EUR 850.00 For Business Accounts Only

Morningstar | FireEye's 3Q Shows Non-GAAP Profitability, but Company Is Still Mid-Pivot; $15 FVE Maintained

FireEye reported third-quarter results for fiscal 2018 in line with our expectations, and we are maintaining our $15 fair value estimate. While the firm reported a non-GAAP profit of $0.06 per share--its first non-GAAP profit in years and modestly ahead of consensus and our own expectations--we continue to believe long-term issues for FireEye remain the same. FireEye concurrently contends with slowing revenue growth and bloated operating expenses that management has worked to rein in. Years ago, the firm’s sandbox offerings experienced expeditious revenue growth, but new entrants, such as Palo Alto Networks, caused top-line growth to stall from about 163% in 2014 to only 9% in 2017. We think the ability of new entrants to disrupt FireEye’s business model is supportive of our no-moat rating.

For the quarter, FireEye posted revenue growth of 7% year over year, in line with our estimates, due to the strength of the Helix platform as well as new product launches in endpoint and email security. Despite improving GAAP margins (which remain negative), the firm is still reporting hefty GAAP operating losses. We credit CEO Kevin Mandia with dealing with the arduous task of keep expenses in check while investing in new products to reignite growth, such as endpoint security offering MalwareGuard, which was launched this quarter. However, the financial reality is that we do not expect FireEye to post its first year of GAAP profitability until fiscal 2022. The firm has already pulled the lever of shifting expenses to low-cost labor markets and keeping stock-based compensation expenses in check. While we believe FireEye is on its way from shifting from a point vendor to an end-to-end cybersecurity vendor, as we model modestly accelerating revenue growth, we ultimately think it faces competition from diversified peers. We would await a wider margin of safety before investing.

To achieve GAAP profitability, FireEye needs to achieve at least high-single-digit revenue growth (which we model) and low-single-digit expense growth (which we model as well). Under those generous assumptions, the firm will not become GAAP profitable until 2022. However, the firm’s research and development and sales and marketing expenses are needed to operate in an increasingly competitive cybersecurity landscape. We think the positive reaction to FireEye’s results this quarter is due to management’s ability to execute on its promise, in that it kept expenses in check and increased the top line by the high single digits. However, longer term, management must execute flawlessly for several years on its turnaround plan amid a number of challenges.

FireEye’s most notable long-term challenge is that it has been labeled as a secondary cybersecurity solution, in our view. In the past, FireEye’s tools would complement a customer’s network security products that it would purchase from another vendor such as Cisco, Check Point, Palo Alto, or Fortinet. Essentially, FireEye was a second layer for its customers, catching what the traditional firewall vendors would miss. Palo Alto’s Wildfire eroded FireEye’s hold on the sandbox industry. This dynamic led to FireEye’s second long-term challenge: Customers are consolidating their cybersecurity tools around a single vendor instead of contracting with a variety of point vendors. This dynamic benefits FireEye’s rivals with a network firewall foothold, which have an easier time cross-selling their customers ancillary solutions than FireEye does from its position as a secondary line of protection in the data centers of its customer base. While FireEye has been successful in diversifying, we believe it is still trying to shake its traditional moniker as a secondary vendor, presenting a long-term challenge.