S-1 1 a2206553zs-1.htm S-1

Table of Contents

As filed with the Securities and Exchange Commission on December 14, 2011

Registration No. 333-            

UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549



FORM S-1
REGISTRATION STATEMENT
UNDER
THE SECURITIES ACT OF 1933



PROOFPOINT, INC.
(Exact name of Registrant as specified in its charter)

Delaware
(State or other jurisdiction of
incorporation or organization)
  7372
(Primary standard industrial
classification code number)
  51-0414846
(I.R.S. employer
identification no.)



892 Ross Drive
Sunnyvale, CA 94089
(408) 517-4710
(Address, including zip code, and telephone number, including
area code, of Registrant's principal executive offices)



Gary Steele
Chief Executive Officer
Proofpoint, Inc.
892 Ross Drive
Sunnyvale, CA 94089
(408) 517-4710
(Name, address, including zip code, and telephone number,
including area code, of agent for service)



Copies to:

Matthew P. Quilter, Esq.
Jeffrey R. Vetter, Esq.
Fenwick & West LLP
801 California Street
Mountain View, CA 94041
(650) 988-8500

 

Michael T. Yang, Esq.
Proofpoint, Inc.
892 Ross Drive
Sunnyvale, CA 94089
(408) 517-4710

 

Jeffrey D. Saper, Esq.
Robert G. Day, Esq.
Michael E. Coke, Esq.
Wilson Sonsini Goodrich & Rosati, P.C.
650 Page Mill Road
Palo Alto, CA 94304
(650) 493-9300



Approximate date of commencement of proposed sale to the public:

          As soon as practicable after the effective date of this Registration Statement.



          If any of the securities being registered on this Form are to be offered on a delayed or continuous basis pursuant to Rule 415 under the Securities Act of 1933 (the "Securities Act"), check the following box.    o

          If this Form is filed to register additional securities for an offering pursuant to Rule 462(b) under the Securities Act, check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering.    o

          If this Form is a post-effective amendment filed pursuant to Rule 462(c) under the Securities Act, check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering.    o

          If this Form is a post-effective amendment filed pursuant to Rule 462(d) under the Securities Act, check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering.    o

          Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, or a smaller reporting company. See definitions of "large accelerated filer," "accelerated filer" and "smaller reporting company" in Rule 12b-2 of the Securities Exchange Act of 1934. (Check one):

Large accelerated filer o   Accelerated filer o   Non-accelerated filer ý
(Do not check if a smaller reporting company)
  Smaller reporting company o



CALCULATION OF REGISTRATION FEE

       
 
Title of Each Class of Securities to be Registered
  Proposed Maximum Aggregate Offering Price(1)
  Amount of Registration Fee
 

Common stock, par value $0.0001 per share

  $50,000,000   $5,730

 

(1)
Estimated solely for the purpose of calculating the amount of the registration fee pursuant to Rule 457(o) under the Securities Act of 1933. Includes offering price of shares that the underwriters have the option to purchase to cover over-allotments, if any.



          The Registrant hereby amends this Registration Statement on such date or dates as may be necessary to delay its effective date until the Registrant shall file a further amendment that specifically states that this Registration Statement shall thereafter become effective in accordance with Section 8(a) of the Securities Act of 1933 or until the Registration Statement shall become effective on such date as the Commission, acting pursuant to said Section 8(a), may determine.


Table of Contents

The information in this prospectus is not complete and may be changed. We may not sell these securities until the registration statement filed with the Securities and Exchange Commission is effective. This prospectus is not an offer to sell these securities and it is not soliciting an offer to buy these securities in any state where the offer or sale is not permitted.

SUBJECT TO COMPLETION, DATED DECEMBER 14, 2011

             Shares

LOGO

Proofpoint, Inc.

Common Stock



        This is the initial public offering of our common stock. We are selling                    shares of common stock and the selling stockholders identified in this prospectus are selling                      shares of common stock. We will not receive any of the proceeds from the sale of shares of common stock by the selling stockholders.

        Prior to this offering, there has been no public market for our common stock. The initial public offering price of the common stock is expected to be between $             and $             per share. We will apply to list our common stock on the NASDAQ Global Market under the symbol "PFPT."

        The underwriters have the option to purchase from us a maximum of                           additional shares to cover over-allotments of shares.

        Investing in our common stock involves risks. See "Risk Factors" beginning on page 12.

 
  Price to
Public
  Underwriting
Discounts and
Commissions
  Proceeds to
Proofpoint
  Proceeds
to Selling
Stockholders
 

Per share

  $     $     $     $    

Total

  $     $     $     $    

        Delivery of the shares of common stock will be made on or about on                                        , 2012.

        Neither the Securities and Exchange Commission nor any state securities commission has approved or disapproved of these securities or determined if this prospectus is truthful or complete. Any representation to the contrary is a criminal offense.

Credit Suisse   Deutsche Bank Securities

RBC Capital Markets   Pacific Crest Securities   First Analysis Securities Corp.

The date of this prospectus is                                        , 2012.


Table of Contents

GRAPHIC


Table of Contents

TABLE OF CONTENTS

 
  Page

PROSPECTUS SUMMARY

  1

RISK FACTORS

  12

SPECIAL NOTE REGARDING FORWARD-LOOKING STATEMENTS

  34

INDUSTRY AND MARKET DATA

  35

USE OF PROCEEDS

  36

DIVIDEND POLICY

  36

CAPITALIZATION

  37

DILUTION

  39

SELECTED CONSOLIDATED FINANCIAL DATA

  41

MANAGEMENT'S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS

  43

BUSINESS

  72

MANAGEMENT

  89

EXECUTIVE COMPENSATION

  97

CERTAIN RELATIONSHIPS AND RELATED PARTY TRANSACTIONS

  120

PRINCIPAL AND SELLING STOCKHOLDERS

  122

DESCRIPTION OF CAPITAL STOCK

  125

SHARES ELIGIBLE FOR FUTURE SALE

  130

CERTAIN MATERIAL U.S. FEDERAL INCOME TAX CONSEQUENCES TO NON-U.S. HOLDERS

  133

UNDERWRITING

  137

LEGAL MATTERS

  142

EXPERTS

  142

WHERE YOU CAN FIND ADDITIONAL INFORMATION

  142

INDEX TO CONSOLIDATED FINANCIAL STATEMENTS

  F-1



        You should rely only on the information contained in this document or to which we have referred you. Neither the selling stockholders nor the underwriters have authorized anyone to provide you with information that is different. This document may only be used where it is legal to sell these securities. The information in this document may only be accurate on the date of this document, or such other dates as are stated in this document, regardless of the time of delivery of this prospectus or of any sale of our common stock.


Dealer Prospectus Delivery Obligation

        Until                        , 2012 (25 days after the commencement of this offering), all dealers that effect transactions in these securities, whether or not participating in this offering, may be required to deliver a prospectus. This is in addition to the dealer's obligation to deliver a prospectus when acting as an underwriter and with respect to unsold allotments or subscriptions.

i


Table of Contents


PROSPECTUS SUMMARY

        This summary highlights selected information contained elsewhere in this prospectus. This summary does not contain all the information you should consider before investing in our common stock. You should read the entire prospectus carefully, including the section entitled "Risk Factors" and our consolidated financial statements and related notes included elsewhere in this prospectus, before making an investment in our common stock.

Company Overview

        Proofpoint is a pioneering security-as-a-service vendor that enables large and mid-sized organizations worldwide to defend, protect, archive and govern their most sensitive data. Our security-as-a-service platform is comprised of an integrated suite of on-demand data protection solutions, including threat protection, regulatory compliance, archiving and governance, and secure communication. Our solutions are built on a flexible, cloud-based platform and leverage a number of proprietary technologies, including big data analytics, machine learning, deep content inspection, secure storage and advanced encryption, to address today's rapidly changing threat landscape.

        A fundamental shift in the sources of cyber crime, from hackers to organized crime and governments, combined with the emergence of international data trafficking, are driving an unprecedented wave of targeted, malicious attacks designed to steal valuable information. At the same time, the growth of business-to-business collaboration, as well as the consumerization of IT and the associated adoption of mobile devices and unmanaged Internet-based applications, have proliferated sensitive data and reduced the effectiveness of many existing security products. These factors have contributed to an increasing number of severe data breaches and expanding regulatory mandates, all of which have accelerated demand for effective data protection and governance solutions.

        Our platform addresses this growing challenge by not only protecting data as it flows into and out of the enterprise via on-premise and cloud-based email, instant messaging, social media and other web-based applications, but also securely archiving these communications for compliance and discovery. We address four important problems for the enterprise:

    Keeping malicious content out;

    Preventing the theft or inadvertent loss of sensitive information and, in turn, ensuring compliance with regulatory data protection mandates;

    Collecting, retaining, governing and discovering sensitive data for compliance and litigation support; and

    Securely sharing sensitive data with customers, partners and suppliers.

        Our platform and its associated solutions are sold to customers on a subscription basis and can be deployed through our unique cloud-based architecture that leverages both our global data centers as well as optional points-of-presence behind our customers' firewalls. Our flexible deployment model enables us to deliver superior security and compliance while maintaining the favorable economics afforded by cloud computing, creating a competitive advantage for us over legacy on-premise and cloud-only offerings.

        Our solutions are used by approximately 2,400 customers worldwide, including 24 of the Fortune 100, protecting tens of millions of end-users. We market and sell our solutions worldwide both directly through our sales teams and indirectly through a hybrid model where our sales organization actively assists our network of distributors and resellers. We also distribute our solutions through strategic partners including International Business Machines Corp. (IBM), Microsoft Corporation and VMware, Inc.

1


Table of Contents

Industry Background

        A number of trends are leading to a significant shift in the nature and severity of data security threats and the measures required to address them:

    Data security attacks are becoming more sophisticated and targeted.  Professional criminals, governments and "hacktivists" are increasingly pursuing sensitive information, causing threats to shift from generic malware and high-volume spam to more targeted attacks, including "spear phishing" attacks, focused on high-value financial data.

    Consumerization of IT and growth of business-to-business collaboration increases risk of data loss.  The widespread adoption of consumer technologies in the enterprise and the increasing need for business partners to exchange sensitive data make it more challenging for enterprises to control and govern their data.

    Consequences of data breaches have become more severe.  The monetary and reputational cost of data breaches, whether malicious or inadvertent, is increasing rapidly. An ongoing wave of high profile breaches in multiple industries has exposed a broad range of data, including personal information, diplomatic communications, online banking credentials, financial accounts and health care records.

    Regulatory mandates create additional data protection and governance requirements.  Governments around the world and at all levels of jurisdiction are continuing to enact new laws regarding data protection and privacy as well as new regulations to mandate closer oversight over all aspects of regulatory compliance.

        To protect their data assets, organizations have typically employed a number of disparate on-premise security products. However, these solutions are not well suited to addressing today's challenges and many organizations are still unable to adequately protect their data assets for a variety of reasons, including:

    Legacy threat protection products are increasingly vulnerable to modern targeted attacks.  Widely deployed threat protection products are often ineffective against today's more advanced, targeted attacks.

    Siloed, reactive security and compliance offerings provide inadequate data protection.  Legacy security architectures lack the integration and common policy framework to effectively protect and govern data across the enterprise.

    Traditional security architectures assume data is behind corporate firewalls.  With the consumerization of IT and the associated adoption of mobile devices and cloud-based applications, valuable corporate data is now widely distributed. Legacy systems are unable to provide adequate data protection in this new environment because they are not designed to apply data loss prevention technologies to webmail, Internet-based collaboration applications or social networking sites.

    Inflexible, cumbersome security and compliance systems are often bypassed by end-users.  Most existing solutions are inflexible, cumbersome to use, and hinder end-users' day-to-day business activities, all of which lead end-users to bypass them.

    Discrete, hardware-based offerings have high total cost of ownership.  Traditional on-premise security and archiving products are time consuming to deploy and manage, require redundancy and excess capacity to handle peak-level workloads, and are difficult and expensive to upgrade.

2


Table of Contents

Market Opportunity

        In an attempt to defend against the constantly evolving threat landscape and to comply with government mandates, enterprises are beginning to implement new, more robust corporate policies for data protection, archiving and governance. To enforce these new policies, secure communication technologies and policy-based encryption are being used to limit the leakage of sensitive data and intellectual property, and archiving and eDiscovery solutions are being used to reduce legal compliance risks. According to International Data Corporation (IDC), a third-party market research company, the total worldwide market for data protection solutions is estimated to grow from $5.2 billion in 2011 to $8.0 billion by 2015, a compound annual growth rate (CAGR) of 11%.*


*
See "Industry and Market Data."

The Proofpoint Solution

        Our integrated suite of on-demand security-as-a-service solutions enables large and mid-sized organizations to defend, protect, archive and govern their sensitive data. Our comprehensive platform provides threat protection, regulatory compliance, archiving and governance, and secure communication. These solutions are built on a cloud-based architecture, protecting data not only as it flows into and out of the enterprise via on-premise and cloud-based email, instant messaging, social media and other web-based applications, but also securely archiving these communications for compliance and discovery. We have pioneered the use of innovative technologies to deliver better ease-of-use, greater protection against the latest advanced threats, and lower total cost of ownership than traditional alternatives. The key elements of our solution include:

    Superior protection against advanced, targeted threats.  We use a combination of proprietary technologies for big data analytics, machine learning and deep content inspection to detect and stop targeted "spear phishing" and other sophisticated attacks. By processing and modeling billions of requests per day, our technology can recognize anomalies in traffic flow to detect targeted attacks, distinguish between valid messages and "phishing" messages, and detect targeted "zero-hour" attacks in realtime and quarantine them appropriately.

    Comprehensive, integrated data protection suite.  We offer a comprehensive solution for data protection and governance through an integrated, security-as-a-service platform that improves an organization's ability to detect and mitigate inbound and outbound threats and securely archive and discover communication across all major communication channels including email, instant messaging, social media and other web-based applications.

    Designed to empower end-users.  Our solutions actively enable secure, business-to-business and business-to-consumer communications and make it easy for end-users to share information.

    Security optimized cloud architecture.  Our multi-tenant security-as-a-service solution enables us to leverage the benefits of the cloud to cost-effectively deliver superior security and compliance while optimizing each deployment for the customer's unique threat environment.

    Extensible security-as-a-service platform.  Our security-as-a-service platform integrates with internally developed applications as well as with those developed by third parties while also providing a means to integrate with the other security and compliance components deployed in our customers' infrastructures.

3


Table of Contents

Our Business Strategy

        Our objective is to be the leading security-as-a-service provider of next-generation data protection and governance solutions. The key elements of our strategy include:

    Grow our customer base;

    Broaden the adoption of our platform with existing customers;

    Grow and further expand our international presence;

    Extend our channel partner network;

    Leverage and extend the capabilities of our security-as-a-service platform; and

    Protect against threats from established and emerging communication and collaboration platforms.

Risks Affecting Us

        Our business is subject to numerous risks, as highlighted in the section entitled "Risk Factors" immediately following this prospectus summary. Some of these risks include:

    We have a history of losses, and we may not achieve profitability in the future;

    We operate in a highly competitive environment with large established competitors;

    If we are unable to maintain high subscription renewal rates or sell additional solutions to current subscribers, our future revenue and operating results will be harmed;

    If our solutions fail to protect our customers from security breaches, our brand and reputation could be harmed;

    If our customers experience data losses, our brand, reputation and business could be harmed; and

    If enterprises continue to migrate to cloud-based email systems, and we fail to develop, market, or enhance our solutions so that they are valued by either our existing customers currently using these cloud-based systems or by new prospects, our ability to grow or maintain our revenues could be harmed.

Corporate Information

        We were incorporated in Delaware in 2002. Our principal executive offices are located at 892 Ross Drive, Sunnyvale, California 94089, and our telephone number is (408) 517-4710. Our website address is www.proofpoint.com. The information on, or that can be accessed through, our website is not incorporated by reference into this prospectus and should not be considered to be a part of this prospectus.

        Unless otherwise indicated, the terms "Proofpoint," "we," "us" and "our" refer to Proofpoint, Inc., a Delaware corporation, together with its consolidated subsidiaries.

        "Proofpoint" is our registered trademark in the United States, and the Proofpoint logo and all of our product names are our trademarks. This prospectus contains additional trade names, trademarks, and service marks of ours and of other companies. We do not intend our use or display of other companies' trade names, trademarks, or service marks to imply a relationship with these other companies, or endorsement or sponsorship of us by these other companies. Other trademarks appearing in this prospectus are the property of their respective holders.

4


Table of Contents


The Offering

Common stock offered by us

                      shares

Common stock offered by the selling stockholders

 

                    shares

Total common stock offered

 

                    shares

Common stock to be outstanding after this offering

 

                    shares

Use of proceeds

 

We expect to use the net proceeds that we receive from this offering for working capital and other general corporate purposes. We may also use a portion of the net proceeds to acquire or invest in complementary businesses, products, services, technologies or other assets. We will not receive any proceeds from the sale of shares by the selling stockholders. See "Use of Proceeds."

Risk factors

 

You should read the "Risk Factors" section of this prospectus for a discussion of factors that you should consider carefully before deciding to invest in shares of our common stock.

Proposed NASDAQ Global Market symbol

 

PFPT

        The number of shares of our common stock to be outstanding after this offering is based upon the 47,402,137 shares of our common stock outstanding as of September 30, 2011, and does not include:

    20,227,426 shares of our common stock issuable upon the exercise of stock options outstanding as of September 30, 2011, with a weighted-average exercise price of $1.73 per share;

    711,800 shares of our common stock issuable upon the exercise of stock options granted after September 30, 2011 through November 30, 2011, with a weighted-average exercise price of $3.29 per share;

    4,375 shares of our common stock issuable upon the exercise of a warrant outstanding as of September 30, 2011, with an exercise price of $0.15 per share; and

                    shares of our common stock reserved for future issuance under our 2012 Equity Incentive Plan and our 2012 Employee Stock Purchase Plan, each of which will become effective on the first day that our common stock is publicly traded and each of which contains provisions that automatically increase the number of shares reserved for issuance each year, as more fully described in "Executive Compensation—Employee Benefit Plans."

        Except as otherwise indicated, all information in this prospectus assumes:

    a        -for-        split of our common stock, to be effected in                     2012;

    the automatic conversion of all outstanding shares of our convertible preferred stock into an aggregate of 39,134,535 shares of our common stock effective immediately upon the completion of this offering;

    the filing of our restated certificate of incorporation and the effectiveness of our restated bylaws, which will occur upon the completion of this offering; and

    no exercise by the underwriters of their option to purchase up to an additional                    shares of our common stock from us in this offering.

5


Table of Contents


Summary Consolidated Financial Information

        The following tables present summary historical financial data for our business. You should read this information in conjunction with "Selected Consolidated Financial Information," "Management's Discussion and Analysis of Financial Condition and Results of Operations" and the consolidated financial statements, related notes and other financial information included elsewhere in this prospectus.

        We derived the summary consolidated statements of operations data for the years ended December 31, 2008, 2009 and 2010 from our audited consolidated financial statements included elsewhere in this prospectus. We derived the unaudited consolidated statements of operations data for the nine months ended September 30, 2010 and 2011, and the unaudited consolidated balance sheet data as of September 30, 2011 from our unaudited consolidated financial statements included elsewhere in this prospectus. Our unaudited consolidated financial statements have been prepared on the same basis as our audited consolidated financial statements and, in the opinion of management, reflect all adjustments, which consist only of normal recurring adjustments, necessary for the fair statement of those unaudited consolidated financial statements. Our historical results are not necessarily indicative of the results to be expected in the future, and the results for the nine months ended September 30, 2011 are not necessarily indicative of operating results to be expected for the full year ending December 31, 2011 or any other period.

 
  Years Ended December 31,   Nine Months Ended
September 30,
 
 
  2008   2009   2010   2010   2011  
 
  (in thousands, except per share data)
 

Consolidated Statements of Operations Data:

                               

Revenue:

                               
 

Subscription

  $ 31,115   $ 42,135   $ 57,657   $ 41,501   $ 52,533  
 

Hardware and services

    7,128     6,393     7,133     5,250     6,614  
                       
   

Total revenue

    38,243     48,528     64,790     46,751     59,147  

Cost of revenue:(1)

                               
 

Subscription

    11,907     19,150     24,523     17,906     17,553  
 

Hardware and services

    3,850     3,309     4,082     2,970     4,426  
                       
   

Total cost of revenue

    15,757     22,459     28,605     20,876     21,979  
                       

Gross profit

    22,486     26,069     36,185     25,875     37,168  

Operating expense:(1)

                               
 

Research and development

    10,926     11,831     17,583     12,719     14,416  
 

Sales and marketing

    32,439     27,883     31,161     22,216     30,070  
 

General and administrative

    5,224     5,678     7,465     5,491     6,184  
                       
   

Total operating expense

    48,589     45,392     56,209     40,426     50,670  
                       

Operating loss

    (26,103 )   (19,323 )   (20,024 )   (14,551 )   (13,502 )

Interest income (expense), net

    536     87     (340 )   (319 )   (258 )

Other income (expense), net

    (183 )   (269 )   (258 )   (122 )   212  
                       

Loss before provision for income taxes

    (25,750 )   (19,505 )   (20,622 )   (14,992 )   (13,548 )

Provision for income taxes

    (138 )   (233 )   (243 )   (144 )   (169 )
                       

Net loss

  $ (25,888 ) $ (19,738 ) $ (20,865 ) $ (15,136 ) $ (13,717 )
                       

Net loss per share, basic and diluted

  $ (4.37 ) $ (3.07 ) $ (2.92 ) $ (2.16 ) $ (1.75 )
                       

6


Table of Contents

 
  Years Ended December 31,   Nine Months Ended
September 30,
 
 
  2008   2009   2010   2010   2011  
 
  (in thousands, except per share data)
 

Weighted average shares outstanding, basic and diluted(2)

    5,928     6,424     7,151     7,011     7,861  
                       

Pro forma net loss per share, basic and diluted(2)

              $ (0.45 )       $ (0.29 )
                             

Weighted average pro forma shares, basic and diluted(2)

                46,173           46,995  
                             

 

 
  Years Ended December 31,   Nine Months Ended
September 30,
 
 
  2008   2009   2010   2010   2011  
 
  (in thousands)
 

Other Financial Data (unaudited):

                               

Adjusted subscription gross profit(3)

  $ 20,874   $ 26,631   $ 37,236   $ 26,654   $ 38,070  

Billings(4)

    51,641     58,184     76,545     54,682     62,305  

Adjusted EBITDA(5)

    (18,946 )   (9,077 )   (9,016 )   (6,312 )   (4,490 )

(1)
Includes stock-based compensation and amortization of intangible assets as follows:

   
  Years Ended December 31,   Nine Months Ended
September 30,
 
   
  2008   2009   2010   2010   2011  
   
  (in thousands)
 
 

Stock-based compensation

                               
   

Cost of subscription revenue

  $ 178   $ 275   $ 357   $ 259   $ 281  
   

Cost of hardware and services revenue

    1     11     17     11     20  
   

Research and development

    519     848     1,010     727     868  
   

Sales and marketing

    703     1,030     1,113     789     1,418  
   

General and administrative

    707     732     868     624     704  
 

Amortization of intangible assets

                               
   

Cost of subscription revenue

  $ 1,488   $ 3,371   $ 3,745   $ 2,800   $ 2,809  
   

Sales and marketing

    163     408     637     476     625  
(2)
Please see notes 12 and 13 of our notes to consolidated financial statements included elsewhere in this prospectus for an explanation of the calculations of basic and diluted net loss per share and pro forma net loss per share.

(3)
Adjusted subscription gross profit is a non-GAAP measure. Please see "—Reconciliation of Non-GAAP Financial Measures" below for more information and the reconciliation of subscription gross profit to adjusted subscription gross profit.

(4)
The billings metric is a non-GAAP measure. Please see "—Reconciliation of Non-GAAP Financial Measures" below for more information and the reconciliation of total revenue to billings.

(5)
Adjusted EBITDA is a non-GAAP measure. Please see "—Reconciliation of Non-GAAP Financial Measures" below for more information and the reconciliation of net loss to adjusted EBIDTA.

7


Table of Contents

 
  As of September 30, 2011  
 
  Actual   Pro Forma(1)   Pro Forma
As Adjusted(2)
 
 
  (in thousands)
 

Consolidated Balance Sheet Data:

                   

Cash, cash equivalents and short-term investments

  $ 12,108   $ 12,108   $    

Property and equipment, net

    6,102     6,102        

Total assets

    57,235     57,235        

Debt, current and long term

    3,017     3,017        

Deferred revenue, current and long term

    72,259     72,259        

Convertible preferred stock

    109,911            

Total stockholders' (deficit) equity

    (137,966 )   (28,055 )      

(1)
The pro forma consolidated balance sheet data as of September 30, 2011 reflects the automatic conversion of all our outstanding convertible preferred stock into common stock upon the completion of this offering.

(2)
The pro forma as adjusted consolidated balance sheet data as of September 30, 2011 also gives effect to our receipt of the net proceeds from the sale of the shares of common stock that we are offering at an assumed initial public offering price of $        per share, which is the midpoint of the price range on the cover page of this prospectus, after deducting the estimated underwriting discounts and commissions and estimated offering expenses payable by us. A $1.00 increase (decrease) in the assumed initial public offering price of $        per share would increase (decrease) each of cash, cash equivalents and short-term investments, total assets and total stockholders' equity by $        million, assuming that the number of shares offered by us, as set forth on the cover page of this prospectus, remains the same, and after deducting the estimated underwriting discounts and commissions and estimated offering expenses payable by us.

Reconciliation of Non-GAAP Financial Measures

Adjusted subscription gross profit

        We have included adjusted subscription gross profit, a non-GAAP financial measure, in this prospectus because it is a key measure used by our management and board of directors to understand and evaluate our operating results, core operating performance, and trends to prepare and approve our annual budget and to develop short- and long-term operational plans. We have provided a reconciliation between subscription gross profit, the most directly comparable GAAP financial measure, and adjusted subscription gross profit. We believe that adjusted subscription gross profit provides useful information to investors and others in understanding and evaluating our operating results in the same manner as our management and board of directors.

        Our use of adjusted subscription gross profit has limitations as an analytical tool, and you should not consider it in isolation or as a substitute for analysis of our results as reported under GAAP. Because of these limitations, you should consider adjusted subscription gross profit alongside other financial performance measures, including subscription gross profit and our other GAAP results.

