First-quarter profit and cash flow steadies Tenable (NASDAQ: TENB)
Filing Impact
Filing Sentiment
Form Type
10-Q
Tenable Holdings, Inc. reported stronger results for the three months ended March 31, 2026. Revenue rose 10% year over year to $262.1 million, driven mainly by subscription revenue of $243.2 million, which made up 93% of total revenue.
The company swung to net income of $1.4 million, or $0.01 per diluted share, from a net loss of $22.9 million a year earlier, as operating income improved to $8.8 million. Gross margin held at 78%. Tenable generated $88.0 million in operating cash flow and ended the quarter with $139.2 million in cash and cash equivalents plus $221.1 million in short-term investments, even after using $130.2 million to repurchase common stock. Deferred revenue was $866.2 million, and remaining performance obligations reached $1.01 billion, reflecting a largely recurring, subscription-based business.
Positive
- None.
Negative
- None.
Insights
Tenable delivered 10% revenue growth, a move to profitability, and strong cash generation, supported by large deferred revenue and RPO balances.
Tenable grew revenue to $262.1 million, with subscription revenue up 10% and recurring revenue at 96% of total. Operating income improved from a $17.7 million loss to a $8.8 million profit, helped by lower general and administrative costs as prior-year one‑time stock-based charges rolled off.
The business remains highly subscription-driven, with deferred revenue of $866.2 million and remaining performance obligations of $1.01 billion, providing good revenue visibility. Net cash from operations was a solid $88.0 million, even as the company spent $130.2 million on share repurchases and continues to carry a Term Loan of $359.1 million with a first lien net leverage ratio of 0.81.
Customer metrics showed 406 new enterprise platform customers added in the quarter and 2,204 customers with at least $100,000 in annual contract value, though the dollar-based net expansion rate eased to 105% from 108%. How this expansion rate trends relative to customer additions and large cloud commitments with Microsoft and AWS will influence Tenable’s medium-term growth profile.
Key Figures
Revenue: $262.1M
Net income: $1.4M
Operating cash flow: $88.0M
+5 more
8 metrics
Revenue
$262.1M
Three months ended March 31, 2026; up from $239.1M in 2025
Net income
$1.4M
Three months ended March 31, 2026; vs $22.9M net loss in 2025
Operating cash flow
$88.0M
Net cash provided by operating activities, Q1 2026
Deferred revenue
$866.2M
Balance at March 31, 2026; $680.0M current portion
Remaining performance obligations
$1.01B
Total RPO at March 31, 2026
Cash and cash equivalents
$139.2M
Balance at March 31, 2026
Short-term investments
$221.1M
Estimated fair value at March 31, 2026
Term Loan balance
$359.1M
Gross term loan at March 31, 2026
Key Terms
Remaining performance obligations, dollar-based net expansion rate, Term Loan, stock-based compensation, +1 more
5 terms
Remaining performance obligations financial
"The following summarizes the future estimated revenue related to unsatisfied performance obligations"
Remaining performance obligations are the work a company still needs to complete for its customers, like finishing a service or delivering a product. It’s important because it shows how much future income the company has coming in from current agreements, giving a clearer picture of its ongoing business.
dollar-based net expansion rate financial
"Our dollar-based net expansion rate reflects both our customer retention and ability to drive additional sales"
Dollar-based net expansion rate measures how much recurring revenue from an existing group of customers has grown or shrunk over a set period, after accounting for upsells, downgrades and lost customers. Think of it like tracking the income from a garden you already planted — if each plant produces more fruit over time the garden’s value rises; for investors, a rate above 100% signals healthy organic growth and lower risk, while a rate below 100% warns of customer erosion.
Term Loan financial
"a $375.0 million senior secured term loan facility ("Term Loan")"
A term loan is a type of loan that is borrowed for a set period of time, with a fixed schedule for repaying the money, usually in regular payments. It matters to investors because it represents a company's borrowing costs and financial stability; reliable repayment of these loans can indicate strong financial health, while difficulties may signal potential risks.
stock-based compensation financial
"Stock-based compensation expense included in the consolidated statements of operations was as follows"
Stock-based compensation is when a company pays employees, directors or consultants with shares or the right to buy shares instead of or in addition to cash. It matters to investors because issuing stock or options spreads ownership thinner (like cutting a pie into more slices), which can reduce each existing share’s claim on profits and can also change reported earnings; investors watch it to assess true cost of running the business and how management is incentivized.
exposure management financial
"Tenable Holdings, Inc. is the leading provider of exposure management solutions"
Exposure management is the ongoing process a business or investor uses to find, measure, and control the ways losses could happen from market moves, counterparty problems, cash shortages or operational failures. It matters because it reduces the chance that an unexpected event wipes out value—like steering a ship to avoid storms—so investors can better predict potential losses, protect returns, and align risk with their goals and rules.
UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
__________________
FORM 10-Q
__________________
| Quarterly Report Pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934 | |||||
For the Quarterly Period Ended March 31, 2026
or
| Transition Report Pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934 | |||||
For the transition period from _____ to _____
Commission file number 001-38600
__________________
(Exact name of registrant as specified in its charter)
__________________
| (State or other jurisdiction of incorporation or organization) | (I.R.S. Employer Identification Number) | |||||||
(Address of principal executive offices, including zip code)
(410 ) 872-0555
(Registrant’s telephone number, including area code)
__________________
Securities registered pursuant to Section 12(b) of the Act:
| Title of each class | Trading Symbol(s) | Name of each exchange on which registered | ||||||
Indicate by check mark whether the Registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the Registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes ☒ No ☐
Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T during the preceding 12 months (or for such shorter period that the registrant was required to submit such files). Yes ☒ No ☐
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company” and "emerging growth company" in Rule 12b-2 of the Exchange Act.
| ☒ | Accelerated filer | ☐ | ||||||||||||
| Non-accelerated filer | ☐ | |||||||||||||
| Emerging growth company | Smaller reporting company | |||||||||||||
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ☐ | ||||||||||||||
Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). Yes ☐ No ☒
The number of shares of the Registrant's common stock outstanding as of April 30, 2026 was 110,271,973 .
TENABLE HOLDINGS, INC.
TABLE OF CONTENTS
| Page | ||||||||
PART I – FINANCIAL INFORMATION | ||||||||
Item 1. | Financial Statements | |||||||
Consolidated Balance Sheets | 3 | |||||||
Consolidated Statements of Operations | 4 | |||||||
Consolidated Statements of Comprehensive Income (Loss) | 5 | |||||||
Consolidated Statements of Stockholders' Equity | 6 | |||||||
Consolidated Statements of Cash Flows | 7 | |||||||
Notes to Consolidated Financial Statements | 8 | |||||||
1. Business and Summary of Significant Accounting Policies | 8 | |||||||
2. Revenue | 9 | |||||||
3. Cash Equivalents, Short-Term Investments and Other Investments | 11 | |||||||
4. Property and Equipment, Net | 12 | |||||||
5. Goodwill and Intangible Assets | 13 | |||||||
6. Leases | 13 | |||||||
7. Debt | 14 | |||||||
8. Commitments and Contingencies | 15 | |||||||
9. Stock-Based Compensation | 15 | |||||||
10. Income Taxes | 17 | |||||||
11. Net Earnings (Loss) Per Share | 17 | |||||||
Item 2. | Management’s Discussion and Analysis of Financial Condition and Results of Operations | 18 | ||||||
Item 3. | Quantitative and Qualitative Disclosures About Market Risk | 27 | ||||||
Item 4. | Controls and Procedures | 27 | ||||||
PART II – OTHER INFORMATION | ||||||||
Item 1. | Legal Proceedings | 29 | ||||||
Item 1A. | Risk Factors | 29 | ||||||
Item 2. | Unregistered Sales of Equity Securities and Issuer Purchases of Equity Securities | 36 | ||||||
Item 6. | Exhibits | 38 | ||||||
Signatures | 39 | |||||||
Where You Can Find More Information
Investors and others should note that we may announce material business and financial information to our investors using our investor relations website (https://investors.tenable.com), our filings with the Securities and Exchange Commission (SEC), our website, webcasts, press releases, and conference calls. We use these mediums, including our website, to communicate with investors and the general public about our company, our products, and other issues, and for complying with our disclosure obligations under Regulation FD. It is possible that the information that we make available on our website may be deemed to be material information. We therefore encourage investors and others interested in our company to review the information that we make available on our website, in addition to following our SEC filings, our webcasts, press releases, and conference calls. The information we post through these channels is not a part of this Quarterly Report on Form 10-Q. These channels may be updated from time to time on our investor relations website.
2
Table of Contents
PART I. FINANCIAL INFORMATION
Item 1. Financial Statements
TENABLE HOLDINGS, INC.
CONSOLIDATED BALANCE SHEETS
| March 31, 2026 | December 31, 2025 | ||||||||||
| (in thousands, except per share data) | (unaudited) | ||||||||||
| Assets | |||||||||||
| Current assets: | |||||||||||
| Cash and cash equivalents | $ | $ | |||||||||
| Short-term investments | |||||||||||
Accounts receivable (net of allowance for doubtful accounts of $ | |||||||||||
| Deferred commissions | |||||||||||
| Prepaid expenses and other current assets | |||||||||||
| Total current assets | |||||||||||
| Property and equipment, net | |||||||||||
| Deferred commissions (net of current portion) | |||||||||||
| Operating lease right-of-use assets | |||||||||||
| Acquired intangible assets, net | |||||||||||
| Goodwill | |||||||||||
| Other assets | |||||||||||
| Total assets | $ | $ | |||||||||
| Liabilities and Stockholders’ Equity | |||||||||||
| Current liabilities: | |||||||||||
| Accounts payable and accrued expenses | $ | $ | |||||||||
| Accrued compensation | |||||||||||
| Deferred revenue | |||||||||||
| Operating lease liabilities | |||||||||||
| Other current liabilities | |||||||||||
| Total current liabilities | |||||||||||
| Deferred revenue (net of current portion) | |||||||||||
| Term loan, net of issuance costs (net of current portion) | |||||||||||
| Operating lease liabilities (net of current portion) | |||||||||||
| Other liabilities | |||||||||||
| Total liabilities | |||||||||||
| Stockholders’ equity: | |||||||||||
Common stock (par value: $ | |||||||||||
| Additional paid-in capital | |||||||||||
Treasury stock (at cost: | ( | ( | |||||||||
| Accumulated other comprehensive (loss) income | ( | ||||||||||
| Accumulated deficit | ( | ( | |||||||||
| Total stockholders’ equity | |||||||||||
| Total liabilities and stockholders’ equity | $ | $ | |||||||||
The accompanying notes are an integral part of these consolidated financial statements.
3
Table of Contents
TENABLE HOLDINGS, INC.
CONSOLIDATED STATEMENTS OF OPERATIONS
(Unaudited)
| Three Months Ended March 31, | |||||||||||
| (in thousands, except per share data) | 2026 | 2025 | |||||||||
| Revenue | $ | $ | |||||||||
| Cost of revenue | |||||||||||
| Gross profit | |||||||||||
| Operating expenses: | |||||||||||
| Sales and marketing | |||||||||||
| Research and development | |||||||||||
| General and administrative | |||||||||||
| Restructuring | |||||||||||
| Total operating expenses | |||||||||||
| Income (loss) from operations | ( | ||||||||||
| Interest income | |||||||||||
| Interest expense | ( | ( | |||||||||
| Other (expense) income, net | ( | ||||||||||
| Income (loss) before income taxes | ( | ||||||||||
| Provision for income taxes | |||||||||||
| Net income (loss) | $ | $ | ( | ||||||||
| Net earnings (loss) per share: | |||||||||||
| Basic | $ | $ | ( | ||||||||
| Diluted | ( | ||||||||||
| Weighted-average shares used to compute net earnings (loss) per share: | |||||||||||
| Basic | |||||||||||
| Diluted | |||||||||||
The accompanying notes are an integral part of these consolidated financial statements.
4
Table of Contents
TENABLE HOLDINGS, INC.
CONSOLIDATED STATEMENTS OF COMPREHENSIVE INCOME (LOSS)
(Unaudited)
| Three Months Ended March 31, | |||||||||||
| (in thousands) | 2026 | 2025 | |||||||||
| Net income (loss) | $ | $ | ( | ||||||||
| Other comprehensive (loss) income, net of tax: | |||||||||||
| Unrealized (losses) gains on available-for-sale securities, net | ( | ||||||||||
| Other comprehensive (loss) income | ( | ||||||||||
| Comprehensive income (loss) | $ | $ | ( | ||||||||
The accompanying notes are an integral part of these consolidated financial statements.
5
Table of Contents
TENABLE HOLDINGS, INC.
