N-Able - Earnings Call - Q1 2025

Executive Summary

• Q1 2025 delivered a top- and bottom-line beat: revenue $118.2m and adjusted EBITDA $31.6m both exceeded the high end of guidance; non-GAAP EPS was $0.08. Management raised FY 2025 revenue, ARR, and adjusted EBITDA guidance midpoints, citing stronger execution and updated FX.
• Versus consensus, revenue beat by ~$2.65m (+2.3%) and non-GAAP EPS beat by ~$0.022; CFO noted ~$2m FX tailwind and a modest positive ASC 606 impact in Q1 that won’t carry through the year.
• Margins compressed vs Q4 due to higher amortization, transaction-related costs and integration investment (adj. EBITDA margin 26.8% vs 32.7% in Q4; GAAP net loss of $7.2m).
• Strategic highlights: launch of Vulnerability Management inside UEM, Microsoft 365 Breach Prevention, reseller-channel expansion, and “largest new bookings deal ever”; Board authorized a $75m share repurchase program.

What Went Well and What Went Wrong

What Went Well

• Exceeded revenue and adjusted EBITDA guidance; management raised full-year midpoints (revenue, ARR, adjusted EBITDA), reflecting execution and FX updates.
• Product momentum: launched Vulnerability Management in UEM and Microsoft 365 Breach Prevention; “We are automating 70% of incident and threat remediation activities across thousands of end customers” (AI-powered SOC).
• Go-to-market expansion gaining traction: added resellers globally and recorded “our largest new bookings deal ever,” underpinning cross-sell and channel strategies.

What Went Wrong

• Margin compression and GAAP loss: adj. EBITDA margin fell to 26.8% (from 32.7% in Q4) and GAAP net loss of $7.2m vs Q4 GAAP net income; operating income declined to $1.8m from $16.0m in Q4, reflecting amortization and transaction costs.
• Non-GAAP gross margin stepped down to 80.6% from 82.3% in Q4; GAAP gross margin to 76.6% from 80.0%.
• Net revenue retention slowed to ~101% (TTM) vs 103% in Q4; CFO indicated it likely bottomed in Q1 and should improve through 2025, driven by cross-sell and pricing (1–2%).

Transcript

Operator (participant)

John, thank you for your patience. The N-able First Quarter 2025 earnings call will begin shortly. During the presentation, you will have the opportunity to ask a question by pressing star followed by one on your telephone keypad. Thank you. Good morning, everyone, and welcome to the N-able First Quarter 2025 earnings call. My name is Angela, and I'll be coordinating your call today. During the presentation, you can register to ask a question by pressing star followed by one on your telephone keypad. If you change your mind, please press star followed by T. I will now hand you over to your host, Griffin Gyr, Investor Relations Senior Manager, to begin. Griffin, please go ahead.

Griffin Gyr (Senior Manager of Investor Relations)

Thanks, Operator, and welcome everyone to N-able's First Quarter 2025 earnings call. With me today are John Pagliuca, N-able's President and CEO, and Tim O'Brien, EVP and CFO. Following our prepared remarks, we will open the line for a question-and-answer session. This call is being simultaneously webcast on our Investor Relations website at investors.n-able.com. There you can also find our earnings press release, which is intended to supplement our prepared remarks during today's call. Certain statements made during this call are forward-looking statements, including those concerning our financial outlook, our market opportunities, and the impact of the global economic environment on our business. These statements are based on currently available information and assumptions, and we undertake no duty to update this information except as required by law.

These statements are also subject to a number of risks and uncertainties, including those highlighted in today's earnings release and our filings with the SEC. Additional information concerning these statements and the risks and uncertainties associated with them is highlighted in today's earnings release and in our filings with the SEC. Copies are available from the SEC or on our Investor Relations website. Furthermore, we will discuss various non-GAAP financial measures on today's call. Unless otherwise specified, when we refer to financial measures, we will be referring to non-GAAP financial measures. A reconciliation of certain GAAP and non-GAAP financial measures discussed on today's call is available in our earnings press release on our Investor Relations website. Now, I will turn the call over to John.

John Pagliuca (President and CEO)

Thank you, Griffin, and welcome everyone to our call this morning. As cyber threats continue and uncertainty pervades the economic conversation, small and mid-market businesses face mounting pressure to stay secure and efficient. With a cyber resiliency platform purpose-built for their needs, N-able delivers the protection and performance required to move forward. Our value and approach are resonating. At our recent Empower conference in Berlin, more than 500 international attendees responded to the N-able vision with enthusiasm, underscoring the growing urgency around security and the confidence customers place in our platform. This confidence was echoed at our Investor Day, where we laid out our target to reach $750 million in ARR by 2028. Three growth drivers underpin our path to this target. First, driving security success. Second, scaling our go-to-market. Third, boosting customer expansion.