8


Table of Contents

        The following unaudited table presents the reconciliation of subscription gross profit to adjusted subscription gross profit for the years ended December 31, 2008, 2009 and 2010 and the nine months ended September 30, 2010 and 2011:

 
  Year Ended December 31,   Nine Months Ended
September 30,
 
 
  2008   2009   2010   2010   2011  
 
  (in thousands)
 

Subscription revenue

  $ 31,115   $ 42,135   $ 57,657   $ 41,501   $ 52,533  

Cost of subscription revenue

    11,907     19,150     24,523     17,906     17,553  
                       
 

Subscription gross profit

  $ 19,208   $ 22,985   $ 33,134   $ 23,595   $ 34,980  

Add back:

                               
 

Stock-based compensation

    178     275     357     259     281  
 

Amortization of intangible assets

    1,488     3,371     3,745     2,800     2,809  
                       
 

Adjusted subscription gross profit

  $ 20,874   $ 26,631   $ 37,236   $ 26,654   $ 38,070  
                       

Billings

        We have included billings, a non-GAAP financial measure, in this prospectus because it is a key measure used by our management and board of directors to manage our business and monitor our near term cash flows. We have provided a reconciliation between total revenue, the most directly comparable GAAP financial measure, and billings. Accordingly, we believe that billings provides useful information to investors and others in understanding and evaluating our operating results in the same manner as our management and board of directors.

        Our use of billings as a non-GAAP measure has limitations as an analytical tool, and you should not consider it in isolation or as a substitute for revenue or an analysis of our results as reported under GAAP. Some of these limitations are:

    Billings is not a substitute for revenue, as trends in billings are not directly correlated to trends in revenue except when measured over longer periods of time;

    Billings is affected by a combination of factors including the timing of renewals, the sales of our solutions to both new and existing customers, the relative duration of contracts sold, and the relative amount of business derived from strategic partners. As each of these elements has unique characteristics in the relationship between billings and revenue, our billings activity is not closely correlated to revenue except over longer periods of time; and

    Other companies, including companies in our industry, may not use billings, may calculate billings differently, or may use other financial measures to evaluate their performance - all of which reduce the usefulness of billings as a comparative measure.

9


Table of Contents

        The following unaudited table presents the reconciliation of total revenue to billings for the years ended December 31, 2008, 2009 and 2010 and the nine months ended September 30, 2010 and 2011:

 
  Year Ended December 31,   Nine Months Ended
September 30,
 
 
  2008   2009   2010   2010   2011  
 
  (in thousands)
 

Total revenue

  $ 38,243   $ 48,528   $ 64,790   $ 46,751   $ 59,147  
                       

Deferred revenue

                               
 

Ending

    47,690     57,346     69,101     65,277     72,259  
 

Beginning

    34,292     47,690     57,346     57,346     69,101  
                       
 

Net change

    13,398     9,656     11,755     7,931     3,158  
                       

Billings

  $ 51,641   $ 58,184   $ 76,545   $ 54,682   $ 62,305  
                       

Adjusted EBITDA

        We have included adjusted EBITDA, a non-GAAP financial measure, in this prospectus because it is a key metric used by our management and board of directors to measure operating performance and trends and to prepare and approve our annual budget. We define adjusted EBITDA as net loss, adjusted to exclude: depreciation, amortization of intangibles, interest income (expense), net, provision for income taxes, stock-based compensation, acquisition-related expense, other income, and other expense. We believe that the use of adjusted EBITDA is useful to investors and other users of our financial statements in evaluating our operating performance because it provides them with an additional tool to compare business performance across companies and across periods. We believe that:

    Adjusted EBITDA provides investors and other users of our financial information consistency and comparability with our past financial performance, facilitates period-to-period comparisons of operations and facilitates comparisons with our peer companies, many of which use similar non-GAAP financial measures to supplement their GAAP results; and

    It is useful to exclude certain non-cash charges, such as depreciation, amortization of intangible assets and stock-based compensation and non-core operational charges, such as acquisition-related expenses, from adjusted EBITDA because the amount of such expenses in any specific period may not be directly correlated to the underlying performance of our business operations and these expenses can vary significantly between periods as a result of new acquisitions, full amortization of previously acquired tangible and intangible assets or the timing of new stock-based awards, as the case may be.

        We use adjusted EBITDA in conjunction with traditional GAAP operating performance measures as part of our overall assessment of our performance, for planning purposes, including the preparation of our annual operating budget, to evaluate the effectiveness of our business strategies and to communicate with our board of directors concerning our financial performance.

        We do not place undue reliance on adjusted EBITDA as our only measures of operating performance. Adjusted EBITDA should not be considered as a substitute for other measures of financial performance reported in accordance with GAAP. There are limitations to using non-GAAP financial measures, including that other companies may calculate these measures differently than we do, that they do not reflect our capital expenditures or future requirements for capital expenditures and that they do not reflect changes in, or cash requirements for, our working capital.

10


Table of Contents

        The following unaudited table presents the reconciliation of net loss to adjusted EBITDA for the years ended December 31, 2008, 2009 and 2010 and the nine months ended September 30, 2010 and 2011:

 
  Year Ended December 31,   Nine Months Ended
September 30,
 
 
  2008   2009   2010   2010   2011  
 
  (in thousands)
 

Net loss

  $ (25,888 ) $ (19,738 ) $ (20,865 ) $ (15,136 ) $ (13,717 )
 

Depreciation

    2,366     3,012     3,261     2,553     2,259  
 

Amortization of intangible assets

    1,651     3,779     4,382     3,276     3,434  
 

Interest income (expense), net

    (536 )   (87 )   340     319     258  
 

Provision for income taxes

    138     233     243     144     169  
                       

EBITDA

    (22,269 )   (12,801 )   (12,639 )   (8,844 )   (7,597 )
 

Stock-based compensation expense

    2,108     2,896     3,365     2,410     3,291  
 

Acquisition-related expense

    1,031     559             29  
 

Other income

    (8 )   (6 )   (20 )   (18 )   (259 )
 

Other expense

    192     275     278     140     46  
                       

Adjusted EBITDA

  $ (18,946 ) $ (9,077 ) $ (9,016 ) $ (6,312 ) $ (4,490 )
                       

11


Table of Contents


RISK FACTORS

        Investing in our common stock involves a high degree of risk. You should carefully consider the following risk factors, as well as the other information in this prospectus, before deciding whether to invest in shares of our common stock. The occurrence of any of the events described below could harm our business, financial condition, results of operation and growth prospects. In such an event, the trading price of our common stock may decline and you may lose all or part of your investment.

Risks Related to Our Business and Industry

We have a history of losses, and we are unable to predict the extent of any future losses or when, if ever, we will achieve profitability in the future.

        We have incurred net losses in every year since our inception, including net losses of $19.7 million and $20.9 million in 2009 and 2010, respectively. We also had a net loss of $13.7 million in the nine months ended September 30, 2011. As a result, we had an accumulated deficit of $155.7 million as of September 30, 2011. Achieving profitability will require us to increase revenue, manage our cost structure, and avoid unanticipated liabilities. We do not expect to be profitable in the near term. Revenue growth may slow or revenue may decline for a number of possible reasons, including slowing demand for our solutions, increasing competition, a decrease in the growth of our overall market, or if we fail for any reason to continue to capitalize on growth opportunities. Any failure by us to obtain and sustain profitability, or to continue our revenue growth, could cause the price of our common stock to decline significantly.

We operate in a highly competitive environment with large, established competitors, and our competitors may gain market share in the markets for our solutions that could adversely affect our business and cause our revenue to decline.

        Our traditional competitors include security-focused software vendors, such as Symantec Corporation and McAfee, Inc., an Intel Corporation subsidiary, which offer software products that directly compete with our solutions. In addition to competing with these vendors directly for sales to customers, we compete with them for the opportunity to have our solutions bundled with the product offerings of our strategic partners. Our competitors could gain market share from us if any of these partners replace our solutions with the products of our competitors or if these partners more actively promote our competitors' products over our solutions. In addition, software vendors who have bundled our solutions with theirs may choose to bundle their software with their own or other vendors' software, or may limit our access to standard product interfaces and inhibit our ability to develop solutions for their platform.

        We also face competition from large technology companies, such as Cisco Systems, Inc., EMC Corporation, Google Inc., Hewlett-Packard Company, Intel and Microsoft. These companies are increasingly developing and incorporating into their products data protection and storage software that compete on various levels with our solutions. Our competitive position could be adversely affected to the extent that our customers perceive that the functionality incorporated into these products would replace the need for our solutions or that buying from one vendor would provide them with increased leverage and purchasing power and a better customer experience. We also face competition from many smaller companies that specialize in particular segments of the markets in which we compete.

        Many of our competitors have greater financial, technical, sales, marketing or other resources than we do and consequently may have the ability to influence our customers to purchase their products instead of ours. Further consolidation within our industry or other changes in the competitive environment could also result in larger competitors that compete with us on several levels. In addition, acquisitions of smaller companies that specialize in particular segments of the markets in which we compete by large technology companies would result in increased competition from these large

12


Table of Contents


technology companies. For example, Google's acquisition of Postini, an email and web security and archiving service, resulted in Google becoming one of our competitors. If we are unsuccessful in responding to our competitors or to changing technological and customer demands, our competitive position and financial results could be adversely affected.

If we are unable to maintain high subscription renewal rates, our future revenue and operating results will be harmed.

        Our customers have no obligation to renew their subscriptions for our solutions after the expiration of their initial subscription period, which typically ranges from one to three years. In addition, our customers may renew for fewer subscription services or users, renew for shorter contract lengths or renew at lower prices due to competitive or other pressures. We cannot accurately predict renewal rates and our renewal rates may decline or fluctuate as a result of a number of factors, including competition, customers' IT budgeting and spending priorities, and deteriorating general economic conditions. If our customers do not renew their subscriptions for our solutions, our revenue would decline and our business would suffer.

If we are unable to sell additional solutions to our customers, our future revenue and operating results will be harmed.

        Our future success depends on our ability to sell additional solutions to our customers. This may require increasingly sophisticated and costly sales efforts and may not result in additional sales. In addition, the rate at which our customers purchase additional solutions depends on a number of factors, including the perceived need for additional solutions, growth in the number of end-users, and general economic conditions. If our efforts to sell additional solutions to our customers are not successful, our business may suffer.

If our solutions fail to protect our customers from security breaches, our brand and reputation could be harmed, which could have a material adverse effect on our business and results of operations.

        The threats facing our customers are constantly evolving and the techniques used by attackers to access or sabotage data change frequently. As a result, we must constantly update our solutions to respond to these threats. If we fail to update our solutions in a timely or effective manner to respond to these threats, our customers could experience security breaches. Many state and foreign governments have enacted laws requiring companies to notify individuals of data security breaches involving their personal data. These mandatory disclosures regarding a security breach often lead to widespread negative publicity, and any association of us with such publicity may cause our customers to lose confidence in the effectiveness of our data security measures. Any security breach at one of our customers would harm our reputation as a secure and trusted company and could cause the loss of customers. Similarly, if a well-publicized breach of data security at a customer of any other cloud-based data protection or archiving service provider or other major enterprise cloud services provider were to occur, there could be a loss of confidence in the cloud-based storage of sensitive data and information generally.

        In addition, our solutions work in conjunction with a variety of other elements in customers' IT and security infrastructure, and we may receive blame and negative publicity for a security breach that may have been the result of the failure of one of the other elements not provided by us. The occurrence of a breach, whether or not caused by our solutions, could delay or reduce market acceptance of our solutions and have an adverse effect on our business and financial performance. In addition, any revisions to our solutions that we believe may be necessary or appropriate in connection with any such breach may cause us to incur significant expenses. Any of these events could have material adverse effects on our brand and reputation, which could harm our business, financial condition, and operating results.

13


Table of Contents


If our customers experience data losses, our brand, reputation and business could be harmed.

        Our customers rely on our archive solutions to store their corporate data, which may include financial records, credit card information, business information, health information, other personally identifiable information or other sensitive personal information. A breach of our network security and systems or other events that cause the loss or public disclosure of, or access by third parties to, our customers' stored files or data could have serious negative consequences for our business, including possible fines, penalties and damages, reduced demand for our solutions, an unwillingness of our customers to use our solutions, harm to our brand and reputation, and time-consuming and expensive litigation. The techniques used to obtain unauthorized access, disable or degrade service, or sabotage systems change frequently, often are not recognized until launched against a target, and may originate from less regulated or remote areas around the world. As a result, we may be unable to proactively prevent these techniques, implement adequate preventative or reactionary measures, or enforce the laws and regulations that govern such activities. In addition, because of the large amount of data that we collect and manage, it is possible that hardware failures, human errors or errors in our systems could result in data loss or corruption, or cause the information that we collect to be incomplete or contain inaccuracies that our customers regard as significant. If our customers experience any data loss, or any data corruption or inaccuracies, whether caused by security breaches or otherwise, our brand, reputation and business would be harmed.

        Our errors and omissions insurance may be inadequate or may not be available in the future on acceptable terms, or at all. In addition, our policy may not cover any claim against us for loss of data or other indirect or consequential damages. Defending a suit based on any data loss or system disruption, regardless of its merit, could be costly and divert management's attention.

Defects or vulnerabilities in our solutions could harm our reputation, reduce the sales of our solutions and expose us to liability for losses.

        Because our solutions are complex, undetected errors, failures or bugs may occur, especially when solutions are first introduced or when new versions or updates are released despite our efforts to test those solutions and enhancements prior to release. We may not be able to correct defects, errors, vulnerabilities or failures promptly, or at all.

        Any defects, errors, vulnerabilities or failures in our solutions could result in:

    expenditure of significant financial and development resources in efforts to analyze, correct, eliminate or work around errors or defects or to address and eliminate vulnerabilities;

    loss of existing or potential partners or customers;

    loss or disclosure of our customers' confidential information;

    loss of our proprietary technology;

    our solutions being susceptible to hacking or electronic break-ins or otherwise failing to secure data;

    delayed or lost revenue;

    delay or failure to attain market acceptance;

    lost market share;

    negative publicity, which could harm our reputation; or

    litigation, regulatory inquiries or investigations that would be costly and harm our reputation.

14


Table of Contents

        Limitation of liability provisions in our standard terms and conditions may not adequately or effectively protect us from any claims related to defects, errors, vulnerabilities or failures in our solutions, including as a result of federal, state or local laws or ordinances or unfavorable judicial decisions in the United States or other countries.

Because we provide security solutions, our software, website and internal systems may be subject to intentional disruption that could adversely impact our reputation and future sales.

        We could be a target of attacks specifically designed to impede the performance of our solutions and harm our reputation. Similarly, experienced computer hackers may attempt to penetrate our network security or the security of our website and misappropriate proprietary information and/or cause interruptions of our services. Because the techniques used by such computer hackers to access or sabotage networks change frequently and may not be recognized until launched against a target, we may be unable to anticipate these techniques. If an actual or perceived breach of network security occurs, it could adversely affect the market perception of our solutions, and may expose us to the loss of information, litigation and possible liability. In addition, such a security breach could impair our ability to operate our business, including our ability to provide support services to our customers.

We believe that there is a trend for large and mid-sized enterprises to migrate their on-premise email systems to cloud-based offerings. If we fail to successfully develop, market, broaden or enhance our solutions to continue to be attractive to existing customers currently using cloud-based email systems or by new prospects, our ability to grow or maintain our revenue could be harmed, and our business could suffer.

        We derive a substantial portion of our revenue from our solutions that protect and archive data in our customers' on-premise email systems and expect to continue to do so for the foreseeable future. We currently derive a portion of our revenue from customers using cloud-based email systems such as Google's Google Apps and Microsoft's Office 365, both of which include varying degrees of threat protection and governance services as part of their offering. A significant market shift from on-premise email systems toward such cloud-based email systems could decrease demand for our solutions because customers who move to cloud-based email systems may no longer value our solutions; if our current or prospective customers who utilize cloud-based email systems fail to find value in our solutions, our business could be adversely affected.

Historically, our solutions have been used primarily for email, and any decrease in the use of email systems by large and mid-sized enterprises over time, or the failure of our newly developed solutions for emerging methods of communication and collaboration to gain acceptance could harm our business.

        Historically, our customers have primarily used our solutions to protect and archive data in their corporate email systems. If the use of email decreases, demand for our solutions would decrease and we may fail to diversify our revenue base by increasing demand for our other technology solutions.

        In addition, messaging and collaboration technologies are evolving rapidly. For instance, the widespread adoption and use of mobile devices, unmanaged Internet-based collaboration and file sharing applications and social networking sites have caused valuable and sensitive data to proliferate well beyond traditional corporate email systems, resulting in new and increasing security risks. We are devoting resources to continue developing and marketing our solutions for these emerging methods of communication and collaboration. However, our customers may not perceive the need to deploy our solutions intended to address these emerging areas. If we are unable to successfully develop, market, broaden or enhance our solutions to address the wider range of threats caused by the proliferation of new technologies and methods of communication, demand for our existing solutions would decrease, and our business would be harmed.

15


Table of Contents


If functionality similar to that offered by our solutions is incorporated into our competitors' networking products, potential or existing customers may decide against adding our solutions to their network, which would have an adverse effect on our business.

        Some large, well-established providers of networking equipment, such as Cisco and Juniper Networks, Inc. currently offer, and may continue to introduce, network security features that compete with our solutions, either in stand-alone security products or as additional features in their network infrastructure products. The inclusion of, or the announcement of an intent to include, functionality perceived to be similar to that offered by our solutions in networking products that are already generally accepted as necessary components of customers' network architecture may have an adverse effect on our ability to market and sell our solutions. Furthermore, even if the functionality offered by network infrastructure providers is more limited than that offered by our solutions, a significant number of our customers may elect to accept such limited functionality in lieu of adding appliances or software from an additional vendor such as us. Many organizations have invested substantial personnel and financial resources to design and operate their networks and have established deep relationships with other providers of networking products, which may make them reluctant to add new third-party components to their networks.

Our solutions collect, filter and archive customer data which may contain personal information, which raises privacy concerns and could result in us having liability or inhibit sales of our solutions.

        Many federal, state and foreign government bodies and agencies have adopted or are considering adopting laws and regulations regarding the collection, use, and disclosure of personal information. Because many of the features of our solutions use, store, and report on customer data which may contain personal information from our customers, any inability to adequately address privacy concerns, or comply with applicable privacy laws, regulations and policies could, even if unfounded, result in liability to us, damage to our reputation, loss of sales, and harm to our business. Furthermore, the costs of compliance with, and other burdens imposed by, such laws, regulations and policies that are applicable to the businesses of our customers may limit the use and adoption of our solutions and reduce overall demand for them. Privacy concerns, whether or not valid, may inhibit market adoption of our solutions. For example, in the United States regulations such as the Gramm-Leach-Bliley Act (GLBA), which protects and restricts the use of consumer credit and financial information, and the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which regulates the use and disclosure of personal health information, impose significant security and data protection requirements and obligations on businesses that may affect the use and adoption of our solutions. The European Union has also adopted a data privacy directive that requires member states to impose restrictions on the collection and use of personal data that, in some respects, are more stringent, and impose more significant burdens on subject businesses, than current privacy standards in the United States.

        Any failure or perceived failure to comply with laws and regulations may result in proceedings or actions against us by government entities or others, or could cause us to lose users and customers, which could potentially have an adverse effect on our business.

If we do not effectively expand and train our sales force, we may be unable to add new customers or increase sales to our existing customers and our business will be harmed.

        We continue to be substantially dependent on our sales force to obtain new customers and to sell additional solutions to our existing customers. We believe that there is significant competition for sales personnel with the skills and technical knowledge that we require. Our ability to achieve significant revenue growth will depend, in large part, on our success in recruiting, training and retaining sufficient numbers of sales personnel to support our growth. New hires require significant training and may take significant time before they achieve full productivity. Our recent hires and planned hires may not become as productive as we expect, and we may be unable to hire or retain sufficient numbers of

16


Table of Contents


qualified individuals in the markets where we do business or plan to do business. If we are unable to hire and train sufficient numbers of effective sales personnel, or the sales personnel are not successful in obtaining new customers or increasing sales to our existing customer base, our business will be harmed.

Our sales cycle is long and unpredictable, and our sales efforts require considerable time and expense. As a result, our results are difficult to predict and may vary substantially from quarter to quarter, which may cause our operating results to fluctuate.

        We sell our security and compliance offerings primarily to enterprise IT departments that are managing a growing set of user and compliance demands, which has increased the complexity of customer requirements to be met and confirmed in the sales cycle. Additionally, we have found that increasingly security, legal and compliance departments are involved in testing, evaluating and finally approving purchases, which has also made the sales cycle longer and less predictable. We may not be able to accurately predict or forecast the timing of sales, which makes our future revenue difficult to predict and could cause our results to vary significantly. In addition, we might devote substantial time and effort to a particular unsuccessful sales effort, and as a result we could lose other sales opportunities or incur expenses that are not offset by an increase in revenue, which could harm our business.

Because our long-term success depends, in part, on our ability to expand the sales of our platform to our customers located outside of the United States, our business will be increasingly susceptible to risks associated with international operations.

        One key element of our growth strategy is to develop a worldwide customer base and expand our operations worldwide. We have added employees, offices and customers internationally, particularly in Europe and Asia. Operating in international markets requires significant resources and management attention and will subject us to regulatory, economic, political and competitive risks and competition that are different from those in the United States. Because of our limited experience with international operations, we cannot assure you that our international expansion efforts will be successful or that expected returns on such investments will be achieved in the future.

        In addition, our international operations may fail to succeed due to other risks inherent in operating businesses internationally, including:

    our lack of familiarity with commercial and social norms and customs in other countries which may adversely affect our ability to recruit, retain and manage employees in these countries;

    difficulties and costs associated with staffing and managing foreign operations;

    the potential diversion of management's attention to oversee and direct operations that are geographically distant from our U.S. headquarters;

    compliance with multiple, conflicting and changing governmental laws and regulations, including employment, tax, privacy and data protection laws and regulations;

    legal systems in which our ability to enforce and protect our rights may be different or less effective than in the United States, including more limited protection for intellectual property rights in some countries;

    immaturity of compliance regulations in other jurisdictions, which may lower demand for our solutions;

    greater difficulty with payment collections and longer payment cycles;

    higher employee costs and difficulty terminating non-performing employees;

17


Table of Contents

    differences in work place cultures;

    the need to adapt our solutions for specific countries;

    our ability to comply with differing technical and certification requirements outside the United States;

    tariffs, export controls and other non-tariff barriers such as quotas and local content rules;

    adverse tax consequences;

    fluctuations in currency exchange rates;

    restrictions on the transfer of funds;

    anti-bribery compliance by us or our partners; and

    new and different sources of competition.

        Our failure to manage any of these risks successfully could harm our existing and future international operations and seriously impair our overall business.

If the market for our delivery model and cloud computing services develops more slowly than we expect, our business could be harmed.

        Our success will depend to a substantial extent on the willingness of enterprises, large and small, to increase their use of cloud computing services. The market for messaging security and data compliance solutions delivered as a service in particular is at an early stage relative to on-premise solutions, and these applications may not achieve and sustain high levels of demand and market acceptance. Many enterprises have invested substantial personnel and financial resources to integrate traditional enterprise software or hardware appliances for these applications into their businesses or may be reluctant or unwilling to use cloud computing services because they have concerns regarding the risks associated with reliability and security, among other things, of this delivery model, or its ability to help them comply with applicable laws and regulations. If enterprises do not perceive the benefits of this delivery model, then the market for our services may develop more slowly than we expect, which would adversely affect our business and operating results.

If we are unable to enhance our existing solutions and develop new solutions, our growth will be harmed and we may not be able to achieve profitability.

        Our ability to attract new customers and increase revenue from existing customers will depend in large part on our ability to enhance and improve our existing solutions and to introduce new solutions. The success of any enhancement or new solution depends on several factors, including the timely completion, introduction and market acceptance of the enhancement or solution. Any new enhancement or solution we develop or acquire may not be introduced in a timely or cost-effective manner and may not achieve the broad market acceptance necessary to generate significant revenue. If we are unable to successfully develop or acquire new solutions or enhance our existing solutions to meet customer requirements, we may not grow as expected and we may not achieve profitability.

        We cannot be certain that our development activities will be successful or that we will not incur delays or cost overruns. Furthermore, we may not have sufficient financial resources to identify and develop new technologies and bring enhancements or new solutions to market in a timely and cost effective manner. New technologies and enhancements could be delayed or cost more than we expect, and we cannot ensure that any of these solutions will be commercially successful if and when they are introduced.

18


Table of Contents


If we are unable to cost-effectively scale or adapt our existing architecture to accommodate increased traffic, technological advances or changing customer requirements, our operating results could be harmed.

        As our customer base grows, the number of users accessing our solutions over the Internet will correspondingly increase. Increased traffic could result in slow access speeds and response times. Since our customer agreements often include service availability commitments, slow speeds or our failure to accommodate increased traffic could result in breaches of our service level agreements or obligate us to issue service credits. In addition, the market for our solutions is characterized by rapid technological advances and changes in customer requirements. In order to accommodate increased traffic and respond to technological advances and evolving customer requirements, we expect that we will be required to make future investments in our network architecture. If we do not implement future upgrades to our network architecture cost-effectively, or if we experience prolonged delays or unforeseen difficulties in connection with upgrading our network architecture, our service quality may suffer and our operating results could be harmed.

Our quarterly operating results are likely to vary significantly and be unpredictable, which could cause the trading price of our stock to decline.

        Our operating results have historically varied from period to period, and we expect that they will continue to do so as a result of a number of factors, many of which are outside of our control and may be difficult to predict, including:

    the level of demand for our solutions and the level of perceived urgency regarding security threats and compliance requirements;

    the timing of new subscriptions and renewals of existing subscriptions;

    the mix of solutions sold;

    the extent to which customers subscribe for additional solutions or increase the number of users;

    customer budgeting cycles and seasonal buying patterns;

    the extent to which we bring on new distributors;

    any changes in the competitive landscape of our industry, including consolidation among our competitors, customers, partners or resellers;

    deferral of orders in anticipation of new solutions or enhancements announced by us;

    price competition;

    changes in renewal rates and terms in any quarter;

    any disruption in our sales channels or termination of our relationship with important channel partners;

    general economic conditions, both domestically and in our foreign markets;

    insolvency or credit difficulties confronting our customers, affecting their ability to purchase or pay for our solutions; or

    future accounting pronouncements or changes in our accounting policies.

        Any one of the factors above or the cumulative effect of some of the factors referred to above may result in significant fluctuations in our quarterly financial and other operating results, including fluctuations in our key metrics. This variability and unpredictability could result in our failing to meet the expectations of securities analysts or investors for any period. If we fail to meet or exceed such expectations for these or any other reasons, the market price of our shares could fall substantially and

19


Table of Contents


we could face costly lawsuits, including securities class action suits. In addition, a significant percentage of our operating expenses are fixed in nature and based on forecasted revenue and cash flow trends. Accordingly, in the event of revenue shortfalls, we are generally unable to mitigate the negative impact on margins or other operating results in the short term.