CONSOLIDATED STATEMENTS OF STOCKHOLDERS' EQUITY
(Unaudited)
| Additional Paid-in Capital | Accumulated Other Comprehensive Income (Loss) | Total Stockholders’ Equity | |||||||||||||||||||||||||||||||||||||||||||||
| Common Stock | Treasury Stock | Accumulated Deficit | |||||||||||||||||||||||||||||||||||||||||||||
| (in thousands) | Shares | Amount | Shares | Amount | |||||||||||||||||||||||||||||||||||||||||||
Balance at December 31, 2025 | $ | $ | $ | ( | $ | $ | ( | $ | |||||||||||||||||||||||||||||||||||||||
| Exercise of stock options | — | — | — | — | |||||||||||||||||||||||||||||||||||||||||||
| Vesting of restricted stock units | ( | — | — | — | — | ( | |||||||||||||||||||||||||||||||||||||||||
| Vesting of performance stock units | ( | — | — | — | — | ||||||||||||||||||||||||||||||||||||||||||
| Issuance of common stock under employee stock purchase plan | — | — | — | — | |||||||||||||||||||||||||||||||||||||||||||
| Taxes paid related to net share settlement of equity awards | — | — | — | — | ( | — | — | ( | |||||||||||||||||||||||||||||||||||||||
| Purchase of treasury stock | — | — | — | ( | — | — | ( | ||||||||||||||||||||||||||||||||||||||||
| Shares issued from Treasury | — | — | — | ( | — | — | |||||||||||||||||||||||||||||||||||||||||
| Stock-based compensation | — | — | — | — | — | — | |||||||||||||||||||||||||||||||||||||||||
| Other comprehensive loss | — | — | — | — | — | ( | — | ( | |||||||||||||||||||||||||||||||||||||||
| Net income | — | — | — | — | — | — | |||||||||||||||||||||||||||||||||||||||||
Balance at March 31, 2026 | $ | $ | $ | ( | $ | ( | $ | ( | $ | ||||||||||||||||||||||||||||||||||||||
Balance at December 31, 2024 | $ | $ | $ | ( | $ | $ | ( | $ | |||||||||||||||||||||||||||||||||||||||
| Exercise of stock options | — | — | — | — | — | ||||||||||||||||||||||||||||||||||||||||||
| Vesting of restricted stock units | ( | — | — | — | — | ||||||||||||||||||||||||||||||||||||||||||
| Vesting of performance stock units | ( | — | — | — | — | ||||||||||||||||||||||||||||||||||||||||||
| Issuance of common stock under employee stock purchase plan | — | — | — | — | |||||||||||||||||||||||||||||||||||||||||||
| Purchase of treasury stock | — | — | — | ( | — | — | ( | ||||||||||||||||||||||||||||||||||||||||
| Fair value of replacement equity attributable to pre-acquisition service | — | — | — | — | — | — | |||||||||||||||||||||||||||||||||||||||||
| Stock-based compensation | — | — | — | — | — | — | |||||||||||||||||||||||||||||||||||||||||
| Other comprehensive income | — | — | — | — | — | — | |||||||||||||||||||||||||||||||||||||||||
| Net loss | — | — | — | — | — | — | ( | ( | |||||||||||||||||||||||||||||||||||||||
Balance at March 31, 2025 | $ | $ | $ | ( | $ | $ | ( | $ | |||||||||||||||||||||||||||||||||||||||
The accompanying notes are an integral part of these consolidated financial statements.
6
Table of Contents
TENABLE HOLDINGS, INC.
CONSOLIDATED STATEMENTS OF CASH FLOWS
(Unaudited)
| Three Months Ended March 31, | |||||||||||
| (in thousands) | 2026 | 2025 | |||||||||
| Cash flows from operating activities: | |||||||||||
| Net income (loss) | $ | $ | ( | ||||||||
| Adjustments to reconcile net income (loss) to net cash provided by operating activities: | |||||||||||
| Depreciation and amortization | |||||||||||
| Stock-based compensation | |||||||||||
| Net accretion of discounts and amortization of premiums on short-term investments | ( | ( | |||||||||
| Other | |||||||||||
| Changes in operating assets and liabilities: | |||||||||||
| Accounts receivable | |||||||||||
| Prepaid expenses and other assets | ( | ( | |||||||||
| Accounts payable, accrued expenses and accrued compensation | ( | ( | |||||||||
| Deferred revenue | ( | ( | |||||||||
| Other current and noncurrent liabilities | ( | ||||||||||
| Net cash provided by operating activities | |||||||||||
| Cash flows from investing activities: | |||||||||||
| Purchases of property and equipment | ( | ( | |||||||||
| Capitalized software development costs | ( | ( | |||||||||
| Purchases of short-term investments | ( | ( | |||||||||
| Sales and maturities of short-term investments | |||||||||||
| Proceeds from other investments | |||||||||||
| Purchases of other investments | ( | ||||||||||
| Business combinations, net of cash acquired | ( | ||||||||||
| Net cash used in investing activities | ( | ( | |||||||||
| Cash flows from financing activities: | |||||||||||
| Payments on term loan | ( | ( | |||||||||
| Proceeds from stock issued in connection with the employee stock purchase plan | |||||||||||
| Proceeds from the exercise of stock options | |||||||||||
| Payments for taxes related to net share settlement of equity awards | ( | ||||||||||
| Purchase of treasury stock | ( | ( | |||||||||
| Net cash used in financing activities | ( | ( | |||||||||
| Effect of exchange rate changes on cash and cash equivalents and restricted cash | ( | ||||||||||
| Net decrease in cash and cash equivalents and restricted cash | ( | ( | |||||||||
| Cash and cash equivalents and restricted cash at beginning of period | |||||||||||
| Cash and cash equivalents and restricted cash at end of period | $ | $ | |||||||||
| Supplemental disclosure of cash flow information: | |||||||||||
| Cash paid for interest | $ | $ | |||||||||
| Cash paid for income taxes, net of refunds | |||||||||||
Supplemental cash flow information related to leases: | |||||||||||
Cash payments for operating leases | $ | $ | |||||||||
The accompanying notes are an integral part of these consolidated financial statements.
7
Table of Contents
TENABLE HOLDINGS, INC.
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(Unaudited)
1. Business and Summary of Significant Accounting Policies
Business Description
Tenable Holdings, Inc. (the “Company,” “we,” "us," or “our”) is the leading provider of exposure management solutions. Exposure management is an increasingly critical category that extends foundational vulnerability management, capabilities to advance risk assessment and prioritization across the entire attack surface – from IT infrastructure and cloud environments to critical infrastructure and AI. We unify security visibility, insight and action across this attack surface, equipping modern organizations to quickly identify and close the cybersecurity gaps that erode business value, reputation and trust.
Basis of Presentation
The consolidated statements are unaudited and should be read in conjunction with the consolidated financial statements and related notes included in our 2025 Annual Report on Form 10-K ("10-K") filed with the Securities and Exchange Commission on February 27, 2026. The consolidated financial statements have been prepared on a basis consistent with the audited annual consolidated financial statements included in the 10-K and, in the opinion of management, include all adjustments of a normal recurring nature necessary to fairly state our financial position, our results of operations, and cash flows.
The results for the three months ended March 31, 2026 are not necessarily indicative of the operating results expected for the year ending December 31, 2026 or any other future period.
Use of Estimates
The preparation of consolidated financial statements in conformity with GAAP requires management to make estimates and assumptions that affect the amounts reported in the consolidated financial statements and accompanying notes. These estimates include, but are not limited to, the estimated period of benefit for deferred commissions, the useful lives of long-lived assets, the fair value of acquired intangible assets, the valuation of stock-based compensation, the incremental borrowing rate for operating leases, and the valuation of deferred tax assets and investments. We base these estimates on historical experience and on various other assumptions that we believe to be reasonable. Actual results could differ significantly from these estimates.
Segment Information
We operate as one operating segment. Our chief operating decision makers ("CODMs") are our Co-Chief Executive Officers. Our CODMs review financial information on a consolidated basis for purposes of making operating decisions, allocating resources and evaluating financial performance. Our CODMs review cost of sales expense, sales and marketing expense, research and development expense and general and administrative expense to assess our significant segment expenses, and review income (loss) from operations and net income (loss) to assess our operating performance. Our CODMs also review total assets, as reported on our consolidated balance sheets. See our consolidated statement of operations for our significant segment expenses, income (loss) from operations and net income (loss) in the periods presented.
8
Table of Contents
Significant Accounting Policies
Our significant accounting policies are described in our 10-K. During the three months ended March 31, 2026, there were no material changes to our significant accounting policies from those described in our 10-K.
Recently Adopted Accounting Pronouncements
In July 2025, the FASB issued ASU 2025-05 - Measurement of Credit Loss for Accounts Receivable and Contract Assets, which provides a practical expedient for the calculation of current expected credit losses for accounts receivable and contract assets, allowing entities to assume that current conditions as of the balance sheet date will persist through the forecast period. The adoption of ASU 2025-05 as of January 1, 2026 on a prospective basis had an immaterial impact on our consolidated financial statements.
Recently Issued Accounting Pronouncements
In November 2024, the FASB issued ASU 2024-03 - Income Statement - Reporting Comprehensive Income - Expense Disaggregation Disclosures (Subtopic 220-40): Disaggregation of Income Statement Expenses, which requires public entities to disclose, on an annual and interim basis, disaggregated information about certain income statement expense line items. The ASU also requires disclosure of the total amount of selling expenses recognized in continuing operations on an annual and interim basis and disclosure of the definition of selling expenses. The guidance is effective beginning January 1, 2027 on a prospective basis, with a retrospective option, and interim reporting periods beginning on January 1, 2028. Early adoption is permitted. We are currently evaluating the impact of adopting this standard on our consolidated financial statements and disclosures.
In September 2025, the FASB issued ASU 2025-06 - Targeted Improvements to the Accounting for Internal-Use Software, which clarifies the requirements for capitalizing internal use software. The guidance is effective beginning January 1, 2028 using a prospective, modified retrospective or full retrospective approach. We are currently evaluating the impact of adopting this standard on our consolidated financial statements and disclosures.
In December 2025, the FASB issued ASU 2025-10 - Government Grants (Topic 832): Accounting for Government Grants Received by Business Entities, establishing guidance on the recognition, measurement and presentation of government grants. The guidance is effective beginning January 1, 2029 on a modified prospective, modified retrospective or retrospective basis, with early adoption permitted. We are currently evaluating the impact of adopting this standard on our consolidated financial statements and disclosures.
2. Revenue
Disaggregation of Revenue
The following table presents a summary of revenue:
| Three Months Ended March 31, | |||||||||||
| (in thousands) | 2026 | 2025 | |||||||||
| Subscription revenue | $ | $ | |||||||||
| Perpetual license and maintenance revenue | |||||||||||
| Professional services and other revenue | |||||||||||
| Revenue | $ | $ | |||||||||
9
Table of Contents
Revenue by region, based on the address of the end user as specified in our subscription, license or service agreements, was as follows:
| Three Months Ended March 31, | |||||||||||
| (in thousands) | 2026 | 2025 | |||||||||
| The Americas | $ | $ | |||||||||
| Europe, Middle East and Africa | |||||||||||
| Asia Pacific | |||||||||||
| Revenue | $ | $ | |||||||||
Customers located in the United States accounted for 52 % of revenue in the three months ended March 31, 2026 and 53 % of revenue in the three months ended March 31, 2025. No other country accounted for 10% or more of revenue in the periods presented.
Concentrations
We sell and market our products and services through our field sales force that works closely with our channel partners, which includes a network of distributors and resellers, in developing sales opportunities. We use a two-tiered channel model whereby we sell our products and services to our distributors, which in turn sell to resellers, which then sell to end users. Revenue derived through our channel network comprised 95 % and 94 % of revenue in the three months ended March 31, 2026 and 2025, respectively. One of our distributors accounted for 30 % and 32 % of revenue in the three months ended March 31, 2026 and 2025, respectively. That same distributor accounted for 31 % and 27 % of accounts receivable at March 31, 2026 and December 31, 2025, respectively.
Contract Balances
We generally bill our customers in advance and accounts receivable are recorded when we have the right to invoice the customer. Contract liabilities consist of deferred revenue and include customer billings and payments received in advance of performance under the contract. In the three months ended March 31, 2026 and 2025, we recognized revenue of $247.0 million and $224.1 million, respectively, that was included in the deferred revenue balance at the beginning of each respective period.