Today, we will walk through updates on each and discuss why we believe N-able is ready for both the challenges of today and the opportunities ahead. Let's begin with our quarterly results. First quarter ARR grew 11% year over year in constant currency. First quarter revenue was $118.2 million. Adjusted EBITDA was $31.6 million, reflecting a 27% margin. We once again exceeded our top and bottom line guidance as we executed against our strategy and set ourselves to gain share in our large and growing TAM. Turning to our growth pillars, let's first look at our security initiatives. We made excellent progress on our product roadmap, highlighted by the release of Breach Prevention for Microsoft 365. We believe this offering solves a deep customer pain point.

Microsoft serves as a core technology provider to a large portion of our customer base, and attackers are increasingly bypassing traditional endpoints targeting digital identities to infiltrate organizations. Our solution ingests Microsoft 365 user telemetry to proactively detect and remediate threats, securing this critical identity attack vector. This is a compelling way for customers to enhance their Microsoft security posture while positioning us to meet strong demand and drive growth. We also launched vulnerability management as a new built-in feature in our Unified Endpoint Management, or UEM, solution. This is a major step for the industry. Customers looking to identify and remediate vulnerabilities in their environments have historically needed to purchase and deploy two separate tools: one to identify vulnerabilities and another to patch and remediate those endpoints. N-able now delivers the capability to accomplish these workflows with a single solution.

This is a differentiator for N-able and a better way to do business for our customers. We are reducing software sprawl, reducing fragmentation, and closing security gaps while making the technicians we serve more efficient. We have already discovered millions of vulnerabilities, and early positive customer reception gives us confidence that our solution hits the mark. In addition to launching new defensive capabilities, we also advanced our efforts to help customers operate more efficiently. Cove Data Protection shines particularly bright. The team improved Microsoft domain backup speeds up to 20%, extending Cove's value proposition as a trusted, cost-effective protector of data. Efficiency matters, especially in an uncertain macro environment, and Cove's clear ROI positions N-able to win. When you deliver value, awards and recognition follow.

We were proud for Cove to be named a champion in managed BDR by Canalys for the second consecutive year, reinforcing our technical capabilities and continued market strength. Not to be outdone, our Lumen Security Operations solution was recently named market leader for MDR in the 2025 Cyber Defense Magazine Global InfoSec Awards. This award and our market trajectory validate our approach, which we discussed in our recent 2025 State of the SOC publication. I'll give you some takeaways from the report. The volume, velocity, and cost of cybersecurity attacks and breaches remain at all-time highs. Security teams are overwhelmed. They can't process an unending number of alerts, and they also don't have the budget or expertise to hire the multiple security analysts needed to properly reduce their risk profile. Old paradigms simply don't work in the age of AI-driven threats. A customer example brings this to life.

A security professional at a regional healthcare organization was single-handedly managing over 1,500 devices. This is a significant workload and involves substantial risk. He and his organization needed help. Recognizing the business risk, he decided to trial our Lumen Security Operations solution. During the trial period, we stopped three different security breaches. The thwarting of these threats immediately proved the ROI of our solution, leading to a six-figure ARR deal. We are winning because we are built differently. Our AI-powered solutions cut through the noise while our experts provide eyes on glass, contextualizing and remediating priority events. Technology is a moat for our AI-powered SOC. We are automating 70% of incident and threat remediation activities across thousands of end customers. This gives us a competitive edge against legacy approaches and empowers us to drive better outcomes for our customers.

Our automated SOC, the development of Breach Prevention for Microsoft 365 and Vulnerability Management, highlights that we are building on our technical differentiation. We are bullish on AI and security, and we are just getting started. A second pillar of our growth strategy is expanding our go-to-market. We are broadening our approach to capture the full spectrum of channel providers that small and mid-market companies rely on to protect their digital operations. Our leading position in the MSP community is driven by a simple formula: quality partnership coupled with purpose-built software. Resellers, system integrators, and distributors share similar needs and represent approximately twice the market opportunity of the MSP market. We are applying our proven channel formula to partner with these providers, positioning us to deliver cyber resilience to more businesses, regardless of which channel partner they choose. This expansion is already taking shape.

In the first quarter, we added resellers across the globe to our program, revamped our partner portal to better facilitate reseller transactions, and hosted a series of high-impact events with well-established resellers, including trade shows, roundtables, and executive briefings. At our Empower conference, we boldly showcased our commitment to delivering cyber resilience to businesses everywhere. We're executing on a robust playbook, and that work is resonating. We were awarded a five-star rating in the CRN Partner Program Guide for the fourth straight year, underscoring our commitment to providing exceptional support and resources that help our customers thrive in a constantly evolving cybersecurity landscape. Scaling our go-to-market goes beyond our sales and marketing motion. Technical considerations are also a key factor.