If we fail to manage our sales and distribution channels effectively or if our partners choose not to market and sell our solutions to their customers, our operating results could be adversely affected.

        We have derived and anticipate that in the future we will continue to derive a substantial portion of the sales of our solutions through channel partners. In order to scale our channel program to support growth in our business, it is important that we continue to help our partners enhance their ability to independently sell and deploy our solutions. We may be unable to continue to successfully expand and improve the effectiveness of our channel sales program.

        Our agreements with our channel partners are generally non-exclusive and some of our channel partners have entered, and may continue to enter, into strategic relationships with our competitors or are competitors themselves. Further, many of our channel partners have multiple strategic relationships and they may not regard us as significant for their businesses. Our channel partners may terminate their respective relationships with us with limited or no notice and with limited or no penalty, pursue other partnerships or relationships, or attempt to develop or acquire products or services that compete with our solutions. Our partners also may impair our ability to enter into other desirable strategic relationships. If our channel partners do not effectively market and sell our solutions, if they choose to place greater emphasis on products of their own or those offered by our competitors, or if they fail to meet the needs of our customers, our ability to grow our business and sell our solutions may be adversely affected. Similarly, the loss of a substantial number of our channel partners, and our possible inability to replace them, the failure to recruit additional channel partners, any reduction or delay in their sales of our solutions, or any conflicts between channel sales and our direct sales and marketing activities could materially and adversely affect our results of operations.

Because we recognize revenue from subscriptions over the term of the relevant service period, decreases or increases in sales are not immediately reflected in full in our operating results.

        We recognize revenue from subscriptions over the term of the relevant service period, which typically range from one to three years, with some up to five years. As a result, most of our quarterly revenue from subscriptions results from agreements entered into during previous quarters. Consequently, a shortfall in demand for our solutions in any quarter may not significantly reduce our subscription revenue for that quarter, but could negatively affect subscription revenue in future quarters. We may be unable to adjust our cost structure to compensate for this potential shortfall in subscription revenue. Accordingly, the effect of significant downturns in sales of subscriptions may not be fully reflected in our results of operations until future periods. Our subscription model also makes it difficult for us to rapidly increase our subscription revenue through additional sales in any period, as subscription revenue must be recognized over the term of the contract.

Interruptions or delays in services provided by third parties could impair the delivery of our service and harm our business.

        We currently serve our customers from third-party data center hosting facilities located in the United States, Canada and Europe. We also rely on bandwidth providers, Internet service providers, and mobile networks to deliver our solutions. Any damage to, or failure of, the systems of our third-party providers could result in interruptions to our service. If for any reason our arrangement with one or more of our data centers is terminated we could experience additional expense in arranging for new facilities and support. Our data center facilities providers have no obligations to renew their agreements with us on commercially reasonable terms, or at all. If we are unable to renew our agreements with the

20


Table of Contents


facilities providers on commercially reasonable terms or if in the future we add additional data center facility providers, we may experience costs or downtime in connection with the transfer to, or the addition of, new data center facilities. In addition, the failure of our data centers to meet our capacity requirements could result in interruptions in the availability of our solutions, impair the functionality of our solutions or impede our ability to scale our operations. As we continue to add data centers, restructure our data management plans, and increase capacity in existing and future data centers, we may move or transfer our data and our customers' data. Despite precautions taken during such processes and procedures, any unsuccessful data transfers may impair the delivery of our service, and we may experience costs or downtime in connection with the transfer of data to other facilities.

        We also depend on access to the Internet through third-party bandwidth providers to operate our business. If we lose the services of one or more of our bandwidth providers, or if these providers experience outages, for any reason, we could experience disruption in delivering our solutions or we could be required to retain the services of a replacement bandwidth provider. Our business also depends on our customers having high-speed access to the Internet. Any Internet outages or delays could adversely affect our ability to provide our solutions to our customers.

        Our operations also rely heavily on the availability of electricity, which also comes from third-party providers. If we or the third-party data center facilities that we use to deliver our services were to experience a major power outage or if the cost of electricity were to increase significantly, our operations and financial results could be harmed. If we or our third-party data centers were to experience a major power outage, we or they would have to rely on back-up generators, which might not work properly or might not provide an adequate supply during a major power outage. Such a power outage could result in a significant disruption of our business.

        The occurrence of an extended interruption of ours or third-party services for any reason could result in lengthy interruptions in our services or in the delivery of customers' email and require us to provide service credits, refunds, indemnification payments or other payments to our customers, and could also result in the loss of customers.

Any failure to offer high-quality technical support services may adversely affect our relationships with our customers and harm our financial results.

        Once our solutions are deployed, our customers depend on our support organization to resolve any technical issues relating to our solutions. In addition, our sales process is highly dependent on our solutions and business reputation and on strong recommendations from our existing customers. Any failure to maintain high-quality technical support, or a market perception that we do not maintain high-quality support, could harm our reputation, adversely affect our ability to sell our solutions to existing and prospective customers, and harm our business, operating results and financial condition.

        We offer technical support services with many of our solutions. We may be unable to respond quickly enough to accommodate short-term increases in customer demand for support services. We also may be unable to modify the format of our support services to compete with changes in support services provided by competitors. Increased customer demand for these services, without corresponding revenue, could increase costs and adversely affect our operating results.

        We have outsourced a substantial portion of our worldwide customer support functions to third-party service providers. If these companies experience financial difficulties, do not maintain sufficiently skilled workers and resources to satisfy our contracts, or otherwise fail to perform at a sufficient level, the level of support services to our customers may be significantly disrupted, which could materially harm our reputation and our relationships with these customers.

21


Table of Contents

If we fail to develop or protect our brand, our business may be harmed.

        We believe that developing and maintaining awareness and integrity of our company and our brand are important to achieving widespread acceptance of our existing and future offerings and are important elements in attracting new customers. We believe that the importance of brand recognition will increase as competition in our market further intensifies. Successful promotion of our brand will depend on the effectiveness of our marketing efforts and on our ability to provide reliable and useful solutions at competitive prices. We plan to continue investing substantial resources to promote our brand, both domestically and internationally, but there is no guarantee that our brand development strategies will enhance the recognition of our brand. Some of our existing and potential competitors have well-established brands with greater recognition than we have. If our efforts to promote and maintain our brand are not successful, our operating results and our ability to attract and retain customers may be adversely affected. In addition, even if our brand recognition and loyalty increases, this may not result in increased use of our solutions or higher revenue.

        In addition, independent industry analysts often provide reviews of our solutions, as well as those of our competitors, and perception of our solutions in the marketplace may be significantly influenced by these reviews. We have no control over what these industry analysts report, and because industry analysts may influence current and potential customers, our brand could be harmed if they do not provide a positive review of our solutions or view us as a market leader.

The steps we have taken to protect our intellectual property rights may not be adequate.

        We rely on a combination of contractual rights, trademarks, trade secrets, patents and copyrights to establish and protect our intellectual property rights. These offer only limited protection, however, and the steps we have taken to protect our proprietary technology may not deter its misuse, theft or misappropriation. Any of our patents, copyrights, trademarks or other intellectual property rights may be challenged by others or invalidated through administrative process or litigation. Competitors may independently develop technologies or products that are substantially equivalent or superior to our solutions or that inappropriately incorporate our proprietary technology into their products. Competitors may hire our former employees who may misappropriate our proprietary technology or misuse our confidential information. Although we rely in part upon confidentiality agreements with our employees, consultants and other third parties to protect our trade secrets and other confidential information, those agreements may not effectively prevent disclosure of trade secrets and other confidential information and may not provide an adequate remedy in the event of misappropriation of trade secrets or unauthorized disclosure of confidential information. In addition, others may independently discover our trade secrets and confidential information, and in such cases we could not assert any trade secret rights against such parties.

        We might be required to spend significant resources to monitor and protect our intellectual property rights. We may initiate claims or litigation against third parties for infringement of our intellectual property rights or misappropriation of our trade secrets, or to establish the validity of our intellectual property rights. Any litigation, whether or not it is resolved in our favor, could result in significant expense to us and divert the efforts of our technical and management personnel, which may adversely affect our business, operating results and financial condition. Certain jurisdictions may not provide adequate legal infrastructure for effective protection of our intellectual property rights. Changing legal interpretations of liability for unauthorized use of our solutions or lessened sensitivity by corporate, government or institutional users to refraining from intellectual property piracy or other infringements of intellectual property could also harm our business.

        Our issued patents may not provide us with any competitive advantages or may be challenged by third parties, and our patent applications may never be granted at all. It is possible that innovations for which we seek patent protection may not be protectable. Additionally, the process of obtaining patent

22


Table of Contents


protection is expensive and time consuming, and we may not be able to prosecute all necessary or desirable patent applications at a reasonable cost or in a timely manner. Given the cost, effort, risks and downside of obtaining patent protection, including the requirement to ultimately disclose the invention to the public, we may not choose to seek patent protection for certain innovations. However, such patent protection could later prove to be important to our business. Even if issued, there can be no assurance that any patents will have the coverage originally sought or adequately protect our intellectual property, as the legal standards relating to the validity, enforceability and scope of protection of patent and other intellectual property rights are uncertain. Any patents that are issued may be invalidated or otherwise limited, or may lapse or may be abandoned, enabling other companies to better develop products that compete with our solutions, which could adversely affect our competitive business position, business prospects and financial condition.

        We cannot assure you that the measures we have taken to protect our intellectual property will adequately protect us, and any failure to protect our intellectual property could harm our business.

Third parties claiming that we infringe their intellectual property rights could cause us to incur significant legal expenses and prevent us from selling our solutions.

        Companies in the software and technology industries, including some of our current and potential competitors, own large numbers of patents, copyrights, trademarks and trade secrets and frequently enter into litigation based on allegations of infringement, misappropriation or other violations of intellectual property rights. In addition, many of these companies have the capability to dedicate substantially greater resources to enforce their intellectual property rights and to defend claims that may be brought against them. The litigation may involve patent holding companies or other adverse patent owners who have no relevant product revenue and against whom our potential patents may provide little or no deterrence. We have received, and may in the future receive, notices that claim we have infringed, misappropriated or otherwise violated other parties' intellectual property rights. To the extent we gain greater visibility, we face a higher risk of being the subject of intellectual property infringement claims, which is not uncommon with respect to software technologies in general and information security technology in particular. There may be third-party intellectual property rights, including issued or pending patents that cover significant aspects of our technologies or business methods. Any intellectual property claims, with or without merit, could be very time consuming, could be expensive to settle or litigate and could divert our management's attention and other resources. These claims could also subject us to significant liability for damages, potentially including treble damages if we are found to have willfully infringed patents or copyrights. These claims could also result in our having to stop using technology found to be in violation of a third party's rights. We might be required to seek a license for the intellectual property, which may not be available on reasonable terms or at all. Even if a license were available, we could be required to pay significant royalties, which would increase our operating expenses. As a result, we may be required to develop alternative non-infringing technology, which could require significant effort and expense. If we cannot license or develop technology for any infringing aspect of our business, we would be forced to limit or stop sales of one or more of our solutions or features of our solutions and may be unable to compete effectively. Any of these results would harm our business, operating results and financial condition.

        In addition, our agreements with customers and channel partners include indemnification provisions under which we agree to indemnify them for losses suffered or incurred as a result of claims of intellectual property infringement and, in some cases, for damages caused by us to property or persons. Large indemnity payments could harm our business, operating results and financial condition.

23


Table of Contents

We rely on technology and intellectual property licensed from other parties, the failure or loss of which could increase our costs and delay or prevent the delivery of our solutions.

        We utilize various types of software and other technology, as well as intellectual property rights, licensed from unaffiliated third parties in order to provide certain elements of our solutions. Any errors or defects in any third-party technology could result in errors in our solutions that could harm our business. In addition, licensed technology and intellectual property rights may not continue to be available on commercially reasonable terms, or at all. While we believe that there are currently adequate replacements for the third-party technology we use, any loss of the right to use any of this technology on commercially reasonable terms, or at all, could result in delays in producing or delivering our solutions until equivalent technology is identified and integrated, which delays could harm our business. In this situation we would be required to either redesign our solutions to function with software available from other parties or to develop these components ourselves, which would result in increased costs. Furthermore, we might be forced to limit the features available in our current or future solutions. If we fail to maintain or renegotiate any of these technology or intellectual property licenses, we could face significant delays and diversion of resources in attempting to develop similar or replacement technology, or to license and integrate a functional equivalent of the technology.

Some of our solutions contain "open source" software, and any failure to comply with the terms of one or more of these open source licenses could negatively affect our business.

        Some of our solutions are distributed with software licensed by its authors or other third parties under so-called "open source" licenses, which may include, by way of example, the GNU General Public License, or GPL, and the Apache License. Some of these licenses contain requirements that we make available source code for modifications or derivative works we create based upon the open source software, and that we license such modifications or derivative works under the terms of a particular open source license or other license granting third parties certain rights of further use. By the terms of certain open source licenses, we could be required to release the source code of our proprietary software, and to make our proprietary software available under open source licenses, if we combine our proprietary software with open source software in a certain manner. In the event that portions of our proprietary software are determined to be subject to an open source license, we could be required to publicly release the affected portions of our source code, re-engineer all or a portion of our technologies, or otherwise be limited in the licensing of our technologies, each of which could reduce or eliminate the value of our technologies and solutions. In addition to risks related to license requirements, usage of open source software can lead to greater risks than use of third party commercial software, as open source licensors generally do not provide warranties or controls on the origin of the software. We have established processes to help alleviate these risks, including a review process for screening requests from our development organizations for the use of open source software, but we cannot be sure that all open source software is submitted for approval prior to use in our solutions, that our programmers have not incorporated open source software into our proprietary solutions and technologies or that they will not do so in the future. In addition, many of the risks associated with usage of open source software cannot be eliminated, and could, if not properly addressed, negatively affect our business.

Governmental regulations affecting the export of certain of our solutions could negatively affect our business.

        Our products are subject to U.S. export controls, and we incorporate encryption technology into certain of our products. These encryption products and the underlying technology may be exported outside the United States only with the required export authorizations, including by license, a license exception or other appropriate government authorizations, including the filing of an encryption registration. Governmental regulation of encryption technology and regulation of imports or exports, or our failure to obtain required import or export approval for our products, could harm our international sales and adversely affect our revenue.

24


Table of Contents

        We determined that subsequent to August 2008, we may have shipped a particular hardware appliance model to a limited number of international customers that, prior to shipment, may have required either a one-time product review or application for an encryption registration number in lieu of such product review. We are making a voluntary submission to the U.S. Commerce Department's Bureau of Industry and Security (BIS) to report this potential violation.

        In addition, the U.S. government also prohibits U.S. companies from doing business with customers in certain restricted countries. As part of a pre-IPO due diligence review, we discovered a potential export violation involving the provision of web-based, email communication services to end-users located in Iran through our Everyone.net service, which we acquired in October 2009. Neither of these suspected end-users appears to have been a current customer of these web-based, email communication services since late 2010 or early 2011. Although we had ceased providing the services, we are making a voluntary submission to the U.S. Department of Treasury's Office of Foreign Assets Control (OFAC) to report this potential violation. Our investigation of these matters is still ongoing, and it is possible that we may discover additional violations.

        Failure to comply with such regulations and these recent voluntary submissions could result in penalties, costs, and restrictions on export privileges, which could also harm our operating results.

We have experienced rapid growth in recent periods. If we fail to manage such growth and our future growth effectively, we may be unable to execute our business plan, maintain high levels of service or adequately address competitive challenges.

        We have experienced significant growth in recent periods. For example, we grew from 158 employees on December 31, 2007 to 348 on September 30, 2011. This growth has placed, and any future growth may place, a significant strain on our management and operational infrastructure, including our hosting operations. Our success will depend, in part, on our ability to manage these changes effectively. We will need to continue to improve our operational, financial and management controls and our reporting systems and procedures. Failure to effectively manage growth could result in declines in service quality or customer satisfaction, increases in costs, difficulties in introducing new features or other operational difficulties. Any failure to effectively manage growth could adversely impact our business and reputation.

The forecasts of market growth included in this prospectus may prove to be inaccurate, and even if the markets in which we compete achieve the forecasted growth, we cannot assure you our business will grow at similar rates, if at all.

        Growth forecasts are subject to significant uncertainty and are based on assumptions and estimates which may not prove to be accurate. Forecasts relating to the expected growth in the security and other markets may prove to be inaccurate. Even if these markets experience the forecasted growth, we may not grow our business at similar rates, or at all. Our growth is subject to many factors, including our success in implementing our business strategy, which is subject to many risks and uncertainties. Accordingly, the forecasts of market growth included in this prospectus should not be taken as indicative of our future growth.

We have and may further expand through acquisitions of, or investments in, other companies, which may divert our management's attention, dilute our stockholders and consume corporate resources that otherwise would be necessary to sustain and grow our business.

        Our business strategy may, from time to time, include acquiring complementary products, technologies or businesses. We also may enter into relationships with other businesses in order to expand our solutions, which could involve preferred or exclusive licenses, additional channels of distribution, or investments by or between the two parties. Negotiating these transactions can be time consuming, difficult and expensive, and our ability to close these transactions may be subject to third-party approvals, such as

25


Table of Contents


government regulation, which are beyond our control. Consequently, we can make no assurance that these transactions, once undertaken and announced, will close.

        These kinds of transactions may result in unforeseen operating difficulties and expenditures. In particular, we may encounter difficulties assimilating or integrating the businesses, technologies, products, personnel or operations of acquired companies, particularly if the key personnel of the acquired business choose not to work for us, and we may have difficulty retaining the customers of any acquired business. Acquisitions may also disrupt our ongoing business, divert our resources and require significant management attention that would otherwise be available for development of our business. Any acquisition or investment could expose us to unknown liabilities. In addition, as of September 30, 2011, we had $20.4 million in goodwill and intangible assets recorded on our consolidated balance sheet. We may in the future need to incur charges with respect to the write-down or impairment of goodwill or intangible assets, which could adversely affect our operating results. Moreover, we cannot assure you that the anticipated benefits of any acquisition or investment would be realized or that we would not be exposed to unknown liabilities. In connection with these types of transactions, we may issue additional equity securities that would dilute our stockholders, use cash that we may need in the future to operate our business, incur debt on terms unfavorable to us or that we are unable to repay, incur large charges or substantial liabilities, encounter difficulties integrating diverse business cultures, and become subject to adverse tax consequences, substantial depreciation or deferred compensation charges. These challenges related to acquisitions or investments could adversely affect our business, operating results and financial condition.

If we are unable to attract and retain qualified employees, lose key personnel, fail to integrate replacement personnel successfully, or fail to manage our employee base effectively, we may be unable to develop new and enhanced solutions, effectively manage or expand our business, or increase our revenue.

        Our future success depends upon our ability to recruit and retain key management, technical, sales, marketing, finance, and other critical personnel. Despite the economic downturn, competition for qualified management, technical and other personnel is intense, and we may not be successful in attracting and retaining such personnel. If we fail to attract and retain qualified employees, our ability to grow our business could be harmed. Our officers and other key personnel are employees-at-will, and we cannot assure you that we will be able to retain them. Competition for people with the specific skills that we require is significant. In order to attract and retain personnel in a competitive marketplace, we believe that we must provide a competitive compensation package, including cash and equity-based compensation. Volatility in our stock price may from time to time adversely affect our ability to recruit or retain employees. If we are unable to hire and retain qualified employees, or conversely, if we fail to manage employee performance or reduce staffing levels when required by market conditions, our business and operating results could be adversely affected.

        In addition, hiring, training, and successfully integrating replacement personnel could be time consuming, may cause additional disruptions to our operations, and may be unsuccessful, which could negatively impact future revenue.

Changes in laws and/or regulations related to the Internet or changes in the Internet infrastructure itself may diminish the demand for our solutions, and could have a negative impact on our business.

        The future success of our business depends upon the continued use of the Internet as a primary medium for commerce, communication and business applications. Federal, state or foreign government bodies or agencies have in the past adopted, and may in the future adopt, laws or regulations affecting data privacy and the use of the Internet as a commercial medium. Changes in these laws or regulations could require us to modify our solutions in order to comply with these changes. In addition, government agencies or private organizations may begin to impose taxes, fees or other charges for accessing the Internet or commerce conducted via the Internet. These laws or charges could limit the

26


Table of Contents


growth of Internet-related commerce or communications generally, result in a decline in the use of the Internet and the viability of Internet-based applications such as ours and reduce the demand for our solutions.

        The legal and regulatory framework also drives demand for our solutions. Our customers are subject to laws, regulations and internal policies that mandate how they process, handle, store, use and transmit a variety of sensitive data and communications. These laws and regulations are subject to revision, change and interpretation at any time, and any such change could either help or hurt the demand for our solutions. We cannot be sure that the legal and regulatory framework in any given jurisdiction will be favorable to our business or that we will be able to sustain or grow our business if there are any adverse changes to these laws and regulations.

If we are required to collect sales and use taxes on the solutions we sell, we may be subject to liability for past sales and our future sales may decrease.

        State and local taxing jurisdictions have differing rules and regulations governing sales and use taxes, and these rules and regulations are subject to varying interpretations that may change over time. In particular, the applicability of sales taxes to our subscription services in various jurisdictions is unclear. We have recorded sales tax liabilities of $0.1 million on our consolidated balance sheet as of September 30, 2011 in respect of sales and use tax liabilities in various states and local jurisdictions. It is possible that we could face sales tax audits and that our liability for these taxes could exceed our estimates as state tax authorities could still assert that we are obligated to collect additional amounts as taxes from our customers and remit those taxes to those authorities. We could also be subject to audits with respect to state and international jurisdictions for which we have not accrued tax liabilities. A successful assertion that we should be collecting additional sales or other taxes on our services in jurisdictions where we have not historically done so and do not accrue for sales taxes could result in substantial tax liabilities for past sales, discourage customers from purchasing our application or otherwise harm our business and operating results.

Adverse conditions in the national and global economies and financial markets may adversely affect our business and financial results.

        Our financial performance depends, in part, on the state of the economy, which deteriorated in the recent broad recession, and which may deteriorate in the future. Challenging economic conditions worldwide have from time to time contributed, and may continue to contribute, to slowdowns in the information technology industry, resulting in reduced demand for our solutions as a result of continued constraints on IT-related capital spending by our customers and increased price competition for our solutions. Moreover, we target some of our solutions to the financial services industry and therefore if there is consolidation in that industry, or layoffs, or lack of funding for IT purchases, our business may suffer. If unfavorable economic conditions continue or worsen, our business, financial condition and operating results could be materially and adversely affected.

Our business is subject to the risks of earthquakes, fire, power outages, floods and other catastrophic events, and to interruption by manmade problems such as terrorism.

        Natural disasters or other catastrophic events may cause damage or disruption to our operations, international commerce and the global economy, and thus could have a strong negative effect on us. We have significant operations in the Silicon Valley area of Northern California, a region known for seismic activity. A major earthquake or other natural disaster, fire, act of terrorism or other catastrophic event that results in the destruction or disruption of any of our critical business operations or information technology systems could severely affect our ability to conduct normal business operations and, as a result, our future operating results could be harmed. These negative events could make it difficult or impossible for us to deliver our services to our customers, and could decrease demand for our services. Because we do not carry earthquake insurance for direct quake-related losses,

27


Table of Contents


and significant recovery time could be required to resume operations, our financial condition and operating results could be materially adversely affected in the event of a major earthquake or catastrophic event.

A portion of our revenue is generated by sales to government entities, which are subject to a number of challenges and risks.

        Sales to U.S. and foreign federal, state and local governmental agency customers have accounted for a portion of our revenue in past periods, and we may in the future increase sales to government entities. Sales into government entities are subject to a number of risks. Selling to government entities can be highly competitive, expensive and time consuming, often requiring significant upfront time and expense without any assurance that we will win a sale. We have invested in the creation of a cloud offering certified under the Federal Information Security Management Act (FISMA) for government usage but we cannot be sure that we will continue to sustain or renew this certification, that the government will continue to mandate such certification or that other government agencies or entities will use this cloud offering. Government demand and payment for our solutions may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our solutions. Government entities may have contractual or other legal rights to terminate contracts with our distributors and resellers for convenience or due to a default, and any such termination may adversely impact our future results of operations. For example, if the distributor receives a significant portion of its revenue from sales to such governmental entity, the financial health of the distributor could be substantially harmed, which could negatively affect our future sales to such distributor. Governments routinely investigate and audit government contractors' administrative processes, and any unfavorable audit could result in the government refusing to continue buying our solutions, a reduction of revenue or fines or civil or criminal liability if the audit uncovers improper or illegal activities. Any such penalties could adversely impact our results of operations in a material way.

If we fail to maintain an effective system of internal controls, our ability to produce timely and accurate financial statements or comply with applicable regulations could be impaired.

        As a public company, we will be subject to the reporting requirements of the Exchange Act, the Sarbanes-Oxley Act of 2002, or the Sarbanes-Oxley Act, and the rules and regulations of the NASDAQ Global Market. We expect that the requirements of these rules and regulations will continue to increase our legal, accounting and financial compliance costs, make some activities more difficult, time consuming and costly, and place significant strain on our personnel, systems and resources.

        The Sarbanes-Oxley Act requires, among other things, that we maintain effective disclosure controls and procedures and internal control over financial reporting. We are continuing to develop and refine our disclosure controls and other procedures that are designed to ensure that information required to be disclosed by us in the reports that we file with the Securities and Exchange Commission, or the SEC, is recorded, processed, summarized and reported within the time periods specified in SEC rules and forms, and that information required to be disclosed in reports under the Exchange Act is accumulated and communicated to our principal executive and financial officers.

        Our current controls and any new controls that we develop may become inadequate because of changes in conditions in our business. Further, weaknesses in our internal controls may be discovered in the future. Any failure to develop or maintain effective controls, or any difficulties encountered in their implementation or improvement, could harm our operating results or cause us to fail to meet our reporting obligations and may result in a restatement of our financial statements for prior periods. Any failure to implement and maintain effective internal controls also could adversely affect the results of periodic management evaluations and annual independent registered public accounting firm attestation reports regarding the effectiveness of our internal control over financial reporting that we are required

28


Table of Contents


to include in our periodic reports we will file with the SEC under Section 404 of the Sarbanes-Oxley Act. Ineffective disclosure controls and procedures and internal control over financial reporting could also cause investors to lose confidence in our reported financial and other information, which would likely have a negative effect on the trading price of our common stock.