Remaining Performance Obligations
The following summarizes the future estimated revenue related to unsatisfied performance obligations:
| March 31, | |||||||||||
| (in thousands) | 2026 | 2025 | |||||||||
| Remaining performance obligations, short-term | $ | $ | |||||||||
| Remaining performance obligations, long-term | |||||||||||
| Remaining performance obligations | $ | $ | |||||||||
Deferred Commissions
The following summarizes the activity of deferred incremental costs of obtaining a contract:
| Three Months Ended March 31, | |||||||||||
| (in thousands) | 2026 | 2025 | |||||||||
| Beginning balance | $ | $ | |||||||||
| Capitalization of contract acquisition costs | |||||||||||
| Amortization of deferred contract acquisition costs | ( | ( | |||||||||
| Ending balance | $ | $ | |||||||||
10
Table of Contents
3. Cash Equivalents, Short-Term Investments and Other Investments
Cash Equivalents and Short-Term Investments
We review the fair value of our financial assets based on quoted prices for identical assets or prices for similar assets in active markets. The following tables summarize our assets that are measured at fair value on a recurring basis:
| March 31, 2026 | |||||||||||||||||||||||||||||
| (in thousands) | Fair Value Hierarchy | Amortized Cost | Unrealized Gain | Unrealized Loss | Estimated Fair Value | ||||||||||||||||||||||||
| Cash equivalents | |||||||||||||||||||||||||||||
| Money market funds | Level 1 | $ | $ | — | $ | — | $ | ||||||||||||||||||||||
| Total cash equivalents | $ | $ | — | $ | — | $ | |||||||||||||||||||||||
| Short-term investments | |||||||||||||||||||||||||||||
| Commercial paper | Level 2 | $ | $ | $ | ( | $ | |||||||||||||||||||||||
| Corporate bonds | Level 2 | ( | |||||||||||||||||||||||||||
| Asset backed securities | Level 2 | ( | |||||||||||||||||||||||||||
| Yankee bonds | Level 2 | ( | |||||||||||||||||||||||||||
| U.S. Treasury and agency obligations | Level 2 | ( | |||||||||||||||||||||||||||
| Total short-term investments | $ | $ | $ | ( | $ | ||||||||||||||||||||||||
| December 31, 2025 | |||||||||||||||||||||||||||||
| (in thousands) | Fair Value Hierarchy | Amortized Cost | Unrealized Gain | Unrealized Loss | Estimated Fair Value | ||||||||||||||||||||||||
| Cash equivalents | |||||||||||||||||||||||||||||
| Money market funds | Level 1 | $ | $ | — | $ | — | $ | ||||||||||||||||||||||
| Total cash equivalents | $ | $ | — | $ | — | $ | |||||||||||||||||||||||
| Short-term investments | |||||||||||||||||||||||||||||
| Commercial paper | Level 2 | $ | $ | $ | $ | ||||||||||||||||||||||||
| Corporate bonds | Level 2 | ( | |||||||||||||||||||||||||||
| Asset backed securities | Level 2 | ||||||||||||||||||||||||||||
| Yankee bonds | Level 2 | ( | |||||||||||||||||||||||||||
| U.S. Treasury and agency obligations | Level 2 | ||||||||||||||||||||||||||||
| Total short-term investments | $ | $ | $ | ( | $ | ||||||||||||||||||||||||
We considered the extent to which any unrealized losses on our short-term investments were driven by credit risk and other factors, including market risk, and if it is more-likely-than-not that we would have to sell the security before the recovery of the amortized cost basis. At March 31, 2026 and December 31, 2025, our unrealized losses were due to changes in market interest rates compared to when the investments were initiated. We do not believe any unrealized losses represent credit losses, and it is unlikely we would sell the investments before we would recover their amortized cost basis.
11
Table of Contents
The contractual maturities of our short-term investments are as follows:
| March 31, 2026 | December 31, 2025 | ||||||||||||||||||||||
| (in thousands) | Amortized Cost | Estimated Fair Value | Amortized Cost | Estimated Fair Value | |||||||||||||||||||
| Due within one year | $ | $ | $ | $ | |||||||||||||||||||
| Due between one and two years | |||||||||||||||||||||||
| Total short-term investments | $ | $ | $ | $ | |||||||||||||||||||
At March 31, 2026 and December 31, 2025, cash and cash equivalents included $8.7
Other Investments
Our investments in privately held, nonmarketable securities are measured at cost, less any impairment, plus or minus observable price changes for similar investments of the same issuer, and were as follows:
| (in thousands) | Fair Value Hierarchy | March 31, 2026 | December 31, 2025 | ||||||||||||||
| Equity securities | Level 3 | $ | $ | ||||||||||||||
| Debt and other securities | Level 3 | ||||||||||||||||
| Total other investments | $ | $ | |||||||||||||||
We did not have any liabilities measured and recorded at fair value on a recurring basis at March 31, 2026 and December 31, 2025.
4. Property and Equipment, Net
Property and equipment, net consisted of the following:
(in thousands) | March 31, 2026 | December 31, 2025 | |||||||||
Computer software and equipment | $ | $ | |||||||||
| Internally developed software | |||||||||||
Furniture and fixtures | |||||||||||
Leasehold improvements | |||||||||||
Total | |||||||||||
Less: accumulated depreciation and amortization | ( | ( | |||||||||
Property and equipment, net | $ | $ | |||||||||
Our property and equipment, net by geographic area is as follows:
| (in thousands) | March 31, 2026 | December 31, 2025 | |||||||||
| United States | $ | $ | |||||||||
| International | |||||||||||
| Property and equipment, net | $ | $ | |||||||||
Depreciation and amortization related to property and equipment was $3.4 million and $4.0 million in the three months ended March 31, 2026 and 2025, respectively.
12
Table of Contents
5. Goodwill and Intangible Assets
At March 31, 2026 and December 31, 2025, our goodwill balance was $697.9
Acquired intangible assets subject to amortization are as follows:
| March 31, 2026 | December 31, 2025 | ||||||||||||||||||||||||||||||||||
| (in thousands) | Gross Carrying Amount | Accumulated Amortization | Net Carrying Amount | Gross Carrying Amount | Accumulated Amortization | Net Carrying Amount | |||||||||||||||||||||||||||||
| Acquired technology | $ | $ | ( | $ | $ | $ | ( | $ | |||||||||||||||||||||||||||
| Trade name | ( | ( | |||||||||||||||||||||||||||||||||
| $ | $ | ( | $ | $ | $ | ( | $ | ||||||||||||||||||||||||||||
Amortization of acquired intangible assets was $6.8 million and $5.9 million in the three months ended March 31, 2026 and 2025, respectively. At March 31, 2026, our acquired intangible assets are expected to be amortized over an estimated remaining weighted average period of 4.7 years.
At March 31, 2026, estimated future amortization of acquired intangible assets is as follows:
(in thousands) | |||||
Year ending December 31, | |||||
2026 | $ | ||||
| 2027 | |||||
| 2028 | |||||
| 2029 | |||||
| 2030 | |||||
Thereafter | |||||
Total | $ | ||||
6. Leases
The components of lease expense were as follows:
| Three Months Ended March 31, | |||||||||||
(in thousands) | 2026 | 2025 | |||||||||
Operating lease cost(1) | $ | $ | |||||||||
_______________
(1) Excludes sublease income.
Sublease income, which is recorded as a reduction of rent expense, was $0.4
Rent expense for short-term leases in the three months ended March 31, 2026 and 2025 was not material.
Supplemental information related to leases was as follows:
| March 31, 2026 | December 31, 2025 | ||||||||||
Operating leases | |||||||||||
Weighted average remaining lease term | |||||||||||
Weighted average discount rate | |||||||||||
13
Table of Contents
| Three Months Ended March 31, | |||||||||||
(in thousands) | 2026 | 2025 | |||||||||
| ROU assets obtained in exchange for lease obligations | |||||||||||
Operating leases | $ | $ | |||||||||
Maturities of operating lease liabilities at March 31, 2026 were as follows:
(in thousands) | |||||
Year ending December 31, | |||||
2026 | $ | ||||
| 2027 | |||||
| 2028 | |||||
| 2029 | |||||
| 2030 | |||||
Thereafter | |||||
Total lease payments | |||||
Less: Imputed interest | ( | ||||
Total | $ | ||||
Operating lease payments in the table above do not include $1.3 million, $1.8 million, $1.9 million, $1.9 million, $2.0 million and $2.5 million of sublease payments we expect to receive in 2026, 2027, 2028, 2029, 2030 and thereafter, respectively.
7. Debt
Credit Agreement
In July 2021, we entered into a credit agreement ("Credit Agreement") which is comprised of:
•a $375.0 million senior secured term loan facility ("Term Loan"); and
•a $50.0 million senior secured revolving credit facility ("Revolving Credit Facility").
The table below summarizes the carrying value of the Term Loan:
| (in thousands) | March 31, 2026 | ||||
| Term loan | $ | ||||
| Less: Unamortized debt discount and issuance costs | ( | ||||
| Term loan, net of issuance costs | |||||
| Less: Term loan, net, current | ( | ||||
| Term loan, net of issuance costs (net of current portion) | $ | ||||
Our Term Loan is recorded at its carrying value. At March 31, 2026, the fair value of our Term Loan was approximately $357.3 million. In the fair value hierarchy, our Term Loan is classified as Level 2 as it is traded in less active markets.
The maturities of our Term Loan at March 31, 2026 were as follows:
(in thousands) | |||||
Year ending December 31, | |||||
2026 | $ | ||||
| 2027 | |||||
| 2028 | |||||
Total | $ | ||||
14
Table of Contents
We may be subject to mandatory Term Loan prepayments related to the excess cash flow provisions. These prepayments would only be required if our first lien net leverage ratio (as defined in our Credit Agreement) exceeds 3.5 at the end of each year. At March 31, 2026, our first lien net leverage ratio was 0.81 .
At March 31, 2026, we had $0.2 million of standby letters of credit outstanding under our Revolving Credit Facility related to one of our operating leases. At March 31, 2026, we were in compliance with the covenants under the Credit Agreement.
8. Commitments and Contingencies
Commitments
In December 2023, we entered into a contract with Microsoft for cloud services from February 2024 through January 2027. Under the terms of the contract we committed to spend €28.5 million. As of March 31, 2026, we have spent €17.7 million of our commitment.
In July 2024, we entered into a new contract with AWS for cloud services, in which we committed to spend $59.7 million, $77.6 million and $93.0 million in contract years one, two and three, respectively, for a total commitment of $230.3 million from August 2024 to July 2027. As of March 31, 2026, we have met our first year commitment and we have spent $51.9 million of our second year commitment.
Letters of Credit
At March 31, 2026, we had $5.7 million of standby letters of credit related to our grant agreements with the State of Maryland and our operating leases. Collateral for $5.5 million of our letters of credit was classified as restricted cash in cash and cash equivalents.
9. Stock-Based Compensation
Stock-based compensation expense included in the consolidated statements of operations was as follows:
| Three Months Ended March 31, | |||||||||||
| (in thousands) | 2026 | 2025 | |||||||||
| Cost of revenue | $ | $ | |||||||||
| Sales and marketing | |||||||||||
| Research and development | |||||||||||
General and administrative(1) | |||||||||||
| Total stock-based compensation expense | $ | $ | |||||||||
_______________
(1) Stock-based compensation in the three months ended March 31, 2025 includes $14.6 million of expense related to the accelerated vesting of equity awards for our former Chairman and Chief Executive Officer.
A summary of the unrecognized stock-based compensation expense related to unvested awards at March 31, 2026 is presented below:
| Unrecognized Stock-Based Compensation Expense (in thousands) | Estimated Weighted Average Period (in years) | ||||||||||
| Restricted stock units ("RSUs") | $ | ||||||||||
| Performance stock units ("PSUs") | |||||||||||
| Restricted stock | |||||||||||
| 2018 Employee Stock Purchase Plan ("2018 ESPP") | |||||||||||
15
Table of Contents
Restricted Stock, RSUs and PSUs
A summary of our restricted stock, RSU and PSU activity is presented below:
| Restricted Stock | RSUs | PSUs | |||||||||||||||||||||||||||||||||
(in thousands, except for per share data) | Number of Shares | Weighted Average Grant Date Fair Value | Number of Shares | Weighted Average Grant Date Fair Value | Number of Shares | Weighted Average Grant Date Fair Value | |||||||||||||||||||||||||||||
| Unvested balance at December 31, 2025 | $ | $ | $ | ||||||||||||||||||||||||||||||||
| Granted | |||||||||||||||||||||||||||||||||||
Performance adjustment(1) | ( | ||||||||||||||||||||||||||||||||||
| Vested | ( | ( | ( | ||||||||||||||||||||||||||||||||
| Forfeited | ( | ||||||||||||||||||||||||||||||||||
| Unvested balance at March 31, 2026 | |||||||||||||||||||||||||||||||||||
_______________
(1) Represents adjustments due to actual performance measured against predefined financial performance targets.
In January 2026, under the evergreen provision in our 2018 Equity Incentive Plan we reserved an additional 5.9 million shares of our common stock. At March 31, 2026, there were 23.2 million shares available for grant under the plan.
Stock Options
A summary of our stock option activity is presented below:
(in thousands, except for exercise prices and years) | Number of Shares | Weighted Average Exercise Price | Weighted-Average Remaining Contractual Term (in years) | Aggregate Intrinsic Value | |||||||||||||||||||
| Outstanding at December 31, 2025 | $ | $ | |||||||||||||||||||||
Exercised(1) | ( | ||||||||||||||||||||||
| Forfeited/canceled | ( | — | |||||||||||||||||||||
| Outstanding and exercisable at March 31, 2026 | |||||||||||||||||||||||
2018 Employee Stock Purchase Plan
In the three months ended March 31, 2026, employees purchased 0.5 million shares of our common stock at a weighted average price of $16.35 per share, resulting in $8.7 million of cash proceeds. At March 31, 2026, there were $1.2 million of employee contributions to the 2018 ESPP included in accrued compensation.