This is why we were thrilled to announce our commitment to CMMC 2.0 readiness, which will enhance our go-to-market strategy by widening our appeal to deals across more regulated sectors, including our customers who support defense and critical infrastructure. A recent customer example validates the progress we're making in scaling our go-to-market efforts. A consortium of school systems serving thousands of users was evaluating the best way to protect their members. Working alongside a value-added reseller, we educated the customer about our next-gen security capabilities, ease of deployment, high number of out-of-the-box integrations, and commitment to partnership. They saw the power of our approach, signing a large six-figure ARR deal, stealing an N-able win against the competition. This was our largest new deal ever. Make no mistake, our channel expansion isn't just plans. It's in progress. A third pillar is boosting customer expansion.

Our multi-category, multi-product software suite underpins an approximately $2.5 billion cross-sell opportunity that we believe exists within our existing base. Helping customers realize the technical and service benefit of standardizing on a cyber resilience platform and executing this cross-sell opportunity is key to our growth algorithm and strategy. A customer win brings our platformization strategy to life. A roughly 300-person organization was frustrated with a patchwork of multi-vendor solutions and recognized the need for a more reliable and efficient security approach. Realizing the criticality of secure, streamlined operation, they turned to N-able as a trusted partner and adopted our Unified Endpoint Management, Security, and Data Protection solutions. The result? A high five-figure ARR deal. Wins like this are a testament to the impact of our approach. Our cyber resiliency platform addresses SMB and mid-market core security needs, and our customer success model is dedicated to their outcomes.

Without us, these businesses are left to stitch together disparate tools and are often last in line for customer support from larger enterprise-focused vendors. We believe our ability to profitably serve the SMB and mid-market is a competitive moat for N-able. We help them step off the IT treadmill, stay safe, and focus on what matters most: running their business. With that, I will turn it over to our CFO, Tim O'Brien. I will circle back for closing remarks. Tim?

Tim O'Brien (EVP and CFO)

Thank you, John. Thank you all for joining us today. We had a solid start to the year with Q1 revenue and adjusted EBITDA both coming in above the high end of our guidance range and continued progress across our strategic priorities. We were also pleased to announce a $75 million share repurchase authorization program.

While we haven't repurchased any shares to date, this program gives us an additional capital allocation option and underscores our belief in the N-able business. For our first quarter results, total ARR was $492.7 million, growing at 10% year over year on a reported basis and 11% on a constant currency basis. Total revenue was $118.2 million, $2.2 million above the high end of our guidance, representing approximately 4% year-over-year growth on a reported basis and 6% on a constant currency basis. Subscription revenue was $116.8 million, representing approximately 5% year-over-year growth on a reported basis and 7% on a constant currency basis. We ended the quarter with 2,398 customers that contributed $50,000 or more of ARR, which is up approximately 10% year over year. Customers with over $50,000 of ARR now represent approximately 58% of our total ARR, up from approximately 56% a year ago.

Dollar-based net revenue retention, which is calculated on a trailing 12-month basis, was approximately 101% on both a reported and constant currency basis. Turning to profit and margins, note that unless otherwise stated, all references to profit measures and expenses are calculated on a non-GAAP basis and exclude the items outlined in the GAAP and non-GAAP reconciliations provided in today's press release. First quarter gross margin was 80.6% compared to 84.7% in the same period in 2024. First quarter adjusted EBITDA was $31.6 million, $3.1 million above the high end of our guidance, representing approximately 27% adjusted EBITDA margin. Unlevered free cash flow was $28.1 million in the first quarter. CapEx, inclusive of $2.8 million of capitalized software development costs, was $6.1 million, or 5.1% of revenue. Non-GAAP earnings per share were $0.08 in the quarter based on 189.1 million weighted average diluted shares.

We ended the quarter with approximately $94 million of cash and an outstanding loan principal balance of approximately $38 million, representing net leverage of approximately 1.5 times. Approximately 43% of our revenue was outside of North America in the quarter. Turning to our financial outlook, our guidance accounts for the following elements. First, we are assuming FX rates of 1.07 for the euro and 1.27 for the pound for the remainder of 2025, along with updates to other currencies. Second, while changing tariff policy is injecting caution and uncertainty into the macro environment, the need for cybersecurity and resiliency remains persistent. On balance, we are raising our reported ARR and revenue guidance to reflect our first quarter results and inclusive of updated FX rates on our business. Additionally, we are maintaining our full-year constant currency revenue and ARR guidance as we monitor the fast-changing macro dynamics closely.

