Qualys
NASDAQ: QLYS
$154.10 ▼ -3.45  (-2.19%)
At close: Jul 8, 2026 · 2:55 PM UTC
Financial Ratios
Market Cap5.11 Bn
P/E25.35
P/S7.46
Div. Yield0.00
ROIC (Qtr)0.00
Revenue Growth (1y) (Qtr)9.84
Add ratio to table…

About

Qualys Inc is a provider of a cloud based platform that delivers information technology security and compliance solutions. Its integrated suite of applications helps customers discover and manage IT and operational technology assets assess vulnerabilities quantify cyber risk and implement remediation across on premise endpoints cloud containers and mobile environments. Qualys generates revenue primarily through subscription fees for its cloud based software as a service…

Read more ↓
Sector: Technology Industry: Software - Infrastructure CIK: 0001107843

Investment Thesis

▲ Bull case
  • Qualys is uniquely positioned to capitalize on the accelerating velocity of AI-driven vulnerability discovery and exploitation, as its Enterprise TruRisk (ETM) platform delivers closed-loop exploit validation and autonomous remediation that directly addresses the shrinking exploit window—now under a day—where traditional vulnerability management fails. The company’s AI-native approach, which includes agent Vail for real-time exploit validation and TruRisk eliminate for risk-based prioritization, allows customers to focus on the less than 1% of threats actually exploitable in their environment, transforming theoretical risk scores into actionable, measurable outcomes. This capability is not merely incremental; it redefines pre-breach risk management by integrating detection, validation, quantification, and remediation into a single deterministic control plane—a critical advantage as adversaries leverage frontier models to generate zero-day exploits in near real time. Management’s emphasis on ETM as the core growth engine, supported by early customer wins like the global 1,500 customer expanding their footprint via a mid-6-figure upsell, signals that the market is underestimating the speed at which ETM can drive higher-value expansion beyond legacy vulnerability management. The 107% net dollar expansion rate for the ETM/CSAM cohort—despite early-stage adoption—proves that customers who engage with the platform are not only sticking but increasing spend, a trend that will compound as ETM moves from early adopters to mainstream deployment across Qualys’ 10,000+ customer base. Furthermore, the recent FedRAMP High Authorization for TotalCloud, extending to CNAPP, unlocks a significant, under-penetrated vertical in federal agencies and highly regulated industries, where compliance mandates and AI-driven threat landscapes create urgent demand for unified, runtime-protected cloud security—a market where Qualys’ decades of telemetry data and closed-loop AI fabric offer defensible differentiation against point solutions. The company’s strategic alliances with OpenAI and Anthropic, while not heavily promoted in the call, are silently enhancing its threat intelligence and exploit generation capabilities, allowing Qualys to stay ahead of attackers by reverse-engineering patches and validating mitigations without immediate patch deployment—a force multiplier that improves operational resilience and reduces customer outage risk. With channel partners now contributing 52% of revenue and growing at 17% year-over-year, and international revenue outpacing domestic at 15% growth, Qualys is leveraging its global partner ecosystem to scale ETM adoption efficiently, particularly in EMEA where CISO feedback from the Rocco event was “very positive.” The market’s current guidance of 8–9% revenue growth for FY26 appears conservative given the convergence of AI-driven threat acceleration, ETM’s unique value proposition, and early traction in federal and enterprise upsells—factors that could drive reacceleration in net dollar expansion and push margins above the guided mid-40s EBITDA range as operational scale improves.
▼ Bear case
  • Despite Qualys’ compelling narrative around AI-driven risk quantification and autonomous remediation, the market may be ignoring structural headwinds that could constrain growth and compress margins, particularly the persistent reliance on legacy product lines and the slow, uneven adoption of its newer ETM platform. While management highlights that ETM and CSAM combined made up 11% of total bookings and 14% of new bookings on an LTM basis in Q1, this implies that nearly 90% of the company’s revenue still stems from mature, commoditized offerings like vulnerability management and patch management—areas where pricing pressure and competition from integrated cloud security suites (e.g., Microsoft Defender, CrowdStrike Falcon) are intensifying. The modest 3% year-over-year growth in direct revenue, contrasted with 17% channel growth, suggests weakening direct sales execution or customer reluctance to engage with Qualys’ higher-touch, AI-native solutions without partner mediation—a risk if partners fail to adequately sell or support complex ETM deployments. Furthermore, the company’s net dollar expansion rate remains flat at 104% overall, and the decision to include CSAM customers in the ETM-focused cohort to boost the metric to 107% obscures the true, early-stage traction of ETM alone; without clear disclosure of ETM-specific expansion rates, investors cannot assess whether the platform is generating meaningful upsell velocity or merely benefiting from CSAM renewal cycles. Qualys’ guidance assumes no material change in net dollar expansion rate for FY26, reflecting skepticism about ETM’s ability to drive acceleration in the near term, and the mid-teens implied operating expense growth—driven largely by sales and marketing headcount increases—suggests that investments in partner programs, federal pursuits, and AI integrations are not yet yielding proportional returns in productivity or efficiency. The Federal business, while highlighted as a growth lever, remains a long-cycle, low-margin opportunity dependent on lengthy FedRAMP and ATO processes, and the recent High Authorization for TotalCloud, while prestigious, may not translate to immediate revenue impact given the government’s protracted procurement cycles and budget constraints. Additionally, the company’s increasing reliance on frontier AI models for threat intelligence and exploit validation introduces execution risk: while partnerships with OpenAI and Anthropic enhance research capabilities, they also create dependency on external models whose licensing, availability, or performance could shift unpredictably, and Qualys has not detailed how it mitigates model drift or ensures deterministic outcomes in its AI agents—a concern amplified by CISO questions about false negatives and the need for multiple daily signature updates. Finally, the share repurchase program, though a return of capital, has consumed $53.9 million in Q1 alone, and with $306.6 million remaining, it signals a preference for financial engineering over reinvestment in R&D or sales productivity improvements—potentially undermining long-term innovation in a market where AI-driven attackers are evolving faster than defensive capabilities can adapt.

Geographical Breakdown of Revenue (2025)

Contract with Customer, Sales Channel Breakdown of Revenue (2025)

Peer Comparison

Companies in the Software - Infrastructure
S.No. Ticker Company Market CapP/EP/STotal Debt (Qtr)
1 MSFT Microsoft Corp 2,853.66 Bn22.798.9740.26 Bn
2 ORCL Oracle Corp 408.21 Bn23.926.06122.34 Bn
3 PLTR Palantir Technologies Inc. 300.98 Bn131.2457.61-
4 PANW Palo Alto Networks Inc 247.84 Bn193.3425.05-
5 CRWD CrowdStrike Holdings, Inc. 193.63 Bn-1,201.4140.240.75 Bn
6 FTNT Fortinet, Inc. 117.45 Bn60.0816.520.50 Bn
7 NET Cloudflare, Inc. 86.88 Bn-1,001.4737.311.29 Bn
8 SNPS Synopsys Inc 86.18 Bn1,416.9910.7610.04 Bn