The fair value of the 2018 ESPP purchase rights was estimated on the offering or modification dates using the following assumptions:
| Three Months Ended March 31, | |||||||||||
| 2026 | 2025 | ||||||||||
| Expected term (in years) | |||||||||||
| Expected volatility | |||||||||||
| Risk-free interest rate | |||||||||||
| Expected dividend yield | |||||||||||
Under the evergreen provision in our 2018 ESPP, in January 2026 we reserved an additional 1.8 million shares of our common stock. At March 31, 2026, there were 12.5 million shares reserved for issuance under the 2018 ESPP.
16
Table of Contents
10. Income Taxes
In the three months ended March 31, 2026, the provision for income taxes included $1.6 million of income taxes in foreign jurisdictions in which we conduct business and $2.1 million of discrete items primarily related to withholding taxes on sales to customers.
In the three months ended March 31, 2025, the provision for income taxes included $2.1 million of income taxes in foreign jurisdictions in which we conduct business and $1.5 million of discrete items primarily related to withholding taxes on sales to customers.
11. Net Earnings (Loss) Per Share
The following table sets forth the computation of basic and diluted net earnings (loss) per share:
| Three Months Ended March 31, | |||||||||||
| (in thousands, except per share data) | 2026 | 2025 | |||||||||
| Net income (loss) | $ | $ | ( | ||||||||
| Weighted-average shares used to compute net earnings (loss) per share: | |||||||||||
| Basic | |||||||||||
| Dilutive impact of outstanding equity awards | |||||||||||
| Diluted | |||||||||||
| Net earnings (loss) per share | |||||||||||
| Basic | $ | $ | ( | ||||||||
| Diluted | $ | $ | ( | ||||||||
The following potentially dilutive securities have been excluded from the diluted per share calculations because they would have been antidilutive:
| Three Months Ended March 31, | |||||||||||
| (in thousands) | 2026 | 2025 | |||||||||
| RSUs | |||||||||||
| Stock options | |||||||||||
| Shares to be issued under the 2018 ESPP | |||||||||||
| PSUs | |||||||||||
| Restricted stock | |||||||||||
| Total | |||||||||||
17
Table of Contents
Item 2. Management's Discussion and Analysis of Financial Condition and Results of Operations
The following discussion and analysis of our financial condition and results of operations should be read in conjunction with (1) our consolidated financial statements and related notes included elsewhere in this Quarterly Report on Form 10-Q, or this Form 10-Q, and (2) our consolidated financial statements, related notes and management's discussion and analysis of financial condition and results of operations in our Annual Report on Form 10-K for the year ended December 31, 2025, or the 10-K, filed with the Securities and Exchange Commission, or the SEC, on February 27, 2026. This Form 10-Q contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, or the Securities Act, and Section 21E of the Securities Exchange Act of 1934, as amended, or the Exchange Act. These statements are often identified by the use of words such as “anticipate,” “believe,” “continue,” “could,” “estimate,” “expect,” “intend,” “may,” “plan,” “project,” “will,” “would” or the negative or plural of these words or similar expressions or variations. Such forward-looking statements are subject to a number of risks, uncertainties, assumptions and other factors that could cause actual results and the timing of certain events to differ materially from future results expressed or implied by the forward-looking statements. Factors that could cause or contribute to such differences include, but are not limited to, those identified herein, and those discussed in the section titled “Risk Factors,” set forth in Part I, Item IA of the 10-K, in Part II, Item 1A of this Form 10-Q and in our other filings with the SEC. You should not rely upon forward-looking statements as predictions of future events. Furthermore, such forward-looking statements speak only as of the date of this report. Except as required by law, we undertake no obligation to update any forward-looking statements to reflect events or circumstances after the date of such statements.
Overview
We are the leading provider of exposure management solutions. Exposure management is an increasingly critical category that extends foundational vulnerability management, capabilities to advance risk assessment and prioritization across the entire attack surface – from IT infrastructure and cloud environments to critical infrastructure and AI. We unify security visibility, insight and action across this attack surface, equipping modern organizations to quickly identify and close the cybersecurity gaps that erode business value, reputation and trust.
Tenable One, our AI-powered exposure management platform, gives enterprises a single, unified view of risk across all types of assets and attack pathways. The platform combines broad, industry-leading vulnerability coverage, spanning IT assets, cloud resources, containers, web apps, identity systems, third-party connectors and AI-related assets and workloads.
Our solutions are primarily sold on a subscription basis with a one-year term, but are increasingly being sold with longer contractual durations. Our subscription terms are generally not longer than three years. These subscriptions are typically invoiced in advance at the beginning of the term, however multi-year subscriptions are increasingly being invoiced annually in installments.
We sell and market our products and services through our field sales force that works closely with our channel network of distributors, resellers and managed security service providers (MSSPs), in developing sales opportunities. We typically use a two-tiered channel model whereby we sell our enterprise platform offerings to our distributors, who in turn sell to our resellers, who then sell to end users, who we call customers.
18
Table of Contents
Financial Highlights
Below are our key financial results:
| Three Months Ended March 31, | |||||||||||
| (in thousands, except per share data) | 2026 | 2025 | |||||||||
| Revenue | $ | 262,058 | $ | 239,137 | |||||||
| Income (loss) from operations | 8,763 | (17,711) | |||||||||
| Net income (loss) | 1,414 | (22,935) | |||||||||
| Net earnings (loss) per share, basic and diluted | 0.01 | (0.19) | |||||||||
| Net cash provided by operating activities | 87,971 | 87,407 | |||||||||
| Purchases of property and equipment | (2,587) | (6,553) | |||||||||
| Capitalized software development costs | (2,745) | (624) | |||||||||
Recurring revenue, which includes revenue from subscription arrangements for software (both recognized ratably over the subscription term and upon delivery) and cloud-based solutions and maintenance associated with perpetual licenses, represented 96% of revenue in the three months ended March 31, 2026 and 2025.
Operating and Financial Metrics
To supplement our consolidated financial statements, which are prepared and presented in accordance with GAAP, we use and monitor the following operating and financial metrics, which include non-GAAP financial measures, to understand and evaluate our core operating and financial performance.
Customer Metrics
We believe that our customer base provides a significant opportunity to expand sales of our enterprise platform offerings. We define an enterprise platform customer as a customer that has licensed Tenable One, Tenable Vulnerability Management, Tenable Cloud Security, Tenable Identity Exposure, Tenable OT Security or Tenable Security Center for an annual amount of $5,000 or greater. New enterprise platform customers represent new customer logos during the periods presented and do not include customer conversions from Tenable Nessus Expert to enterprise platforms. The following tables summarize key components of our customer base:
| Three Months Ended March 31, | |||||||||||||||||
| 2026 | 2025 | Change (%) | |||||||||||||||
| Number of new enterprise platform customers added in period | 406 | 361 | 12% | ||||||||||||||
| March 31, | |||||||||||||||||
| 2026 | 2025 | Change (%) | |||||||||||||||
Number of customers with $100,000 and greater in annual contract value at end of period | 2,204 | 2,042 | 8% | ||||||||||||||
Dollar-Based Net Expansion Rate
Our dollar-based net expansion rate reflects both our customer retention and ability to drive additional sales to our existing customers. Our dollar-based net expansion rate has historically fluctuated and is expected to continue to fluctuate on a quarterly basis as a result of a number of factors, including existing customers' satisfaction with our solutions, existing customer retention, the pricing of our solutions, the availability of competing solutions and the pricing thereof, and the timing of customer renewals. In addition, our sales pipeline opportunities vary from quarter to quarter between new customers and expansion from existing customers, and we do not prioritize one over the other to maximize the dollar-based net expansion rate.
Our dollar-based net expansion rate is evaluated on a last twelve months, or LTM, basis, and is calculated as follows:
19
Table of Contents
•Denominator: To calculate our dollar-based net expansion rate as of the end of a reporting period, we first determine the annual recurring revenue, or ARR, from all active subscriptions (both revenue recognized ratably over the subscription term and upon delivery) and maintenance from perpetual licenses as of the last day of the same reporting period in the prior year. This represents recurring payments that we expect to receive in the next 12-month period from the cohort of customers that existed on the last day of the same reporting period in the prior year.
•Numerator: We measure the ARR for that same cohort of customers representing all subscriptions and maintenance from perpetual licenses based on customer orders as of the end of the reporting period.
We calculate dollar-based net expansion rate by dividing the numerator by the denominator.
The following table presents our dollar-based net expansion rate:
| March 31, | |||||||||||
| 2026 | 2025 | ||||||||||
| Dollar-based net expansion rate | 105 | % | 108 | % | |||||||
Components of Our Results of Operations
Revenue
We generate revenue from subscription arrangements for our software and cloud-based solutions, perpetual licenses, maintenance associated with perpetual licenses and professional services.
We typically experience seasonality in customer agreement volumes, entering into a significantly higher percentage of new and renewal agreements in the third and fourth quarters of the year. The increase in the third quarter is primarily driven by U.S. government and related agencies, and the increase in the fourth quarter reflects typical large enterprise buying patterns in the software industry. Although the ratable nature of our subscription revenue lessens the financial impact, these historical trends may be impacted by macroeconomic conditions and U.S. policy decisions, which may lengthen purchasing and approval phases of our sales cycle in 2026.
Cost of Revenue, Gross Profit and Gross Margin
Cost of revenue includes personnel costs related to our technical support group that provides assistance to customers, including salaries, benefits, bonuses, payroll taxes, stock-based compensation and any ordinary course severance. Cost of revenue also includes cloud infrastructure costs, the costs related to professional services and training, depreciation, amortization of acquired and developed technology, hardware costs and allocated overhead costs, which consist of information technology, facilities and insurance.
We expect our gross profit, or revenue less cost of revenue, to increase in absolute dollars but our gross margin, or gross profit as a percentage of revenue, may fluctuate from period to period, particularly as it relates to cloud infrastructure costs, as we expect revenue from our cloud-based subscriptions to increase as a percentage of revenue.
Operating Expenses
Our operating expenses consist of sales and marketing, research and development, general and administrative and restructuring expenses. Personnel costs are the most significant component of operating expenses and consist of salaries, benefits, bonuses, payroll taxes, stock-based compensation and ordinary course severance. Operating expenses also include depreciation and amortization, allocated overhead costs, including IT and facilities costs, as well as acquisition-related expenses.
Sales and marketing expense consists of personnel costs, sales commissions, marketing programs, travel and entertainment, expenses for conferences, meetings and events, allocated overhead costs and acquisition-related expenses.
20
Table of Contents
Research and development expense consists of personnel costs, software used to develop our products, travel and entertainment, consulting and professional fees for third-party development resources, allocated overhead and acquisition-related expenses. Our research and development expense supports our efforts to continue to add capabilities to our existing products and enable the continued detection of new network vulnerabilities.
General and administrative expense consists of personnel costs for our executive, finance, legal, human resources and administrative departments. Additional expenses include travel and entertainment, professional fees, insurance, allocated overhead and acquisition-related expenses.
Restructuring expenses consist of non-ordinary course severance, employee related benefits and other charges to reorganize business operations.
We expect our operating expenses to increase in absolute dollars and decrease as a percentage of revenue, although our actual expense may fluctuate from period to period due to the timing and extent of expenses.
Interest Income, Interest Expense and Other Income (Expense), Net
Interest income consists of income earned on cash and cash equivalents and short-term investments. Interest expense consists primarily of interest expense in connection with our Term Loan, unused commitment fees on our Revolving Credit Facility, and letter of credit fees. Other income (expense), net consists primarily of foreign currency remeasurement and transaction gains and losses and any realized and unrealized gains and losses, including impairment losses and gains related to our investments in privately held securities.
Provision for Income Taxes
Provision for income taxes consists of income taxes in all jurisdictions in which we conduct business and the related withholding taxes on sales with customers. We have recorded deferred tax assets for which a valuation allowance has been provided, including net operating loss carryforwards and tax credits. We expect to maintain this valuation allowance for the foreseeable future as it is more likely than not that some or all of those deferred tax assets may not be realized based on our history of losses. The valuation allowance is subject to change based on our ability to generate future taxable income. We will continue to evaluate the realization of deferred tax assets to determine changes to valuation allowance in future periods.
