 From the CUBE studios in Palo Alto and Boston, connecting with thought leaders all around the world, this is a CUBE conversation. The isolation economy has created substantial momentum for certain cybersecurity companies. Notably, as of the big stock market sell-off on June 11th, relative to our last cyber report, which we did in February, the S&P 500 and the NASDAQ are off 11% and 3% respectively. Bahad, the valuations of three companies that we cited as four-star firms in our February cyber report are up significantly. In particular, Oakt's valuation is up 34% since our last look in February. Crowdstrike almost 50% and Zscaler over 60%. Yet several other companies that were named as four-star players have really either tracked the S&P or have even performed more poorly. Despite still showing decent strength and spending momentum based on survey data from ETR. Welcome everybody to this week's Wikibon CUBE Insights powered by ETR. My name is Dave Vellante, and in this breaking analysis, we want to update you on our cybersecurity outlook and try to answer several questions. Such as, what has changed in the cybersecurity landscape since our last report? Much has as you know, has the isolation economy created a permanent shift in security spend or are these upticks just anomalies? What can we learn from the ETR spending data? And is the divergence and valuations amongst security leaders justified? Let's start by taking a look at what has changed since our last cyber report. Now we produced this just ahead of the RSA conference in February and one of the last physical conferences. So there's some big changes going on in the market. We really want to understand, are they systematic? In other words, are there fundamental changes to the system and its underlying principles? And by many accounts, the answer appears to be yes. Recently, I listened in to a number of CISOs it was a call with ETR's Eric Bradley and we heard the executives echo some of the themes that we've been discussing previously. You know this notion of the work from home pivot creating a focus on things like zero trust networks, changes in identity and access management and way more focus on cloud and of course as a service really reducing reliance on traditional firewalls and appliances that reside in organizations data centers. You know, we've gone from a world where digital transformation was an important strategic initiative to one where if you weren't digital you largely couldn't transact business. Now people are, the question they have is the long-term viability of VPNs makes sense and even things like SD-WAN are being called into question as corporate offices are empty and the internet is becoming the new private network. Now, one thing that hasn't changed is there are still a lot of technologies in the space and that seems to be continuing as buyers need solutions to problems quickly to plug holes and on balance IT budgets they are contracting so most companies still have to justify security spending based on the amount of risk reduction versus the cost. Of course it's easier to justify for securing remote workers. So what I want to do now is take a pause and let's look back at some of the ETR data that we shared back in February. Now remember this data is from the January ETR survey, ETR surveys organizations once every quarter and if you recall we keyed on two key metrics some of our favorite metrics, NetScore which is a measure of spending momentum and market share which measures pervasive, sorry, pervasiveness in the data set. Now as you might recall the left most chart here shows the cyber players and we sorted them by NetScore. The right hand side that sorts those companies on shared end which measures the number of mentions of that company within the cyber security sector. Now at the time we named several four-star companies actually we started this last year when we initiated coverage in the security space. These four-star security firms really based on their rankings within both of those metrics NetScore and shared end. So you can see the four-stars Microsoft, Splunk, Palo Alto, Networks, Proofpoint, Okta, CrowdStrike and we added Zscaler as new and then Cyberock and we gave Cisco and Fortinet two stars as they were kind of on the cusp. Now let's look at some of these companies from the April survey that ETR did. So this chart shows a subset of the vendors that we showed before. Now remember this survey was taken at the height of the lockdown from kind of early part of March to early part of April. Budgets were under immense pressure. Nonetheless, look at Microsoft, Cisco, Palo Alto, Fortinet and Zscaler all held up pretty evenly. CrowdStrike also held steadily and maintained a very high level. Okta dipped somewhat, but from a pretty high level as well. Only Proofpoint is one of the ones that show decline notably from 48% to a 40% NetScore relative to the chart I showed earlier. Now Sailpoint didn't make the four-star cut because it doesn't have the presence in the dataset but its NetScore is solid and the shared end jumped from 66 last survey to 88 in the latest checkpoint. So this identity and access management player, it seems to be one to watch. We'll come back to that in future episodes. Now