Check Point® Software Technologies Ltd. (NASDAQ: CHKP), today announced financial results for the third quarter ended September 30, 2020.
Third Quarter 2020:
- Total Revenue: $509 million, 4 percent increase year over year
- Deferred Revenues: $1,302 million, 5 percent increase year over year
- GAAP Operating Income: $231 million, representing 45 percent of revenues
- Non-GAAP Operating Income: $265 million, representing 52 percent of revenues
- GAAP EPS: $1.42, a 14% increase year over year
- Non-GAAP EPS: $1.64, a 14% increase year over year
“We executed well in the third quarter and delivered another successful virtual quarter. Revenues grew in all key areas with security subscriptions growing by 10 % and EPS grew by 14 % year over year. We saw expanded customer adoption of Quantum Network Gateways, CloudGuard, Infinity Total Protection and Beyond the Perimeter (BTP) – endpoint and mobile security solutions,” said Gil Shwed, Founder and CEO of Check Point Software Technologies. “We expanded our Secure Access Service Edge (SASE) offering during the quarter with the acquisition of Odo Security, a new cloud-based technology that delivers the next generation of secure remote access to enterprises. I would like to thank our customers, partners and employees for their commitment and contributions during these times.”
Financial Highlights for the Third Quarter of 2020:
- Total Revenue: $509 million compared to $491 million in the third quarter of 2019, a 4 percent increase year over year.
- GAAP Operating Income: $231 million compared to $214 million in the third quarter of 2019, representing 45 percent and 44 percent of revenues in the third quarter of 2020 and 2019, respectively.
- Non-GAAP Operating Income: $265 million compared to $246 million in the third quarter of 2019, representing 52 percent and 50 percent of revenues in the third quarter of 2020 and 2019, respectively.
- GAAP Taxes on Income: $45 million compared to $47 million in the third quarter of 2019.
- GAAP Net Income: GAAP net income was $201 million compared to $188 million in the third quarter of 2019.
- Non-GAAP Net Income: Non-GAAP net income was $231 million compared to $217 million in the third quarter of 2019.
- GAAP Earnings per Diluted share: $1.42 compared to $1.25 in the third quarter of 2019, a 14 percent increase year over year.
- Non-GAAP Earnings per Diluted share: $1.64 compared to $1.44 in the third quarter of 2019, a 14 percent increase year over year.
- Deferred Revenues: As of September 30, 2020, deferred revenues were $1,302 million compared to $1,242 million as of September 30, 2019, a 5 percent increase year over year.
- Cash Balances, Marketable Securities & Short Term Deposits: $3,896 million as of September 30, 2020, compared to $4,055 million as of September 30, 2019. During this twelve months ended September 30, 2020, we generated net cash of $1,141 million and repurchased shares in the amount of $1,300 million.
- Cash Flow: Cash flow from operations of $248 million compared to $244 million in the third quarter of 2019.
- Share Repurchase Program: During the third quarter of 2020, the company repurchased approximately 2.7 million shares at a total cost of approximately $325 million.
For information regarding the non-GAAP financial measures discussed in this release, as well as a reconciliation of such non-GAAP financial measures to the most directly comparable GAAP financial measures, please see “Use of Non-GAAP Financial Information” and “Reconciliation of GAAP to Non-GAAP Financial Information.”
Key Business Highlights
Our product announcements in the third quarter focused on addressing organizations’ most imminent cyber security challenges, magnified by COVID-19
We announced the acquisition of Odo Security, a new cloud-based SASE technology that delivers secure remote access for Enterprises. Odo provides simple, unified and easy to setup connectivity to datacenter applications, web applications, cloud services and remote desktops. It will integrate with Check Point’s Infinity architecture threat prevention capabilities and provide an easy and secure solution to address the growing needs that enterprises have to enable secure remote access for their employees to any application.
With the increase in cyber-attacks volume and sophistication, Security Operations Centre (SOC) teams struggle to identify and mitigate malicious activity on their complex network estates. We launched Infinity SOC to help security teams cut through the daily overload of alerts, and reduce network blind spots to expose, and shut down cyber-attacks with exceptional speed and precision. Infinity SOC is used daily by the Check Point research cyber analysts, to expose and investigate the world’s most dangerous and sophisticated cyber-attacks.
In addition, we introduced the new 28600 Quantum Hyperscale Security Gateway with 30 Gbps of Threat Prevention performance, making it the world’s fastest 1U gateway. The 28600 and all Quantum Security Gateways are Hyperscale ready, capable of handling the most rapid growth in network traffic, recently driven by work-from-home needs related to COVID-19. Quantum is highly scalable with up to 1.5 Tera-bps of threat prevention performance using the HyperScale technology, high port density and half the energy consumption of rival high-end appliances.
Check Point Software announced the new IoT Protect solution to secure IoT devices and networks against the most advanced cyber-attacks. With the outbreak of COVID-19 we saw a surge in cyber-attacks targeting IOT networks at manufacturing plants, utilities and other mission critical environments. The solution delivers threat prevention and security management capabilities to block cyber-attacks at both IoT network and IoT device level, using threat intelligence and innovative IoT-specific security services.
