Tag Archives: pfpt

Proofpoint Smashes Q1 Views, Guides 2016 Up On ‘Momentum’

Proofpoint ( PFPT ) smashed Wall Street’s first-quarter expectations late Thursday, thanks in part to a $5 million billings pull-through, and boosted 2016 guidance by $5 million at the midpoint, prompting shares to rocket Friday. In early trading on the stock market today , Proofpoint stock jumped as much as 8% before paring the advance to a 2.5% gain in mid-morning trade, near 55. Shares are down more than 15% this year, but they have recovered 50% from a Feb. 8 bottom at 36.60 on concerns of a slowdown in IT spending. For Q1, Proofpoint reported $79 million in sales, up 37% year over year, and a 9-cent loss per share ex items vs. a 14-cent loss in the year-earlier quarter. Billings came in at $98.3 million, up 48%. All three metrics topped the high end of Proofpoint’s guidance. The analyst consensus, meanwhile, had modeled $76.3 million in sales and a 14-cent loss per share. During Q1, Proofpoint’s protection and advanced threat segment — which represents 71% of sales — grew 47% year over year, CFO Paul Auvil said on the late Thursday conference call. TAP (targeted attack protection) nearly doubled and accounted for half of all new add-on business, he said. Pacific Crest analyst Rob Owens called it a “sign o’ the times (as) momentum continues,” and maintained his overweight rating and 66 price target on Proofpoint stock. “Proofpoint remains in the winners’ camp relative to our bifurcation thesis, as results meaningfully outpaced expectations for the quarter,” he wrote in a research report. “Q1 was demonstrative of the multiple layers of potential upside for Proofpoint.” Current-quarter guidance for $83.5 million to $84.5 million in sales and $94 million to $96 million in billings would be up a respective 32% and 26% year over year. Proofpoint sees a per-share loss of 7-8 cents vs. a 9-cent loss in the year-earlier quarter. Billings guidance was slightly short of analyst views for $100 million, but Piper Jaffray analyst Andrew Nowinski credited that to $5 million in early renewals that typically would have been factored into Q2. Nowinski retained his overweight rating and 76 price target on Proofpoint stock. Proofpoint also bumped up its full-year guidance. Partnerships with Intel ( INTC ) and Palo Alto Networks ( PANW ) haven’t yet been factored into guidance but are contributing to the pipeline, Nowinski wrote. “They did say revenue from a number of customers is double what they spent with Intel since they bought additional products like TAP or privacy,” he wrote in a report. “This suggests the overall opportunity could be larger than initially estimated.”

Palo Alto Networks Gouges Cisco, Check Point, Fortinet: Survey

Palo Alto Networks ( PANW ) gouged rivals Cisco Systems ( CSCO ) and Check Point Software Technologies ( CHKP ) during Q1, as Fortinet ( FTNT ) and Symantec ( SYMC ) demand toppled, according to a Piper Jaffray survey of 26 resellers and distributors. Meanwhile, cybersecurity vendors Imperva ( IMPV ) and FireEye ( FEYE ) improved on Q4 demand, and CyberArk Software ( CYBR ) and Proofpoint ( PFPT ) demand remained relatively stable. Cybersecurity stocks largely fell as of midday trading on the stock market today , with IBD’s 25-company Computer Software-Security industry group down nearly 1.5%. Proofpoint and Fortinet stocks led the plunge, both down more than 4% midday Tuesday. CyberArk stock was down more than 2%, and Palo Alto Networks stock was down more than 1%. Imperva was down more than 2.5%, and FireEye fell nearly 2%. Symantec and Check Point stocks bucked the trend, trading flat and up 1%, respectively. Check Point is losing to Palo Alto Networks, according to resellers surveyed by Piper Jaffray analyst Andrew Nowinski, but half of the resellers cited Cisco as the rival Palo Alto Networks beats out most frequently. “Cisco and Check Point have consistently been called out by resellers as the vendors most frequently losing to Palo Alto,” Nowinski wrote in a research report. In Q4 and Q3, Juniper Networks was also cited by 13% and 18% of resellers as losing to Palo Alto Networks. “However, this is the first quarter resellers cited Fortinet as competition to Palo Alto, suggesting Fortinet may be moving more upstream into the mid-market enterprise space,” Nowinski wrote. Only 35% of resellers sold more Palo Alto Networks products than they expected, Nowinski wrote, down from 56% in Q4. The largest distributors say Palo Alto Networks demand trends were unchanged, he added. Imperva jumped in Q1, as 20% of resellers were above plan vs. 8% in Q4. And FireEye demand improved to 31% below plan from 36% in Q4. CyberArk and Proofpoint were largely in line. But Fortinet and Symantec declined. In Q1, 31% of Fortinet resellers were below plan vs. 14% in Q4. Symantec fell to 50% below plan vs. 29% in the prior quarter.