let's plot some of these players in context using this two-dimensional axis that we often show. This chart shows that view that we like to share. It plots NetScore or spending velocity on the y-axis and then market share on the x-axis. Remember, market share is calculated by dividing the number of mentions for a company by the total number of mentions within that sector. So it's not like true IDC market share. It's market share within the survey. So you can see here a continued theme of Microsoft Momentum, very high NetScore or high NetScore and big presence. We plotted IBM and Dell EMC which is really the legacy RSA business just for context. And these are two companies with strong security brands but as you can see, they're really not giants that they used to be in cybersecurity software. So a couple of points on this graphic. CrowdStrike really jumps out as the momentum play on this chart and there's really no surprise given its focus on endpoint security and the pivot to work from home. Okta has a focus on cloud-based identity management and they continue to show very strong and CyberArk with a focus on privilege access is also very important in this remote worker environment. We'll talk about that some more later. And you can see Zscaler quite strong and steady from the last survey, but that company saw some of the biggest action in the stock market which we're going to try to explain in a moment. Proofpoint, we talked about a deceleration in NetScore but they're right in the mix as is Fortinet. Now finally, Palo Alto, they remain strong and Cisco like many of its businesses very credible with a NetScore that's decent and a large market presence as always. Now as we reported, security is one of the brightest spots in that Cisco portfolio. So the big takeaway from the ETR data is that despite the pandemic, cybersecurity software has held up very well from a spending standpoint. But now let's look a little bit deeper into what's happening in the stock market with these firms. But first, as we know, there's a clear disconnect between what's happening in financial markets and the fundamentals of the economy. Wall Street versus Main Street is kind of that narrative. And within the security sector, there's also a dissonance between companies and we want to discuss that next. Here's an updated chart that we showed in February from our last cybersecurity episode. It compares the performance of the S&P 500 and the NASDAQ as of February 19th with the performance of four-star cyber players from that date to Thursday, June 11th, the day that saw an 1800-point drop in the Dow. So some of the steam has been let out of the market, but the story really isn't going to change that much. First, the S&P is off 11% since that time, but the NAS is only off 3%, heck heavy. But look at the deltas of our four-star companies. Let me start with Splunk. I didn't show Splunk earlier on the charts, but the value metrics of Splunk, they really haven't moved much since our February report. Splunk's net score was down somewhat in the sector, but remember, Splunk does more than just security. It's really becoming a critical big data player in analytics. I think people maybe don't like the tepid 2% revenue growth that Splunk showed, but remember, Splunk is transitioning to an ARR model, an annual recurring revenue model, and that's going to take some time. It acquired Signal FX late last year to give it a stronger SaaS play in monitoring and, of course, analytics. I like Splunk, just like Adobe and Tableau who had to make a similar transition and ultimately they powered through it because they're great companies with really loyal customers and I think that really does apply to Splunk. Let's take a look now at Palo Alto Networks and Fortinet. Now you might remember in our last security update we spent a fair amount of time explaining the valuation divergence between Palo Alto and Fortinet due to some of the cloud challenges that Palo Alto was facing, even some of the sales motions. So we said Fortinet at the time had done a better job transitioning to a cloud, but Palo Alto really had a good quarter. It beat earnings revenue and it gave guidance and the stock moved up very nicely, but then it ran into resistance and you can see it's tracking about with the S&P 500 over this period of time. And you can see the revenue multiples show the valuations divergence between those two companies. It's even more stark. So you got Fortinet's kind of holding firm and Palo Alto dipping a little bit. Now, let me make some comments here. I mean, I like Palo Alto Networks. Not only are they solid in the ETR dataset despite the COVID pandemic, but anecdotal evidence and discussions with IT leaders suggest that organizations want to do business with Palo Alto. They really considered a thought leader in the space personally, I think they're going to do very well this decade. So now maybe there's some technical aspects going on with the stock. I'm not really qualified to address that, but they clearly saw some resistance despite bouncing on the strong quarter. Just couldn't hold. Now, let me skip over the green box and I want to quickly comment on the last two here. I'm going to start with CyberArc. They are underperforming this