        In order to maintain and improve the effectiveness of our disclosure controls and procedures and internal control over financial reporting, we have expended, and anticipate that we will continue to expend, significant resources, including accounting-related costs, and provide significant management oversight. Any failure to maintain the adequacy of our internal controls, or consequent inability to produce accurate financial statements on a timely basis, could increase our operating costs and could materially impair our ability to operate our business. In the event that we are not able to demonstrate compliance with Section 404 of the Sarbanes-Oxley Act that our internal controls are perceived as inadequate or that we are unable to produce timely or accurate financial statements, investors may lose confidence in our operating results and our stock price could decline. In addition, if we are unable to continue to meet these requirements, we may not be able to remain listed on The NASDAQ Global Market.

        We are not currently required to comply with the SEC rules that implement Sections 302 and 404 of the Sarbanes-Oxley Act, and are therefore not required to make a formal assessment of the effectiveness of our internal controls over financial reporting for that purpose. Upon becoming a public company, we will be required to comply with these rules, which will require management to certify financial and other information in our quarterly and annual reports and provide an annual management report on the effectiveness of our internal control over financial reporting. Though we will be required to disclose changes made in our internal control and procedures on a quarterly basis, we will not be required to make our first annual assessment of our internal control over financial reporting pursuant to Section 404 until the year following our first annual report required to be filed with the SEC. To comply with the requirements of being a public company, we may need to undertake various actions, such as implementing new internal controls and procedures and hiring accounting or internal audit staff.

        Our independent registered public accounting firm is not required to formally attest to the effectiveness of our internal control over financial reporting until the year following our first annual report required to be filed with the SEC. At such time, our independent registered public accounting firm may issue a report that is adverse in the event it is not satisfied with the level at which our controls are documented, designed or operating. Our remediation efforts may not enable us to avoid a material weakness in the future.

We will incur significantly increased costs and devote substantial management time as a result of operating as a public company.

        As a public company, we will incur significant legal, accounting and other expenses that we did not incur as a private company. For example, we will be required to comply with the requirements of the Sarbanes-Oxley Act and the Dodd Frank Wall Street Reform and Consumer Protection Act, as well as rules and regulations subsequently implemented by the SEC, and the NASDAQ Global Market, our stock exchange, including the establishment and maintenance of effective disclosure and financial controls and changes in corporate governance practices. We expect that compliance with these requirements will increase our legal and financial compliance costs and will make some activities more time consuming and costly. In addition, we expect that our management and other personnel will need to divert attention from operational and other business matters to devote substantial time to these public company requirements. In particular, we expect to incur significant expenses and devote substantial management effort toward ensuring compliance with the requirements of Section 404 of the Sarbanes-Oxley Act. In that regard, we currently do not have an internal audit function, and we will need to hire additional accounting and financial staff with appropriate public company experience and

29


Table of Contents


technical accounting knowledge. We cannot predict or estimate the amount of additional costs we may incur as a result of becoming a public company or the timing of such costs. We also expect that operating as a public company will make it more difficult and more expensive for us to obtain director and officer liability insurance, and we may be required to accept reduced policy limits and coverage or incur substantially higher costs to obtain the same or similar coverage. As a result, it may be more difficult for us to attract and retain qualified people to serve on our board of directors, our board committees or as executive officers.

Risks Related to Our Common Stock

Purchasers in this offering will experience immediate and substantial dilution in the book value of their investment.

        The initial public offering price of our common stock will be substantially higher than the net tangible book value per share of our outstanding common stock immediately after this offering. Therefore, if you purchase our common stock in this offering, you will incur immediate dilution of $            in net tangible book value per share from the price you paid assuming we offer our shares at $            , the mid-point of the range on the cover of this prospectus. In addition, investors purchasing common stock in this offering will have contributed        % of the total consideration paid by our stockholders to purchase shares of common stock, but will own        % of our outstanding common stock. Moreover, we issued options and a warrant in the past to acquire common stock at prices significantly below the initial public offering price. As of September 30, 2011, there were 20,227,426 shares of our common stock issuable upon the exercise of stock options outstanding, with a weighted-average exercise price of $1.73 per share. To the extent that these outstanding options are ultimately exercised, you will incur further dilution.

An active, liquid and orderly trading market for our common stock may not develop, the price of our stock may be volatile, and you could lose all or part of your investment.

        Prior to this offering, there has been no public market for our common stock. We cannot predict the extent to which investor interest in us will lead to the development of an active trading market in our common stock or how liquid that market might become. An active public market for our common stock may not develop or be sustained after the offering. If an active public market does not develop or is not sustained, it may be difficult for you to sell your shares of common stock at a price that is attractive to you, or at all. The market price for shares of our common stock may decline below the initial public offering price, and you may not be able to resell your shares of common stock at or above the initial public offering price. In addition, the trading price of our common stock following the offering is likely to be highly volatile and could be subject to wide fluctuations in response to various factors, including but not limited to, those described in this "Risk Factors" section, performance by other companies in our industry and in the technology industry generally, and overall market conditions, some of which are beyond our control. If the stock market in general experiences a loss of investor confidence, the trading price of our common stock could decline for reasons unrelated to our business, financial condition or results of operations. Some companies that have had volatile market prices for their securities have had securities class actions filed against them. If a suit were filed against us, regardless of its merits or outcome, it would likely result in substantial costs and divert management's attention and resources. This could have a material adverse effect on our business, operating results and financial condition.

Anti-takeover provisions contained in our certificate of incorporation and bylaws, as well as provisions of Delaware law, could impair a takeover attempt.

        Our certificate of incorporation and bylaws contain provisions that could have the effect of rendering more difficult, delaying or preventing an acquisition of our company deemed undesirable by our board of directors. These provisions could also reduce the price that investors might be willing to

30


Table of Contents


pay in the future for shares of our common stock and result in the market price of our common stock being lower than it would be without these provisions. Our corporate governance documents include provisions:

    creating a classified board of directors whose members serve staggered three-year terms;

    authorizing "blank check" preferred stock, which could be issued by our board without stockholder approval which may contain voting, liquidation, dividend and other rights which are superior to our common stock;

    limiting the liability of, and providing indemnification to, our directors and officers;

    limiting the ability of our stockholders to call and bring business before special meetings by providing that any stockholder action must be effected at a duly called meeting of the stockholders and not by a consent in writing, and providing that only our board of directors, the chairman of our board of directors, our Chief Executive Officer or President may call a special meeting of the stockholders; and

    requiring advance notice of stockholder proposals for business to be conducted at meetings of our stockholders and for nominations of candidates for election to our board of directors.

These provisions, alone or together, could frustrate, delay or prevent hostile takeovers and changes in control or changes in our management.

        As a Delaware corporation, we are also subject to provisions of Delaware law, including Section 203 of the Delaware General Corporation law, which prevents some stockholders holding more than 15% of our outstanding common stock from engaging in certain business combinations merging or combining with us without approval of the holders of a substantial majority of all of our outstanding common stock.

Our directors, executive officers and principal stockholders will continue to have substantial control over us after this offering and could delay or prevent a change in control or acquisition of us.

        After this offering, our directors, executive officers and holders of more than 5% of our common stock, together with their affiliates, will beneficially own, in the aggregate,        % of our outstanding common stock. As a result, these stockholders, acting together, would have the ability to control the outcome of matters submitted to our stockholders for approval, including the election of directors and the approval of any merger or consolidation of our company or sale of all or substantially all of our assets. In addition, these stockholders, acting together, would have the ability to control the management and affairs of our company through their ability to elect the members of our board of directors. The interests of these stockholders may not always coincide with the interests of our other stockholders. For instance, these stockholders may cause us to enter into transactions or agreements that we would not otherwise consider. In addition, this concentration of ownership might harm the market price of our common stock by:

    delaying, deferring or preventing a change in control of us;

    impeding a merger, consolidation, takeover or other business combination involving us; or

    discouraging a potential acquiror from making a tender offer or otherwise attempting to obtain control of us.

Most of our total outstanding shares may be sold into the market when the "lock-up" period ends. If there are substantial sales of shares of our common stock, the price of our common stock could decline.

        The price of our common stock could decline if there are substantial sales of our common stock, particularly sales by our directors, executive officers and significant stockholders, or if a large number of shares of our common stock becomes available for sale in the public market. After this offering, there will be             shares of our common stock issued and outstanding. This number of shares

31


Table of Contents


includes the shares that we are selling in this offering, which may be resold in the public market immediately. The remaining            outstanding shares are currently restricted from resale as a result of market standoff agreements. In addition, certain of these shares are also subject to lock-up agreements, as more fully described in "Underwriters." In each case, these shares will become available to be sold 181 days after the date of this prospectus, subject to extension in some circumstances. Shares held by directors, executive officers and other affiliates will be subject to volume limitations under Rule 144 under the Securities Act and various vesting agreements.

        After this offering, the holders of an aggregate of approximately 40,541,990 shares of our common stock outstanding will have rights, subject to some conditions, to require us to file registration statements covering their shares or to include their shares in registration statements that we may file for ourselves or our stockholders. All of these shares are subject to market standoff and/or lock-up agreements restricting their sale for 180 days after the date of this prospectus subject to extension in some circumstances. We also intend to register shares of common stock for sale that we have issued and may issue under our employee equity incentive plans. Once we register these shares, they will be able to be sold freely in the public market upon issuance, subject to existing market standoff and/or lock-up agreements. Credit Suisse Securities (USA) LLC and Deutsche Bank Securities Inc. may, in their sole discretion, permit our officers, directors, employees and current stockholders who are subject to contractual lock-up agreements to sell shares prior to the expiration of the lock-up agreements. See the "Underwriters" section of this prospectus for more information.

        The market price of the shares of our common stock could decline as a result of sales of a substantial number of our shares in the public market or the perception in the market that the holders of a large number of shares intend to sell their shares.

Our management will have broad discretion over the use of the proceeds we receive from this offering and might not apply the proceeds in ways that increase the value of your investment.

        Our management will have broad discretion to use our net proceeds from this offering, and you will be relying on the judgment of our management regarding the application of these proceeds. Our management might not apply these proceeds in ways that increase the value of your investment. We intend to use the net proceeds to us from this offering primarily for general corporate purposes, including working capital, sales and marketing activities, general and administrative matters, and capital expenditures. We may also use a portion of the net proceeds to acquire, invest in, or obtain rights to complementary technologies, solutions, or businesses. If we do not apply the net proceeds from this offering in ways that enhance stockholder value, we may fail to achieve expected financial results, which could cause our stock price to decline. You will not have the opportunity to influence our decisions on how we use our net proceeds from this offering.

If securities or industry analysts do not publish research or publish inaccurate or unfavorable research about our business, our stock price and trading volume could decline.

        The trading market for our common stock will depend in part on the research and reports that securities or industry analysts publish about us or our business. We currently do not have and may never obtain research coverage by securities analysts, and industry analysts that currently cover us may cease to do so. If no securities analysts commence coverage of our company, or if industry analysts cease coverage of our company, the trading price for our stock would be negatively impacted. In the event we obtain securities analyst coverage, if one or more of the analysts who cover us downgrade our stock or publish inaccurate or unfavorable research about our business, our stock price would likely decline. If one or more of these analysts cease coverage of our company or fail to publish reports on us regularly, demand for our stock could decrease, which might cause our stock price and trading volume to decline.

32


Table of Contents


Our failure to raise additional capital or generate the significant capital necessary to expand our operations and invest in new solutions could reduce our ability to compete and could harm our business.

        We may need to raise additional funds, and we may not be able to obtain additional debt or equity financing on favorable terms, if at all. If we raise additional equity financing, our stockholders may experience significant dilution of their ownership interests and the per share value of our common stock could decline. If we issue equity securities in any additional financing, the new securities may have rights and preferences senior to our common stock. If we engage in debt financing, we may be required to accept terms that restrict our ability to incur additional indebtedness and force us to maintain specified liquidity or other ratios. If we need additional capital and cannot raise it on acceptable terms, we may not be able to, among other things:

    develop or enhance our application and services;

    continue to expand our product development, sales and marketing organizations;

    acquire complementary technologies, products or businesses;

    expand operations, in the United States or internationally;

    hire, train and retain employees; or

    respond to competitive pressures or unanticipated working capital requirements.

We do not anticipate paying cash dividends, and accordingly, stockholders must rely on stock appreciation for any return on their investment.

        We do not anticipate paying cash dividends on our common stock in the future. As a result, only appreciation of the price of our common stock will provide a return to our stockholders. Investors seeking cash dividends should not invest in our common stock.

33


Table of Contents


SPECIAL NOTE REGARDING FORWARD-LOOKING STATEMENTS

        In addition to historical information, this prospectus contains forward-looking statements. We may, in some cases, use words, such as "project," "believe," "anticipate," "plan," "expect," "estimate," "intend," "continue," "should," "would," "could," "potentially," "will" or "may," or other similar words and expressions that convey uncertainty about future events or outcomes to identify these forward-looking statements. Forward-looking statements in this prospectus include, among other things, statements about:

    our expectations regarding our revenue, expenses, and other results of operations;

    our anticipated capital expenditures and our estimates regarding our capital requirements;

    our liquidity and working capital requirements;

    our need to obtain additional funding and our ability to obtain future funding on acceptable terms;

    our spending of the net proceeds from this offering;

    the growth rates of the markets in which we compete;

    our anticipated strategies for growth;

    maintaining and expanding our customer base and our relationships with distributors and resellers;

    our ability to anticipate market needs and develop new and enhanced solutions to meet those needs;

    our current and future solutions and functionality and plans to promote them;

    anticipated trends and challenges in our business and in the markets in which we operate;

    the evolution of technology affecting our solutions, services and markets;

    our ability to adequately protect our intellectual property;

    management compensation and the methodology for its determination;

    our ability to compete in our industry and innovation by our competitors; and

    the estimates and estimate methodologies used in preparing our consolidated financial statements and determining option exercise prices.

        The outcome of the events described in these forward-looking statements is subject to known and unknown risks, uncertainties and other factors that could cause actual results to differ materially from the results anticipated by these forward-looking statements. These risks, uncertainties and factors include those we discuss in this prospectus under the section entitled "Risk Factors." You should read these risk factors and the other cautionary statements made in this prospectus as being applicable to all related forward-looking statements wherever they appear in this prospectus.

        The forward-looking statements made in this prospectus relate only to events as of the date on which the statements are made. We undertake no obligation to update publicly any forward-looking statements, whether as a result of new information, future events or otherwise, except as required by law.

34


Table of Contents


INDUSTRY AND MARKET DATA

        This prospectus contains estimates and other statistical data, including those relating to our industry, that we have obtained from industry publications and reports, including reports from IDC, Ponemon Institute and Gartner, Inc. These industry publications and reports generally indicate that they have obtained their information from sources believed to be reliable, but do not guarantee the accuracy and completeness of their information. This information involves a number of assumptions and limitations, and you are cautioned not to give undue weight to these estimates, as there is no assurance that any of them will be reached. Although we have not independently verified the accuracy or completeness of the data contained in these industry publications and reports, based on our industry experience we believe that the publications and reports are reliable and that the conclusions contained in the publications and reports are reasonable. The industry in which we operate is subject to a high degree of uncertainty and risk due to a variety of factors, including those described in "Risk Factors." These and other factors could cause our actual results to differ materially from those expressed in the industry publications and reports.

        The reports from Gartner described herein, or the Gartner Reports, represent data, research opinion or viewpoints published as part of a syndicated subscription service, by Gartner, and are not representations of fact. Each Gartner Report speaks as of its original publication date (and not as of the date of this prospectus) and the opinions expressed in the Gartner Reports are subject to change without notice.

        In certain instances the sources of the industry and market data contained in this prospectus are identified by superscript asterisk notations. The sources of these data are provided below:

    (1)
    Gartner, Strategies for Dealing with Advanced Targeted Threats, John Pescatore, August 5, 2011.

    (2)
    Gartner, DoD's U.S. Cyber Command's Challenges and Opportunities to Make Military Networks Safe in Cyberspace, Steve Hawald, December 21, 2010.

    (3)
    IDC, Worldwide Archival Storage Solutions 2011-2015 Forecast: Archiving Needs Thrive in an Information-Thirsty World, Marshall Amaldas & Richard L. Villars, October 2011; IDC, Worldwide Data Loss Prevention 2011-2015 Forecast and 2010 Vendor Shares: DLP Gets More Embedded into Enterprise Infrastructure, Phil Hochmuth, November 2011; IDC, Worldwide Messaging Security 2011-2015 Forecast and 2010 Vendor Shares: Content is King; Phil Hochmuth, November 2011.

    (4)
    Ponemon Institute, Second Annual Cost of Cyber Crime Study: Benchmark Study of U.S. Companies, August 2011.

35


Table of Contents


USE OF PROCEEDS

        We estimate that the net proceeds from the sale of shares of our common stock that we are selling in this offering will be approximately $             million, based on an assumed initial public offering price of $            per share, which is the midpoint of the estimated offering price range set forth on the cover page of this prospectus, and after deducting estimated underwriting discounts and commissions and estimated offering expenses payable by us. If the underwriters' option to purchase additional shares from us is exercised in full, we estimate that we will receive additional net proceeds of $             million. We will not receive any proceeds from the sale of shares of our common stock by the selling stockholders. A $1.00 increase or decrease in the assumed initial public offering price of $            per share would increase or decrease the net proceeds that we receive from this offering by approximately $             million, assuming the number of shares offered by us remains the same and after deducting the estimated underwriting discounts and commissions payable by us.

        We expect to use the net proceeds that we receive from this offering for working capital and other general corporate purposes. We may also use a portion of the net proceeds that we receive from this offering for investments in or acquisitions of complementary businesses, products, services, technologies or other assets.

        Except as set forth above, we currently have no specific plans for the use of the net proceeds that we receive from this offering. Accordingly, we will have broad discretion in using the net proceeds that we receive from this offering. Pending the use of proceeds from this offering as described above, we plan to invest the net proceeds in short-term, interest-bearing obligations, investment-grade instruments, certificates of deposit or direct or guaranteed obligations of the U.S. government.


DIVIDEND POLICY

        We have never declared or paid any cash dividends on our common stock. We currently intend to retain any future earnings and do not expect to pay any cash dividends on our common stock for the foreseeable future. Any determination to pay dividends in the future will be at the discretion of our board of directors and will be dependent on a number of factors, including our earnings, capital requirements and overall financial conditions. In addition, the terms of our equipment loan agreement with Silicon Valley Bank limit our ability to pay dividends.

36


Table of Contents


CAPITALIZATION

        The following table sets forth our consolidated cash, cash equivalents and short-term investments and capitalization as of September 30, 2011 on:

    an actual basis;

    a pro forma basis to give effect to the automatic conversion of all outstanding shares of our convertible preferred stock into an aggregate of 39,134,535 shares of our common stock immediately upon the completion of this offering; and

    a pro forma as adjusted basis to give further effect to (i) the sale of the                  shares of our common stock offered by us in this offering at an assumed initial public offering price of $            per share, the midpoint of the estimated offering price range set forth on the cover page of this prospectus, after deducting the estimated underwriting discounts and commissions and estimated offering expenses; and (ii) the restatement of our certificate of incorporation in connection with this offering to authorize                  shares of common stock and                  shares of preferred stock.

        The information below is illustrative only, and our capitalization following the closing of this offering will be adjusted based on the actual initial public offering price and other terms of the offering determined at the pricing of this offering. You should read this table together with our consolidated financial statements and related notes, "Selected Consolidated Financial Data" and "Management's Discussion and Analysis of Financial Condition and Results of Operations," each included elsewhere in this prospectus.

 
  As of September 30, 2011  
 
  Actual   Pro Forma   Pro Forma
As Adjusted
 
 
  (in thousands, except per share data)
 

Cash, cash equivalents and short-term investments

  $ 12,108   $ 12,108   $    
               

Convertible preferred stock, $0.0001 par value per share: 39,424 shares authorized, 38,942 shares issued and outstanding, actual;             shares authorized, no shares issued or outstanding, pro forma or pro forma as adjusted

  $ 109,911   $   $  
               

Stockholders' equity (deficit):

                   
 

Common stock, $0.0001 par value per share: 70,000 shares authorized, 8,268 shares issued and outstanding, actual; 70,000 shares authorized, 47,402 shares issued and outstanding, pro forma;            shares authorized and            shares issued and outstanding, pro forma as adjusted

    1     5        
 

Additional paid-in capital

    17,733     127,640        
 

Accumulated other comprehensive loss

    (6 )   (6 )      
 

Accumulated deficit

    (155,694 )   (155,694 )      
               
   

Total stockholders' equity (deficit)

    (137,966 )   (28,055 )      
               
     

Total capitalization

  $ (28,055 ) $ (28,055 ) $    
               

        A $1.00 increase (decrease) in the assumed initial public offering price of $            per share, which is the midpoint of the estimated offering price range set forth on the cover page of this prospectus, would increase (decrease) our pro forma as adjusted cash, cash equivalents and short-term investments, additional paid-in capital, total stockholders' equity and total capitalization by approximately $             million, assuming that the number of shares offered by us, as set forth on the cover page of

37


Table of Contents


this prospectus, remains the same, and after deducting estimated underwriting discounts and commissions payable by us.

        The number of shares of common stock issued and outstanding actual, pro forma and pro forma as adjusted in the table above does not include the following shares:

    20,227,426 shares of our common stock issuable upon the exercise of stock options outstanding as of September 30, 2011 with a weighted-average exercise price of $1.73 per share;

    711,800 shares of our common stock issuable upon the exercise of stock options granted after September 30, 2011 through November 30, 2011, with a weighted-average exercise price of $3.29 per share;

    4,375 shares of our common stock issuable upon the exercise of an outstanding warrant as of September 30, 2011, with an exercise price of $0.15 per share; and

                    shares of our common stock reserved for future issuance under our 2012 Equity Incentive Plan and our 2012 Employee Stock Purchase Plan, each of which will become effective on the completion of this offering and each of which contains provisions that automatically increase the number of shares reserved for issuance each year, as more fully described in "Executive Compensation—Employee Benefit Plans."

38


Table of Contents


DILUTION

        If you invest in our common stock in this offering, your interest will be diluted immediately to the extent of the difference between the initial public offering price per share of our common stock and the pro forma as adjusted net tangible book value per share of our common stock immediately after this offering. Our pro forma net tangible book value as of September 30, 2011 was $             million, or $            per share of common stock. Pro forma net tangible book value per share represents the amount of our total tangible assets less our total liabilities, divided by the number of shares of common stock outstanding as of September 30, 2011, after giving effect to the conversion of all outstanding shares of our convertible preferred stock into an aggregate of 39,134,535 shares of our common stock immediately upon the completion of this offering.

        After giving effect to the sale by us of                  shares of common stock in this offering at an assumed initial public offering price of $            per share, which is the midpoint of the estimated offering price range set forth on the cover page of this prospectus, and after deducting estimated underwriting discounts and commissions and estimated offering expenses payable by us, our pro forma as adjusted net tangible book value as of September 30, 2011 would have been approximately $             million, or approximately $            per share. This amount represents an immediate increase in pro forma net tangible book value of $            per share to our existing stockholders and an immediate dilution in pro forma net tangible book value of approximately $            per share to new investors purchasing shares of common stock in this offering at the assumed initial public offering price, or approximately         % of the assumed initial public offering price.

        The following table illustrates this dilution:

Assumed initial public offering price per share

        $    
 

Pro forma net tangible book value per share as of September 30, 2011

  $          
             
 

Increase in pro forma net tangible book value per share attributable to new investors

             
             

Pro forma as adjusted net tangible book value per share after this offering

             
             

Dilution per share to investors in this offering

        $    
             

        A $1.00 increase (decrease) in the assumed initial public offering price of $            per share, which is the midpoint of the estimated offering price range set forth on the cover page of this prospectus, would increase (decrease) our adjusted net tangible book value per share to new investors by approximately $            and would increase (decrease) dilution per share to new investors by approximately $            , assuming that the number of shares offered by us, as set forth on the cover page of this prospectus, remains the same and after deducting estimated underwriting discounts and commissions payable by us. In addition, to the extent any outstanding options or the outstanding warrant are exercised, you will experience further dilution.

        The following table presents on a pro forma as adjusted basis as of September 30, 2011, after giving effect to the conversion of all outstanding shares of convertible preferred stock into common stock immediately upon the completion of this offering, the differences between the existing stockholders and the new investors purchasing shares of our common stock in this offering, with respect to the number of shares purchased from us, the total consideration paid or to be paid to us, which includes proceeds received from the issuance of common and convertible preferred stock, cash received from the exercise of stock options and the average price per share paid by our existing stockholders and by our new investors purchasing shares in this offering at an assumed offering price of $            per share, which is the midpoint of the estimated offering price range set forth on the cover page of this

39


Table of Contents


prospectus, before deducting estimated underwriting discounts and commissions and estimated offering expenses payable by us.

 
  Shares Purchased   Total Consideration    
 
 
  Average
Price Per
Share
 
 
  Number   Percent   Amount   Percent  

Existing stockholders

            % $         % $    

New investors

                               
                         
 

Total

          100.0 % $       100.0 %      
                         

        A $1.00 increase (decrease) in the assumed initial public offering price of $            per share would increase (decrease) the total consideration paid by new investors by $             million and increase (decrease) the percent of total consideration paid by new investors by        %, assuming that the number of shares offered by us, as set forth on the cover page of this prospectus, remains the same and after deducting estimated underwriting discounts and commissions payable by us.

        Assuming the underwriters' option to purchase additional shares is exercised in full, sales by us in this offering will reduce the percentage of shares held by existing stockholders to         % and will increase the number of shares held by our new investors to                        , or        %.

        The number of shares of our common stock to be outstanding after this offering is based upon the number of shares of our common stock outstanding as of September 30, 2011 and excludes:

    20,227,426 shares of our common stock issuable upon the exercise of stock options outstanding as of September 30, 2011, with a weighted-average exercise price of $1.73 per share;

    711,800 shares of our common stock issuable upon the exercise of stock options granted after September 30, 2011 through November 30, 2011, with a weighted-average exercise price of $3.29 per share;

    4,375 shares of our common stock issuable upon the exercise of an outstanding warrant as of September 30, 2011, with an exercise price of $0.15 per share; and

                    shares of our common stock reserved for future issuance under our 2012 Equity Incentive Plan and our 2012 Employee Stock Purchase Plan, each of which will become effective on the first day that our common stock is publicly traded and each of which contains provisions that automatically increase the number of shares reserved for issuance each year, as more fully described in "Executive Compensation—Employee Benefit Plans."

        To the extent that outstanding options or the outstanding warrant are exercised, you will experience further dilution. If all of our outstanding options and the outstanding warrant were exercised, our pro forma net tangible book value as of September 30, 2011 would have been $             million, or $            per share, and the pro forma, as adjusted net tangible book value after this offering would have been $             million, or $            per share, causing dilution to new investors of $            per share.

        In addition, to the extent we choose to raise additional capital through the sale of equity or convertible debt securities, the issuance of these securities could result in further dilution to our stockholders.

