SolarWinds Notches 87 Percent Customer Renewal Rate Despite Hack

‘We are seeing engagement with our federal customers. We are having to work probably a little bit harder with that base, but we are renewing that customer base as well,’ says SolarWinds CFO Barton Kalsu.


Eighty-seven percent of SolarWinds customers renewed maintenance contracts with the company in the first quarter of 2021 despite a massive cyberattack that compromised many high-profile customers.

The Austin-based IT infrastructure management vendor had as recently as February been expecting renewal rates in the low-to-mid 80 percent range for all of 2021, well below the company’s historical renewal rates of more than 90 percent. But after hearing about the company’s security investments, the vast majority of SolarWinds customers have opted for renewal, including those in the federal space.

“We are seeing engagement with our federal customers,” SolarWinds CFO Barton Kalsu told investors Thursday. “We are having to work probably a little bit harder with that base, but we are renewing that customer base as well.”

Sponsored post

[Related: SolarWinds Execs Earned $65M In 2020 Despite Huge Hack]

The renewal rates in SolarWinds’ federal business were slightly lower than in the company’s commercial business, but the company’s largest customer – which is in the federal space – not only renewed in the first quarter but also increased their license, said Kalsu and President and CEO Sudhakar Ramakrishna.

Ramakrishna said he’s spent a “disproportionate amount” of time with the company’s federal customers given the size and scope of SolarWinds’ business with them. Over the quarter, he said the conversations evolved from customers attempting to understand what happened to SolarWinds in the cyberattack to wanting to hear more about what SolarWinds learned and how the team plans to apply those lessons.

“Increasingly, what I find is that we are having broader conversations,” Ramakrishna said. “So whereas previously we may have been talking with, let’s say, a networking engineer, now we are having discussions with a CIO or a CISO. So that gives us the opportunity to have more relevant and more strategic conversations with them.”

The only customer to publicly announce they’re dumping SolarWinds has been Lexington, Mass.-based email security vendor Mimecast, who last month said they decommissioned their SolarWinds Orion network monitoring software and replaced it with a Cisco NetFlow monitoring system. That came after hackers exploited Orion to compromise a Mimecast certificate used for Microsoft authentication.

SolarWinds is on the hook for $10.2 million of remediation, containment, investigation, and professional services costs in the first quarter associated with the colossal Russian foreign intelligence service cyberattack. The company said April 13 that it believed it had spent between $18 million and $19 million cleaning up from the hack in the first quarter of 2021, with insurance picking up a portion of the bill.

Going forward, Kalsu expects one-time costs associated with the cyberattack to be lower, but said it’s difficult to predict. Those costs include not only a forensic investigation into the hack that SolarWinds expects to conclude soon, but also costs associated with ongoing litigation, government investigations, and potential judgements or fines, according to Kalsu.

SolarWinds doesn’t have any liabilities associated with litigation or government probes as of March 31, though Kalsu said it’s fairly early in the investigation process. The Department of Justice, the Securities and Exchange Commission, and various state Attorneys General have launched investigations into the SolarWinds hack, with the company also facing inquiries under the European Union’s GDPR regulations.

These one-time costs are separate from the $20 million to $25 million that SolarWinds plans to spend on security-related initiatives going forward, which Kalsu said will secure the supply chain process. Those costs should remain fairly consistent even as SolarWinds continues to grow except for penetration testing, which will get more expensive as the company’s customer base and IT footprint gets larger.

Revenue for the quarter ended March 31 climbed to $256.9 million, up 4 percent from $247 million the year prior. That beat Seeking Alpha estimate of $253.6 million.

The company recorded a net loss of $7.2 million, or $0.02 per diluted share, as compared with net income of $415, or $0.00 per diluted share, the year prior. On a non-GAAP basis, net income climbed to $73.5 million, or $0.23 per diluted share, up 15 percent from $63.9 million, or $0.20 per diluted share, the year prior. That edged out Seeking Alpha’s non-GAAP earnings estimate of $0.20 per diluted share.

SolarWinds’ stock is down $0.69 (3.72 percent) to $17.71 per share in midday trading. Earnings were announced before the market opened Thursday.

Maintenance revenue in the quarter ended March 31 climbed to $123 million, up 5.8 percent from $116.3 million the year prior. And subscription sales in the quarter soared to $109 million, up 16.4 percent from $93.6 million last year. But license revenue plummeted to $24.9 million, down 32.7 percent from $37 million the year before.

For the quarter ending June 30, SolarWinds expects to record non-GAAP diluted earnings of $0.21 per share on non-GAAP total revenue of $254 million to $258 million. Analysts had been expecting non-GAAP earnings of $0.22 per share on non-GAAP sales of $252.5 million, according to Seeking Alpha.