Third, on the expense front, we continue to balance profitability while investing for growth. Our operating plan includes multiple strategic priorities, including the development of our India R&D site, the integration and success of Lumen Security Operations, and new product and go-to-market initiatives. We are raising our adjusted EBITDA guidance and are confident we can deliver on these operational priorities. With that in mind, for the second quarter of 2025, we expect total revenue in the range of $125.5-$126.5 million, representing approximately 5%-6% year-over-year growth on a reported and constant currency basis. We expect second quarter adjusted EBITDA in the range of $34-$35 million, representing an adjusted EBITDA margin of approximately 27%-28%.

For the full year of 2025, we now expect total revenue of $492-$497 million, representing approximately 6%-7% year-over-year growth, or approximately 6%-8% on a constant currency basis. We expect full-year ARR in the range of $519-$525 million, representing 8%-9% year-over-year growth, or 7%-9% on a constant currency basis. We are raising our adjusted EBITDA outlook and expect full-year adjusted EBITDA of $134-$139 million, representing 27%-28% adjusted EBITDA margin. We reiterate that we expect CapEx, which includes capitalized software development costs, will be approximately 6% of total revenue for 2025. We are also raising our expected adjusted EBITDA to unlevered free cash flow conversion percentage from 65% to approximately 68% for the full year.

We expect total weighted average diluted shares outstanding of approximately $189 million-$190 million for the second quarter and the full year. Finally, we expect our non-GAAP tax rate to be approximately 20%-21% in the second quarter and for the full year. Now, I will turn it over to John for closing remarks. Thanks, Tim. Our earnings reflect continued progress advancing cyber resilience for businesses worldwide. Our customer confidence demonstrates a continued belief in the value we deliver. Our industry accolades are proof points that our efforts are resonating. While evolving trade policies can create uncertainty, cyber threats do not pause, and neither do we. The launch of new security capabilities, the growth of channel partners in our partner program, and our largest new bookings deal ever showcase that N-able is innovating and growing. We look forward to building on this progress throughout the year.

John Pagliuca (President and CEO)

With that, Operator, we will open up the line for questions.

Operator (participant)

Thank you. Everyone, if you would like to ask a question, please press star followed by one on your telephone keypad now. If you change your mind, please press star followed by two. When preparing to ask your question, please ensure your device is unmuted locally. The first question comes from Mike Cikos with Needham. Your line is open. Please go ahead.

Mike Cikos (Senior Analyst)

Terrific. Thanks for the questions, you guys. I just wanted to see before getting into it, but with the Lumen acquisition, can you segment how much the acquisition contributed to revenue growth or ARR, just so we can get an organic growth rate for you guys?

John Pagliuca (President and CEO)

Hey, Mike, yeah, I would point to we sized the kind of starting point of revenue from the N-able Lumen acquisition upon the point of acquisition was about $21 million of ARR or so. And that has no impact from like 606 RevRec on that, so that's kind of recognized radically. So that should help you guys back into an organic growth rate. Okay. And then for the follow-ups here, I know we're still relatively new with the new disclosures around ARR, but just as we think about the rest of the year, are there any considerations we should have in our models when thinking about seasonality or different movements to the business here on a quarterly basis throughout the year?

Yeah, Mike, I would expect it to be fairly consistent as the way we set it up with, I would say, some slight improvement as we go through the year. We gave that similar color on the last call as well, that we'd expect ARR sequential growth to kind of be building as we went through calendar 2025.

Mike Cikos (Senior Analyst)

Terrific. I'll turn it over to my colleagues. Thank you.

John Pagliuca (President and CEO)

Thanks, Mike.

Thank you. The next question comes from Brian Essex with JPMorgan Chase & Co. Your line is open. Please go ahead.

Brian Essex (Stock Analyst)

Hi, good morning, and thank you for taking the question. I guess first question is just overall view on the market and the health of the spending environment, particularly after the beginning of April when things seem to have gotten a little bit noisier from a macro perspective.

We'd love to hear what you're hearing from both enterprise customers and MSPs and how they're experiencing the current spending environment.

John Pagliuca (President and CEO)

Sure. Good morning, Brian. This is John. Thanks for the question. Look, whether it be data protection or the thwarting of the threat actors, the need for cyber resiliency, it's a must, right? It's not like a nice-to-have. We continue to see the demand, and that's both reflected in our bookings and our pipeline remain strong. We're not really hearing, we're not really seeing any major differences from the demand point of view. The offerings continue to resonate in the market. That being said, I'd say anecdotally, with some of the channel checks, we do hear folks talking about certain deals taking a little bit longer or just a little bit more of a measure-twice kind of cut-widens approach before folks are launching a big project.