40


Table of Contents


SELECTED CONSOLIDATED FINANCIAL DATA

        The following tables present selected historical financial data for our business. You should read this information together with "Management's Discussion and Analysis of Financial Condition and Results of Operations" and the consolidated financial statements, related notes and other financial information included elsewhere in this prospectus. The selected consolidated financial data in this section are not intended to replace the consolidated financial statements and are qualified in their entirety by the consolidated financial statements and related notes included elsewhere in this prospectus.

        We derived the consolidated statements of operations data for the years ended December 31, 2008, 2009 and 2010, and the consolidated balance sheet data as of December 31, 2009 and 2010 from our audited consolidated financial statements included elsewhere in this prospectus. We derived the consolidated statements of operations data for the years ended December 31, 2006 and 2007 and the consolidated balance sheet data as of December 31, 2006, 2007 and 2008 from our audited financial statements not included in this prospectus. The unaudited consolidated statements of operations data for the nine months ended September 30, 2010 and 2011, and the unaudited consolidated balance sheet data as of September 30, 2011, are derived from our unaudited consolidated financial statements included elsewhere in this prospectus. Our unaudited consolidated financial statements have been prepared on the same basis as our audited consolidated financial statements and, in the opinion of management, reflect all adjustments, which consist only of normal recurring adjustments, necessary for the fair statement of those unaudited consolidated financial statements. Our historical results are not necessarily indicative of the results to be expected in the future, and the results for the nine months ended September 30, 2011 are not necessarily indicative of operating results to be expected for the full year ending December 31, 2011 or any other period.

 
  Years Ended December 31,   Nine Months Ended
September 30,
 
 
  2006   2007   2008   2009   2010   2010   2011  
 
  (in thousands, except per share data)
 

Consolidated Statements of Operations Data:

                                           

Revenue:

                                           
 

Subscription

  $ 13,756   $ 20,823   $ 31,115   $ 42,135   $ 57,657   $ 41,501   $ 52,533  
 

Hardware and services

    2,799     5,105     7,128     6,393     7,133     5,250     6,614  
                               
   

Total revenue

    16,555     25,928     38,243     48,528     64,790     46,751     59,147  

Cost of revenue:(1)

                                           
 

Subscription

    3,300     5,767     11,907     19,150     24,523     17,906     17,553  
 

Hardware and services

    1,878     3,319     3,850     3,309     4,082     2,970     4,426  
                               
   

Total cost of revenue

    5,178     9,086     15,757     22,459     28,605     20,876     21,979  
                               

Gross profit

    11,377     16,842     22,486     26,069     36,185     25,875     37,168  

Operating expense:(1)

                                           
 

Research and development

    5,661     6,221     10,926     11,831     17,583     12,719     14,416  
 

Sales and marketing

    18,985     19,445     32,439     27,883     31,161     22,216     30,070  
 

General and administrative

    2,924     3,925     5,224     5,678     7,465     5,491     6,184  
                               
   

Total operating expense

    27,570     29,591     48,589     45,392     56,209     40,426     50,670  
                               

Operating loss

    (16,193 )   (12,749 )   (26,103 )   (19,323 )   (20,024 )   (14,551 )   (13,502 )

Interest income (expense), net

    566     491     536     87     (340 )   (319 )   (258 )

Other income (expense), net

    (56 )   73     (183 )   (269 )   (258 )   (122 )   212  
                               

Loss before provision for income taxes

    (15,683 )   (12,185 )   (25,750 )   (19,505 )   (20,622 )   (14,992 )   (13,548 )

Provision for income taxes

    (61 )   (102 )   (138 )   (233 )   (243 )   (144 )   (169 )
                               

Net loss

  $ (15,744 ) $ (12,287 ) $ (25,888 ) $ (19,738 ) $ (20,865 ) $ (15,136 ) $ (13,717 )
                               

Net loss per share, basic and diluted

  $ (3.70 ) $ (2.42 ) $ (4.37 ) $ (3.07 ) $ (2.92 ) $ (2.16 ) $ (1.75 )
                               

Weighted average shares outstanding, basic and diluted(2)

   
4,252
   
5,078
   
5,928
   
6,424
   
7,151
   
7,011
   
7,861
 
                               

41


Table of Contents

 
  Years Ended December 31,   Nine Months Ended
September 30,
 
 
  2006   2007   2008   2009   2010   2010   2011  
 
  (in thousands, except per share data)
 

Pro forma net loss per share, basic and diluted(2)

                          $ (0.45 )       $ (0.29 )
                                         

Weighted average pro forma shares, basic and diluted(2)

                            46,173           46,995  
                                         

(1)
Includes stock-based compensation and amortization of intangible assets as follows:

 
  Years Ended December 31,   Nine Months
Ended
September 30,
 
 
  2006   2007   2008   2009   2010   2010   2011  
 
  (in thousands)
 

Stock-based compensation

                                           
 

Cost of subscription revenue

  $ 16   $ 21   $ 178   $ 275   $ 357   $ 259   $ 281  
 

Cost of hardware and services revenue

        2     1     11     17     11     20  
 

Research and development

    155     200     519     848     1,010     727     868  
 

Sales and marketing

    342     208     703     1,030     1,113     789     1,418  
 

General and administrative

    182     330     707     732     868     624     704  

Amortization of intangible assets

                                           
 

Cost of subscription revenue

  $   $   $ 1,488   $ 3,371   $ 3,745   $ 2,800   $ 2,809  
 

Sales and marketing

            163     408     637     476     625  
(2)
Please see notes 12 and 13 of our notes to consolidated financial statements included elsewhere in this prospectus for an explanation of the calculations of basic and diluted net loss per share of common stock and pro forma net loss per share of common stock.

 
  As of December 31,    
 
 
  As of
September 30,
2011
 
 
  2006   2007   2008   2009   2010  
 
  (in thousands)
 

Consolidated Balance Sheet Data:

                                     

Cash, cash equivalents and short-term investments

  $ 12,743   $ 9,185   $ 19,355   $ 11,317   $ 12,747   $ 12,108  

Property and equipment, net

    605     2,410     3,861     4,455     4,630     6,102  

Total assets

    26,169     28,419     64,138     63,722     62,352     57,235  

Debt, current and long term

    752     1,108     723     741     264     3,017  

Deferred revenue, current and long term

    23,646     34,292     47,690     57,346     69,101     72,259  

Convertible preferred stock

    58,103     58,103     102,380     108,329     109,820     109,911  

Total stockholders' deficit

    (60,810 )   (72,043 )   (95,508 )   (112,142 )   (128,401 )   (137,966 )

42


Table of Contents


MANAGEMENT'S DISCUSSION AND ANALYSIS OF FINANCIAL
CONDITION AND RESULTS OF OPERATIONS

        The following discussion and analysis of our financial condition and results of operations should be read in conjunction with our "Selected Consolidated Financial Data" and our consolidated financial statements and related notes included elsewhere in this prospectus. This discussion contains forward-looking statements that involve risks and uncertainties. Our actual results could differ materially from those forward-looking statements below. Factors that could cause or contribute to those differences include, but are not limited to, those identified below and those discussed in the section entitled "Risk Factors" included elsewhere in this prospectus.

Overview

        Proofpoint is a pioneering security-as-a-service vendor that enables large and mid-sized organizations worldwide to defend, protect, archive and govern their most sensitive data. Our security-as-a-service platform is comprised of an integrated suite of on-demand data protection solutions, including threat protection, regulatory compliance, archiving and governance, and secure communication.

        We were founded in 2002 to provide a unified solution to help enterprises address their growing data security requirements. Our first solution was commercially released in 2003 to combat the burgeoning problem of spam and viruses and their impact on corporate email systems. As the threat environment has continued to evolve, we have dedicated significant resources to meet the ongoing challenges that this highly dynamic environment creates for our customers. In addition, we have invested significantly to expand the breadth of our data protection platform:

    In 2004, we launched our Regulatory Compliance and Digital Asset Security solutions, designed to prevent the loss of critical data. These Data Loss Prevention, or DLP, solutions apply our proprietary machine learning and deep content inspection technologies to screen outbound email to prevent the theft or inadvertent loss of sensitive or confidential information.

    In 2005, we launched Proofpoint Secure Messaging, our first email encryption solution.

    In 2006, we combined our email encryption and DLP technologies to develop a new solution for policy-based encryption, enabling each outgoing message to be inspected for confidential content and automatically encrypted accordingly.

    In 2007, we began selling our software-based virtual appliance, enabling our customers to deploy our solutions in a private cloud configuration. We also invested in international expansion of our data center infrastructure, establishing operations in Germany and The Netherlands to support our customers outside of the United States.

    In 2008, we introduced Proofpoint Enterprise Archive, a cloud-based email archiving solution that enables businesses to securely archive both their email and instant message conversations while enabling real-time access to the entire repository for quick and easy electronic discovery, or eDiscovery.

    In 2009, we launched Proofpoint Encryption, a proprietary email encryption solution that improved the level of integration across our data protection suite and allowed us to phase out technology licensed from a third party. We also introduced a cloud-based email messaging service.

    In 2010, we evolved our solutions to address new forms of messaging and information sharing in the enterprise such as social media and Internet-based collaboration and file sharing applications.

43


Table of Contents

    In 2011, we achieved FISMA certification for our cloud-based archiving and governance solution, enabling us to serve the rigorous security requirements of U.S. Federal agencies. We also introduced an integrated security offering in conjunction with VMware for its Zimbra Collaboration Server.

        Our business is based on a recurring revenue model. Our customers pay a subscription fee to license the various components of our security-as-a-service platform for a contract term that is typically one to three years. At the end of the license term, customers may renew their subscription and in each year since the launch of our first solution in 2003, we have retained over 90% of our customers. A growing number of our customers increase their annual subscription fees after their initial purchase by broadening their use of our platform or by adding more users. As our business has grown, our subscription revenue has increased as a percentage of our total revenue, from 81% of total revenue in the year ended December 31, 2008 to 89% in the nine months ended September 30, 2011.

        We market and sell our solutions to large and mid-sized customers both directly through our field and inside sales teams and indirectly through a hybrid model where our sales organization actively assists our network of distributors and resellers. We also derive a lesser portion of our revenue from the license of our solutions to strategic partners who offer our solutions in conjunction with one or more of their own products or services.

        We invoice our customers for the entire contract amount at the start of the term. The majority of these invoiced amounts are treated as deferred revenue on our consolidated balance sheet and are recognized ratably over the term of the contract. We invoice our strategic partners on a monthly basis, and the associated fees vary based upon the level of usage during the month by their customers. These amounts are recognized as revenue at the time of invoice.

        Our solutions are designed to be implemented, configured and operated without the need for any training or professional services. For those customers that seek to develop deeper expertise in the use of our solutions or would like assistance with complex configurations or the importing of data, we offer various training and professional services. In some cases, we provide a hardware appliance to those customers that elect to host elements of our solution behind their firewall. Increasing adoption of virtualization in the data center has led to a decline in the sales of our hardware appliances and a shift towards our software-based virtual appliances, which are delivered as a download via the Internet. Our hardware and services offerings carry lower margins and are provided as a courtesy to our customers. The revenue derived from these offerings has declined from 19% of total revenue in the year ended December 31, 2008 to 11% of total revenue in the nine months ended September 30, 2011. We view this trend as favorable to our business and expect the overall proportion of total revenue derived from these offerings to continue to gradually decline.

        The substantial majority of our revenue is derived from our customers in North America. We believe the markets outside of North America offer an opportunity for growth and we intend to make additional investments in sales and marketing to expand in these markets. Customers from outside of North America represented 19% of total revenue for the nine months ended September 30, 2011 and, 16%, 19% and 17% for the years ended December 31, 2010, 2009 and 2008, respectively. As of September 30, 2011, we had approximately 2,400 customers around the world, including 24 of the Fortune 100. No single partner or customer accounted for more than 10% of our total revenue in 2008, 2009 or 2010 or the nine months ended September 30, 2011.

        The majority of costs associated with generating customer agreements are incurred up front. These upfront costs include direct incremental sales commissions, which are recognized upon the billing of the contract. Although we expect customers to be profitable over the duration of the customer relationship, these upfront costs may exceed related revenue in earlier periods. Accordingly, an increase in the mix of new customers as a percentage of total customers would likely negatively impact our operating results. On the other hand, we expect that an increase in the mix of existing customers as a percentage

44


Table of Contents


of total customers would positively impact our operating results. As we accumulate customers that continue to renew their contracts, we anticipate that our mix of existing customers will increase.

        To date, our customers have primarily used our solutions in conjunction with email messaging content. We have developed solutions to address the new and evolving messaging solutions such as social media and file sharing applications, but these solutions are relatively nascent. If customers increase their use of these new messaging solutions in the future, we anticipate that our growth in revenue associated with email messaging solutions may slow over time. Although revenue associated with our social media and file sharing applications has not been material to date, we believe that our ability to provide security, archiving, governance and discovery for these new solutions will be viewed as valuable by our existing customers, enabling us to derive revenue from these new forms of messaging and communication.

        While the majority of our current and prospective customers run their email systems on premise, we believe that there is a trend for large and mid-sized enterprises to migrate these systems to the cloud. While our current revenue derived from customers using cloud-based email systems is approximately 10% of our total revenue, many of these cloud-based email solutions offer some form of threat protection and governance services, potentially mitigating the need for customers to buy these capabilities from third parties such as ourselves. We believe that we can continue to provide security, archiving, governance, and discovery solutions that are differentiated from the services offered by cloud-based email providers, and as such our platform will continue to be viewed as valuable to enterprises once they have migrated their email services to the cloud, enabling us to continue to derive revenue from this new trend toward cloud-based email deployment models.

        We are currently in the midst of a significant investment cycle in which we have taken steps designed to drive future revenue growth and profitability. For example, we plan to build out our infrastructure, develop our technology, offer additional security-as-a-service solutions, and expand our sales and marketing personnel both in North America and internationally. Accordingly, we expect that our total cost of revenue and operating expenses will continue to increase in absolute dollars, limiting our ability to achieve and maintain positive operating cash flow and profitability in the near term.

Key Metrics

        We regularly review a number of metrics, including the following key metrics presented in the unaudited table below, to evaluate our business, measure our performance, identify trends in our business, prepare financial projections and make strategic decisions. Many of these key metrics, such as adjusted subscription gross profit and billings, are non-GAAP measures. This non-GAAP information is not necessarily comparable to non-GAAP information of other companies. Non-GAAP information should not be viewed as a substitute for, or superior to, net loss prepared in accordance with GAAP as a measure of our profitability or liquidity. Users of this financial information should consider the types of events and transactions for which adjustments have been made. See "Summary Consolidated

45


Table of Contents


Financial Information—Reconciliation of Non-GAAP Financial Measures" above for a reconciliation of the non-GAAP information to GAAP.

 
  Year Ended December 31,   Nine Months Ended
September 30,
 
 
  2008   2009   2010   2010   2011  
 
  (in thousands)
 

Total revenue

  $ 38,243   $ 48,528   $ 64,790   $ 46,751   $ 59,147  
 

Growth

    47 %   27 %   34 %         27 %

Subscription revenue

 
$

31,115
 
$

42,135
 
$

57,657
 
$

41,501
 
$

52,533
 
 

Growth

    49 %   35 %   37 %         27 %

Adjusted subscription gross profit

 
$

20,874
 
$

26,631
 
$

37,236
 
$

26,654
 
$

38,070
 
 

% of subscription revenue

    67 %   63 %   65 %   64 %   72 %

Billings

 
$

51,641
 
$

58,184
 
$

76,545
 
$

54,682
 
$

62,305
 
 

Growth

          13 %   32 %         14 %

        Subscription revenue.    Subscription revenue represents the recurring subscription fees paid by our customers and recognized as revenue during the period for the use of our security-as-a-service platform, typically licensed for one to three years at a time. We consider subscription revenue to be a key business metric because it reflects the recurring aspect of our business model and is the primary driver of growth for our business over time. The consistent growth in subscription revenue over the past several years has resulted from our ongoing investment in sales and marketing personnel, our efforts to expand our customer base, and our efforts to broaden the use of our platform with existing customers.

        Adjusted subscription gross profit.    Adjusted subscription gross profit is a non-GAAP financial measure that we calculate as the gross profit generated by our subscription revenue, adjusted to exclude stock-based compensation and the amortization of intangibles related to prior acquisitions. We believe that adjusted subscription gross profit provides useful information to investors in understanding and evaluating our operating results in the same manner as our management and board of directors. This metric represents the gross profit on our recurring subscription revenue and is directly related to our ability to generate profitability. Adjusted subscription gross profit, when measured as a percentage of subscription revenue, improved from 64% during the nine months ended September 30, 2010 to 72% during the same period in 2011. These improvements resulted from our ongoing efforts to reduce our cost of subscription revenue through the replacement of technology licensed from third parties with our own proprietary technology in conjunction with improved operating leverage on our data center infrastructure. Improvements in the gross profit of these subscription services enhance our ability to drive positive cash flow and profitability for our business overall. For more information about adjusted subscription gross profit, see "Summary Consolidated Financial Information—Reconciliation of Non-GAAP Financial Measures."

        Billings.    Billings is a non-GAAP financial measure that is a direct reflection of our overall sales activity in the period. Billings can be derived by adding the change in the deferred revenue between the start and end of the period to the revenue recognized in the same time frame. Billings consist of all amounts invoiced to customers for non-cancelable sales transactions and hence are important as they correspond directly to our near-term cash flow. However, trends in billings are not directly correlated to trends in revenue except when measured over longer periods of time, as billings are affected by a combination of factors including the timing of renewals, the sales of our solutions to both new and existing customers, the relative duration of contracts sold, and the relative amount of business derived from strategic partners. Each of these elements has unique characteristics in the relationship between billings and revenue, and as such our billings activity is not closely correlated to revenue over shorter

46


Table of Contents


periods of time. For more information about billings, see "Summary Consolidated Financial Information—Reconciliation of Non-GAAP Financial Measures."

Components of Our Results of Operations

Revenue

        We derive our revenue primarily through the license of various solutions and services on our security-as-a-service platform on a subscription basis, supplemented by the sales of training, professional services and hardware depending upon our customers' requirements.

        Subscription.    We license our platform and its associated solutions and services on a subscription basis. The fees are charged on a per user, per year basis. Subscriptions are typically one to three years in duration. We invoice our customers upon signing for the entire term of the contract. The invoiced amounts billed in advance are treated as deferred revenue on the balance sheet and are recognized ratably, in accordance with the appropriate revenue recognition guidelines, over the term of the contract (see —Critical Accounting Policies). We also derive a portion of our subscription revenue from the license of our solutions to strategic partners. We bill these strategic partners monthly. As our business has grown, our subscription revenue has increased as a percentage of our total revenue, from 81% of total revenue in the year ended December 31, 2008 to 89% in the nine months ended September 30, 2011.

        Hardware and services.    We provide hardware appliances as a convenience to our customers and as such it represents a small part of our business. Our solutions are designed to be implemented, configured and operated without the need for any training or professional services. For those customers that seek to develop deeper expertise in the use of our solutions or would like assistance with complex configurations or the importing of data, we offer various training and professional services. We typically invoice the customer for hardware at the time of shipment. Effective January 1, 2011, we adopted the revenue recognition guidance of Accounting Standards Update (ASU) 2009-13 and ASU 2009-14, which mandate that our revenue derived from the sale of hardware be recognized at the time of shipment. Prior to the adoption of this new accounting guidance, hardware revenue was recognized ratably over the duration of the contract. We typically invoice customers for services at the time the order is placed and recognize this revenue ratably over the term of the contract. On occasion, customers may retain us for special projects such as archiving import and export services; these types of services are recognized upon completion of the project. The revenue derived from these hardware and services offerings has declined from 19% of total revenue in the year ended December 31, 2008 to 11% of total revenue in the nine months ended September 30, 2011. We view this trend as favorable to our business and expect the overall proportion of revenue derived from these offerings to continue to decline gradually.

Total Cost of Revenue

        Cost of Subscription Revenue.    Cost of subscription revenue primarily includes personnel costs, consisting of salaries, benefits, bonuses, and stock-based compensation, for employees who provide support services to our customers and operate our data centers. Other costs include fees paid to contractors who supplement our support and data center personnel; expenses related to the use of third-party data centers in both the United States and internationally; depreciation of data center equipment; amortization of licensing fees and royalties paid for the use of third-party technology; amortization of capitalized research and development costs; and the amortization of intangible assets related to prior acquisitions. Our cost of subscription revenue has declined in recent periods as a percentage of its associated revenue as we have replaced third-party licensed technology with our proprietary technology, and we expect the benefit of these initiatives to continue in future periods.

47


Table of Contents

        Cost of Hardware and Services Revenue.    Cost of hardware and services revenue includes personnel costs for employees who provide training and professional services to our customers as well as the cost of server hardware shipped to our customers that we procure from third parties and configure with our software solutions. Effective January 1, 2011, in conjunction with the adoption of the new revenue recognition guidance, the cost of hardware is expensed at the time of shipment. Prior to the adoption of this new guidance, these hardware costs were recognized ratably over the duration of the contract with which they were sold. Our cost of hardware and services as a percentage of its associated revenue has been relatively consistent from period to period in the past, but with the adoption of our new accounting guidance we expect that it may gradually increase as a percentage of hardware and services revenue in future periods.

Operating Expenses

        Our operating expenses consist of research and development, sales and marketing, and general and administrative expenses. Personnel costs, which consist of salaries, benefits, bonuses, and stock-based compensation, are the most significant component of our operating expenses. Our headcount increased from 158 employees on December 31, 2007 to 348 employees as of September 30, 2011. As a result of this growth in headcount, operating expenses have increased significantly over these periods. We expect personnel costs to continue to increase in absolute dollars as we hire new employees to continue to grow our business.

        Research and Development.    Research and development expenses include personnel costs, consulting services and depreciation. We expect to continue to devote substantial resources to research and development in an effort to continuously improve our existing solutions as well as to develop new offerings. We believe that these investments are necessary to maintain and improve our competitive position. Our research efforts include both software developed for our internal use on behalf of our customers as well as software elements to be used by our customers in their own facilities. To date, for software developed for internal use on behalf of our customers, we have capitalized costs of approximately $0.4 million, all of which occurred in the nine months ended September 30, 2011, and will be amortized as cost of subscription revenue over a two-year period. Based on our current plans, we expect to capitalize a similar portion of our development costs in the future. For the software developed for use on our customers' premises, the costs associated with the development work between technological feasibility and the general availability has not been material and as such we have not capitalized any of these development costs to date.

        Sales and Marketing.    Sales and marketing expenses include personnel costs, sales commissions, and other costs including travel and entertainment, marketing and promotional events, public relations and marketing activities. All of these costs are expensed as incurred, including sales commissions. These costs also include amortization of intangible assets as a result of our past acquisitions. We plan to continue to invest in growing our sales and marketing operations, both domestically and internationally. Our sales personnel are typically not immediately productive, and therefore the increase in sales and marketing expenses we incur when we add new sales representatives is not immediately offset by increased revenue and may not result in increased revenue over the long-term if these new sales people fail to become productive. The timing of our hiring of new sales personnel and the rate at which they generate incremental revenue will affect our future financial performance. We expect that sales and marketing expenses will continue to increase in absolute dollars and be among the most significant components of our operating expenses.

        General and Administrative.    General and administrative expenses include personnel costs, consulting services, audit fees, tax services, legal expenses and other general corporate items. We expect our general and administrative expenses to increase in future periods as we continue to expand our operations, hire additional personnel and transition from being a private company to a public company.

48


Table of Contents

Total Other Income (Expense), Net

        Total other income (expense), net, consists of interest income (expense), net and other income (expense), net. Interest income (expense), net, consists primarily of interest income earned on our cash and cash equivalents offset by the interest expense for our capital lease payments and borrowings under our equipment loans. Other income (expense), net, consists primarily of the net effect of foreign currency transaction gain or loss.

Provision for Income Taxes

        The provision for income taxes is related to certain state and foreign income taxes. As we have incurred operating losses in all periods to date and recorded a full valuation allowance against our deferred tax assets, we have not historically recorded a provision for federal income taxes. Realization of any of our deferred tax assets depends upon future earnings, the timing and amount of which are uncertain. Utilization of our net operating losses may be subject to substantial annual limitation due to the ownership change limitations provided by the Internal Revenue Code and similar state provisions. An analysis was conducted through 2009 to determine whether an ownership change had occurred since inception. The analysis indicated that although an ownership change occurred in a prior year, the net operating losses and research and development credits would not expire before utilization. In the event we have subsequent changes in ownership, net operating losses and research and development credit carryovers could be limited and may expire unutilized.

49


Table of Contents

Results of Operations

        The following table is a summary of our consolidated statements of operations.

 
  Year Ended December 31,   Nine Months Ended
September 30,
 
 
  2008   2009   2010   2010   2011  
 
  (in thousands)
 

Revenue:

                               
 

Subscription

  $ 31,115   $ 42,135   $ 57,657   $ 41,501   $ 52,533  
 

Hardware and services

    7,128     6,393     7,133     5,250     6,614  
                       
   

Total revenue

    38,243     48,528     64,790     46,751     59,147  

Cost of revenue:(1)

                               
 

Subscription

    11,907     19,150     24,523     17,906     17,553  
 

Hardware and services

    3,850     3,309     4,082     2,970     4,426  
                       
   

Total cost of revenue

    15,757     22,459     28,605     20,876     21,979  
                       

Gross profit

    22,486     26,069     36,185     25,875     37,168  

Operating expense:(1)

                               
 

Research and development

    10,926     11,831     17,583     12,719     14,416  
 

Sales and marketing

    32,439     27,883     31,161     22,216     30,070  
 

General and administrative

    5,224     5,678     7,465     5,491     6,184  
                       
   

Total operating expense

    48,589     45,392     56,209     40,426     50,670  
                       

Operating loss

    (26,103 )   (19,323 )   (20,024 )   (14,551 )   (13,502 )

Interest income (expense), net

    536     87     (340 )   (319 )   (258 )

Other income (expense), net

    (183 )   (269 )   (258 )   (122 )   212  
                       

Loss before provision for income taxes

    (25,750 )   (19,505 )   (20,622 )   (14,992 )   (13,548 )

Provision for income taxes

    (138 )   (233 )   (243 )   (144 )   (169 )
                       

Net loss

  $ (25,888 ) $ (19,738 ) $ (20,865 ) $ (15,136 ) $ (13,717 )
                       

50


Table of Contents

        The following table sets forth our consolidated results of operations for the specified periods as a percentage of our total revenue for those periods.

