Summary
- The next earnings report should give Tenable more exposure if management beats its revenue and EPS guidance.
- Tenable currently trades at a discount to its peers.
- It's on track to keep gaining market share, amidst a slim loss margin and healthy balance sheet.
- Tenable is a BUY as a lot of investors are yet to be aware of this name.
Source: Tenable
It's tough to reconcile that Tenable (TENB) is now worth over $2 billion, how time flies. I used to regard Nessus as the vulnerability assessment tool for veteran penetration testers. Nessus is Tenable's flagship product. Now valued at ~$2 billion in addition to added security products such as Tenable.io, Security Centre (Tenable.sc), and Tenable Lumin, the company has more room to grow (vulnerability assessment market valued at $5.8billion in 2021 according to IDC) as a leader in the vulnerability assessment space, and the current valuation doesn't fully reflect its capabilities.
Source: Google Trends
The company has sustained double-digit revenue growth (+42% y/y in 2018) since it IPOed. While the lack of profitability will raise eyebrows, Tenable remains undervalued at 6.3x EV/Sales. Its flagship product remains a best of breed offering in the vulnerability assessment space. Its financials (barring the lack of profitability) are solid, and the path to better leverage and profitability couldn't have been smoother going forward.
Tenable is yet to pick up after its IPO in 2018. After trading as high as $38/share, the company has since sold off due to widespread apathy. With a market cap of ~$2.2 billion, the risk/reward is tilted towards more market share gain. After examining some of its previous earning calls, I sighted some factors that might be responsible for the lukewarm attitude towards this name.
Tenable is still trying to make a bigger case for enterprises to adopt Nessus, though the shift from a compliance to a risk-based approach to security has also been a tailwind for enterprises who want to adopt best security practices. The recent update to the free version of its Nessus essentials product highlights the need to put its products in the hands of security researchers and evangelists. Unlike Rapid7's (RPD) Metasploit, which is a more robust and popular framework, most security researchers are yet to understand the full capabilities of the paid Nessus solution.
As a security researcher, I'll stick with Metasploit when developing exploits or writing payloads. It comes with the popular Linux distro (kali), Kali, and I'll also use it when scanning a network for vulnerabilities. Nessus will only come as an afterthought to me.
Nessus relies on the two-step hoop that prospects have to scale to become enterprise customers. Firstly, you download the free Nessus easy-to-use tool with limited capabilities. Since inception, the Nessus software which was initially open source has garnered over two million unique downloads. If you like the product, you can get the professional version at a negotiated fee to protect more assets. Today, there are over 19,000 Nessus professional customers. From there, the company can up-sell you to Tenable.io (cloud) or Tenable.sc (on-prem).
Over the years, the company has been able to migrate more customers from the Nessus enterprise solution to Tenable.io and Tenable.sc. The company continues to rely on this strategy to increase its revenue per customer. It has also added more features like container security, web app scanning, and industrial security.