Overall, demand remains strong, and the offerings continue to resonate in the market. Got it. That is helpful. I guess maybe could you decompose dollar-based net retention for us? Do you anticipate that this is a trough year? Is there further to decline there? Maybe the key components of that in terms of churn, cross-sell, up-sell, any pricing increases, just so we can kind of get an idea of the dynamics behind it. Understanding it is a trailing 12-month metric, just trying to understand when we might start to see that head in the other direction.

Tim O'Brien (EVP and CFO)

Yeah, hey, Brian, this is Tim. I would expect where we are at to be more in that trough.

I think with the trailing 12 months, I would say this kind of fully captures the impact that we saw and some of the dynamics back in 2024 that we've covered previously. I would say overall, gross retention's been steady. Impact on the improvements we're looking to drive will be driven mostly through the cross-sell opportunity that we have within the customer base. That's where we're focused on executing in 2025 here on pushing that price per device up as we cross-sell the white space opportunity that's sitting within the customer base.

Brian Essex (Stock Analyst)

Okay. That's helpful. What kind of considerations will we need to make on the pricing side?

Tim O'Brien (EVP and CFO)

I'd expect pricing to be in the 1%-2% range for calendar 2025. Got it. Very helpful. Don't be very material.

Brian Essex (Stock Analyst)

Thank you. Okay.

Tim O'Brien (EVP and CFO)

Thanks, Brian.

Operator (participant)

Thank you.

The next question is from Matt Hebert with RBC Capital Markets. Your line is open. Please go ahead.

Matt Hedberg (Managing Director and Research Analyst)

Great. Thanks for taking my questions, guys. John, I wanted to ask you about the reseller traction. It seems really exciting as another growth vector. It sounds like we're still early. I kind of wanted to see where are we at? I don't know. What inning are we in that kind of reseller motion? And how do you think about potentially that aiding growth this year? I have to imagine you probably haven't embedded a ton in guidance for that. Just sort of curious on that element.

John Pagliuca (President and CEO)

Yeah. Hey, Matt. Great question. Yeah. And so just maybe to remind the audience a bit, we traditionally were focusing on the route to the SME or mid-market via the MSP.

Now we're widening that net, so to speak, and really beginning to invest a little bit more in other types of channel participants, value-add resellers, even some SIs and some of the folks like that. Matt, I'd categorize it as early innings for sure, but it's already seeing some green shoots. We're focusing right now on adding resellers, active resellers, both in North America and international. Part of one of the benefits from the N-able Lumen acquisition is they had a reseller network in the U.S. What we're doing there is we're adding to that network, but we're also now giving them other, adding other items for their shelf, so to speak, in their line card with Cove and with our UEM offerings. That's been getting some good traction. In Europe, we've added some CAMs in the UK

We've added some CAMs in the DACH markets, and those are already starting to throw off some green shoots. And you know our business. I often refer to it as a snowball business. We're 20,000-plus customers. And so we're lining up those pipelines. We're starting to get deals. Bookings are starting to come in. It will have an impact on 2025, but not necessarily material, just because of the nature of the way the snowball kind of builds. We do expect it to have a bigger impact in 2026, but so far, so good. The demand is there. The products resonate, and we're really beginning to seed, and we're starting to see that pipeline build nicely.

Matt Hedberg (Managing Director and Research Analyst)

That's fantastic. Yeah. It does seem like a really interesting additional growth factor versus historical MSP distribution.

I guess the other thing that really stood out to me, John, you mentioned it kind of early in your remarks, was sort of your VM management solution. We often hear of a lot of customer issues with sort of both the VM side and the patch management side, especially I can imagine that's even more relevant in the SMB space. It sounds like you're having some strong early traction with that as well. Wondering if you can give us a little bit of sense too on maybe where you're seeing that success. Is it competitive displacements, or is it the case where they may be not using anything for a VM in some of your customers?

John Pagliuca (President and CEO)

Sure. When we surveyed our managed service providers in particular, the two biggest areas of need were around security operations and XDR/MDR activity, and a close second was vulnerability management.

Matt, I'd say it's a hybrid. Some have disparate tools that they were using. No one really had it in one unified platform inside their UEM. This definitely will be a differentiator in our UEM for sure. We're starting with the scanning of endpoints and the applications, and then we're going to add to that and add on with scanning of networks and then to the cloud. I'd say it's a little bit of a hybrid in that we'll probably be displacing some folks at the first tranche or the first horizon with the endpoint, but then it'll be a little bit more of a green field or blue ocean, so to speak, with the network and definitely with the cloud. It's really exciting. Right now, we actually have it. It's actually included in our UEM.