 
  Year Ended December 31,   Nine Months
Ended
September 30,
 
 
  2008   2009   2010   2010   2011  

Revenue:

                               
 

Subscription

    81 %   87 %   89 %   89 %   89 %
 

Hardware and services

    19     13     11     11     11  
                       
   

Total revenue

    100     100     100     100     100  

Cost of revenue:(1)

                               
 

Subscription

    31     39     38     38     30  
 

Hardware and services

    10     7     6     6     7  
                       
   

Total cost of revenue

    41     46     44     45     37  
                       

Gross profit

    59     54     56     55     63  

Operating expense:(1)

                               
 

Research and development

    29     24     27     27     24  
 

Sales and marketing

    85     57     48     48     51  
 

General and administrative

    14     12     12     12     10  
                       
   

Total operating expense

    127     94     87     86     86  
                       

Operating loss

    (68 )   (40 )   (31 )   (31 )   (23 )

Interest income (expense), net

    1         (1 )   (1 )    

Other income (expense), net

        (1 )            
                       

Loss before provision for income taxes

    (67 )   (40 )   (32 )   (32 )   (23 )

Provision for income taxes

                     
                       

Net loss

    (68 )%   (41 )%   (32 )%   (32 )%   (23 )%
                       

(1)
Includes stock-based compensation and amortization of intangible assets as follows:

 
  Year Ended December 31,   Nine Months
Ended
September 30,
 
 
  2008   2009   2010   2010   2011  
 
  (in thousands)
 

Stock-based compensation

                               
 

Cost of subscription revenue

  $ 178   $ 275   $ 357   $ 259   $ 281  
 

Cost of hardware and services revenue

    1     11     17     11     20  
 

Research and development

    519     848     1,010     727     868  
 

Sales and marketing

    703     1,030     1,113     789     1,418  
 

General and administrative

    707     732     868     624     704  

Amortization of intangible assets

                               
 

Cost of subscription revenue

  $ 1,488   $ 3,371   $ 3,745   $ 2,800   $ 2,809  
 

Sales and marketing

    163     408     637     476     625  

51


Table of Contents

Comparison of the Nine Months Ended September 30, 2010 and 2011

Revenue

 
  Nine Months Ended
September 30,
  Change  
 
  2010   2011   $   %  
 
  (in thousands)
   
 

Revenue

                         
 

Subscription

  $ 41,501   $ 52,533   $ 11,032     27 %
 

Hardware and services

    5,250     6,614     1,364     26  
                     

Total revenue

  $ 46,751   $ 59,147   $ 12,396     27  

        Subscription revenue increased $11.0 million, or 27%, for the nine months ended September 30, 2011 as compared to the same period in 2010. This increase was driven by growth both in North America as well as internationally as our ongoing investment in sales and marketing resources, coupled with an ongoing improvement in economic conditions, resulted in improved demand for our platform worldwide.

        Hardware and services revenue increased $1.4 million, or 26%, for the nine months ended September 30, 2011 as compared to the same period in 2010. This increase was attributable to our adoption of new revenue recognition guidance (as more fully described in our Critical Accounting Policies) effective January 1, 2011 under which revenue from sales of hardware appliances began to be recognized when sold.

Cost of Revenue

 
  Nine Months Ended
September 30,
  Change  
 
  2010   2011   $   %  
 
  (in thousands)
   
 

Cost of revenue

                         
 

Subscription

  $ 17,906   $ 17,553   $ (353 )   (2 )%
 

Hardware and services

    2,970     4,426     1,456     49  
                     

Total cost of revenue

  $ 20,876   $ 21,979   $ 1,103     5  

        Cost of subscription revenue decreased $0.4 million, or 2%, for the nine months ended September 30, 2011 as compared to the same period in 2010. The decrease in cost of subscription revenue was primarily attributable to a $0.9 million decrease in royalty expense driven by the replacement of third-party licensed technology with our proprietary technology, as well as improved economic terms associated with other ongoing licensing agreements. We expect that the combination of these two initiatives will also continue to contribute to reduced royalty expenses in future periods. These savings were partially offset by increased data center costs of $0.3 million associated with ongoing growth in usage by new and existing customers.

        Cost of hardware revenue and services revenue increased $1.5 million, or 49%, for the nine months ended September 30, 2011 as compared to the same period in 2010. This increase was primarily attributable to the adoption of the new revenue recognition guidance effective January 1, 2011 under which costs from sales of hardware appliances are now recognized when the associated hardware revenue is recognized. Accordingly, $1.1 million of this cost increase was a result of the change in revenue recognition guidance while $0.2 million was due to the ratable recognition of deferred costs for hardware appliance sales closed prior to the adoption of the new revenue recognition guidance effective January 1, 2011.

52


Table of Contents

Operating Expenses

 
  Nine Months Ended
September 30,
  Change  
 
  2010   2011   $   %  
 
  (in thousands)
   
 

Research and development

  $ 12,719   $ 14,416   $ 1,697     13 %
 

Percent of total revenue

    27 %   24 %            

        Research and development expenses increased $1.7 million, or 13%, for the nine months ended September 30, 2011 as compared to the same period in 2010. The increase was primarily due to an increase in headcount over the same period in 2010 as we continued to invest in expanding and enhancing our solutions.

 
  Nine Months Ended
September 30,
  Change  
 
  2010   2011   $   %  
 
  (in thousands)
   
 

Sales and marketing

  $ 22,216   $ 30,070   $ 7,854     35 %
 

Percent of total revenue

    48 %   51 %            

        Sales and marketing expenses increased $7.9 million, or 35%, for the nine months ended September 30, 2011 as compared to the same period in 2010. The increase was primarily due to an increase in headcount both in the United States and internationally, which resulted in increased personnel costs of $4.9 million and an increase in travel expenses of $0.8 million. Additionally, as our business grew, commission expense increased by $1.0 million and marketing program spending increased $0.5 million.

 
  Nine Months Ended
September 30,
  Change  
 
  2010   2011   $   %  
 
  (in thousands)
   
 

General and administrative

  $ 5,491   $ 6,184   $ 693     13 %
 

Percent of total revenue

    12 %   10 %            

        General and administrative expenses increased $0.7 million, or 13%, for the nine months ended September 30, 2011 as compared to the same period in 2010. The increase was primarily due to an increase in headcount which resulted in increased personnel costs of $0.5 million as we prepare to become a public company.

Total Other Income (Expense), Net

 
  Nine Months Ended
September 30,
  Change  
 
  2010   2011   $   %  
 
  (in thousands)
   
 

Total other income (expense), net

  $ (441 ) $ (46 ) $ 395     NM  

        Total other income (expense), net increased $0.4 million for the nine months ended September 30, 2011 as compared to the same period in 2010. The change was primarily due to a decrease in interest expense as we continued to pay down our capital equipment loans, offset by a $0.2 million adjustment to the accretion of interest relating to the earn-out consideration from an acquisition that was recorded on a discounted basis.

53


Table of Contents

Comparison of Years Ended December 31, 2009 and 2010

Revenue

 
  Year Ended
December 31,
  Change  
 
  2009   2010   $   %  
 
  (in thousands)
   
 

Revenue

                         
 

Subscription

  $ 42,135   $ 57,657   $ 15,522     37 %
 

Hardware and services

    6,393     7,133     740     12  
                     

Total revenue

  $ 48,528   $ 64,790   $ 16,262     34  

        Subscription revenue increased $15.5 million, or 37%, for 2010 as compared to 2009. This growth was primarily due to higher demand for our solutions in North America, aided by improved economic conditions in that region over the prior period as well as our ongoing investments in sales and marketing.

        Hardware and services revenue grew $0.7 million, or 12%, for 2010 as compared to 2009. This growth was primarily due to a modest increase in the sale of both hardware and professional services. The relatively slow growth in hardware and services as compared to subscription revenue reflects the ongoing shift in deployment models towards our cloud-based and virtual appliance solutions.

Cost of Revenue

 
  Year Ended
December 31,
  Change  
 
  2009   2010   $   %  
 
  (in thousands)
   
 

Cost of revenue

                         
 

Subscription

  $ 19,150   $ 24,523   $ 5,373     28 %
 

Hardware and services

    3,309     4,082     773     23  
                     

Total cost of revenue

  $ 22,459   $ 28,605   $ 6,146     27  

        Cost of subscription revenue increased $5.4 million, or 28%, for 2010 as compared to 2009. The increase was primarily due to increased personnel costs of $2.9 million driven by additional headcount, as well as increased data center costs of $0.8 million, increased depreciation and amortization of $0.8 million, and a $0.2 million increase in travel expenses as a result of increased headcount.

        Cost of hardware and services revenue increased $0.8 million, or 23%, for 2010 as compared to 2009. The increase was primarily due to growth in personnel costs of $0.5 million resulting from the addition of services headcount during the year.

Operating Expenses

 
  Year Ended
December 31,
  Change  
 
  2009   2010   $   %  
 
  (in thousands)
   
 

Research and development

  $ 11,831   $ 17,583   $ 5,752     49 %
 

Percent of total revenue

    24 %   27 %            

        Research and development expenses increased $5.8 million, or 49%, for 2010 as compared to 2009. This increase was primarily due to increased personnel costs of $4.1 million resulting from increased

54


Table of Contents


headcount. We also incurred $1.3 million in consulting fees, primarily related to achieving our FISMA certification.

 
  Year Ended
December 31,
  Change  
 
  2009   2010   $   %  
 
  (in thousands)
   
 

Sales and marketing

  $ 27,883   $ 31,161   $ 3,278     12 %
 

Percent of total revenue

    57 %   48 %            

        Sales and marketing expenses increased $3.3 million, or 12%, for 2010 as compared to 2009. This increase was primarily due to a $0.9 million increase in personnel expenses due to increased headcount, a $0.9 million increase in sales commissions, and a $0.5 million increase in both travel related expenses and sales and marketing programs.

 
  Year Ended
December 31,
  Change  
 
  2009   2010   $   %  
 
  (in thousands)
   
 

General and administrative

  $ 5,678   $ 7,465   $ 1,787     31 %
 

Percent of total revenue

    12 %   12 %            

        General and administrative expenses increased $1.8 million, or 31%, for 2010 as compared to 2009. The increase was primarily due to personnel costs of $1.4 million resulting from increased headcount and, to a lesser extent, an increase of $0.5 million driven by third-party consultants retained to assist us in the implementation of systems and preparation for compliance with public company rules and regulations.

Total Other Income (Expense), Net

 
  Year Ended
December 31,
  Change  
 
  2009   2010   $   %  
 
  (in thousands)
   
 

Total other income (expense), net

  $ (182 ) $ (598 ) $ (416 )   NM  

        Total other income (expense), net decreased $0.4 million for 2010 as compared to 2009 primarily due to adjustments to the present value of an earn-out consideration resulting from an acquisition.

Comparison of Years Ended December 31, 2008 and 2009

Revenue

   
  Year Ended
December 31,
  Change  
   
  2008   2009   $   %  
   
  (in thousands)
   
 
 

Revenue

                         
   

Subscription

  $ 31,115   $ 42,135   $ 11,020     35 %
   

Hardware and services

    7,128     6,393     (735 )   (10 )
                       
 

Total revenue

  $ 38,243   $ 48,528   $ 10,285     27  

        Subscription revenue increased $11.0 million, or 35%, for 2009 as compared to 2008. This growth in subscription revenue was primarily due to increased sales of our subscription services in North America and, to a lesser extent, internationally as our initial investments in sales and marketing outside of North America produced growth in revenue from those markets.

55


Table of Contents

        Hardware and services revenue decreased $0.7 million, or 10%, for the year ended December 31, 2009 as compared to 2008 as a direct result of the increasing demand for our cloud-based services which require no hardware appliances to be sold to customers as part of delivering the service.

Cost of Revenue

   
  Year Ended
December 31,
  Change  
   
  2008   2009   $   %  
   
  (in thousands)
   
 
 

Cost of revenue

                         
   

Subscription

  $ 11,907   $ 19,150   $ 7,243     61 %
   

Hardware and services

    3,850     3,309     (541 )   (14 )
                       
 

Total cost of revenue

  $ 15,757   $ 22,459   $ 6,702     43  

        Cost of subscription revenue increased $7.2 million, or 61%, for 2009 as compared to 2008. This increase was primarily due to increased demand for our subscription services, with data center costs increasing $2.2 million and depreciation and amortization by $1.5 million. Headcount expansion in support of this growth resulted in $1.6 million of additional personnel costs. Amortization of developed technology increased $1.9 million, which represents a full year of amortization expense related to an acquisition in June 2008.

        Cost of hardware and services revenue decreased $0.5 million, or 14%, for 2009 as compared to 2008. This resulted from the increasing deployment of our cloud-based services.

Operating Expenses

   
  Year Ended
December 31,
  Change  
   
  2008   2009   $   %  
   
  (in thousands)
   
 
 

Research and development

  $ 10,926   $ 11,831   $ 905     8 %
   

Percent of total revenue

    29 %   24 %            

        Research and development expenses increased by $0.9 million, or 8%, for 2009 as compared to 2008. This growth was primarily due to an increase in headcount over the prior year as we continued to invest in expanding and enhancing our solutions. This resulted in an increase of $1.4 million in personnel costs, offset by a decrease of $0.3 million in outside services due to completion of a third-party certification project in 2008 as well as a $0.2 million savings resulting from changing Internet service providers.

   
  Year Ended
December 31,
  Change  
   
  2008   2009   $   %  
   
  (in thousands)
   
 
 

Sales and marketing

  $ 32,439   $ 27,883   $ (4,556 )   (14 )%
   

Percent of total revenue

    85 %   57 %            

        Sales and marketing expenses decreased $4.6 million, or 14%, for 2009 as compared to 2008. As a reaction to the challenging global economy at that time, we actively reduced our spending in 2009 over the prior period. Adjustments to personnel and other related spending activities led to a decrease in personnel costs of $1.5 million and associated reductions in commission expense, travel and entertainment and facilities related spending of $0.7 million, $0.7 million and $0.3 million, respectively.

56


Table of Contents


Expenditures on sales and marketing programs associated with the promotion of our solutions were also reduced by $0.9 million.

   
  Year Ended
December 31,
  Change  
   
  2008   2009   $   %  
   
  (in thousands)
   
 
 

General and administrative

  $ 5,224   $ 5,678   $ 454     9 %
   

Percent of total revenue

    14 %   12 %            

        General and administrative expenses increased $0.5 million, or 9%, for 2009 as compared to 2008. Corporate-related expenses increased primarily due to $0.4 million in additional legal fees driven by acquisitions in 2009 and $0.1 million in fees related to Statement on Auditing Standards No. 70 (SAS 70) Type I and Type II audits of our data center operations.

Total Other Income (Expense), Net

   
  Year Ended
December 31,
  Change  
   
  2008   2009   $   %  
   
  (in thousands)
   
 
 

Total other income (expense), net

  $ 353   $ (182 ) $ (535 )   NM  

        Total other income (expense), net, decreased by $0.5 million for 2009 as compared to 2008 primarily due to a reduction in interest income due to lower invested cash balances.

Liquidity and Capital Resources

        Since our inception, we have relied principally on sales of our preferred stock to fund our operating activities. To date, we have raised $92.8 million of equity capital. Additionally, we have utilized equipment lines to fund capital purchases.

        We entered into a new equipment loan agreement with Silicon Valley Bank in April 2011 for an aggregate loan principal amount of $6.0 million. Interest on the advances are equal to prime rate plus 0.50%. As of September 30, 2011, the interest rate on the advances was 4.50%. We have the ability to draw down on this equipment line through April 19, 2012. Each drawn amount is due 48 months after funding. Borrowings outstanding under the equipment loan at September 30, 2011 were $2.9 million. Equipment financed under this loan arrangement is collateralized by the respective assets underlying the loan. The loan includes a covenant that requires us to maintain cash and cash equivalents plus net accounts receivables of at least two times the amount of all outstanding indebtedness. As of September 30, 2011, we were in compliance with this financial covenant.

        Based on our current level of operations and anticipated growth, we believe that our existing sources of liquidity will be sufficient to fund our operations for at least the next 12 months. Our future capital requirements will depend on many factors, including our rate of revenue growth, the expansion of our sales and marketing activities, and the timing and extent of spending to support product development efforts and expansion into new territories, and the timing of introductions of new features and enhancements to our solutions. To the extent that existing cash and cash equivalents and cash from operations are insufficient to fund our future activities, we may need to raise additional funds through public or private equity or debt financing. We may also seek to invest in or acquire complementary businesses, applications or technologies, any of which could also require us to seek additional equity or debt financing. Additional funds may not be available on terms favorable to us or at all.

57


Table of Contents

Cash Flows

        The following table sets forth a summary of our consolidated cash flows for the periods indicated:

   
  Years Ended
December 31,
  Nine Months Ended
September 30,
 
   
  2008   2009   2010   2010   2011  
   
  (in thousands)
 
 

Net cash provided by (used in) operating activities

  $ (7,555 ) $ (3,707 ) $ 3,409   $ 1,517   $ (329 )
 

Net cash provided by (used in) investing activities

    (16,044 )   (5,132 )   306     742     (8,285 )
 

Net cash provided by financing activities

    27,572     4,778     1,445     2,237     3,619  

    Net Cash Flows Provided by (Used in) Operating Activities

        Our net loss and cash flows from operating activities are significantly influenced by our investments in headcount and data center operations to support anticipated growth. Our cash flows are also influenced by cash payments from customers. We invoice customers for the entire contract amount at the start of the term, and as such our cash flow from operations is also affected by the length of a customer contract.

        Cash used in operating activities for the nine months ended September 30, 2011 of $(0.3 million) was the result of a net loss of $13.7 million, offset by non-cash expenditures of $9.1 million, which included depreciation, amortization and stock-based compensation expense. This was further offset by deferred revenue and product costs of $5.5 million as a result of our subscription based revenue model. The remaining use of funds of $1.3 million was from the net change in working capital items.

        Cash provided by operating activities for the nine months ended September 30, 2010 of $1.5 million was the result of a net loss from operations of $15.1 million. This was offset by non-cash expenditures of $8.6 million which includes depreciation, amortization, and stock-based compensation expense. This was further offset by deferred revenue and product costs of $8.7 million as a result of our subscription based revenue model. The remaining use of funds of $0.6 million was from the net change in working capital items.

        Cash provided by operating activities in 2010 of $3.4 million was the result of a net loss of $20.9 million, offset by non-cash expenditures of $11.4 million, which included depreciation, amortization and stock-based compensation expense, and by deferred revenue and product costs of $13.4 million as a result of our subscription based revenue model. The remaining use of funds of $0.5 million was from the net change in working capital items.

        Cash used in operating activities in 2009 of $3.7 million was the result of a net loss of $19.7 million, offset by non-cash expenditures of $10.0 million which included depreciation, amortization and stock-based compensation expense, and by deferred revenue and product costs of $9.2 million. The remaining use of funds of $3.2 million was from the net change in working capital items.

        Cash used in operating activities in 2008 of $7.6 million was the result of a net loss of $25.9 million, offset by non-cash expenditures of $6.3 million which included depreciation, amortization and stock-based compensation expense, and by deferred revenue and product costs of $11.4 million as a result of our subscription based revenue model. The remaining use of funds of $0.7 million was from the net change in working capital items.

58


Table of Contents

    Net Cash Flows Provided by (used in) Investing Activities

        Our primary investing activities have consisted of capital expenditures in support of expanding our infrastructure and workforce and the purchase and sale of short-term investments. As our business grows, we expect our capital expenditures and our investment activity to continue to increase.

        We used $8.3 million of cash in investing activities during the nine months ended September 30, 2011. This was primarily from the net purchase of $4.4 million in short-term investments. In addition, we used $3.8 million to purchase equipment for infrastructure expansion.

        Investing activities for the nine months ended September 30, 2010 resulted in net proceeds of $0.7 million. This was primarily from $2.8 million in net proceeds from the sale of short-term investments, offset by $2.0 million of equipment purchases used for infrastructure expansion.

        Investing activities for the year ended December 31, 2010 resulted in net proceeds of $0.3 million. This was primarily from $3.7 million of net proceeds from short-term investments, offset by $3.4 million of equipment purchases used for infrastructure expansion and other fixed assets.

        We used $5.1 million of cash in investing activities in 2009. The main uses were a $6.6 million acquisition and $2.5 million used for infrastructure equipment and other fixed assets, offset by net proceeds from short-term investments of $4.0 million.

        We used $16.0 million of cash in investing activities in 2008. We used $7.0 million for an acquisition, $6.2 million for net purchases of short-term investments and $2.9 million for infrastructure equipment and other fixed assets.

    Net Cash Flows Provided by (Used in) Financing Activities

        Cash provided by financing activities for the nine months ended September 30, 2011 was $3.6 million. This consisted of $0.9 million of proceeds from the exercise of stock options and borrowings under our new equipment line of which $2.9 million during this period, partially offset by repayment of equipment financing loans of $0.2 million.

        Cash provided by financing activities for the nine months ended September 30, 2010 was $2.2 million. This consisted of proceeds from sales of our Series F preferred stock of $1.5 million along with $1.1 million of proceeds from the exercise of employee stock options, partially offset by repayment of equipment financing loans of $0.4 million.

        Cash provided by financing activities in 2010 was $1.4 million. This consisted of proceeds from sales our Series F preferred stock financing of $1.5 million along with $1.2 million from the exercise of employee stock options, partially offset by repayment of equipment financing loans of $0.5 million and $0.8 million towards earn-out payments.

        Cash provided by financing activities in 2009 was $4.8 million. This consisted of proceeds from sales of our Series F preferred stock of $5.0 million along with $0.2 million from the exercise of employee stock options, partially offset by repayment of equipment financing loans of $0.4 million.

        Cash provided by financing activities in 2008 was $27.6 million. This consisted of proceeds from the sales of our Series F preferred stock of $27.8 million along with $0.2 million from the exercise of employee stock options, partially offset by repayment of equipment financing loans of $0.4 million.

    Contractual Obligations and Commitments

        Our principal commitments consist of obligations under our outstanding leases for our office space and third-party data centers as well as equipment leases and loans for certain computer and office

59


Table of Contents

equipment. The following table summarizes our contractual obligations as of December 31, 2010 (in thousands):

 
  Payment Due By Period  
Contractual Obligations(1)
  Total   Less Than
1 Year
  1-3 Years   3-5 Years   More Than
5 Years
 

Debt obligations(2)

  $ 2,993   $ 68   $ 1,361   $ 1,564   $  

Interest expense payments(3)

    338     54     225     59      

Capital and operating lease obligations(4)

    3,950     1,124     2,324     502      

Purchase obligations(5)

    3,280     1,980     1,300          
                       
 

Total

  $ 10,561   $ 3,226   $ 5,210   $ 2,125   $  
                       

(1)
The above table does not include the amount of liability from an acquisition in 2009 of $1.0 million. This payment is due in less than one year, as described below.

(2)
Represents our outstanding debt under our equipment loan, including the new loan and equipment agreement commencing April 2011.

(3)
Represents interest payments on our outstanding debt under our equipment loan, including the new loan and equipment agreement commencing April 2011.

(4)
Consists of capital leases and contractual obligations under operating leases for office space, including the new facility lease commencing April 2011.

(5)
Consists of purchase obligations related to our third-party data centers.

        We entered into a new equipment loan agreement with Silicon Valley Bank in April 2011 for an aggregate loan principal amount of $6.0 million. For more information about our equipment loan agreement please see "Liquidity and Capital Resources."

        In March 2011, we entered into a lease agreement to occupy an additional 22,121 square feet of office space at our headquarters facility. The lease term is 39 months for 78,338 square feet in the aggregate, with a monthly rental of $74,338 commencing on April 1, 2011, and expiring on June 30, 2014.

        We completed an acquisition in October 2009 that included an earn-out payment of up to $1.0 million to stockholders of the acquired company in the event that certain revenue targets were achieved. We currently anticipate that the full amount of this payment will be made in December 2011.

        We have recorded a liability for sales and use taxes. A variety of factors could affect the liability, which factors include recovery of amounts from customers and any changes in relevant statutes in the various states in which we have done business. To the extent that the actual amount of our liabilities for sales and use taxes materially differs from the amount we have recorded on our consolidated balance sheet, our future results of operations and cash flows could be negatively affected.

        Under the indemnification provisions of our standard customer agreements, we agree to indemnify, defend and hold harmless our customers against, among other things, infringement of any patents, trademarks or copyrights under any country's laws or the misappropriation of any trade secrets arising from the customer's legal use of our solutions. Our exposure under these indemnification provisions is generally limited to the total amount paid by the customer under the applicable customer agreement. However, certain indemnification provisions potentially expose us to losses in excess of the aggregate amount paid to us by the customer under the applicable customer agreement. No material claims have been made against us pursuant to these indemnification provisions to date.

60


Table of Contents

Off-Balance Sheet Arrangements

        During the periods presented, we did not have, nor do we currently have, any relationships with unconsolidated entities or financial partnerships, such as entities often referred to as structured finance or special purpose entities, which would have been established for the purpose of facilitating off-balance sheet arrangements or other contractually narrow or limited purposes. We are therefore not exposed to any financing, liquidity, market or credit risk that could arise if we had engaged in those types of relationships.

Quantitative and Qualitative Disclosures about Market Risk

        We have operations both within the United States and internationally, and we are exposed to market risks in the ordinary course of our business. These risks primarily include interest rate, foreign exchange and inflation risks, as well as risks relating to changes in the general economic conditions in the countries where we conduct business. To reduce certain of these risks, we monitor the financial condition of our large clients and limit credit exposure by collecting in advance and setting credit limits as we deem appropriate. In addition, our investment strategy has been to invest in financial instruments that are highly liquid and readily convertible into cash with maturity dates within three months from the date of purchase. To date, we have not used derivative instruments to mitigate the impact of our market risk exposures. We have also not used, nor do we intend to use, derivatives for trading or speculative purposes.

Interest Rate Risk

        We are exposed to market risk related to changes in interest rates. Our investments are considered cash equivalents and primarily consist of money market funds, corporate debt securities and a certificate of deposit. As of September 30, 2011, we had cash, cash equivalents, and short-term investments of $12.1 million. The carrying amount of our cash, cash equivalents and short-term investments reasonably approximates fair value, due to the short maturities of these investments. The primary objectives of our investment activities are the preservation of capital, the fulfillment of liquidity needs and the fiduciary control of cash and investments. We do not enter into investments for trading or speculative purposes. Our investments are exposed to market risk due to a fluctuation in interest rates, which may affect our interest income and the fair market value of our investments. Due to the short-term nature of our investment portfolio, we believe only dramatic fluctuations in interest rates would have a material effect on our investments. As such we do not expect our operating results or cash flows to be materially affected by a sudden change in market interest rates.

        As of September 30, 2011 we had borrowings outstanding with principal amounts of $3.0 million. Our outstanding long-term borrowings consist of fixed and variable interest rate financial instruments. The interest rates of our borrowings range from 2.9% to 10.6%. A hypothetical 10% increase or decrease in interest rates relative to our current interest rates would not have a material impact on the fair values of all of our outstanding borrowings. Changes in interest rates would, however, affect operating results and cash flows, because of the variable rate nature of our borrowings. A hypothetical 10% increase or decrease in interest rates relative to interest rates at December 31, 2010 would result in an insignificant impact to interest expense for 2011.