21
Table of Contents
Results of Operations
The following tables set forth our consolidated results of operations for the periods presented:
| Three Months Ended March 31, | |||||||||||
| (in thousands) | 2026 | 2025 | |||||||||
| Revenue | $ | 262,058 | $ | 239,137 | |||||||
Cost of revenue(1) | 56,669 | 52,460 | |||||||||
| Gross profit | 205,389 | 186,677 | |||||||||
| Operating expenses: | |||||||||||
Sales and marketing(1) | 106,989 | 103,182 | |||||||||
Research and development(1) | 55,761 | 53,223 | |||||||||
General and administrative(1) | 31,445 | 47,983 | |||||||||
| Restructuring | 2,431 | — | |||||||||
| Total operating expenses | 196,626 | 204,388 | |||||||||
| Income (loss) from operations | 8,763 | (17,711) | |||||||||
| Interest income | 3,040 | 4,927 | |||||||||
| Interest expense | (6,412) | (7,011) | |||||||||
| Other (expense) income, net | (304) | 474 | |||||||||
| Income (loss) before income taxes | 5,087 | (19,321) | |||||||||
| Provision for income taxes | 3,673 | 3,614 | |||||||||
| Net income (loss) | $ | 1,414 | $ | (22,935) | |||||||
_______________
(1) Includes stock-based compensation expense as follows:
| Three Months Ended March 31, | |||||||||||
| (in thousands) | 2026 | 2025 | |||||||||
| Cost of revenue | $ | 3,275 | $ | 3,315 | |||||||
| Sales and marketing | 17,473 | 16,630 | |||||||||
| Research and development | 13,029 | 12,967 | |||||||||
General and administrative(2) | 10,077 | 22,991 | |||||||||
| Total stock-based compensation expense | $ | 43,854 | $ | 55,903 | |||||||
_______________
(2) Stock-based compensation in the three months ended March 31, 2025 includes $14.6 million of expense related to the accelerated vesting of equity awards for our former Chairman and Chief Executive Officer.
Comparison of the Three Months Ended March 31, 2026 and 2025
Revenue
The following table presents the increase in revenue:
| Three Months Ended March 31, | Change | ||||||||||||||||||||||
| (dollars in thousands) | 2026 | 2025 | ($) | (%) | |||||||||||||||||||
| Subscription revenue | $ | 243,153 | $ | 220,443 | $ | 22,710 | 10 | % | |||||||||||||||
| Perpetual license and maintenance revenue | 10,162 | 11,552 | (1,390) | (12) | % | ||||||||||||||||||
| Professional services and other revenue | 8,743 | 7,142 | 1,601 | 22 | % | ||||||||||||||||||
| Revenue | $ | 262,058 | $ | 239,137 | $ | 22,921 | 10 | % | |||||||||||||||
22
Table of Contents
The increase in revenue included an increase of $24.8 million from existing customers as of April 1, 2025, partially offset by a decrease of $1.9 million in revenue from new customers. U.S. revenue increased $9.5 million, or 7%. International revenue increased $13.4 million, or 12%.
Cost of Revenue, Gross Profit and Gross Margin
| Three Months Ended March 31, | Change | ||||||||||||||||||||||
| (dollars in thousands) | 2026 | 2025 | ($) | (%) | |||||||||||||||||||
| Cost of revenue | $ | 56,669 | $ | 52,460 | $ | 4,209 | 8 | % | |||||||||||||||
| Gross profit | 205,389 | 186,677 | 18,712 | 10 | % | ||||||||||||||||||
| Gross margin | 78 | % | 78 | % | |||||||||||||||||||
The increase in cost of revenue was primarily due to:
•a $1.3 million increase in personnel costs;
•a $1.0 million increase in third-party cloud infrastructure costs;
•a $0.9 million increase in amortization of acquired intangible assets; and
•a $0.8 million increase in professional services.
Operating Expenses
Sales and Marketing
| Three Months Ended March 31, | Change | ||||||||||||||||||||||
| (dollars in thousands) | 2026 | 2025 | ($) | (%) | |||||||||||||||||||
| Sales and marketing | $ | 106,989 | $ | 103,182 | $ | 3,807 | 4 | % | |||||||||||||||
The increase in sales and marketing expense was primarily due to:
•a $2.3 million increase in personnel costs, including a $0.8 million increase in stock-based compensation;
•a $1.3 million increase in sales commissions,
•a $0.6 million increase in allocated overhead expenses, and
•a $0.5 million increase in expenses for demand generation programs, including advertising, sponsorships, and brand awareness efforts; partially offset by
•a $1.1 million decrease in acquisition-related expenses.
Research and Development
| Three Months Ended March 31, | Change | ||||||||||||||||||||||
| (dollars in thousands) | 2026 | 2025 | ($) | (%) | |||||||||||||||||||
| Research and development | $ | 55,761 | $ | 53,223 | $ | 2,538 | 5 | % | |||||||||||||||
The increase in research and development expense was primarily due to:
•a $2.6 million increase in personnel costs; and
•a $1.0 million increase in allocated overhead; partially offset by
•a $1.2 million decrease in acquisition-related expenses.
23
Table of Contents
General and Administrative
| Three Months Ended March 31, | Change | ||||||||||||||||||||||
| (dollars in thousands) | 2026 | 2025 | ($) | (%) | |||||||||||||||||||
| General and administrative | $ | 31,445 | $ | 47,983 | $ | (16,538) | (34) | % | |||||||||||||||
The decrease in general and administrative expense was primarily due to:
•a $13.2 million decrease in personnel costs, including a $12.9 million decrease in stock-based compensation primarily related to the accelerated vesting of equity awards for our former Chairman and Chief Executive Officer in the three months ended March 31, 2025; and
•a $2.3 million decrease in acquisition-related expenses.
Restructuring
| Three Months Ended March 31, | Change | ||||||||||||||||||||||
| (dollars in thousands) | 2026 | 2025 | ($) | (%) | |||||||||||||||||||
| Restructuring | $ | 2,431 | $ | — | $ | 2,431 | 100 | % | |||||||||||||||
Restructuring in the three months ended March 31, 2026 included non-ordinary course severance and employee related benefits.
Interest Income, Interest Expense and Other (Expense) Income, Net
| Three Months Ended March 31, | Change | ||||||||||||||||||||||
| (dollars in thousands) | 2026 | 2025 | ($) | (%) | |||||||||||||||||||
| Interest income | $ | 3,040 | $ | 4,927 | $ | (1,887) | (38) | % | |||||||||||||||
| Interest expense | (6,412) | (7,011) | (599) | (9) | % | ||||||||||||||||||
| Other (expense) income, net | (304) | 474 | (778) | (164) | % | ||||||||||||||||||
The $1.9 million decrease in interest income was due to decreased rates of return of short-term investments. Interest expense decreased $0.6 million due to a decrease in the interest rate on our Term Loan. Other expense increased $0.8 million primarily due to an increase in foreign exchange losses.
| Three Months Ended March 31, | Change | ||||||||||||||||||||||
| (dollars in thousands) | 2026 | 2025 | ($) | (%) | |||||||||||||||||||
| Provision for income taxes | $ | 3,673 | $ | 3,614 | $ | 59 | 2 | % | |||||||||||||||
In the three months ended March 31, 2026, the provision for income taxes included:
•$2.1 million of discrete items primarily related to withholding taxes on sales to customers; and
•$1.6 million of income taxes in foreign jurisdictions in which we conduct business.
In the three months ended March 31, 2025, the provision for income taxes included:
•$2.1 million of income taxes in foreign jurisdictions in which we conduct business; and
•$1.5 million of discrete items primarily related to withholding taxes on sales to customers.
24
Table of Contents
Liquidity and Capital Resources
At March 31, 2026, we had $139.2 million of cash and cash equivalents, which consisted of bank deposits and money market funds, and $221.1 million of short-term investments, which consisted of commercial paper, asset backed securities, U.S. Treasury and agency obligations and corporate and Yankee bonds.
We have historically generated significant operating losses, as reflected by our accumulated deficit of $896.0 million at March 31, 2026.
We typically invoice our customers in advance, however multi-year subscriptions are increasingly being invoiced annually in installments. Deferred revenue consists primarily of the unearned portion of billed fees for our subscriptions and perpetual licenses, which is subsequently recognized as revenue in accordance with our revenue recognition policy. At March 31, 2026, we had deferred revenue of $866.2 million, of which $680.0 million was recorded as a current liability and is expected to be recognized as revenue in the next 12 months, provided all other revenue recognition criteria are met.
Our principal uses of cash in recent periods have been funding our operations, expansion of our sales and marketing and research and development activities, investments in infrastructure, acquiring complementary businesses and technology, and repurchasing shares of our common stock. We expect to enter into arrangements to acquire or invest in other complementary businesses, services and technologies, including intellectual property rights, in the future.
We believe that our existing cash and cash equivalents and short-term investments will be sufficient to fund our operating and capital needs for at least the next 12 months and for the foreseeable future. Our future capital requirements will depend on many factors, including our revenue growth rate, subscription renewal activity, the timing and extent of spending to support further infrastructure and research and development efforts, the timing and extent of additional capital expenditures to invest in new and existing office spaces, the expansion of sales and marketing and international operating activities, any acquisitions of complementary businesses and technologies, the timing of our introduction of new product capabilities and enhancements of our platform and the continuing market acceptance of our platform. It may be necessary to seek additional equity or debt financing to fund our operating and capital needs. In the event that financing is required from outside sources, we may not be able to raise it on terms acceptable to us or at all. If we are unable to raise additional capital when desired, or if we cannot expand our operations or otherwise capitalize on our business opportunities because we lack sufficient capital, our business, operating results and financial condition would be adversely affected.
Share Repurchase Program
Our Board of Directors authorized the repurchase of up to $100 million of our common stock in November 2023 and subsequently increased the authorization by $200 million in October 2024, $250 million in July 2025 and $150 million in January 2026. Since the inception of the share repurchase program and through March 31, 2026, we have purchased a total of 16.7 million shares for $492.4 million.
Term Loan and Revolving Credit Facility
In July 2021, we entered into a credit agreement, or the Credit Agreement, which is comprised of a $375.0 million Term Loan and a $50.0 million Revolving Credit Facility, with a $15.0 million letter of credit sublimit. The Term Loan bears interest at a rate of 2.75% per annum over SOFR, subject to a 0.50% floor, plus a credit spread adjustment depending on the interest period.
From January to March 2026, interest rates on our Term Loan were between 6.54% and 6.58%. The Term Loan is being amortized at 1% per annum in equal quarterly installments until the final payment of $350.6 million on the July 7, 2028 maturity date. We may be subject to mandatory Term Loan prepayments related to the excess cash provisions in the Credit Agreement if our first lien net leverage ratio (as defined in the Credit Agreement) exceeds 3.5. At March 31, 2026, our first lien net leverage ratio was 0.81.
The Revolving Credit Facility bears interest at a rate, depending on first lien net leverage, ranging from 2.00% to 2.50% over SOFR and matures on July 7, 2026. We pay a commitment fee during the term ranging from 0.25% to 0.375%
25
Table of Contents
per annum of the average daily undrawn portion of our Revolving Credit Facility. At March 31, 2026, we were in compliance with the covenants and had $0.2 million of standby letters of credit outstanding under the Revolving Credit Facility.
Cash Flows
The following table summarizes our cash flows for the periods presented:
| Three Months Ended March 31, | |||||||||||
| (in thousands) | 2026 | 2025 | |||||||||
| Net cash provided by operating activities | $ | 87,971 | $ | 87,407 | |||||||
| Net cash used in investing activities | (12,210) | (132,123) | |||||||||
| Net cash used in financing activities | (123,713) | (50,890) | |||||||||
| Effect of exchange rate changes on cash and cash equivalents and restricted cash | (620) | 400 | |||||||||
| Net decrease in cash and cash equivalents and restricted cash | $ | (48,572) | $ | (95,206) | |||||||
Operating Activities
Our largest source of cash provided by operating activities is cash collections from sales of our products and services, as we typically invoice our customers in advance. Our primary uses of cash are employee compensation costs, third-party cloud infrastructure and other software subscription costs, demand generation expenditures and general corporate costs.
Investing Activities
Net cash used in investing activities decreased by $119.9 million, primarily due to a $148.5 million decrease in cash paid for acquisitions, partially offset by a $29.6 million net decrease in sales of short-term investments.
Financing Activities
Net cash used in financing activities increased by $72.8 million, primarily due to a $70.2 million increase in repurchases of our common stock under our repurchase program.
Contractual Obligations
We have certain contractual obligations for future payments. See Note 6 to our consolidated financial statements for our required operating lease payments and Note 8 to our consolidated financial statements for our required payments to Microsoft and AWS for cloud services.
At March 31, 2026, there were no other material changes in our contractual obligations and commitments from those disclosed in our 10-K.
Critical Accounting Policies and Estimates
Our financial statements are prepared in accordance with GAAP. The preparation of these financial statements requires us to make estimates and assumptions that affect the reported amounts of assets, liabilities, revenue and expenses, as well as related disclosures. We evaluate our estimates and assumptions on an ongoing basis. Our estimates are based on historical experience and various other assumptions that we believe to be reasonable under the circumstances. Our actual results could differ from these estimates.
There have been no material changes to our critical accounting policies and estimates as described in our 10-K.
26
Table of Contents
Item 3. Quantitative and Qualitative Disclosures about Market Risk
We are exposed to market risks in the ordinary course of our business, including interest rate and foreign currency exchange risks.