We're not charging our MSPs for it, and it's showing up. Look, I often refer to this as left-hand, right-hand clapping, right? You need to scan and understand what the vulnerabilities are, and then you need to patch. Our patching, we believe, is best in class. The level of automation, the level of policies that folks can do, it all goes squarely right into our mission, right? We're helping these MSPs be more secure, helping their customers be more secure, and making sure they can do this effectively and efficiently. This is right in the crosshairs of really our mission. Like I said, this was one of the top two priorities that MSPs were looking for. It really, frankly, is a gap in the industry.

We know that there's a lot of enterprise players, and some of our MSPs are forced to use some of those enterprise players. They might be a little bit heavier than what an MSP needs. They're not necessarily architected in an end tier so that they can deploy this across their group. What an MSP can do now is run certain and common policy across all of their customers, which drives a tremendous amount of efficiency. We are really excited about it, and the reception has been great. We announced this in Berlin at our Empower event, and we had 500-plus attendees there, and the place went nuts. Literally, the audience started screaming when our CTO announced that this was going to be included in Central and in Insight, both of our UEMs. We are looking forward to it. This will help us make the platform stickier.

This will help us displace competitors as we're going in because the competition does not have this. So this is truly a differentiator.

Matt Hedberg (Managing Director and Research Analyst)

Sounds great. Best of luck, guys.

Operator (participant)

Thank you. The next question is from Keith Bachman with BMO. Your line is open. Please go ahead. Hello, Keith. Your line is open. Please go ahead.

Keith. Bachman (Analyst)

Yeah. Thanks very much. I just wanted to ask three questions if I could. Good morning. The first is, could you tell us how much did the rev guide change due to FX?

Tim O'Brien (EVP and CFO)

Hey, Keith. This is Tim. Primarily, we held our constant currency outlook for the year. So all the increase on rev guide is related to FX for the year.

Keith. Bachman (Analyst)

Okay. Great. Then the second question is thank you. The second question is sort of where Brian was digging in a little bit. You mentioned that there was more scrutiny on deals.

Just to be clear, though, is the pipe the same, but there's deal elongation, or are you not even seeing the deal elongation or sales cycle expanding? Is there any change in the cadence is really what I'm—

John Pagliuca (President and CEO)

Yeah. This is John. What I mentioned is really more anecdotes we were saying. That being said, we wanted to maintain, I would say, a prudent kind of outlook given some of the uncertainty. No, look, the bookings are strong. The pipe remains quite strong. We're not really seeing anything that's materially different in the metrics, but it's more some of the anecdotes that we're hearing from some of our channel checks, not necessarily what we're seeing in our direct business.

Keith. Bachman (Analyst)

Fair enough. Fair enough. Okay. Thank you, John. The last question I had is really related to slide 25 on the deck.

John Pagliuca (President and CEO)

Just wanted to maybe you could revisit on the EBITDA margin expectations as we go out. What's interesting is your EBIT dollars are roughly consistent to what they were, say, in 2023, and while the revenues expanded. Is the thesis that EBIT margins will remain constant here or go up? Just give us a little remind us how either the EBIT margins will transition and/or the dollars as you aspire to the larger ARR targets.

Tim O'Brien (EVP and CFO)

Yeah, Keith. I think looking at calendar 2025, we're squarely focused on growth reacceleration and a couple of key investment initiatives. One on making Lumen Security Operations successful, two on launching our new site in India, and three is driving the expansion of our channel in both North America and internationally on adding new resellers and getting that channel adding points of growth to the overall business.

From a 2025 standpoint, that's focus. I would say we're staying conservative on EBITDA there with the number one focus on growth. As we look at 2026, I would expect us to move back into the low 30s from an EBITDA perspective as we balance the investments between profit and growth in 2026. Yeah. That was really the spirit of the question was 2026. Is where can those margins return?

Keith. Bachman (Analyst)

Okay. Fair enough. That's it for me. So low 30s kind of margins as we conceptualize 2026? Yes. Okay. Perfect. Many thanks. That's it for me.

Tim O'Brien (EVP and CFO)

Thanks, Keith.

Operator (participant)

Thank you. The next question is from Jason Ader with William Blair & Company. Your line is open. Please go ahead.

Jason Ader (Analyst)

Thank you. Good morning, guys. First, wanted to get a clarification. The $2.6 million beat on the revenue side versus guidance, and you had $2 million positive impact from FX.