Foreign Currency Risk

        Our sales to international customers are generally U.S. dollar-denominated. As a result, there are no significant foreign currency gains or losses related to these transactions. The functional currency for our wholly owned foreign subsidiaries is the U.S. dollar. Accordingly, the subsidiaries remeasure monetary assets and liabilities at period-end exchange rates, while nonmonetary items are remeasured at historical rates. Income and expense accounts are remeasured at the average exchange rates in effect

61


Table of Contents


during the year. Remeasurement adjustments are recognized in the statement of operations as foreign currency transaction gains or losses in the year of occurrence. Aggregate foreign currency transaction losses included in determining net loss were $166,000 in 2008, $177,000 in 2009 and $187,000 for fiscal year 2010 and $58,000 for the nine months ended September 30, 2010 respectively. For the nine months ended September 30, 2011, however, there was a net transaction gain of $93,000. Transaction gains and losses are included in other income (expense), net.

        As our international operations grow, our risks associated with fluctuation in currency rates will become greater, and we will continue to reassess our approach to managing this risk. In addition, currency fluctuations or a weakening U.S. dollar can increase the costs of our international expansion. To date, we have not entered into any foreign currency hedging contracts, since exchange rate fluctuations have not had a material impact on our operating results and cash flows. Based on our current international structure, we do not plan on engaging in hedging activities in the near future.

Inflation Risk

        We do not believe that inflation has had a material effect on our business, financial condition or results of operations. Nonetheless, if our costs were to become subject to significant inflationary pressures, we may not be able to fully offset such higher costs through price increases. Our inability or failure to do so could harm our business, financial condition and results of operations.

Critical Accounting Policies

        Our management's discussion and analysis of our financial condition and results of operations are based on our consolidated financial statements, which have been prepared in accordance with GAAP. GAAP requires us to make certain estimates and judgments that can affect the reported amounts of assets and liabilities as of the dates of the consolidated financial statements, the disclosure of contingencies as of the dates of the consolidated financial statements, and the reported amounts of revenue and expenses during the periods presented. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, the results of which form the basis for making judgments about the carrying values of assets and liabilities. If actual results or events differ materially from those contemplated by us in making these estimates, our reported financial condition and results of operations for future periods could be materially affected. See "Risk Factors" for certain matters that may affect our future financial condition or results of operations. An accounting policy is deemed to be critical if it requires an accounting estimate to be made based on assumptions about matters that are uncertain at the time the estimate is made, if different estimates reasonably could have been used, or if the changes in estimate that are reasonably likely to occur could materially impact the financial statements. Our management has discussed the development, selection and disclosure of these estimates with the audit committee of our board of directors.

        The following critical accounting policies reflect significant judgments and estimates used in the preparation of our consolidated financial statements:

    Revenue recognition and deferred revenue;

    Stock-based compensation;

    Allowance for doubtful accounts;

    Capitalized software costs;

    Impairment of long lived assets; and

    Income taxes.

62


Table of Contents

Revenue Recognition and Deferred Revenue

        We derive our revenue primarily from two sources: (1) subscription revenue for rights related to the use of our security-as-a-service platform and (2) hardware, training, and professional services revenue provided to customers related to their use of our platform. Subscription revenue is derived from a subscription-based enterprise licensing model with contract terms typically ranging from one to three years, and consists of (i) subscription fees from the licensing of our security-as-a-service platform, (ii) subscription fees for access to the on-demand elements of our platform and (iii) subscription fees for the right to access our customer support services.

        We apply the provision of Accounting Standard Codification (ASC) 985-605, "Software Revenue Recognition," and related interpretations, to all transactions involving the licensing of software, as well as related support, training, and other professional services. ASC 985-605 requires revenue earned on software arrangements involving multiple elements such as software license, support, training, and other professional services to be allocated to each element based on the relative fair values of these elements. The fair value of an element must be based on vendor-specific objective evidence (VSOE) of fair value. VSOE of fair value of each element is based on the price charged when the element is sold separately. Revenue is recognized when all of the following criteria are met as set forth in ASC 985-605:

    Persuasive evidence of an arrangement exists;

    Delivery has occurred;

    The fee is fixed or determinable; and

    Collectability is probable.

        We have analyzed all of the elements included in our multiple element arrangements and have determined that we do not have sufficient VSOE of fair value to allocate revenue to our subscription and software license agreements, support, training, and professional services. We defer all revenue under the arrangement until the commencement of the subscription services and any associated professional services. Once the subscription services and the associated professional services have commenced, the entire fee from the arrangement is recognized ratably over the remaining period of the arrangement. If the professional services are essential to the functionality of the subscription, then the revenue recognition does not commence until such services are completed.

        Our hosted on-demand service agreements do not provide customers with the right to take possession of the software supporting the hosted service. We recognize revenue from our on-demand services in accordance with ASC 605-20, and as such recognize revenue when the following criteria are met:

    Persuasive evidence of an arrangement exists;

    Delivery of our obligations to our customers has occurred;

    Collection of the fees is probable; and

    The amount of fees to be paid by the customer is fixed or determinable.

        In October 2009, the Financial Accounting Standards Board (FASB) amended the accounting guidance for multiple element arrangements (ASU 2009-13) to:

    Provide updated guidance on whether multiple deliverables exist, how the deliverables in an arrangement should be separated, and how the arrangement consideration should be allocated among its elements;

63


Table of Contents

    Require an entity to allocate revenue in an arrangement that has separate units of accounting using best estimated selling price (BESP) of deliverables if a vendor does not have VSOE of fair value or third-party evidence of selling price (TPE); and

    Eliminate the use of the residual method and require an entity to allocate revenue using the relating selling price method to the separate unit of accounting.

        Concurrently, the FASB amended the accounting guidance for revenue recognition (ASU 2009-14) to exclude hardware appliances containing software components and hardware components that function together to deliver the hardware appliance's essential functionality from the scope of the software revenue recognition guidance of ASC 985-605.

        Prior to the adoption of ASU 2009-14, revenue derived from hardware appliance sales were recognized based on the software revenue recognition guidance. We could not establish VSOE of fair value for the undelivered elements in the arrangement, and therefore the entire fee from the arrangement was recognized ratably over the contractual term of the agreement. In addition, we were unable to establish VSOE of fair value of our hosted on-demand service agreements, and therefore the entire fee for the agreement was recognized ratably over the contractual term of the agreement.

        As a result of the adoption of this new accounting guidance, revenue derived from our subscription services and hardware appliance sales are no longer subject to industry-specific software revenue recognition guidance. For all arrangements within the scope of the new guidance, including our hosted on-demand services, we evaluate each element in a multiple element arrangement to determine whether it represents a separate unit of accounting. An element constitutes a separate unit of accounting when the delivered item has standalone value and delivery of the undelivered element is probable and within our control. Revenue derived from the licensing of the security-as-a-service platform continue to be accounted for in accordance with the industry specific revenue recognition guidance.

        When we are unable to establish the selling price of our non-software deliverables using VSOE or TPE, we use BESP in our allocation of arrangement consideration. The objective of BESP is to determine the price at which we would transact a sale if the product or service were sold on a stand-alone basis. We determine BESP for an individual element within a multiple element revenue arrangement using the same methods utilized to determine the selling price of an element sold on a standalone basis. We estimate the selling price for our subscription solutions by considering internal factors such as historical pricing practices and we estimate the selling price of our hardware and services using a combination of our historical costs paired with external measurements regarding the pricing of similar products and services in similar industries. As there is a significant amount of judgment when determining BESP, we regularly review all of our assumptions and inputs around BESP and maintain internal controls over the establishment and updates of these estimates.

        Hardware appliance revenue is recognized upon shipment. Subscription and support revenue are recognized over the contract period commencing on the start date of the contract. Professional services and training, when sold with hardware appliances or subscription and support services, are accounted for separately when those services have standalone value. In determining whether professional services and training services can be accounted for separately from subscription and support services, we consider the following factors: availability of the services from other vendors, the nature of the services, and the dependence of the subscription services on the customer's decision to buy the professional services. If professional services and training do not qualify for separate accounting, we recognize the professional services and training ratably over the contract term of the subscription services.

        Delivery generally occurs when the hardware appliance is delivered to a common carrier freight on board shipping point by us or the hosted service has been activated and communicated to the customer accordingly. Our fees are typically considered to be fixed or determinable at the inception of an

64


Table of Contents


arrangement and are negotiated at the outset of an arrangement, generally based on specific products and quantities to be delivered. In the event payment terms are provided that differ significantly from our standard business practices, the fees are deemed to not be fixed or determinable and revenue is recognized as the fees become paid.

        We assess collectability based on a number of factors, including credit worthiness of the customer and past transaction history of the customer. Through September 30, 2011, we have not experienced any significant credit losses.

        We elected to adopt this new guidance in the first quarter of 2011 for new and materially modified revenue arrangements originating after January 1, 2011. Prior to the adoption of this new accounting guidance, hardware revenue was recognized ratably over the duration of the contract. Accordingly, as of December 31, 2010, our deferred revenue balance reflected amounts yet to be recognized under our then-current accounting practices. These deferred amounts will continue to be recognized ratably under their original amortization schedules until the end of the associated contract term. As such, until the end of these contract periods, we will recognize hardware revenue both from sales in prior periods subject to the original accounting guidance as well as from sales in current periods subject to the new accounting guidance, with the principal impact being in 2011 and to a lesser extent 2012 and future periods. Given the marginal contribution toward profitability of our hardware appliances, we do not expect this transition to contribute materially toward our profitability.

Stock-Based Compensation

        Effective January 1, 2006, we adopted ASC 718, which requires non-public companies that used the minimum value method under ASC 718 for either recognition or pro forma disclosures to apply ASC 718 using the prospective-transition method. In accordance with ASC 718, we recognize the compensation cost of employee stock-based awards granted subsequent to December 31, 2005 in the statement of operations using the straight-line method over the vesting period of the award.

        The following table set for the stock-based compensation expense included in the related consolidated financial statement line items:

 
  Years Ended December 31,   Nine Months Ended
September 30,
 
 
  2008   2009   2010   2010   2011  
 
  (in thousands)
 

Stock-based compensation:

                               
 

Cost of subscription revenue

  $ 178   $ 275   $ 357   $ 259   $ 281  
 

Cost of hardware and services revenue

    1     11     17     11     20  
 

Research and development

    519     848     1,010     727     868  
 

Sales and marketing

    703     1,030     1,113     789     1,418  
 

General and administrative

    707     732     868     624     704  

65


Table of Contents

        We estimated the fair value of each option granted using the Black-Scholes option pricing method using the following assumptions for the periods presented in the table below:

 
  Year Ended December 31,   Nine Months Ended
September 30,
 
 
  2008   2009   2010   2010   2011  

Estimated fair value of common stock

    $2.16     $1.57     $2.29     $2.06     $2.79  

Estimated volatility

    55%     62%-65%     60%-61%     60%-61%     59%-60%  

Estimated dividend yield

    0%     0%     0%     0%     0%  

Expected term (years)

    5.77-6.08     5.85-6.08     6-6.08     6-6.08     6-6.08  

Risk-free rate

    2.4%-3.31%     2%-2.8%     1.8%-2.8%     1.9%-2.8%     1.5%-2.5%  

        As of each stock option grant date, we considered the fair value of the underlying common stock, determined as described below, in order to establish the options exercise price.

        As there has been no public market for our common stock prior to this offering, and therefore a lack of company-specific historical and implied volatility data, we have determined the share price volatility for options granted based on an analysis of reported data for a peer group of companies that granted options with substantially similar terms. We analyzed a population of possible comparable companies and selected those for our peer group that we considered to be the most comparable to us in terms of industry business model, revenue, growth and gross profit margins. The expected volatility of options granted has been determined using an average of the historical volatility measures of this peer group of companies for a period equal to the expected life of the option. We intend to continue to consistently apply this process using the same or similar entities until a sufficient amount of historical information regarding the volatility of our own share price becomes available, or unless circumstances change such that the identified entities are no longer similar to us. In this latter case, more suitable entities whose share prices are publicly available would be utilized in the calculation.

        The expected life of options granted has been determined utilizing the "simplified" method as prescribed by the SEC's Staff Accounting Bulletin, or SAB, No. 107, Share-Based Payment , or SAB 107. The risk-free interest rate is based on a daily treasury yield curve rate whose term is consistent with the expected life of the stock options. We have not, historically, paid and, in the future, do not anticipate paying cash dividends on our shares of common stock and therefore, the expected dividend yield is assumed to be zero.

        In addition, ASC 718 requires forfeitures to be estimated at the time of grant and revised, if necessary, in subsequent periods if actual forfeitures differ from those estimates. We apply an estimated forfeiture rate based on our historical forfeiture experience.

66


Table of Contents

        We have historically granted stock options at exercise prices no less than the fair market value as determined by our board of directors, with input from management and a third-party valuation firm. Since the beginning of 2010, we granted stock options with exercise prices as follows:

Date of Grant
  Number of
Shares
  Exercise
Price
  Fair Value
Per Share
 

February 9, 2010

    378,000   $ 1.94   $ 1.94  

March 9, 2010

    1,515,269     1.94     1.94  

April 20, 2010

    888,500     1.94     1.94  

July 30, 2010

    794,500     2.49     2.49  

October 28, 2010

    1,758,750     2.44     2.44  

December 15, 2010

    1,295,529     2.69     2.69  

January 27, 2011

    112,250     2.69     2.69  

April 29, 2011

    1,885,700     2.74     2.74  

August 5, 2011

    1,053,800     2.88     2.88  

October 12, 2011

    711,800     3.29     3.29  

        We used a third-party valuation firm to assist us with the development of contemporaneous valuations. Our board of directors determined the fair value of our common stock on the date of grant based on a number of factors including:

    Our performance, growth rate and financial condition at the approximate time of the option grant;

    The value of companies that we consider peers based on a number of factors including, but not limited to, similarity to us with respect to industry, business model, stage of growth, financial risk or other factors;

    Changes in the company and our prospects since the last time the board approved option grants and made a determination of fair value;

    Amounts recently paid by investors for our common stock and convertible preferred stock in arm's-length transactions with stockholders;

    The rights, preferences and privileges of preferred stock relative to those of our common stock;

    Future financial projections; and

    Valuations completed in conjunction with, and at the time of, each option grant.

        For our valuations we calculated the enterprise value by applying both the market approach and the income approach. In the market approach the valuations and outcomes of comparable peer companies in the public market were reviewed. The income approach consists of a discounted cash flow analysis. The methodology we use derives equity values utilizing a probability-weighted expected return method. Under this approach, various potential liquidity events are identified and each possible outcome is assigned a probability based on discussion with our management. For each of the possible events, a range of future equity values is estimated based on both the market and income approaches where applicable, applying various possible dates for each event. The timing of these events is based on discussion with our management. For each future equity liquidity value scenario, the rights and preferences of each stockholder class are considered in order to determine the appropriate allocation of value to common shares. The value of each common share is then multiplied by a discount factor derived from the calculated discount rate and the expected timing of the event. The value per common share, taking into account sensitivities to the timing of the event, is then multiplied by an estimated probability for each of the possible events. The calculated value per common share under a private company scenario is then discounted for a lack of marketability. A probability-weighted value per share

67


Table of Contents


of common stock is then determined. Under this approach, the value of our common stock is estimated based upon an analysis of values for our common stock assuming the following various possible future events for the company, including initial public offering, strategic merger or sale, remaining a private company, and dissolution of the business with no resulting value to common stockholders.

Discussion of specific valuation inputs for 2010 and 2011

        February 9, March 9 and April 20, 2010.    During the first quarter of 2010, total revenue grew at approximately 5% compared to the preceding quarter, and both profitability and cash flow were negative. Given that these grants occurred within a span of approximately 60 days and there were no material changes to the business during that time, we used the same sets of assumptions in assessing the valuation for all three dates. For these grants, we determined our valuation using the income and market approaches with 60% weighting assigned to the market approach and 40% assigned to the income approach. We then applied the option pricing method, where the rights of the various holders of preferred and common stock are evaluated against these two valuations in order to arrive at a fair value associated with the common stock. In addition, this analysis used a 25% lack of marketability discount. Based on all of these factors, our board of directors determined a fair value of our common stock to be $1.94 per share at each respective date.

        July 30, 2010.    In July 2010, our total revenue continued to grow at a modest pace of 4% compared to the preceding quarter during the early stages of the economic recovery. In estimating the fair value as of July 30, 2010, key assumptions included a time to liquidity of greater than 12 months for an initial public offering or a strategic merger or sale of the company, with the expected outcomes weighted 40% towards an initial public offering, 30% towards a strategic merger or sale, 25% towards remaining a private company and 5% towards a liquidation scenario. In addition, this analysis used a 25% lack of marketability discount as there was not a perceived change in the likelihood of a liquidation event. Based on all these factors, the board of directors determined a fair value of our common stock to be $2.49 per share.

        October 28, 2010.    In October 2010, our total revenue continued to grow and we generated cash flow from operations for the first time since the economic downturn. In estimating the fair value as of October 28, 2010, key assumptions included a time to liquidity of greater than 12 months in terms of an initial public offering, strategic merger or sale of the company, with the expected outcomes weighted 40% towards an initial public offering, 30% towards a strategic merger or sale, 25% towards remaining a private company and 5% towards a liquidation scenario. In addition, this analysis used a 20% lack of marketability discount. Despite our 4% quarter over quarter revenue growth, a pullback in stock valuations as evidenced by a decline in the S&P 500 index of approximately 10% over this same period of time resulted in a decline in valuations for our peer group. Based on all these factors, the board of directors determined a fair value of our common stock to be $2.44 per share.

        December 15, 2010.    In December 2010, our total revenue was growing at a rate of almost 10% compared to the preceding quarter and we continued to generate cash from operations. In estimating the value for December 15, 2010, key assumptions included an expected time to an initial public offering of one year and the lowering of our marketability discount to 17.5%, given the promising acceleration in the growth of our business and positive cash flow. The expected time to strategic merger or sale in the event of not completing a public offering was still deemed to be greater than 12 months. The expected outcomes were weighted 40% towards an initial public offering, 55% towards a strategic merger or sale and 5% towards a liquidation scenario. Based on all these factors, the board of directors determined a fair value of our common stock to be $2.69 per share.

        January 27, 2011.    In January 2011, our business had performed as expected based on our observations on December 15, 2010. Given that a little over a month had passed since our prior valuation and there were no material changes to the business since that time, we applied the same sets

68


Table of Contents


of assumptions as ones used on December 15, 2010 in assessing the valuation and as such we did not have an updated valuation report prepared by our valuation firm. Accordingly, our board of directors determined a fair value of our common stock to remain $2.69 per share.

        April 29, 2011.    In April 2011, our total revenue growth rate had slowed to 4% compared to the preceding quarter and we were no longer generating cash from operations. In estimating the fair value as of April 29, 2011, key assumptions included an expected time to an initial public offering deemed to be greater than 12 months given the slowdown in the business. The expected time for a strategic merger or sale was also estimated to be greater than 12 months. The expected outcomes were weighted 40% towards an initial public offering, 55% towards a strategic merger or sale and 5% towards a liquidation scenario. In addition, this analysis used a 17% lack of marketability discount. Based on all these factors, the board of directors determined a fair value of our common stock to be $2.74 per share.

        August 5, 2011.    In August 2011, our total revenue growth rate continued at a slower rate of 3% compared to the preceding quarter and we continued to generate negative cash flow. In estimating the fair value as of August 5, 2011, key assumptions included an expected time to an initial public offering, strategic merger or sale to be greater than 12 months. The expected outcomes were weighted 40% towards an initial public offering, 55% towards a strategic merger or sale and 5% towards a liquidation scenario. In addition, this analysis used a 15% lack of marketability discount, as the ongoing growth of the business implied a gradual improvement in the potential marketability of the common stock. Based on all these factors, the board of directors determined a fair value of our common stock to be $2.88 per share.

        October 12, 2011.    In October 2011, our board of directors approved a plan to proceed with the preparation for a filing for an initial public offering. While the timing of the offering was uncertain, this decision substantially increased the likelihood of a public offering as compared to other liquidation events and, as such, the expected outcome weighting for an initial public offering was changed to 95%, with the remaining 5% assigned towards a liquidation scenario. In addition, this analysis used a 15% lack of marketability discount given the uncertain timing of the public offering as well as increased volatility in the capital markets. Based on all of these factors, our board of directors determined a fair value of our common stock to be $3.29 per share.

Allowance for Doubtful Accounts

        We assess collectability based on a number of factors, including credit worthiness of the customer along with past transaction history; in addition, we perform periodic evaluations of our customers' financial condition. Credit losses historically have not been material, which is directly attributable to our subscription-based services model, enabling us to immediately discontinue the availability of the services in question in the event of non-payment. Through September 30, 2011, we have not experienced any significant credit losses.

Capitalized Software Costs

        Our research and development efforts include both software created for our internal use on behalf of our customers as well as software elements to be used by our customers in their own facilities. As such, we consider both ASC 350-40 and ASC 985-20 when accounting for our research and development costs.

        ASC 350-40, Internal-Use Software, contains the following provisions: (1) Preliminary project costs are expensed as incurred; (2) All costs associated with the development of the application are to be capitalized; and (3) All costs associated with the post-implementation operation of the software shall be expenses as incurred. As well, the costs for all upgrades and enhancements to the originally developed

69


Table of Contents


software may be capitalized if additional functionality is added. Accordingly, we capitalize certain software development costs, including the costs to develop new solutions or significant enhancements to existing solutions, which are developed or obtained for internal use. We capitalize software development costs when application development begins, it is probable that the project will be completed, and the software will be used as intended. Such capitalized costs are amortized on a straight-line basis over the estimated useful life of the related asset, which is generally two years. Costs associated with preliminary project stage activities, training, maintenance and all post implementation stage activities are expensed as incurred. To date in 2011, we have capitalized costs of approximately $0.4 million in aggregate under ASC 350-40. Based on our current plans, we expect to capitalize a similar portion of our development costs in the future.

        ASC 985-20, Costs of Software to be Sold, Leased, or Marketed, contains the following provisions: (1) all costs to establish the technological feasibility shall be expensed when incurred; (2) costs of producing product masters incurred subsequent to establishing technological feasibility shall be capitalized; and (3) capitalization of computer software costs shall cease when the product is available for general release to customers. Accordingly, software development costs related to software services to be distributed and sold are capitalized once technological feasibility has been established and prior to the general availability of the solution, with amortization determined for each individual solution based on the solution's expected economic life. For all development projects subject to this accounting guidance, the costs to establish technological feasibility have been expensed as incurred. To date, all costs subsequent to technological feasibility but prior to general availability have not been material and as such we have not capitalized any costs associated with projects subject to ASC 985-20. All costs subsequent to general availability have been expensed as incurred.

Impairment of Long Lived Assets

        In accordance with ASC 360, Property, Plant, and Equipment, we evaluate long-lived assets, such as property and equipment and intangible assets other than goodwill, for impairment whenever events or changes in circumstances indicate that the carrying value of an asset may not be recoverable. Recoverability of these assets is measured by comparison of the carrying amount of the asset to the future undiscounted cash flows the asset is expected to generate. If the asset is considered to be impaired, the amount of any impairment is measured as the difference between the carrying value and the fair value of the impaired asset. No assets were determined to be impaired to date.

Income Taxes

        We account for income taxes under ASC 740, Income Taxes. Under ASC 740, deferred tax assets and liabilities are determined based on the differences between the financial reporting and tax basis of assets and liabilities and are measured using the enacted tax rates that will be in effect when the differences are expected to reverse. A valuation allowance is established to reduce net deferred tax assets to an amount that we estimate is more likely than not to be realized.

        We have elected to use the "with and without" approach as described in ASC 740-20, Intraperiod Tax Allocation, in determining the order in which tax attributes are utilized. As a result, we will only recognize a tax benefit from stock-based awards in additional paid-in capital if an incremental tax benefit is realized after all other tax attributes currently available to us have been utilized. In addition, we have elected to account for the impact of stock-based awards on other tax attributes, such as the research tax credit, through the consolidated statement of operations.

        Effective January 1, 2009, we adopted the accounting guidance for uncertainties in income taxes, which prescribes a recognition threshold and measurement process for recording uncertain tax positions taken, or expected to be taken in a tax return, in the financial statements. Additionally, the guidance also prescribes new treatment for the de-recognition, classification, accounting in interim periods and

70


Table of Contents


disclosure requirements for uncertain tax positions. We accrue for the estimated amount of taxes for uncertain tax positions if it is more likely than not that we would be required to pay such additional taxes. An uncertain tax position will not be recognized if it has a less than 50% likelihood of being sustained.

        We recognize interest and penalties related to tax positions in income tax expense. To the extent that accrued interest and penalties do not ultimately become payable, amounts accrued will be reduced and reflected as a reduction of the overall income tax provision in the period that such determination is made. No interest or penalties have been accrued for any period presented.

Recent Accounting Pronouncements

        In June 2011, the FASB issued amended guidance on the presentation of comprehensive income. The amended guidance eliminates one of the presentation options provided by current U.S. GAAP that is to present the components of other comprehensive income as part of the statement of changes in stockholders' equity. In addition, it gives an entity the option to present the total of comprehensive income, the components of net income, and the components of other comprehensive income either in a single continuous statement of comprehensive income or in two separate but consecutive statements. This guidance will be effective for reporting periods beginning after December 15, 2011 and will be applied retrospectively. We do not expect that this guidance will have an impact on our financial position, results of operations or cash flows.

        In September 2011, the FASB issued amended guidance relating to the goodwill impairment test. The guidance provides that an entity first assess qualitative factors to determine whether it is necessary to perform the two-step quantitative goodwill impairment test. Under that option, an entity no longer would be required to calculate the fair value of a reporting unit unless the entity determines, based on that qualitative assessment, that it is more likely than not that its fair value is less than its carrying amount. The guidance also includes examples of the types of events and circumstances to consider in conducting the qualitative assessment. The guidance will be effective for annual and interim goodwill impairment tests performed for fiscal years beginning after December 15, 2011. Early adoption is permitted. We are currently evaluating this amended guidance but we do not expect that it will have an impact on our consolidated financial statements.

71


Table of Contents


BUSINESS

Overview

        Proofpoint is a pioneering security-as-a-service vendor that enables large and mid-sized organizations worldwide to defend, protect, archive and govern their most sensitive data. Our security-as-a-service platform is comprised of an integrated suite of on-demand data protection solutions, including threat protection, regulatory compliance, archiving and governance, and secure communication. Our solutions are built on a flexible, cloud-based platform and leverage a number of proprietary technologies, including big data analytics, machine learning, deep content inspection, secure storage and advanced encryption, to address today's rapidly changing threat landscape.

