology is provided through the acquisition of Cymplify, a startup based in Tel Aviv. The new technology will be integrated into Check Point’s Infinity architecture.
Check Point Research https://research.checkpoint.com uncovered numerous findings that included WhatsApp, TikTok and Android Applications. We also published new findings about malware families including multiple types of Ransomware, malware on computers and mobile devices.
Vulnerabilities in Applications & Infrastructure
Web Conferencing Vulnerabilities
Have you ever wondered if someone can eavesdrop on your company’s meetings and learn the details of your biggest secrets? Imagine a stranger sitting just next to you in the same room, when you are discussing your “next big thing.” In this publication we describe a technique which would have allowed a threat actor to perform exactly that type of attack over the Zoom web conferencing platform.
Don’t be silly, it’s only a lightbulb
After analyzing the security of ZigBee IoT devices, specifically the smart hub that bridges between the IP and Zigbee network. By masquerading as a legitimate Zigbee lightbulb, Check Point Research was able to find and exploit vulnerabilities in the bridge that enabled them to infiltrate the IP network using a remote over-the-air ZigBee exploit.
AzureStack SSRF to Info Disclosure
Check Point Research discovered major flaws in Microsoft`s popular cloud platform that is intended to poke a hole in the (false) security concept provided by the cloud providers.
Vulnerabilities in TikTok
Our research revealed multiple vulnerabilities in TikTok. The research found that an attacker could send a spoofed SMS message to a user containing a malicious link and that Tiktok’s subdomain https://ads.tiktok.com was vulnerable to XSS attacks. These vulnerabilities could have allowed an attacker to manipulate content on a user’s account and even extract confidential personal information saved on these accounts.
WhatsApp Crash & Data Loss Bug
Check Point Research found a vulnerability in WhatsApp that could allow an attacker to deliver a malicious group chat message that would crash the app and cause data loss. To regain use of WhatsApp, users would need to uninstall and reinstall it, then delete the group which contains the message.
Vulnerabilities in Android Applications
Discovered that multiple applications on the Google Play store, including Facebook, are vulnerable to very old vulnerabilities. The vulnerabilities could potentially allow an attacker to steal data related to the app and gain Android permissions which the app has access to such as a user’s location.
To evade detection, malware developers use packers to encrypt their malicious crafts before releasing them to the wild. Check Point Research discusses a case study where they were able to decrypt a specific packer that is very popular among malware developers. The developers of this packer offer it for sale on the internet, and promise it is undetectable.
Incident Response Casefile – A successful BEC leveraging lookalike domains
Cyber criminals hacked a wire transfer between a Chinese venture capital firm and an Israeli startup. After the criminals hijacked a one million dollar wire transaction, Check Point’s Incidence Response Team investigated the case.
The Phorpiex botnet is spread through exploit kits and with the help of other malware, has infected more than 1,000,000 Windows computers. The annual criminal revenue generated by Phorpiex botnet is approximately half a million US dollars.
In the Footsteps of a Sextortion Campaign
Check Point Research exposed a spam botnet, dubbed Phorpiex, which is responsible for a large portion of the sextortion traffic seen in the wild. We monitored the operation and recorded Bitcoin transfers to the Phorpiex campaign wallets whose current value is over $110,000.
Eye on the Nile-a cyber-operation
Check Point’s research team uncovered an operation against civil rights activists, as well as Amnesty members in Egypt. Following an initial report by Amnesty International in March, CPR uncovered the scope and means of a sophisticated attack allegedly linked to the Egyptian ministry and government site.
Conference Call and Webcast Information
Check Point will host a conference call with the investment community on February 3, 2020, at 8:30 AM ET/5:30 AM PT. To listen to the live webcast or replay, please visit the website www.checkpoint.com/ir.
First Quarter 2020 Investor Conference Participation Schedule
- Goldman Sachs Technology & Internet Conference 2020
February 12, 2020 – San Francisco, CA
- Raymond James 2020 Institutional Investor Conference
March 2, 2020 – Orlando, FL
- Morgan Stanley 2020 Media, Telecommunications & Technology Conference
March 4, 2020 – San Francisco, CA
- SunTrust Robinson Humphrey 2020 Technology, Internet & Services Conference
March 10, 2020 – New York, NY
- Credit Suisse Investor Relations 1×1 Conference
March 12, 2020 – New York, NY
Members of Check Point’s management team are expected to present at these conferences and discuss the latest company strategies and initiatives. Check Point’s conference presentations are expected to be available via webcast on the company’s web site. To hear these presentations and access the most updated information please visit the company’s web site at www.checkpoint.com/ir. The schedule is subject to change.
About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers a multilevel security architecture that defends enterprises’ cloud, network and mobile device held information, plus the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes.
©2020 Check Point Software Technologies Ltd. All rights reserved
Legal Notice Regarding Forward-Looking Statements
This press release contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. Forward-looking statements generally relate to future events or our future financial or operating performance. Forward-looking statements in this press release include, but are not limited to, statements related to our expectations regarding our products and solutions, customer and market acceptance of our products and solutions, and our participation in investor conferences during the first quarter of 2020. Our expectations and beliefs regarding these matters may not materialize, and actual results or events in the future are subject to risks and uncertainties that could cause actual results or events to differ materially from those projected. These risks include our ability to continue to develop platform capabilities and solutions; our ability to successfully integrate and offer acquired products and services; customer acceptance and purchase of our existing solutions and new solutions; the market for IT security continuing to develop; competition from other products and services; and general market, political, economic and business conditions. The forward-looking statements contained in this press release are also subject to other risks and uncertainties, including those more fully described in our filings with the Securities and Exchange Commission, including our Annual Report on Form 20-F filed with the Securities and Exchange Commission on April 23, 2019. The forward-looking statements in this press release are based on information available to Check Point as of the date hereof, and Check Point disclaims any obligation to update any forward-looking statements, except as required by law.
Use of Non-GAAP Financial Information
In addition to reporting financial results in accordance with generally accepted accounting principles, or GAAP, Check Point uses non-GAAP measures of operating income, net income and earnings per diluted share, which are adjustments from results based on GAAP to exclude or include certain items. Check Point’s management believes the non-GAAP financial information provided in this release is useful to investors’ understanding and assessment of Check Point’s ongoing core operations and prospects for the future. Historically, Check Point has also publicly presented these supplemental non-GAAP financial measures in order to assist the investment community to see the Company “through the eyes of management,” and thereby enhance understanding of its operating performance. The presentation of this non-GAAP financial information is not intended to be considered in isolation or as a substitute for results prepared in accordance with GAAP. A reconciliation of the non-GAAP financial measures discussed in this press release to the most directly comparable GAAP financial measures is included with the financial statements contained in this press release. Management uses both GAAP and non-GAAP information in evaluating and operating the business internally and as such has determined that it is important to provide this information to investors.