Just wanted to make sure those numbers are right and whether that was contemplated in the original guidance. In other words, if not for FX, you would have beaten by $0.6 million. Is that the right way to think about it, or was it contemplated in the guidance?

John Pagliuca (President and CEO)

No. What was contemplated in the guide was the rates that we stated back in February. So there was some FX upside on the Q1 results. The other part on the revenue side, Jason, is we had, I would say, some impact from 606 to the positive, which does not carry through for the full year in Q1 as well. Okay.

Jason Ader (Analyst)

Very helpful. Okay. Good.

And then on the customer expansion side, can you just talk about, I don't know, anything that you didn't talk about in the prepared remarks in terms of some of the things you're working on, bundling or other initiatives, go-to-market initiatives? Then specifically, what metrics should we be looking at going forward to check on the success of some of those initiatives?

John Pagliuca (President and CEO)

Hey, Jason. This is John. Yeah. Look, one of the things that the N-able Lumen acquisition afforded us is if you think about the economic stack that we bring to market, that's now $30 per user per month, right? Which the N-able Lumen ASP by itself was anywhere from $5-$12. So it's a substantial uptick in our economic stack.

That allows us the ability to do a little bit more of a bundling and packaging, which will help our customers, both the mid-market customers and the MSPs. What we believe is that at the mid-market and at the low end in particular, if you're buying things in a silo, those silos are not as efficient, not as effective, and potentially not as secure. By bundling via one kind of platform, the end customer is getting the benefit of that. We are going to package that up. That will drive our ASPs up. You can look for proof points there and acceleration in ARR and uptick in NRR as well as we go through because we should get some of that upsell or, excuse me, cross-sell as we go through.

We try to give a little bit of an example of that in the prepared remarks. I mentioned that 300-employee healthcare organization, right? That is a high five-figure ARR deal. Before N-able Lumen, that might have been more like a $12,000-$14,000 ACV type of deal if it was just UEM or one of our offerings. Now, bundling that together, we are getting four or five times, six times the ACV for a 300-person organization or a 300-device MSP.

The bundling and packaging, I expect to actually have benefit both on the low end and the high end, but maybe even an overweight impact on the lower end of the market because that's really where they can drive some of the economic benefit for themselves, but more importantly, drive the efficiency for the technicians that those organizations are, frankly, a little bit overstretched if they're using more of a siloed approach.

Jason Ader (Analyst)

Is that where you've seen on the end market side, is that where you've seen most of the success for maybe some of your competitors in the low end of the MSP market, just some of that kind of full platform?

John Pagliuca (President and CEO)

Yeah. Let me split that answer up because it's important.

The N-able Lumen automated SOC, that's resonating on the low end, that's resonating in the middle, that's resonating in the high end, that's resonating in the mid-market. That remains our fastest-growing SKU, and the cross-sell has been really, really strong across the entire spectrum. The bundling, and yes, the bundling, I'd say the success is a little bit more on the middle to the lower end.

Jason Ader (Analyst)

Very good. Thank you.

John Pagliuca (President and CEO)

And frankly, we're actually really just getting started with some of that, where it's more, I would say, in testing, and we look to bring a little bit more of that systematically to the back half of this year and into 2026.

Jason Ader (Analyst)

Thanks. Yep. Good question.

Operator (participant)

Thank you. The next question is from Joe Vandrick with Scotiabank. Your line is open. Please go ahead. Yeah. Thanks for the question.

Joe Vandrick (Equity Research)

John, if you could talk about traction you're having with Lumen Security Operations, remind us what's the catalyst for greenfield adoption. Is it typically a breach, someone trying to get cyber insurance, maybe some other reason? Really just trying to understand why this market is poised to take off now.

John Pagliuca (President and CEO)

Sure. Thanks, Joe. Based on our research, but also research of analysts in the space, I'd call it the XDR/MDR is really a blue ocean type of market for the MSPs. I'd say the majority, and we've seen as low as 55% and as high as 70%, depending on the survey, do not have a solution in place today. That is exciting. What's driving that? You kind of hit it all. I'd say it's like hitting for the cycle, right? Yes, if somebody has a cyber breach or an incident, that's a catalyst.

If it's a need for insurance, or hopefully, it's also SMBs, mid-market companies, and MSPs being proactive, saying that they can't handle the threats that are needed. They can't handle it. They shouldn't be building a SOC. It's millions of dollars for a lot of these managed service providers or mid-market companies to build a SOC. If they can rely on a company that's leveraging AI to help them in a much more automated way, search for threats and thwart the threats. The biggest part of the N-able Lumen Security Operations solution that we believe is a differentiator is what we refer to as Big R, and that we remediate. Before a customer can even be—they can be sleeping, and we'll already take action and remediate.