Interest Rate Risk
Our interest rate risk is described in Part II, Item 7A, "Quantitative and Qualitative Disclosures About Market Risk" in our Annual Report on Form 10-K for the year ended December 31, 2025. At March 31, 2026, we had $139.2 million of cash and cash equivalents, which consisted of cash deposits and money market funds and $221.1 million of short-term investments, which consisted of commercial paper, asset backed securities, U.S. treasury and agency securities and corporate and Yankee bonds. The primary objectives of our investment activities are the preservation of capital, the fulfillment of liquidity needs and the fiduciary control of cash and investments. We do not enter into investments for trading or speculative purposes. Interest-earning instruments carry a degree of interest rate risk; however, a hypothetical 10% change in interest rates during any of the periods presented would not have had a material impact on our financial statements.
In July 2021, we entered into the Credit Agreement comprised of a $375.0 million Term Loan and a $50.0 million Revolving Credit Facility. From January to March 2026, interest rates on our Term Loan were between 6.54% and 6.58%. A one percentage point increase in the rate would not have a material impact on our financial statements.
Foreign Currency Exchange Risk
Our foreign currency exchange rate risk is described in Part II, Item 7A, "Quantitative and Qualitative Disclosures About Market Risk" in our Annual Report on Form 10-K for the year ended December 31, 2025. At March 31, 2026, there have been no material changes to our foreign currency exchange rate risk as described in our 10-K.
Item 4. Controls and Procedures
Evaluation of Disclosure Controls and Procedures
We maintain “disclosure controls and procedures,” as defined in Rule 13a-15(e) and Rule 15d-15(e) under the Exchange Act, that are designed to ensure that information required to be disclosed by a company in the reports that it files or submits under the Exchange Act is recorded, processed, summarized and reported, within the time periods specified in the SEC’s rules and forms. Disclosure controls and procedures include, without limitation, controls and procedures designed to ensure that information required to be disclosed by a company in the reports that it files or submits under the Exchange Act is accumulated and communicated to our management, including our principal executive and principal financial officers, as appropriate to allow timely decisions regarding required disclosure.
Our management, with the participation of our Co-Chief Executive Officer, Stephen Vintz, and our Chief Financial Officer, Matthew Brown, has evaluated the effectiveness of our disclosure controls and procedures (as defined in Rules 13a-15(e) and 15d-15(e) under the Exchange Act), as of the end of the period covered by this Form 10-Q. Based on such evaluation, our Co-Chief Executive Officer and Chief Financial Officer have concluded that at March 31, 2026, our disclosure controls and procedures were effective to provide reasonable assurance that the information required to be disclosed by us in this Form 10-Q was (a) reported within the time periods specified by SEC rules and regulations, and (b) communicated to our management, including our Co-Chief Executive Officer and Chief Financial Officer, to allow timely decisions regarding any required disclosure.
Changes in Internal Control Over Financial Reporting
There were no changes in our internal control over financial reporting identified in management’s evaluation pursuant to Rules 13a-15(d) or 15d-15(d) of the Exchange Act during the period covered by this Form 10-Q that materially affected, or are reasonably likely to materially affect, our internal control over financial reporting.
27
Table of Contents
Inherent Limitations on Effectiveness of Internal Controls
In designing and evaluating the disclosure controls and procedures, management recognizes that any controls and procedures, no matter how well designed and operated, can provide only reasonable, not absolute, assurance of achieving the desired control objectives. In addition, the design of disclosure controls and procedures must reflect the fact that there are resource constraints and that management is required to apply judgment in evaluating the benefits of possible controls and procedures relative to their costs. Our management, including our Co-Chief Executive Officer and Chief Financial Officer, believes that our disclosure controls and procedures and internal control over financial reporting are designed to provide reasonable assurance of achieving their objectives and are effective at the reasonable assurance level. However, our management does not expect that our disclosure controls and procedures or our internal control over financial reporting will prevent all errors and all fraud.
28
Table of Contents
PART II. OTHER INFORMATION
Item 1. Legal Proceedings
From time to time, we may be subject to legal proceedings and claims in the ordinary course of business. We are not presently a party to any legal proceedings that, if determined adversely to us, would individually or taken together have a material adverse effect on our business, results of operations, financial condition or cash flows. We have received, and may in the future continue to receive, claims from third parties asserting, among other things, infringement of their intellectual property rights. Future litigation may be necessary to defend ourselves, our partners and our customers by determining the scope, enforceability and validity of third-party proprietary rights, or to establish our proprietary rights. The results of any current or future litigation cannot be predicted with certainty, and regardless of the outcome, litigation can have an adverse impact on us because of defense and settlement costs, diversion of management resources and other factors.
Item 1A. Risk Factors
Except for the risk factors disclosed below, there have been no material changes to the risk factors disclosed in Part 1, Item 1A. "Risk Factors" of our Form 10-K for the year ended December 31, 2025 filed with the United States Securities and Exchange Commission ("SEC") on February 27, 2026. Our business is subject to risks and events that, if they occur, could adversely affect our financial condition and results of operations and trading price of our securities. In addition to the other information set forth in this Form 10-Q, you should carefully consider the factors described in Part I, Item 1A. “Risk Factors” of our Form 10-K for the year ended December 31, 2025. We may disclose additional changes to risk factors or disclose additional factors from time to time in our future filings with the SEC. Additional risks and uncertainties not presently known to us or that we currently deem immaterial also may impair our business operations.
Our brand, reputation and ability to attract, retain and serve our customers are dependent in part upon the reliability and accuracy of our data, solutions, infrastructure and those of third parties upon which we rely. If our information technology systems or data, or those of third parties upon which we rely, are or were compromised or disrupted, or if our solutions fail to detect vulnerabilities or incorrectly detect vulnerabilities, or if they contain undetected errors or defects, we could experience adverse consequences.
In the ordinary course of our business, we collect, store, use, transmit, disclose or otherwise process proprietary, confidential, and sensitive information, including personal data, intellectual property, and trade secrets.
We sell cybersecurity products and, as a result, may be at increased risk of being a target of cyberattacks designed to penetrate our platform or internal systems, to compromise our data, alter or modify our source code, or to otherwise impede the performance of our products. Threats to information systems and data come from a variety of sources. In addition to computer “hackers,” threat actors, personnel (such as through theft or misuse, or other insider threat listed below), "hacktivists," organized criminal threat actors, sophisticated nation-states and nation-state-supported actors now engage and are expected to continue to engage in cyber-attacks. Nation-state actors and nation-state-supported actors may engage in such attacks for geopolitical reasons and in conjunction with military conflicts and defense activities, around the world. During times of war and other major conflicts, we, third parties upon which we may rely, and our customers may be vulnerable to a heightened risk of these threats, including retaliatory cyber-attacks that could materially disrupt our systems and operations, supply chain, and ability to produce, sell and distribute our goods and services. We, our customers, and the third parties upon which we rely are subject to a variety of evolving threats, which are prevalent, continue to rise, and are increasingly difficult to detect. These threats include but are not limited to: social-engineering attacks (including through deep fakes, which may be increasingly more difficult to identify as fake, and phishing attacks); credential harvesting; malicious code (such as viruses, worms, and, increasingly, code injection in open source software); malware (including as a result of advanced persistent threat intrusions); denial-of-service attacks, credential stuffing; insider threats (including due to personnel misconduct, error or malicious activity); ransomware attacks; supply-chain attacks; software bugs; server malfunctions; software or hardware failures; loss of data or other information technology assets; adware; telecommunications failures; attacks enhanced or facilitated by artificial intelligence and other similar threats. Advances in artificial intelligence, including models capable of rapidly identifying and exploiting software vulnerabilities, may further increase the speed and effectiveness of cyberattacks. As a result, vulnerabilities or flaws in our products, systems or those of third parties upon which we rely may be discovered more quickly, reducing the time
29
Table of Contents
available for detection and remediation and increasing the likelihood or severity of security incidents. Ransomware attacks, including those from organized criminal threat actors, nation-states and nation-state supported actors, are becoming increasingly prevalent and severe and can lead to significant interruptions, delays, or outages in our operations, loss of data, loss of income, significant extra expenses to restore data or systems, reputational loss and the diversion of funds. To alleviate the financial, operational and reputational impact of a ransomware attack, it may be prudent to make extortion payments, but we may be unable to do so if, for example, applicable laws prohibit such payments.
Additionally, we are incorporated into the supply chain of a large number of companies worldwide and, as a result, if our solutions are compromised, a significant number or, in some instances, all of our customers and their data could be simultaneously affected. The potential liability and associated consequences we could suffer as a result of such a large-scale event could be catastrophic and result in irreparable harm.
Remote work and use of remote devices has increased risks to our information technology systems and data, as more of our personnel utilize network connections, computers and devices outside of our premises or network, including working at home, while in transit and in public locations. Future or past business transactions, such as acquisitions or integrations, could expose us to additional cybersecurity risks and vulnerabilities, as our systems could be negatively affected by vulnerabilities present in acquired or integrated entities' systems and technologies. Furthermore, we may discover security issues that were not identified during due diligence of such acquired or integrated entities, and it may be difficult to integrate other companies into our information technology environment and security program.
We rely on third-party service providers and technologies to operate critical business systems, including processing confidential and sensitive information, including, without limitation, cloud-based infrastructure, data center facilities, encryption and authentication technology, employee email and other functions. We also rely on third-party service providers to provide other products, services, or otherwise, to operate our business and elements of our infrastructure, including endpoints. Our ability to monitor these third parties' information security practices is limited, and these third parties may not have adequate information security measures in place. Additionally, software errors or vulnerabilities in these third-party technologies could result in significant disruptions to our information technology systems, leading to downtime, data loss, or compromised data integrity.
If our third-party service providers or partners experience a security incident or other interruption or cause an extended outage or disruption to our systems, we could experience adverse consequences. It is possible that our customers and potential customers would hold us accountable for any security incident affecting our third-party service providers’ or partners' infrastructure or other interruption caused by our third-party service providers or partners that impacts our infrastructure. We may incur significant liability from those customers and from other third parties with respect to any such incident. Because our agreements with certain third-party service providers, such as AWS and Snowflake, limit their liability for damages, we may not be able to recover a material portion of our liabilities to our customers and third parties arising from issues with such third-party service providers, such as AWS and Snowflake, in the event of an incident affecting the third parties’ systems. Moreover, while we may be entitled to damages from third-party service providers if they fail to satisfy their privacy or security-related obligations to us or if they cause a disruption in our infrastructure, any award may be insufficient to cover our damages, or we may be unable to recover such reward. In addition, supply-chain attacks have increased in frequency and severity and there have been high-profile incidents of third-party service providers causing widespread disruptions in their customers' infrastructures due to errors in their SaaS offerings. We cannot guarantee that third parties’ infrastructure in our supply chain or our third-party partners’ supply chains have not been compromised or that errors by our third-party service providers won’t cause disruptions in our infrastructure.
We have experienced, and may in the future experience, disruptions, outages, other performance problems and security threats due to a variety of factors, including infrastructure changes, deliberate or unintentional human actions (including by third parties), software defects and configuration errors, capacity constraints, fraud or security incidents. We take steps designed to detect, mitigate and remediate vulnerabilities and defects and configuration errors in our information technology systems (such as our hardware and software, including that of third parties upon which we rely) and in our software applications, products and services. We may not, however, be able to detect and remediate all such vulnerabilities, defects or configuration errors on a timely basis. For example, we have identified certain vulnerabilities in our information systems and software applications, and we take steps designed to mitigate the risks associated with known vulnerabilities. Despite our efforts, there can be no assurance that these vulnerability, defect and configuration error mitigation measures will be completely effective. Further, we may experience delays in developing and deploying
30
Table of Contents
remedial measures and patches designed to address any such identified vulnerabilities, defects or configuration errors. Additionally, as part of our business operations, employees and authorized personnel, or insiders, access our systems, applications, and data, including through the use of mobile devices, including personally-owned devices. Our business may be adversely affected if insiders cause cybersecurity incidents such as data breaches, intellectual property theft, ransom demands, or operational disruptions. We take steps designed to detect and mitigate insider threats, however, despite our efforts, there can be no assurance that these efforts will be completely effective and we have expended significant resources to prevent, detect and investigate such threats. Additionally, our ability to implement and enforce security measures on employee-owned mobile devices is more limited, which increases the risk of cybersecurity threats.
Any of these or similar threats could cause a security incident or other interruption that can result in unauthorized, unlawful, or accidental acquisition, modification, destruction, loss, alteration, encryption, disclosure of, or access to our proprietary, confidential, and sensitive information or our information technology systems, or those of the third parties upon whom we rely. For example, we have been the target of unsuccessful phishing attempts in the past and we expect such attempts will continue in the future. A security incident or other interruption could disrupt our ability (and that of third parties upon whom we rely) to provide our solutions. In some instances, we or our third-party service providers may not be able to identify the cause or causes of these security incidents or performance problems within an acceptable period of time. If our solutions are unavailable or if our customers are unable to access features of our solutions within a reasonable amount of time or at all, our business could be adversely affected. In addition, if we or any of the third-party providers we use were to experience or cause a significant or prolonged outage or security incident, our business could be adversely affected. We may expend significant resources or modify our business activities to try to protect against or recover from security incidents. Certain data privacy and security obligations may require us to implement and maintain specific security measures, industry-standard or reasonable security measures to protect our information technology systems and proprietary, confidential, and sensitive information, including personal data.