In August, we launched the Distribution Marketplace Program, joining with Arrow Electronics and Ingram Micro Inc., to help partners reach new customers and sectors with Check Point’s advanced cloud security solutions. This new program delivers enablement, marketing support, flexible financing and consumption models to partners. Building on the Partner Growth Program launched in January, the Distribution Marketplace program accelerates and grows channel success by enable Check Point’s channel to offer customers’ best-in-class cloud security with fast, easy and flexible deployments, backed by a complete range of expert resources.
As organizations absorb the “new normal” cyber criminals continue to launch sophisticated, malicious attacks.
Earlier in the quarter, we released our ’Cyber Attack Trends: 2020 Mid-Year Report’, which shows how criminal, political and nation-state threat actors exploited the COVID-19 pandemic and related themes to target organizations across all sectors, including governments, industry, healthcare, service providers, critical infrastructure and consumers. Check Point Research found that COVID-19 related phishing and malware attacks increased dramatically from under 5,000 thousand per week in February, to over 200,000 per week in late April.
In August, researchers at Check Point observed a new trend of hacks operating under the guise of coronavirus vaccines. Taking advantage of the new normal, hackers sent emails with subject lines related to the coronavirus vaccine, in order to trick recipients into downloading malicious files designed to extract a person’s usernames and passwords directly from their computers. Consequently, the number of new vaccine-related coronavirus domains doubled in June and July 2020.
With many schools conducting classes remotely, Check Point Research uncovered malicious “back-to-school” themed campaigns. Beginning in May, over 35,149 new domains were registered around the back-to-school theme, 512 of them were found to be malicious, with another 3,401 suspicious
Our researchers also examined cyber-attacks against education and research institutions in the United States, Europe and Asia. They observed a double-digit increases in cyber-attacks on the global education sector, with the United States being the most targeted region. Between July and August 2020, the average number of weekly attacks per organization in the U.S. education sector increased by 30%, from 468 cyber-attacks to 608, when compared to the previous two months.
Vulnerabilities in Applications & Infrastructure:
Fixing the Zoom ‘Vanity Clause’ – Check Point and Zoom collaborate to fix Vanity URL issue: Check Point and Zoom identified a security issue in Zoom’s customizable URL feature. If exploited, a hacker would have been able to manipulate ID meeting links by posing as an employee of a potential victim organization via Zoom, giving the hacker a vector for stealing credentials or sensitive information.
SIGRed – this is not just another vulnerability: Check Point Researcher identified a security flaw in Windows DNS, the DNS services provided by Microsoft for every Windows operating system. Hackers could exploit vulnerability to gain Domain Administrator rights over servers to seize complete control over a corporation’s IT.
Significant Security Flaws Found in OKCupid: Check Point researchers raise serious security questions on dating apps after proving that potential threat actors could have had access to sensitive, private data, full profile details, private messages and email addresses on OKCupid, the free online dating app with over 50 million registered users and used in 110 countries.
ACHILLES: Android Phones Everywhere can Spy on Users: Check Point Research found over 400 vulnerabilities in the Qualcomm chip embedded into over 40% of the world’s phones. Through the vulnerabilities, attackers can command an Android phone to spy, go unresponsive, and conceal malicious activity.
Vulnerabilities in Certain Amazon Alexa Subdomains: Check Point researchers identified security vulnerabilities in certain Amazon/Alexa subdomains that could have allowed a hacker to remove and install skills on the targeted victim’s Alexa account, access their voice history and personal data. The attack required a single click by the user on a malicious link crafted by the hacker and voice interaction by the victim.
#InstaHack: how researchers were able to take over the Instagram App using a malicious image: Check Point discovered a critical vulnerability in Instagram’s image processing which would have enabled hackers to use a single image to take over Instagram accounts, and turn a victim’s phone into a spying tool to access GPS location, phone contacts and camera.
Malware and Campaigns Research:
How scammers are hiding their phishing trips in public clouds: Check Point researchers warn and cite an example of a fast-growing trend in which hackers are concealing phishing attacks on Google Cloud Services, making it far more difficult for people to identify a phishing attack. By using advanced features in a well-known cloud storage service, hackers can better disguise their malicious intentions, and not get caught by more traditional red flags that people look for such as suspicious-looking domains or websites without a HTTPS certificate.
RampantKitten: An Iranian Surveillance Operation unraveled: Check Point Research unravels a 6 year, ongoing surveillance operation administered by Iranian entities against regime dissidents. Attackers used multiple attack methods to spy on victims, including hijacking Telegram accounts, recording a phone’s audio surroundings and extracting two-factor authentication codes, and more.
Exploring Qbot’s Latest Attack Methods: Check Point Research detected an evolved and more dangerous form of a notorious information-stealing Trojan. First identified in 2008, the Qbot trojan harvests browsing data and financial information, including online banking details. With over 100,000 current victims estimated globally, Qbot is currently the most widespread malware.