One of the more interesting things, and I mentioned this in the prepared remarks, we also went to market with Breach Prevention for Microsoft 365, right? We were at RSA last week, the first time it was ever an exhibitor at the cybersecurity event in San Francisco last week. One of the big themes was identity. M365 really is one of those bits that's effectively completely automated, and where if we're seeing any anomalous behavior with the signing in or just a logging in or a user or an identity on M365, which you can imagine covers a large part of my base, we can actually shut down that access.

Whether it be a mid-market company or an MSP, they could still be sleeping, and we'll take action for them on their behalf, making sure that there's no lateral movement, making sure that that person no longer has access to their information. What might have taken hours before in prior technologies is now taking minutes for us to detect and then respond and go from there. That is resonating in the market. It is a differentiated approach. It is very much an AI-powered automated SOC, and it seems to be really resonating.

Joe Vandrick (Equity Research)

That makes a lot of sense. Okay. You have also talked a lot about the value of selling the entire platform. I think I heard the word platformization.

I'm curious, is there an effort to integrate all the offerings together into a single pane of glass, and does that add further value, and where are you on that journey?

John Pagliuca (President and CEO)

Sure. When you think about the technician's need, it's really about the workflows. That culminates or people speak to it as a single pane of glass, but the reality is it's all about automating the workflows. What we have is effectively three best-in-class offerings: our Cove Data Protection offering, our UEM offerings, and the N-able Lumen offering. Best-in-class. If a mid-market company or an MSP has a need for one of those three offerings, they can consume that. Frankly, we do pitch and do believe that it is a better together story. It makes the MSPs or the technicians more efficient. It makes the solution more effective. And why?

It's because the workflows. They don't need to log on. They don't need to manage the roles-based account controls and all the access is there, pushing and pulling of the data. We can automate things. We can make the offerings more secure by looking at if there was any anomalous detection. I'll give you an example. We actually had a customer that was using both Cove and Lumen, and a breach was detected. That breach was remediated. Just for a belt and suspenders approach, because they had Cove, they were able to go back and recover from the previous day just to make sure that there were no threat actors in their environment, none of their data was corrupted.

That is a good example of the cyber resiliency platform where we are detecting, we are remediating, and then we can recover just to make sure that the environment is clean. We believe that having that complete resiliency story is differentiated both for N-able, both for the MSPs we serve, and the mid-market companies that are dealing with the threats.

Joe Vandrick (Equity Research)

Yep. Thanks so much for taking my question.

Operator (participant)

Thank you. We have a follow-up question from Mike Cikos with Needham. Your line is open. Please go ahead.

Mike Cikos (Senior Analyst)

Hey, guys. Thanks for getting me back on here. I just had a quick follow-up. I believe it was in response to Jason's line of questioning, but just wanted to make sure we were being thorough here.

If I go back a quarter ago, management said that they expected a five-point headwind to one Q revenue and a four-point headwind to calendar 2025 from ASC 606. Did that five-point headwind to one Q play out as expected? Are we still maintaining that four-point headwind to calendar 2025 from the re-veract dynamics?

John Pagliuca (President and CEO)

Hey, Mike. Yeah. We saw things come in very close to where we had kind of projected things for both Q1 and for 2025. Q1 was slightly less as we had a little bit of impact, positive impact from 606, but that headwind for the year is still consistent.

Mike Cikos (Senior Analyst)

Okay. For an update as well, what percent of the customers today are on longer-term contracts versus monthly?

John Pagliuca (President and CEO)

That is north of 50%. It is in the mid-50% from an LTC or committed contract ARR standpoint.

Mike Cikos (Senior Analyst)

Great.

Final follow-up, but on the unlevered free cash flow conversion, the fact that we're bumping up by 3 points today, is it fair to assume that's really being driven by the lower tax rate assumption for the year? Secondarily, why is the tax rate coming down by 4 points now?

John Pagliuca (President and CEO)

Yeah. That's primarily the driver on the change in the conversion. The key driver on the lower tax rate is due to some of the benefit we're getting from the N-able Lumen acquisition. We're able to realize a little bit more benefit than we originally expected there.

Mike Cikos (Senior Analyst)

That's great. Thank you, guys.

John Pagliuca (President and CEO)

Thanks, Mike.

Operator (participant)

Thank you. We currently have no further questions, so I'll hand back to John for closing remarks.

John Pagliuca (President and CEO)

Thank you, operator. Thank you, everyone, for checking in with us today and spending time with N-able.

Operator (participant)

Thank you, John. This concludes today's call.

Thank you all for joining. You may now disconnect your lines.