Data protection requirements may also require us or we may voluntarily choose to notify relevant stakeholders of security incidents, including affected individuals, partners, collaborators, customers, regulators, law enforcement agencies and others, or take other actions, such as providing credit monitoring and identity theft protection services. Such disclosures and related actions can be costly, and the disclosures or failure to comply with such applicable requirements could lead to adverse consequences.
Additionally, even if we have issued or otherwise made patches or information for vulnerabilities in our software applications, products or services, our customers may be unwilling or unable to deploy such patches and use such information effectively and in a timely manner. Vulnerabilities could be exploited and result in a security incident.
If we, our customers, or a third party upon which we rely, experience or cause a security incident or other interruption, or are perceived to have experienced or caused a security incident or other interruption, we may experience material adverse consequences, such as government enforcement actions (for example, investigations, fines, penalties, audits, and inspections); additional reporting obligations and/or oversight; restrictions on processing information (including personal data); litigation (including class claims); indemnification obligations; negative publicity; reputational harm; monetary fund diversions; interruptions of our operations (including availability of data); financial loss (including by issuing credits to our customers); diversion of management attention; and other similar harm. Security incidents or other disruptions and attendant material consequences may cause customers to stop using our solutions (including by not renewing their purchases of our solutions), deter new customers from using our solutions, and negatively impact our ability to grow and operate our business.
There can be no assurance that any limitations or exclusions of liabilities in our contracts would be enforceable or adequate or would otherwise protect us from liabilities or damages if we fail to comply with data protection requirements related to information security or security incidents. We cannot be sure that our insurance coverage will be adequate or otherwise protect us from or adequately mitigate liabilities or damages with respect to claims, costs, expenses, litigation, fines, penalties, business loss, data loss, regulatory actions or other impacts arising out of security incidents.
In addition, we face unique risks as a SaaS company that sells products and services that involve protecting the information systems of our customers. If our solutions fail to detect vulnerabilities in our customers’ cybersecurity infrastructure, including for remote devices, or if our solutions fail to identify new and increasingly complex methods of cyberattacks, our business may suffer and our customers' businesses may be damaged, including by interrupting their
31
Table of Contents
networking traffic or operational technology environments. Furthermore, a security incident could heighten the impact of these material adverse consequences because of the nature of our business and expectations of our customers. There is no guarantee that our solutions will detect all vulnerabilities or threats in our customers' systems, especially in light of the rapidly changing security landscape to which we must respond. As cyber threats increasingly leverage artificial intelligence and other advanced techniques, customer expectations for rapid identification, prioritization and remediation of vulnerabilities continue to increase. If our solutions fail to keep pace with these evolving threats or do not effectively help customers address them, our reputation, competitive position and customer relationships could be adversely affected. Additionally, our solutions may falsely detect vulnerabilities or threats that do not actually exist. For example, our solutions rely on information provided by an active community of users who contribute information about new exploits, attacks and vulnerabilities. If the information from these third parties is inaccurate, the potential for false indications of vulnerabilities or threats increases. These false positives, while typical in the industry, may impair the perceived reliability of our offerings. Additionally, our business depends upon the appropriate and successful implementation of our product by our customers. If our customers fail to use our solutions according to our specifications, our customers may suffer a security incident on their own systems or other adverse consequences. Even if such an incident is unrelated to our security practices, it could result in our incurring significant economic and operational costs in investigating, remediating, and implementing additional measures to further protect our customers from their own vulnerabilities.
The reliability and continuous availability of our solutions is critical to our success. We have experienced errors or defects in the past in connection with the release of new solutions and product upgrades, and we expect that these errors or defects will be found from time to time in the future in new or enhanced solutions after commercial release. For example, on December 31, 2024, we identified Nessus agents versions 10.8.0 and 10.8.1 going offline under certain conditions which impacted the availability of our Vulnerability Management and Security Center solutions for certain customers. Upon discovery of the incident, we developed and released a version 10.8.2 of our Nessus agent on January 2, 2025, which enabled affected customers to resolve the issue. Although the financial impacts of this incident have not been significant, similar incidents in the future could result in costs associated with service-level credits and loss of customer trust, which could have a material adverse effect on our business and financial performance. In addition, we use third parties to assist in the development of our products and these third parties could be a source of errors or defects. Some defects may cause our solutions to be vulnerable to attacks, cause them to fail to detect vulnerabilities, or temporarily interrupt customers’ networking traffic or operational technology environments, any of which may damage our customers’ business and could hurt our reputation.
As a result of any of the risks associated with our SaaS business, we may experience material adverse consequences. We may also be subject to liability claims for damages related to errors or defects in our solutions.
We have incorporated and may in the future further incorporate AI technologies, including generative AI, into certain of our products and services. These technologies are subject to new and developing regulatory frameworks and may create operational, financial, regulatory, and reputational risks based on development practices or reliance on AI outputs that are inaccurate or flawed. These technologies may not achieve market acceptance and may pose other adverse consequences to our business, some of which we may not know or be able to quantify at this time.
We have incorporated and may in the future further incorporate AI features in certain of our products and services, including ExposureAI and Tenable AI Assistant and within Tenable One. The use of AI technologies, including generative AI processes, at scale is relatively new, and may lead to challenges, concerns and risks, including various privacy and security risks that are significant or that we may not be able to predict, especially if our use of these technologies in our products and services becomes more important to our operations over time. The technologies underpinning these features are in the early stages of commercial use and exist in an emerging regulatory environment with heightened regulatory scrutiny, which presents regulatory, litigation, ethical, safety, reputational, operational and financial risks. AI in our products and services may be complex to deploy successfully due to operational issues inherent to the nature of such technologies, including the availability, development, maintenance and operation of deep learning datasets and third-party dependencies.
Datasets used in AI training, development, and operations may be insufficient, of poor quality, not fit for purpose, contain sensitive information, or reflect unwanted bias. If we do not have adequate rights to utilize the data or other materials and content that our AI technologies depend on, we may face legal consequences for violating applicable laws,
32
Table of Contents
third-party intellectual property, privacy or other rights, or contracts to which we are a party. The use of certain types or sources of data for AI training or development may require consent from data subjects, customers, or other data owners or custodians. We may not have insight into, or control over, the provenance of certain data that our AI technologies ingest. As laws evolve, we may be obligated to obtain certain consents for AI development that we had not previously sought and seeking any type of consent may be costly, impractical, and hinder competitive development or deployment of AI technologies. Customers are increasingly concerned about how their data may interact with AI technologies and may require us to make stronger assurances or contractual commitments to refrain or limit the use of customer data with AI technologies. This may adversely impact our ability to develop or improve AI technologies, which rely on a large volume of diverse and relevant data, including customer data, to produce more accurate, reliable, and predictable outputs.
Uncertainty in the legal regulatory regime relating to AI and emerging ethical issues surrounding the use of AI may require significant resources to modify and maintain business practices to comply with U.S. and non-U.S. laws, the nature of which cannot be determined at this time. Existing laws and regulations may apply to us or our suppliers, vendors, partners and customers in new ways, and new laws and regulations may be instituted. Many U.S. and international governmental bodies and regulators have proposed, enacted or are in the process of developing, new regulations related to the use of AI and machine learning technologies, including the EU AI Act, Colorado AI Act, California Bot Disclosure Law, and Utah AI Policy Act, as well as regulations on certain high-risk automated decisions, such as those in the employment context. For example, the EU AI Act, which applies beyond the European Union’s borders and establishes obligations for AI providers and those deploying AI systems, sets out a risk-based framework that subjects certain AI technologies to numerous compliance obligations, such as transparency, conformity and risk assessment, monitoring and human oversight requirements. Under the EU AI Act, non-compliant companies may be subject to administrative fines of up to 35 million Euros or 7% of a company's total worldwide annual turnover for the preceding financial year, whichever is higher. Certain of our activities subject us to the EU AI Act and other U.S. and non-U.S. laws governing AI or data processed in connection with AI. We expect other jurisdictions may adopt similar or potentially more restrictive laws, which may render the use of such technologies challenging. The final form of these may impose obligations related to our development, offering and use of AI technologies and expose us to increased risk of regulatory enforcement and litigation. We may have to amend our business practices, contractual arrangements, and services to comply with such obligations. In addition to formal legislation, governmental authorities may take enforcement or administrative actions that restrict the use of specific AI technologies. For example, federal agencies have designated Anthropic as a supply chain risk. This or similar enforcement or administrative actions could result in prohibitions on the use of Anthropic's models in our solutions. Such actions could force us to decouple or replace integrated technologies on short notice, resulting in significant engineering costs, service disruptions, and the loss of critical product functionality.
Our customers deploy AI technologies in their environments where the AI technologies may encounter sensitive information (including confidential, competitive, proprietary, or personal data) or our customers may input sensitive information into our AI-powered offerings, regardless of any prohibitions in our terms of service. Any sensitive information that our AI technologies ingest could be leaked or disclosed to others. Additionally, many of our AI technologies are powered by third-party AI providers, which may heighten the risk of inadvertent or unwanted disclosure of sensitive information, including if sensitive information is used to train the third party's AI model. Additionally, where an AI model ingests personal data and makes connections using such data, those technologies may reveal other personal or sensitive information generated by the model. This could create legal or contractual liability for us in light of the model's ability to output sensitive information.
Our AI technology features may also generate output that is misleading, insecure, inaccurate, harmful or otherwise flawed. Agentic AI solutions may compound those risks by taking or implementing actions or outputs, which themselves may be based on flawed outputs, that further increase the risk of misleading, insecure, inaccurate, harmful or otherwise flawed outcomes. This risk extends to our enterprise operations, as employee use of unvetted third-party agentic AI solutions, such as browser plug-ins or other automated applications, could result in actions being taken without adequate human review or monitoring. Such unauthorized automated actions could, for example, lead to the inadvertent disclosure or modification of corporate data or other sensitive information, flawed communications to customers or partners, or the creation of unintended legal or financial obligations on behalf of the company. Our customers or others may rely on or use such misleading, insecure, harmful or otherwise flawed content to their detriment, which may harm our brand, reputation, business or customers, cause competitive harm or expose us to legal liability. For example, AI algorithms use machine learning and predictive analytics which may be insufficient or of poor quality and reflect inherent biases and could lead to flawed, biased, and inaccurate results. Deficient or inaccurate recommendations, forecasts, or analyses that generative AI
33
Table of Contents
applications assist in producing could lead to customer rejection or skepticism of our products, affect our reputation or brand, and negatively affect our financial results. Further, unauthorized use or misuse of AI by our employees or others may result in disclosure of confidential company and customer data, reputational harm, privacy law violations and legal liability. Our use of generative AI may also lead to novel and urgent cybersecurity risks, including those related to personal data, which may adversely affect our operations and reputation, and these risks likely are compounded by our use of agentic AI.
While AI features are presently increasing in popularity, we have no assurance that our AI technologies will continue to be accepted and sought by customers. The development of generative and agentic AI technologies is complex, and there are technical challenges associated with achieving the desired level of accuracy, efficiency, and reliability. The algorithms and models utilized in generative or agentic AI systems may have limitations, including biases, errors, or inability to handle certain data types or scenarios. Furthermore, there is a risk of system failures, disruptions, or vulnerabilities that could compromise the integrity, security or privacy of the generated content. These limitations or failures could result in reputational damage, legal liabilities, or loss of customer confidence, which, in turn, could result in lower than anticipated demand from customers to adapt our AI features. We have, and will continue, to dedicate significant resources to developing and deploying generative, agentic, or other AI features in our products and services, without assurances that we will, or will continue to, see customer demand and market conditions to support those investments.
We rely, and likely will continue to rely, on third parties to support our use of AI in our products and services. Our ability to offer AI-powered products and services may be adversely impacted if any of our third-party AI providers, or other AI-related third-party vendors, develops or deploys AI tools that are unlawful, unreliable, unsecure, or unavailable. If we cannot use third-party AI, or that use is restricted, our business may be less efficient or we may be at a competitive disadvantage, which could adversely affect our business, financial condition, customer loyalty, and reputation.
We rely on third parties to maintain and operate certain elements of our network infrastructure.