We continued our focus on security through innovation, industry research and recognition including:
Check Point’s 2020 Cloud Security Report: Check Point released the results of the global 2020 Cloud Security Report, highlighting the challenges faced by enterprise security teams in protecting data and workloads in their public cloud deployments. The report showed that public cloud security continues to be a major challenge: 75% of respondents stated they were ‘very concerned’ or ‘extremely concerned’ about it.
Check Point is the Microsoft US Partner Award Winner for Azure Commercial Marketplace: Check Point is honored to have received Microsoft’s US Partner Award for Commercial Marketplace. This achievement reflects the business impact of the partnership as well as the strategic technology, product, marketing and sales alignment between Microsoft and Check Point.
Check Point Software Partners with Harvard and MIT-founded edX to Deliver Free Online Courses, to Help Close Cyber-security Skills Gap: Check Point announced a new partnership with edX, a trusted Harvard and MIT-founded online learning platform used by 30 million learners as well as the world’s top-ranking universities and industry-leading companies globally. The partnership will offer a growing series of Check Point cyber-security courses and content to security and network professionals.
Check Point Software Technologies has been Named a Leader in IDC’s MarketScape Report for Mobile Threat Management: Check Point was named as a Leader in the IDC MarketScape: Worldwide Mobile Threat Management Software 2020 Vendor Assessment (doc #US46092220, September 2020). For the third-consecutive year, Check Point was named a leader based on strategy and capabilities.
Video Conference Information
Check Point will host a video conference call with the investment community on October 22, 2020, at 8:30 AM ET/5:30 AM PT. To listen to the live video cast or replay, please visit the website: www.checkpoint.com/ir.
Third Quarter Investor Conference Participation Schedule:
- RBC 2020 Virtual Technology, Internet, Media & Telecommunications Conference
November 17-18, 2020 – Virtual 1×1’s
- Credit Suisse 2020 Virtual Technology Summit
November 30 – December 1, 2020 – Virtual Fireside Chat & 1×1’s
- Wells Fargo 2020 Virtual Technology Conference
December 2, 2020 – Virtual Fireside Chat & 1×1’s
- NASDAQ 2020 Technology Conference
December 3-4, 2020 – Virtual Fireside Chat & 1×1’s
- Raymond James 2020 Technology Conference
December 7, 2020 – Virtual 1×1’s
- UBS 2020 Technology Conference
December 8-9, 2020 – Virtual 1×1’s
- Barclays 2020 Technology Conference
December 10, 2020 – Virtual 1×1’s
Members of Check Point’s management team are expected to present at these conferences and discuss the latest company strategies and initiatives. Check Point’s conference presentations are expected to be available via webcast on the company’s web site. To access these presentations and the most updated information please visit the company’s web site at www.checkpoint.com/ir. The schedule is subject to change.
About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers a multilevel security architecture that defends enterprises’ cloud, network and mobile device held information, plus the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes.
©2020 Check Point Software Technologies Ltd. All rights reserved
Legal Notice Regarding Forward-Looking Statements
This press release contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. Forward-looking statements generally relate to future events or our future financial or operating performance. Forward-looking statements in this press release include, but are not limited to, statements related to our expectations regarding our products and solutions, expectations related to our new channel initiatives, and our participation in investor conferences during the fourth quarter of 2020. Our expectations and beliefs regarding these matters may not materialize, and actual results or events in the future are subject to risks and uncertainties that could cause actual results or events to differ materially from those projected. These risks include our ability to continue to develop platform capabilities and solutions; customer acceptance and purchase of our existing solutions and new solutions; the market for IT security continuing to develop; competition from other products and services; and general market, political, economic and business conditions, including as a result of the impact of the Covid-19 pandemic. The forward-looking statements contained in this press release are also subject to other risks and uncertainties, including those more fully described in our filings with the Securities and Exchange Commission, including our Annual Report on Form 20-F filed with the Securities and Exchange Commission on April 2, 2020. The forward-looking statements in this press release are based on information available to Check Point as of the date hereof, and Check Point disclaims any obligation to update any forward-looking statements, except as required by law.
Use of Non-GAAP Financial Information
In addition to reporting financial results in accordance with generally accepted accounting principles, or GAAP, Check Point uses non-GAAP measures of operating income, net income and earnings per diluted share, which are adjustments from results based on GAAP to exclude, as applicable, stock-based compensation expenses, amortization of intangible assets and acquisition related expenses and the related tax affects. Check Point’s management believes the non-GAAP financial information provided in this release is useful to investors’ understanding and assessment of Check Point’s ongoing core operations and prospects for the future. Historically, Check Point has also publicly presented these supplemental non-GAAP financial measures in order to assist the investment community to see the Company “through the eyes of management,” and thereby enhance understanding of its operating performance. The presentation of this non-GAAP financial information is not intended to be considered in isolation or as a substitute for results prepared in accordance with GAAP. A reconciliation of the non-GAAP financial measures discussed in this press release to the most directly comparable GAAP financial measures is included with the financial statements contained in this press release. Management uses both GAAP and non-GAAP information in evaluating and operating business internally and as such has determined that it is important to provide this information to investors.