group even though you would think with a focus on privileged access security, they do well in this environment. And they beat last quarter, but they suspended guidance and they cited exposure to some hard hit industries on their earnings call. Now as well, it is interesting, the company is aggressively hiring and so that increased OPEC substantially. So I think management is confidence. You know, what do they know that the street doesn't know and they're just being cautious. But they are taking evaluation hit as a result. We'll see how that plays out. Now, Proofpoint has also taken evaluation hit in our period of analysis, back from February to now, despite beating estimates last quarter. You know, maybe not as strong as it worked from home play, but again, a beat in this environment is definitely a positive. Now I want to come back to the three key companies highlighted in the green, Octa, CrowdStrike and Zscaler. Zscaler, remember, we added new in February to our four star list, which we initiated last year. The valuation of these three companies has soared since the pandemic. And they've reported tailwinds as a result of the new reality. Octa with its identity management focus, CrowdStrike with endpoint and Zscaler with its security cloud are all seeing momentum. And it makes sense that these three are very focused and they're aligned with their remote worker economy and of course a shift to the cloud. As well, they all beat earnings and management had a pretty sanguine outlook going forward. But I want to call your attention to the revenue multiples of these three companies and take a look and compare them to their peers. You know, are these justified? Well, as I said before, there's really a difference between the stock market and what's happening in the real world today. So I would say, you know, I would, I want to see these companies continue to outperform their estimates and their strong guidance. And frankly, at these revenue multiples, I'd expect, you know, even higher growth rates, especially from Octa and Zscaler. So we'll see. And the point is the market's exuberance, it's really based on future expectations. And I do think there was a bit of, you know, FOMO fear of missing out at play here with investors hopping on the bandwagon. But look, the data from ETR shows that these companies are pretty strong. And of course, much of the stock action is based on performance relative to earnings estimates. So we'll see if this can continue. I mean, to me, it does feel a little frothy even after that recent sell-off. All right, let's wrap up. So the disconnect between financial markets and the real world economy, it creates uncertainty in the market. So you got to be cautious. Really, especially if you're chasing momentum. I just want to say, I know a lot of young investors who reach out to me and they comment to me in these segments. And look, I'm not qualified to tell you where to invest. I just report on the fundamentals and I try to tie in financial trends and market trends. Of course, but you got to do your own research, you know, be patient, do your dollar cost averaging thing, you got a long life to live. Now, the after COVID, AC economy and the remote work from home momentum will not be a rising tide that's going to lift all ships in this segment. But there's no doubt that CISOs are rethinking cyber. We've said for years that protecting the perimeter was going to change as the main focus and it has to a degree. But I tell you, I think the mindset has changed more in the last 90 days than in the previous three years. The scourge of VPNs and even the efficacy of SD-WAN are being called into question. As security technologies that exploit the internet and cloud appear to be very sensible to CISOs and have momentum. You know, we're also seeing more collaboration between organizational boundaries and even many CIOs are becoming much more involved in security as our line of business heads and even some CISOs reporting into CIOs. As we've said many times, cyber has become and will continue to be a board level agenda item and topic. In the near term, we really don't see the fragmentation of the products that we've talked about for years changing. If anything, the shiny new security tools might even increase granularity in the marketplace as organizations, they can't just unplug their legacy infrastructure as much as they'd like to. But longer term, there will be more consolidation in this market as the whales are going to buy companies to fill holes in their lines. I mean, look at VMware. There's a good example of a company we really haven't talked about, trying to elbow its way into the security space. And the cloud as well was going to attack some of the problems of complexity which in part stems from too many tools and that will foster some of this collaboration expectation. Okay, well that's it for this week. Remember, these episodes are all available as podcasts so please subscribe. I publish weekly on wikibon.com and siliconangle.com so check that out and please do comment on my LinkedIn posts. You can email me as well at david.valante at siliconangle.com. This is Dave Vellante for theCUBE Insights powered by ETR. Thanks for watching everyone. We'll see you next time.