I did a technical review of over a year ago that I found most enlightening. It really solidified a lot of concepts around hypergrowth investing that I now look for in other companies. Here were a few takeaways that remain highly relevant to Okta and to SaaS in general. /1
Okta Identity Cloud platform is many product lines in one. It is a cybersecurity tool (IAM to manage workforce), a business operations service (helping HR and IT manage and automate workflows), and a developer tool (managing your app's users). /2
Because of this, Okta solves problems across an entire org. IT infrastructure gets simplified. HR & IT get their processes simplified and automated. Developers get a kickstart into securing their apps and integration capabilities. Sales gets exposure from being in OIN. /3
Over all of those product lines, they are leveraging ML/AI to improve their internal security & operations. But beyond that, they are also directly monetizing analytics -- by integrating more advanced features using ML/AI in higher priced tiers. /4
Okta seems future proofed; its customers will always need identity management, and once on the platform there is NO incentive to go back, nor seek cheaper alternatives. Costs seem very reasonable, compared to the savings they will instantly get (fewer IT staff to hire). /5
Okta is clearly intent on embedding itself deeper and deeper into the workflows of its customers, making it more and more sticky. Their customers can utilize APIs as building blocks, to embed Okta into their processes, as well as into their own services and apps. /6
Embedding Okta into your app has a lot of benefits. First and foremost, you don't have to build a system to handle security. Your team can instead focus on your strengths and be building your app's important features, not wasting time on the security mechanism over it. /7
Signing up with Okta means you are hiring the experts in cybersecurity around identity, offloading a huge amount of expertise needed on your team to get your app's security correct. A customer is minimizing its risk by integrating Okta. It has extreme lock-in. /8
Okta as a cloud-based cybersecurity platform has complete vision over all its users, their usage, and their traffic. It can continuously monitor its entire customer base over its global network. Upon detecting issues, they can quickly fix it for every customer instantly. /9
With its focus on Identity, enterprises can now offload cybersecurity concerns onto the experts at Okta. They greatly reduce the expertise level needed in their own IT. There is no going back to the old way of doing things once a company commits to these new paths. /10
Going forward, as customers move to more advanced infrastructure scenarios (cloud, hybrid) or more complex development layouts (running microservices or using managed databases), the more need for Okta to help manage user access across it all. /11
But the big tailwind is Okta's exposure to the SaaS economy. As enterprises utilize more and more SaaS services to run their business operations, the more need for Okta to be the interconnecting glue controlling the access between it all. That is a great position to be in. /12
And once Okta has its hooks in, it deepens the grip. The level of customization and automation of workflows that can occur locks Okta in further to its customers. Okta keeps getting stickier. Enterprises managing their own app's users in Okta are especially locked in. /13
Okta is solving many problems for its customers, and it keeps growing as they leverage their architecture to go into new directions. For instance, you not only manage your workforce's access to SaaS services, but can now also manage their access to servers and internal APIs. /14
They keep adding new use cases and product lines. They have a huge focus on Zero Trust being the next-gen security paradigm to manage complex infrastructure and development architectures. The trends towards serverless, microservices and containers play into this. /15
All these factors spiral around to make Okta one of the stickiest platforms that I have come across. They are the interconnection between enterprises and all these widely used SaaS tools, but are also deeply embedded into the workflows and apps of their customers. /16
... Lots more in my in-depth deep dive of the technology. It goes a bit deep with some cybersecurity terms, as I think you need to understand the basics of the underlying tech in order to truly understand the potential in 's platform. /fin
Another quarter, another chance for Palo Alto $PANW to completely change up how it tracks customer counts within its Next-Gen Security segments.
This company cannot decide on what the hell to report for custs on Prisma SASE (Zero Trust), Prisma Cloud (CNAPP), and Cortex (XDR).
This time in Q4, they morphed from "pure" SASE customers (Access + Cloudgenix) to now include PANOS SD-WAN (their other SD-WAN before Cloudgenix acquire) and "SaaS Security subs" (WTF that is).
So they last revised this KPI in Q1, and now revise it AGAIN in Q4. WTF!
All this does it further bury their Access (Zero Trust) customers in a sea of SD-WAN custs and now broader platform SaaS subs.
And if you want to compare the 3556 SASE customers reported in Q4, look to the footnotes in the Q3 and Q2 slides (3160 and 2915). (Sorry, no Q1!)
The lack of CEO experience worked out so well last time they decided to go for it again. Let's look at his background...
He came out of their Meraki division, which Cisco acquired back in 2012 for on-prem Wifi & network appliances that are managed centrally via a cloud-based platform. It has expanded into SD-WAN appliances, connected IoT, and mobile device mgmt. ...
Of course, an edge network is one giant software-defined network. But not sure how this appliance-heavy experience is relevant to running a global edge network with CDN, WAF, & serverless computing capabilities. ...
... and hints of a few small things coming this week
"... driving down costs of core cloud services, pushing the boundary of our network to our customers' doorsteps, and investing in new technologies that may someday disrupt the web as we know it today"
which to me, reads as...
- transferring data between clouds & across the edge
- spreading the reach of the edge, like the Borg
- embracing web3/decentralization (as just stated on CloudflareTV kickoff by @eastdakota)
An investment strategy: buy and forget
Another: buy and shift (from low to strengthening convictions)
Another: actively trade a well understood core
Another: actively trade market / momo
Another: bungle around just jumping on tips
(I am “buy and shift”)
A concentration strategy: widely diverse port
Another: concentrate to highest of diverse convictions
Another: heavily concentrated into conviction (under 12)
(I am “heavily concentrated”)
Selection strategy: pick specific themes or industries or sec trends to ride
Another: deeply understand a concentrated core
Another: use a selection service or trading platform
Another: pick an open guru and follow blindly
(I am “deeply understood core” in “specific themes”)
I am not impressed with $FSLY's performance or mgmt ... yet again.
Rev +40%, decelerating -4pp YoY. That isn't the issue; they are usage based and bounce around.
But it's their first Q of SigSci -- adj out the $6M (an analyst had to wiggle out in Q&A), and they grew 30%.
Sorry, but for my rules, 30% rev growth is NOT hypergrowth.
Looking forward, guidance for Q1 was 32-36% YoY growth, but again adj out SigSci's expected 8M, and it's really 19-24% YoY. Terrible! Clearly no Compute@Edge contribution either.
Customer growth was +20% and enterprise custs slower at +12% (+3.5% seq). This is where I see the fracture in execution - you cannot scale if you aren't intaking new custs at a rapid rate.
Good news here: A new CRO was hired, hopefully to correct this.