        A fundamental shift in the sources of cyber crime, from hackers to organized crime and governments, combined with the emergence of international data trafficking, are driving an unprecedented wave of targeted, malicious attacks designed to steal valuable information. At the same time, the growth of business-to-business collaboration, as well as the consumerization of IT and the associated adoption of mobile devices and unmanaged Internet-based applications, have proliferated sensitive data and reduced the effectiveness of many existing security products. These factors have contributed to an increasing number of severe data breaches and expanding regulatory mandates, all of which have accelerated demand for effective data protection and governance solutions.

        Our platform addresses this growing challenge by not only protecting data as it flows into and out of the enterprise via on-premise and cloud-based email, instant messaging, social media and other web-based applications, but also securely archiving these communications for compliance and discovery. We address four important problems for the enterprise:

    Keeping malicious content out;

    Preventing the theft or inadvertent loss of sensitive information and, in turn, ensuring compliance with regulatory data protection mandates;

    Collecting, retaining, governing and discovering sensitive data for compliance and litigation support; and

    Securely sharing sensitive data with customers, partners and suppliers.

        Our platform and its associated solutions are sold to customers on a subscription basis and can be deployed through our unique cloud-based architecture that leverages both our global data centers as well as optional points-of-presence behind our customers' firewalls. Our flexible deployment model enables us to deliver superior security and compliance while maintaining the favorable economics afforded by cloud computing, creating a competitive advantage for us over legacy on-premise and cloud-only offerings.

        We were founded in 2002 to provide a unified solution to help enterprises address their growing data security requirements. Our first solution was commercially released in 2003 to combat the burgeoning problem of spam and viruses and their impact on corporate email systems. To address the evolving threat landscape and the adoption of communication and collaboration systems beyond corporate email and networks, we have broadened our solutions to defend against a wide range of threats, protect against outbound security risks, and archive and govern corporate information. Today, our solutions are used by approximately 2,400 customers worldwide, including 24 of the Fortune 100, protecting tens of millions of end-users. We market and sell our solutions worldwide both directly through our sales teams and indirectly through a hybrid model where our sales organization actively assists our network of distributors and resellers. We also distribute our solutions through strategic partners including IBM, Microsoft and VMware.

72


Table of Contents

Industry Background

    Significant Shift in the Enterprise Threat Landscape

        A number of trends are leading to a significant shift in the nature and severity of data security threats and the measures required to address them:

    Data security attacks are becoming more sophisticated and targeted.  In recent years, data security threats have become more sophisticated as professional criminals, governments and "hacktivists" have targeted sensitive information and a market has emerged for stolen data. As this transition has happened, threats have shifted away from generic malware and high-volume spam to more targeted attacks focused on high-value data such as credit card numbers, login credentials, health care records, social security numbers, financial information and intellectual property. Once stolen, this data often is used in a wide range of illegal activity, including insurance fraud, banking theft, identity theft, credit card fraud and insider trading. Gartner estimates that through the end of 2015, financially motivated attacks will continue to be the source of more than 70% of the most damaging cyber threats.* Seemingly harmless data such as an email address is also leveraged in conjunction with personal information from social networking sites to launch targeted "spear phishing" attacks - emails designed to look authentic and trick the end-user into divulging sensitive data or clicking on a malicious web link to gain access to information protected within corporate networks. Spear phishing attacks are believed to have been used in a number of recent high profile data breaches.

*
See "Industry and Market Data."

Consumerization of IT and growth of business-to-business collaboration increase risk of data loss.  The widespread adoption of consumer technologies throughout the enterprise, including mobile devices, unmanaged Internet-based collaboration and file sharing applications and social networking sites, have caused valuable and sensitive enterprise data to move beyond the reach of traditional corporate data protection measures. In addition, many companies today operate as part of global, distributed value chains working closely with an extensive network of suppliers, sub-contractors and distribution partners, with valuable data being constantly exchanged among these business partners. As data increasingly moves beyond traditional network boundaries it becomes more challenging for enterprises to control and govern.

Consequences of data breaches have become more severe.  The monetary and reputational cost of data breaches, whether malicious or inadvertent, is increasing rapidly. An ongoing wave of high profile breaches in multiple industries has exposed a broad range of data, including personal information, diplomatic communications, online banking credentials, financial accounts and health care records, causing significant financial and reputational impact to the affected organizations. A 2011 Ponemon Institute study estimated a 44% increase in successful cyber attacks from the prior year's study contributing to a 56% increase in the median annualized cost of cyber crime.* In addition, according to Gartner, the federal government estimates there is $5 trillion of intellectual property in the United States, most of it commercially owned, with more than $300 billion of intellectual property stolen each year from U.S. networks.* Potentially more damaging is the reputational impact to organizations entrusted with sensitive data that is subsequently compromised.

Regulatory mandates create additional data protection and governance requirements.  Governments around the world and at all levels of jurisdiction are continuing to enact new laws regarding data protection and privacy as well as new regulations to mandate closer oversight over all aspects of regulatory adherence. Privacy laws and regulations require that enterprises and government organizations create and enforce policies for the assurance, protection and archiving of various types of corporate information, and the availability of that information in response to litigation

73


Table of Contents

      and other inquiries. For example, laws such as HIPAA, GLBA, the Sarbanes-Oxley Act, related regulations and securities industry oversight requirements have created significant and complex requirements for the protection and retention of sensitive corporate information. There is also a wide variety of rapidly changing country-specific and even state-specific regulations, such as the UK Data Protection Act, Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), the European Union's Data Protection Directive and comprehensive privacy regulations enacted in Massachusetts and Nevada, all of which extend globally to enterprises serving customers in those regions. In addition to government laws and regulations, industry standards such as the Payment Card Industry Security Standards Council's Data Security Standard (PCI-DSS) mandate that member organizations meet stringent data protection standards.

    Traditional information security and compliance solutions are ineffective

        To protect their data assets, organizations have typically employed a number of disparate on-premise security products. However, these solutions are not well suited to addressing today's threats and challenges and many organizations are still unable to adequately protect their data assets for a variety of reasons, including:

    Legacy threat protection products are increasingly vulnerable to modern targeted attacks.  Widely deployed threat protection products, such as firewalls, anti-virus products and secure email gateways were designed primarily to stop large-scale spam and virus attacks that emerged in the early and mid-2000s. The techniques these systems employ to detect and defend against broad attacks, such as signature databases of known malicious code, IP-reputation for spam generating sites and "honey pots" or spam-traps to identify new threats, are often ineffective against today's targeted attacks. Cybercriminals are now employing advanced, targeted attacks such as "spear phishing" designed to defeat these legacy defenses by using URLs and shortened URLs to avoid signature detection, leveraging compromised accounts to bypass reputation systems, and directly targeting known valid recipients to avoid detection by "honey pots."

    Siloed, reactive security and compliance offerings provide inadequate data protection.  To piece together a comprehensive solution for data protection, archiving and governance, enterprises have traditionally deployed a collection of specialized products and associated hardware for spam and anti-virus protection, compliance enforcement, data loss protection, content encryption, secure mobile access, archiving and data retention. These point solutions lack the integration and common policy framework to effectively protect and govern data across the enterprise and to ensure a comprehensive response that coordinates protection against inbound threats with remediation efforts to prevent resulting outbound risks. In addition, existing products are largely reactive, employing either passive auditing or basic blocking techniques, and do not enable secure communications or proactive data governance in real time. For example, traditional email security offerings will typically deposit even the most serious of threats in the end-user quarantine, thereby relying on end-users to refrain from opening malicious messages specifically stored in this repository for their review and disposition by the user.

    Traditional security architectures assume data is behind corporate firewalls.  Existing solutions are built on the assumption that sensitive corporate data is stored behind corporate firewalls. With the consumerization of IT and the associated adoption of mobile devices and cloud-based applications, valuable corporate data is now widely distributed and accessed through a variety of devices. Legacy systems are unable to provide adequate data protection in this new environment because they are not designed to apply data loss prevention technologies to webmail, Internet-based collaboration applications or social networking sites.

74


Table of Contents

    Inflexible, cumbersome security and compliance systems are often bypassed by end-users.  Traditional security and compliance offerings were designed for IT professionals with limited focus on ease of use for end-users. Most existing solutions are inflexible, cumbersome to use, and hinder end-users' day-to-day business activities, all of which lead end-users to bypass them in favor of unsanctioned solutions, thus dramatically increasing the risk of data loss and compliance violations.

    Discrete, hardware-based offerings have high total cost of ownership.  Enterprises have traditionally implemented discrete on-premise security, compliance and archiving products that can be time consuming to deploy and manage, require redundancy and excess capacity to handle peak-level workloads, and are difficult and expensive to upgrade. In addition, traditional solutions require a wide range of components provided by different vendors with different interfaces and architectures, leading to interoperability issues. This type of patchwork approach is complicated and expensive to maintain and limits an enterprise's ability to take advantage of the economic and scalability benefits afforded by a security-as-a-service architecture.

    Market opportunity

        In an attempt to defend against the constantly evolving threat landscape and to comply with government mandates, enterprises are beginning to implement new, more robust corporate policies for data protection, archiving and governance. To enforce these new policies, secure communication technologies and policy-based encryption are being used to limit the leakage of sensitive data and intellectual property, and archiving and eDiscovery solutions are being used to reduce legal compliance risks. According to International Data Corporation (IDC), a third-party market research company, the total worldwide market for data protection solutions is estimated to grow from $5.2 billion in 2011 to $8.0 billion by 2015, a CAGR of 11%.*


*
See "Industry and Market Data."

The Proofpoint Solution

        Our integrated suite of on-demand security-as-a-service solutions enables large and mid-sized organizations to defend, protect, archive and govern their sensitive data. Our comprehensive platform provides threat protection, regulatory compliance, archiving and governance, and secure communication. These solutions are built on a cloud-based architecture, protecting data not only as it flows into and out of the enterprise via on-premise and cloud-based email, instant messaging, social media and other web-based applications, but also securely archiving these communications for compliance and discovery. We have pioneered the use of innovative technologies to deliver better ease-of-use, greater protection against the latest advanced threats, and lower total cost of ownership than traditional alternatives. The key elements of our solution include:

    Superior protection against advanced, targeted threats.  We use a combination of proprietary technologies for big data analytics, machine learning and deep content inspection to detect and stop targeted "spear phishing" and other sophisticated attacks. By processing and modeling billions of requests per day, we can recognize anomalies in traffic flow to detect targeted attacks. Our deep content inspection technology enables us to identify malicious message attachments and distinguish between valid messages and "phishing" messages designed to look authentic and trick the end-user into divulging sensitive data or clicking on a malicious web link. Our machine learning technology enables us to detect targeted "zero-hour" attacks in real time, even if they have not been seen previously at other locations, and quarantine them appropriately.

    Comprehensive, integrated data protection suite.  We offer a comprehensive solution for data protection and governance through an integrated, security-as-a-service platform that is comprised

75


Table of Contents

      of three main suites: Proofpoint Enterprise Protection, Proofpoint Enterprise Privacy and Proofpoint Enterprise Archive. Together, these solutions can improve an organization's ability to detect and mitigate inbound and outbound threats and securely archive and discover communication across all major communication channels including on-premise and cloud-based email, instant messaging, social media and other web-based applications. In addition, our common policy framework and reporting systems enable organizations to comply with complex regulatory mandates, implement consistent data governance policies and ensure end-to-end incident response across the enterprise.

    Designed to empower end-users.  Unlike legacy offerings that simply block communication or report audit violations, our solutions actively enable secure business-to-business and business-to-consumer communications. Our easy-to-use policy-based email encryption service automatically encrypts sensitive emails and delivers them to any PC or mobile device. In addition, our secure file-transfer solution makes it easy for end-users to share and collaborate on large documents. All of our solutions provide mobile-optimized capabilities to empower the growing number of people who use mobile devices as their primary computing platform.

    Security optimized cloud architecture.  Our multi-tenant security-as-a-service solution leverages a distributed, scalable architecture deployed in our global data centers for deep content inspection, global threat correlation and analytics, high-speed search, secure storage, encryption key management, software updates and other core functions. Customers can choose to deploy optional physical or virtual points-of-presence behind their firewalls for those who prefer to deploy certain functionality inside their security perimeter. This architecture enables us to leverage the benefits of the cloud to cost-effectively deliver superior security and compliance, while optimizing each deployment for the customer's unique threat environment.

    Extensible security-as-a-service platform.  The key components of our security-as-a-service platform, including services for secure storage, content inspection, reputation, big data analytics, encryption, key management, and identity and policy, can be exposed through application programming interfaces, or APIs, to integrate with internally developed applications as well as with those developed by third-parties. In addition, these APIs provide a means to integrate with the other security and compliance components deployed in our customers' infrastructures.

Our Business Strategy

        Our objective is to be the leading security-as-a-service provider of next-generation data protection and governance solutions. The key elements of our strategy include:

    Grow our customer base.  We believe the ongoing wave of data breaches, many of which are instigated by targeted email attacks, is leading more organizations to re-evaluate their legacy threat protection infrastructure. We believe we are well-positioned to benefit from this replacement cycle. To meet the increasing need among large and mid-sized organizations for effective and comprehensive data protection and governance, we intend to continue to invest in our direct inside and field sales organizations in order to increase our market share.

    Broaden the adoption of our platform with existing customers.  We have designed our security-as-a-service platform as an integrated, modular platform that enables customers to easily adopt additional services. A majority of our existing customers have licensed only one of our solutions. We believe that this represents a significant opportunity to expand the adoption of our platform by our existing customers. Accordingly, we plan to invest not only in sales and marketing to drive these sales to existing customers but also in customer service and research and development to maintain and improve the ongoing customer experience.

76


Table of Contents

    Grow and further expand our international presence.  We have established a global sales, service and operations infrastructure to support our planned international expansion. We currently have sales teams located in the United States, Brazil, Canada, France, Germany, Japan, Mexico, Singapore, and the United Kingdom. For the nine months ended September 30, 2011, we derived 19% of our total revenue from customers outside of North America, up from 16% of total revenue for the nine months ended September 30, 2010. We intend to continue investing in our international operations to enhance our ability to serve our global customers and grow our international business.

    Extend our channel partner network.  We leverage the relationships and knowledge of top global security reseller partners including Accuvant, Inc., FishNet Security, Inc., Forsythe Technology, Inc., Integralis, Inc. and Telindus (acquired by Belgacom SA) to provide a comprehensive sales solution. We also distribute our solutions through strategic partners such as IBM, Microsoft and VMware. We intend to further develop our network of security resellers and strategic partners to further extend our global sales, service and support capabilities.

    Leverage and extend the capabilities of our security-as-a-service platform.  We believe our competencies in big data analytics, machine learning, deep content inspection, secure storage and advanced encryption can be extended to new data security markets. We also intend to extend the data protection and governance capabilities of our platform and enable an ecosystem of third-party developers in order to complement and enhance our efforts.

    Protect against threats from established and emerging communication and collaboration platforms.  Today's data security threats exploit vulnerabilities in a wide range of communication channels into and out of the enterprise, including corporate email systems, web-based email, instant messaging, web-based collaboration and file sharing applications, social networks and blog posts. While email continues to be the primary means of penetrating the corporate network and the primary target for eDiscovery requests, we have broadened our solutions to protect and archive these other communication and collaboration platforms. We intend to continue to actively monitor the emergence of new platforms and adapt our technologies to integrate them into our broad and comprehensive data protection and governance solution.

Our Security-as-a-Service Platform

        We provide a multi-tiered security-as-a-service platform consisting of solutions, platform technologies and infrastructure. Our platform currently includes three solutions bundled for the convenience of our customers, distributors and resellers: Proofpoint Enterprise Protection, Proofpoint Enterprise Privacy, and Proofpoint Enterprise Archive. Each of these solutions is built on our security-as-a-service platform, which includes both platform services and enabling technologies. Our platform services provide the key functionality to enable our various solutions while our enabling technologies work in conjunction with our platform services to enable the efficient construction, scaling and maintenance of our customer-facing solutions.

        Our suite is delivered by a cloud infrastructure and can be deployed as a secure cloud-only solution, or as a hybrid solution with optional physical or virtual points-of-presence behind our customers' firewalls for those who prefer to deploy certain functionality inside their security perimeter. In all deployment scenarios, our cloud-based architecture enables us to leverage the benefits of the cloud to cost-effectively deliver superior security and compliance while maintaining the flexibility to optimize deployments for customers' unique environments. The modularity of our solutions enables our existing customers to implement additional modules in a simple and efficient manner.

77


Table of Contents

GRAPHIC

Solutions

        Our security-as-a-service platform includes three solutions bundled for the convenience of our customers: Proofpoint Enterprise Protection, Proofpoint Enterprise Privacy, and Proofpoint Enterprise Archive.

Proofpoint Enterprise Protection

        Proofpoint Enterprise Protection is our communications and collaboration security suite designed to protect customers' mission-critical messaging infrastructure from outside threats including spam, phishing, unpredictable email volumes, malware and other forms of objectionable or dangerous content before they reach the enterprise. Key capabilities within Proofpoint Enterprise Protection include:

    Threat detection.  Proofpoint threat detection uses our Proofpoint MLX machine learning technology and reputation data to examine millions of possible attributes in every message, including envelope headers and structure, embedded web links, images, attachments and sender reputation, as well as unstructured content in the message body, to block phishing and spear phishing attacks, spam and other forms of malicious or objectionable content. This solution also includes sophisticated policy and routing controls designed to ensure security and the effective handling of all classifications of content.

    Virus protection.  Our virus protection capabilities combat email-borne viruses, worms and trojans with a solution that combines efficient message handling, comprehensive reporting, and robust policy management with leading third-party anti-virus scanning engines.

    Zero-hour threat detection.  Protects enterprises against new phishing attacks, viruses and other forms of malicious code during the critical period after new attacks are released and before full information is available to characterize the threat.

78


Table of Contents

    Smart search.  Offers an easy-to-use interface that provides real-time visibility into message flows across an organization's messaging infrastructure, using built-in logging and reporting capabilities with advanced message tracing, forensics and log analysis capabilities.

        Key benefits of Proofpoint Enterprise Protection include:

      Superior protection from advanced threats, spam and viruses.  Protects against advanced threats, spam and other malicious code such as viruses, worms and spyware.

      Comprehensive outbound threat protection.  Analyzes all outbound email traffic to block spam, viruses and other malicious content from leaving the corporate network, and pinpoint the responsible compromised systems.

      Effective, flexible policy management and administration.  Provides a user-friendly, web-based administration interface and robust reporting capabilities that make it easy to define, enforce and manage an enterprise's messaging policies.

      Easy-to-use end-user controls.  Gives email users easy, self-service control over their individual email preferences within the parameters of corporate-defined messaging policies.

Proofpoint Enterprise Privacy

        Our data loss prevention, encryption and compliance solution defends against leaks of confidential information, and helps ensure compliance with common U.S., international and industry-specific data protection regulations - including HIPAA, GLBA, PIPEDA and PCI-DSS. Key capabilities within Proofpoint Enterprise Privacy include:

    Advanced data loss prevention.  Our advanced data loss prevention solution identifies regulated private content, valuable corporate assets and confidential information before it leaves the organization via email or web-based applications. Pre-packaged smart identifiers and dictionaries automatically and accurately detect a wide range of regulated content such as social security numbers, health records, credit card numbers, and driver's license numbers. In addition to regulated content, our machine learning technology can identify confidential, organization-specific content and assets. Once identified and classified, sensitive data can be blocked, encrypted and transmitted or re-routed internally based on content and identity-aware policies.

    Flexible remediation and supervision.  Content, identity and destination-aware policies enable effective remediation of potential data breaches or regulatory violations. Remediation options include stopping the transfer completely, automatically forcing data-encryption, or routing to a compliance supervisor or the end-user for disposition. Proofpoint Enterprise Privacy provides comprehensive reporting on potential violations and remediation using our analytics capabilities.

    Policy-based encryption.  Automatically encrypts regulated and other sensitive data before it leaves an organization's security perimeter without requiring cumbersome end-user key management. This enables authorized users, whether or not they are our customers, to quickly and easily decrypt and view content from most devices.

    Secure file transfer.  Provides secure, large file transfer capabilities that allow end-users to send large files quickly, easily, and securely while eliminating the impact of large attachments on an email infrastructure.

    Key benefits of Proofpoint Enterprise Privacy include:

      Regulatory compliance.  Allows outbound messages to comply with national and state government and industry-specific privacy regulations.

79


Table of Contents

      Superior malicious and accidental data loss protection.  Protects against the loss of sensitive data, whether from a cybercriminal attempting to exfiltrate valuable data from a compromised system, or from an employee accidently distributing a file to the wrong party through email, webmail, social media, file sharing, or other Internet-based mechanisms for publishing content.

      Easy-to-use secure communication.  Allows corporate end-users to easily share sensitive data without compromising security and privacy, and enables authorized external recipients to transparently decrypt and read the communications from any device. Our mobile-optimized interfaces provide the easiest experience for the rapidly growing number of recipients on smartphones and tablets.

Proofpoint Enterprise Archive

        Proofpoint Enterprise Archive is designed to ensure: accurate enforcement of data governance, data retention and supervision policies and mandates; cost effective litigation support through efficient discovery; and active legal hold management. Proofpoint Enterprise Archive can store, govern and discover a wide range of data including email, instant message conversations, social media interactions, and other files throughout the enterprise. The key capabilities within the Proofpoint Enterprise Archive include:

    Secure cloud storage.  With our proprietary double blind encryption technology and the associated data storage architecture, all email messages, files and other content are encrypted with keys controlled by the customer before the data enters the Proofpoint Enterprise Archive. This ensures that even our employees and law-enforcement agencies cannot access a readable form of the customer data without authorized access by the customer to the encryption keys stored behind the customer's firewall.

    Search performance.  By employing parallel, big data search techniques, we are able to deliver search performance measured in seconds, even when searching hundreds of terabytes of archived data. Traditional on-premise solutions can take hours or even days to return search results to a complex query.

    Flexible policy enforcement.  Enables organizations to easily define and automatically enforce data retention and destruction policies necessary to comply with regulatory mandates or internal policies that can vary by user, group, geography or domain.

    Active legal-hold management.  Enables administrators or legal professionals to easily designate specific individuals or content as subject to legal hold. The Proofpoint Enterprise Archive then provides active management of these holds by suspending normal deletion policies and automatically archiving subsequent messages and files related to the designated matter.

    End-user supervision.  Leveraging our flexible workflow capabilities, the Proofpoint Enterprise Archive analyzes all electronic communications, including email and communications from leading instant messaging and social networking sites, for potential violations of regulations, such as those imposed by Financial Industry Regulatory Authority (FINRA) and the SEC in the financial services industry.

    Key benefits of Proofpoint Enterprise Archive include:

      Regulatory compliance.  Helps organizations meet regulatory requirements by archiving all messages and content according to compliance retention policies and enabling staff to systematically review messages for compliance supervision.

80


Table of Contents

      Proactive data governance.  Allows organizations to create, maintain and consistently enforce a clear corporate data retention policy, reducing the risk of data loss and the cost of eDiscovery.

      Efficient litigation support.  Provides advanced search features that reduce the cost of eDiscovery and allow organizations to more effectively manage the litigation hold process.

      Reduced storage and management costs.  Helps to simplify mailbox and file system management by automatically moving storage-intensive attachments and files into cost-effective cloud storage.

Platform Services

        Our platform services provide the key functionality to enable our various solutions, using our enabling technologies. Our platform services consist of:

    Content inspection.  Applies our Proofpoint MLX machine learning techniques to understand the meaning of email, documents and social networking communications and to identify and classify content as malicious, sensitive or relevant to a litigation matter for threat protection, data loss prevention and discovery.

    Reputation.  Leverages machine learning and big data analytics to analyze and correlate billions of requests per day to create a dynamic reputation profile of hundreds of millions of IP addresses, domains, web links and other Internet content. This database of reputation profiles is used to help identify and block malicious attacks.

    Encryption and key management.  Securely encrypts data and stores and indexes hundreds of thousands of individual encryption keys without requiring cumbersome key-exchange or other end-user set-up. Enables authorized users to quickly and easily decrypt and view content from a wide variety of devices.

    Notification and workflow.  Creates notifications and an enabling workflow to alert administrators and compliance officers of an incident and enable subsequent review, commentary, tracking, escalation and remediation of each event.

    Analytics and search.  Provides an easy-to-use, web-based interface for searching and analyzing information to enable enterprises to rapidly trace inbound and outbound messages, analyze how messages were processed by a Proofpoint Enterprise deployment, report on the disposition and status of any email message, and retrieve in real time archived communications for litigation support and eDiscovery.

Enabling Technologies

        Our enabling technologies are a proprietary set of building blocks that work in conjunction with our application services to enable the efficient construction, scaling and maintenance of our customer-facing solutions. These technologies consist of:

    Big data analytics.  Indexes and analyzes petabytes of information in real time to discover threats, detect data leaks and enable end-users to quickly and efficiently access information distributed across their organizations.

    Machine learning.  Builds predictive data models using our proprietary Proofpoint MLX machine learning techniques to rapidly identify and classify threats and sensitive content in real time.

    Identity and policy.  Enables the definition and enforcement of sophisticated data protection policies based on a wide set of variables, including type of content, sender, recipient, pending legal matters, time and date, regulatory status and more.

81


Table of Contents

    Secure storage.  Stores petabytes of data in the cloud cost-effectively using proprietary encryption methods, keeping sensitive data tamper-proof and private, yet fully searchable in real time.

Infrastructure

        We deliver our security-as-a-service solutions through our cloud architecture and international data center infrastructure. We operate thousands of physical and virtual servers across seven data centers located in the United States, Canada, The Netherlands and Germany.

        Our cloud architecture is optimized to meet the unique demands of delivering real-time security-as-a-service to global enterprises. Key design elements include:

    Security.  Security is central to our cloud architecture and is designed into all levels of the system, including physical security, network security, application security, and security at our third-party data centers. Our security measures have met the rigorous standards of SAS 70 Type II certification. The industry is in the process of upgrading this certification program to a new standard known as Statement on Standards for Attestation Engagements No. 16 (SSAE 16). We expect to complete our transition to SSAE 16 by the end of 2011. In addition to this commercial certification program, we have also successfully completed the FISMA certification for our cloud-based archiving and governance solution, enabling us to serve the rigorous security requirements of U.S. federal agencies.

    Scalability and performance.  By leveraging a distributed, scalable architecture we process billions of requests against our reputation systems and hundreds of millions of messages per day, all in near real time. In addition, our grid-based storage architecture currently manages more than a petabyte of secure st