Billions Of Apple iPhones May Be Vulnerable To Attack: Check Point

Billions of Apple ( AAPL ) iPhones and iPads could be exposed in an iOS 9 vulnerability, Check Point Software Technology ( CHKP ) researchers were slated to announce Thursday morning at Singapore’s Black Hat Asia 2016 conference. Enterprise applications installed via Mobile Device Management (MDM) software are exempt from Apple’s latest security changes, which means that an attacker can hijack legitimate communications to install malicious apps, says the security firm. It’s still theoretical, Avi Rembaum, Check Point vice president of security solutions, told IBD on Wednesday. Black Hat gives researchers an opportunity to discuss hypothetical threat vectors, including this new so-called “Sidestepper” vulnerability. “Unfortunately, a lot of those things we talk about that might happen often end up happening,” he said. Few Barriers To Entry Apple recognized a key piece of the Sidestepper vulnerability in iOS 8. For $299 a year, an enterprise can purchase an Apple certificate to upload a private app via the Apple Developer Enterprise Program. “But if someone is going to be malicious, they don’t really care about signing a (certificate) agreement, plus it’s $299 per year to get that certificate,” Rembaum said. “There weren’t many barriers to entry.” Enterprises are headily embracing the “Bring Your Own Device” trend and, in one case study of a Fortune 100 company, Check Point found 318 private apps and 116 unique certificates on employees’ devices. Those numbers were suspiciously high, Rembaum said. “When we looked deeper … they were on the sketchier side and were from parts of the world that could be problematic,” he said. “We saw a very small number of them that would be considered white-listed (trustworthy).” So in iOS 9, Apple upped the challenges to installation, says Check Point. But the new challenges don’t cover MDM-pushed updates to employees’ devices. Of the 1.2 billion installed iPhones and iPads, 79% have iOS installed and are therefore vulnerable. Intercepting Legit Connections Enterprises often rely on MDM services like those by BlackBerry ( BBRY ) (via its Good Technology acquisition), VMWare ( VMW ) and MobileIron ( MOBL ) to push updates onto employees’ devices, thereby avoiding the “headache” of ensuring that every app has identical settings, Rembaum said. That MDM-device connection, however, is also a powerful portal for Man-in-the-Middle (MitM) attacks, he said. A hacker can, theoretically, intercept the communications between MDM and device to install a certificate and then a malicious app. Often, the interception relies on social engineering, he said. “An attacker would send a text message to the target with a link to download the configuration file,” he said. “It would install a certificate and configuration instructions in the phone. The only thing the user has to do is say yes to installing.” Then the attacker is in — with access to a user’s address book, microphone, photos, GPS, apps and, possibly, company data. Education Alone Isn’t Enough Rembaum recommends that MDM users take a “multilayer approach” to mobile security. Because hackers often rely on social engineering to launch phishing attacks — by email, text message or social media — enterprises should train employees on red flags. Phishing attacks cost businesses more than $215 million between October 2013 and December 2014, according to a January report by the FBI. This month, Seagate Technology ( STX ) discovered that it had been duped into handing out nearly 10,000 W-2 forms belonging to former and current employees. The Seagate revelation came on the heels of a similar attack on privately held Snapchat. Scammers often change a single letter in an email address or impersonate a CEO’s email address, Barracuda Networks ’ ( CUDA ) Slawek Ligier and Proofpoint ’s ( PFPT ) Ryan Kalember told IBD. Outside education, an enterprise can install Check Point’s Mobile Threat Prevention (MTP) software and have its employees install the ZoneAlarm app, Rembaum said. FireEye ( FEYE ), Symantec ( SYMC ), Intel ’s ( INTC ) McAfee, Palo Alto Networks ( PANW ) and Proofpoint also compete in the mobile security space. A MitM attacker creates an encrypted tunnel — typically through a virtual private network (VPN) — to its own site, directing a user away from the legitimate MDM. Check Point’s MTP solution hunts down that encrypted tunnel. “The user would have received the text, clicked on the link and installed the certificate,” Rembaum said. “Then (Check Point’s software) would reach out and block the connection.” He added: “The actual installation of the malware wouldn’t have succeeded.”