We utilize data centers located in North America, Europe and Asia to operate and maintain certain elements of our own network infrastructure. Some elements of this complex system are operated by third parties that we do not control and that could require significant time to replace. We expect this dependence on third parties to continue. For example, Tenable One is hosted on AWS which provides us with computing and storage capacity. Interruptions in our systems or the third-party systems on which we rely, particularly AWS, whether due to system failures, computer viruses or cyber threats, physical or electronic break-ins or other factors, could affect the security or availability of our solutions, network infrastructure and website. In addition, outages or operational failures at major cloud infrastructure providers, including data center failures, regional service disruptions, service degradation, or provider configuration errors, or disruptions caused by geopolitical instability, military conflict or other regional hostilities, such as escalating tensions involving Iran or across the broader Middle East, could materially impair the availability and performance of our solutions, particularly where we rely on limited regional infrastructure or do not have localized backup or failover capacity. For example, recent disruptions affecting AWS data centers in the UAE and Bahrain in connection with escalating regional hostilities involving Iran highlighted the risk that disruptions affecting a single facility could compromise business continuity for customers in that region and result in downtime, delayed customer access, reputational harm and financial loss.
Our existing data center facilities and third-party hosting providers have no obligations to renew their agreements with us on commercially reasonable terms or at all, and certain of the agreements governing these relationships may be terminated by either party with notice or access to hosting services may be restricted by the provider at any time, with no or limited notice. For example, our agreement with AWS allows AWS to terminate the agreement with two years' written notice and allows AWS, under certain circumstances, to temporarily restrict access to hosting services provided by AWS without prior notice. Although we expect that we could receive similar services from other third parties, if any of our arrangements with third parties, including AWS, are terminated, we could experience interruptions on our platform and in our ability to make our platform available to customers, as well as downtime, delays and additional expenses in arranging alternative cloud infrastructure services.
34
Table of Contents
A portion of our revenue is generated from subscriptions and perpetual licenses sold to domestic governmental entities, foreign governmental entities and other heavily regulated organizations, which are subject to a number of challenges and risks.
A portion of our revenue is generated from subscriptions and perpetual licenses sold to governmental entities in the United States. Additionally, many of our current and prospective customers, such as those in the financial services, energy, insurance and healthcare industries, are highly regulated and may be required to comply with more stringent regulations in connection with subscribing to and implementing our enterprise platform. Selling licenses to these entities can be highly competitive, expensive and time-consuming, often requiring significant upfront time and expense without any assurance that we will successfully complete a sale. Governmental demand and payment for our enterprise platform may also be impacted by public sector budgetary cycles and funding authorizations, the operational stability of federal agencies, and the prioritization of cybersecurity and digital infrastructure initiatives. Funding reductions or delays, including those resulting from a U.S. government shutdown, reductions or eliminations of agency operating budgets or deprioritization of cybersecurity digital infrastructure related initiatives would adversely affect public sector demand for our enterprise platform. For example, the U.S. presidential administration's priorities and actions to reduce government spending, including, but not limited to, those previously driven by the Department of Government Efficiency, may impact the availability of funding for U.S. government customers as a result of the elimination of departments and personnel. These actions may lead to elongated sales cycles and procurement decisions and could result in fewer contract opportunities or reduced funding for existing initiatives, all of which would adversely affect our business and financial performance. In addition, governmental entities have the authority to terminate contracts at any time for the convenience of the government, which creates risk regarding revenue anticipated under our existing government contracts.
Further, governmental and highly regulated entities often require contract terms that differ from our standard customer arrangements, including terms that can lead to those customers obtaining broader rights in our solutions than would be expected under a standard commercial contract and terms that can allow for early termination. The U.S. government will be able to terminate any of its contracts with us either for its convenience or if we default by failing to perform in accordance with the contract schedule and terms. Termination for convenience provisions would generally enable us to recover only our costs incurred or committed, settlement expenses, and profit on the work completed prior to termination. Termination for default provisions do not permit these recoveries and would make us liable for excess costs incurred by the U.S. government in procuring undelivered items from another source. Contracts with governmental and highly regulated entities may also include preferential pricing terms. In the United States, federal government agencies may promulgate regulations, and the President may issue executive orders, requiring federal contractors to adhere to different or additional requirements after a contract is signed. If we do not meet applicable requirements of law or contract, we could be subject to significant liability from our customers or regulators. Even if we do meet these requirements, the additional costs associated with providing our enterprise platform to government and highly regulated customers could harm our operating results. Moreover, changes in the underlying statutory and regulatory conditions that affect these types of customers could harm our ability to efficiently provide them access to our enterprise platform and to grow or maintain our customer base. In addition, engaging in sales activities to foreign governments introduces additional compliance risks, including risks specific to anti-bribery regulations, including the U.S. Foreign Corrupt Practices Act of 1977, as amended, or the FCPA, the U.K. Bribery Act 2010 and other similar statutory requirements prohibiting bribery and corruption in the jurisdictions in which we operate. Further, in some jurisdictions we may be required to obtain government certifications, which may be costly to maintain and, if we lost such certifications in the future or if such certification requirements changed, would restrict our ability to sell to government entities until we have attained such certifications. Furthermore, our ability to maintain or expand our business with government customers depends on our continued ability to comply with rapidly evolving restrictions on the use of and rights to certain artificial intelligence models, features, or output, such as those which may evolve from draft acquisition regulations and supplements clauses, such as Proposed GSAR Clause 552.239-700; proposed updates to NIST frameworks; and/or supply chain security designations, such as recent federal actions identifying specific third-party AI providers and models as supply chain risks. Any future adverse regulatory designation against our third-party AI providers could require us to rapidly re-engineer our solutions at significant cost, disrupt existing government contracts, or disqualify us from future solicitations. Future changes to acquisition regulations and NIST frameworks could require us to alter what rights we grant in the use of our products, what intellectual property rights we grant customers, how we track code generation, and how humans are in the loop for code review and approval.
Some of our revenue is derived from contracts with U.S. government entities, as well as subcontracts with higher-tier contractors and customers who receive government funding. As a result, we are subject to federal contracting regulations,
35
Table of Contents
including the Federal Acquisition Regulation, or the FAR. Under the FAR, certain types of contracts require pricing that is based on estimated direct and indirect costs, which are subject to change.
In connection with our U.S. government contracts, we may be subject to government audits and review of our policies, procedures, and internal controls for compliance with contract terms, procurement regulations, and applicable laws. In certain circumstances, if we do not comply with the terms of a contract or with regulations or statutes, we could be subject to contract termination or downward contract price adjustments or refund obligations, could be assessed civil or criminal penalties, or could be debarred or suspended from obtaining future government contracts for a specified period of time. Any such termination, adjustment, sanction, debarment or suspension could have an adverse effect on our business.
Moreover, as a U.S. government contractor, we maintain plans to ensure compliance with applicable legal and contractual requirements related to nondiscrimination. Consequently, we may be subject to executive orders and regulatory changes affecting various aspects of our operations. Any required elimination or modification of such plans in response to new or changes to existing executive orders or legal or contractual requirements could pose challenges in hiring or retaining employees and may lead to other adverse operational impacts. Failure to comply with these requirements could expose us to administrative, civil, or criminal liabilities, including fines, penalties, repayments or suspension or debarment from eligibility for future U.S. government contracts. Further, as a U.S. government contractor, we are subject to an increased risk of investigations, criminal prosecution, civil fraud claims, whistleblower lawsuits and other legal actions and liabilities as compared to solely private sector commercial companies.
In the course of providing our solutions and professional services to governmental entities, our employees and those of our channel partners may be exposed to sensitive government information. Any failure by us or our channel partners to safeguard and maintain the confidentiality of such information could subject us to liability and reputational harm, which could materially and adversely affect our results of operations and financial performance.
Item 2. Unregistered Sales of Equity Securities and Issuer Purchases of Equity Securities
Unregistered Sales of Equity Securities
None.
Use of Proceeds
None.
Issuer Purchases of Equity Securities
A summary of stock repurchases during the three months ended March 31, 2026 is presented below:
| (in thousands, except for per share data) | Shares Purchased | Average Price Paid Per Share | Total Number of Shares Purchased as Part of Publicly Announced Plan(1) | Approximate Dollar Value of Shares that May Yet Be Purchased Under Plan(1) | ||||||||||||||||||||||
| Shares purchased January 1, 2026 to January 31, 2026 | 1,761 | $ | 22.71 | 1,761 | $ | 297,632 | ||||||||||||||||||||
| Shares purchased February 1, 2026 to February 28, 2026 | 3,084 | 20.73 | 3,084 | 233,686 | ||||||||||||||||||||||
| Shares purchased March 1, 2026 to March 31, 2026 | 1,279 | 20.38 | 1,279 | 207,621 | ||||||||||||||||||||||
| 6,124 | 21.23 | |||||||||||||||||||||||||
(1) Our Board of Directors authorized the repurchase of up to $100 million of our common stock in November 2023 and increased the repurchase authorization by $200 million in October 2024, $250 million in July 2025 and $150 million in January 2026, bringing the total authorized amount to $700 million. Repurchases under the share repurchase program may be made in the open market, in privately negotiated transactions, or in such other manner as determined by us, including through repurchase plans complying with the rules and regulations of the Securities and Exchange Commission. The authorization has no expiration date.
36
Table of Contents
Items 3, 4 and 5 are not applicable and have been omitted.
37
Table of Contents
Item 6. Exhibits
The following is a list of Exhibits filed as part of this Quarterly Report on Form 10-Q:
| Exhibit Number | Description | Location | ||||||||||||
| 3.1 | Amended and Restated Certificate of Incorporation of Tenable Holdings, Inc. | Previously filed as Exhibit 3.1 to the Company's Current Report on Form 8-K (File No. 001-38600) on July 30, 2018 | ||||||||||||
| 3.2 | Second Amended and Restated Bylaws of Tenable Holdings, Inc. | Previously filed as Exhibit 3.1 to the Company's Current Report on Form 8-K (File No. 001-38600) on November 15, 2023 | ||||||||||||
| 4.1 | Common Stock Certificate of Tenable Holdings, Inc. | Previously filed as Exhibit 4.1 to the Company's Registration Statement on Form S-1 (File No. 333-226002) on July 16, 2018 | ||||||||||||
| 31.1 | Certification of the Principal Executive Officer pursuant to Rules 13a-14(a) and 15d-14(a) under the Exchange Act, as adopted pursuant to Section 302 of the Sarbanes-Oxley Act of 2002 | Filed herewith | ||||||||||||
| 31.2 | Certification of the Principal Financial Officer pursuant to Rules 13a-14(a) and 15d-14(a) under the Exchange Act, as adopted pursuant to Section 302 of the Sarbanes-Oxley Act of 2002 | Filed herewith | ||||||||||||
| 32.1* | Certification of the Principal Executive Officer and the Principal Financial Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002 | Furnished herewith | ||||||||||||
| 101.SCH | Inline XBRL Taxonomy Extension Schema Document | |||||||||||||
| 101.CAL | Inline XBRL Taxonomy Extension Calculation Linkbase Document | |||||||||||||
| 101.DEF | Inline XBRL Taxonomy Extension Definition Linkbase Document | |||||||||||||
| 101.LAB | Inline XBRL Taxonomy Extension Label Linkbase Document | |||||||||||||
| 101.PRE | Inline XBRL Taxonomy Extension Presentation Linkbase Document | |||||||||||||
| 104 | Cover Page Interactive Data File (formatted as Inline XBRL with applicable taxonomy extension information contained in Exhibits 101.SCH, 101.CAL, 101.DEF, 101.LAB and 101.PRE) | |||||||||||||
________________
(*) This certification is deemed not filed for purposes of Section 18 of the Securities Exchange Act of 1934, as amended, or otherwise subject to the liability of that section, nor shall it be deemed incorporated by reference into any filing under the Securities Act of 1933, as amended, or the Securities Exchange Act of 1934, as amended.
38
Table of Contents
SIGNATURES
Pursuant to the requirements of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned thereunto duly authorized.
| TENABLE HOLDINGS, INC. | |||||||||||
| Date: | May 5, 2026 | By: | /s/ Matthew Brown | ||||||||
| Matthew Brown | |||||||||||
| Chief Financial Officer | |||||||||||
| (Principal Financial Officer) | |||||||||||
39
FAQ
How did Tenable (TENB) perform financially in the quarter ended March 31, 2026?
Tenable reported revenue of $262.1 million, up 10% from $239.1 million a year earlier, and generated net income of $1.4 million versus a prior-year net loss of $22.9 million. Operating income improved to $8.8 million and gross margin held at 78%.
What were Tenable (TENB)’s key cash flow and liquidity metrics this quarter?
Tenable produced $88.0 million in net cash from operating activities and ended March 31, 2026 with $139.2 million in cash and cash equivalents plus $221.1 million in short-term investments. The company continues to carry a Term Loan of $359.1 million and reports a first lien net leverage ratio of 0.81.
How much of Tenable (TENB)’s revenue is recurring and what is its deferred revenue balance?
Recurring revenue represented 96% of total revenue for the quarter ended March 31, 2026, reflecting the subscription-heavy model. Tenable reported $866.2 million in deferred revenue, with $680.0 million classified as current, and remaining performance obligations totaling about $1.01 billion.
What customer growth metrics did Tenable (TENB) report for March 31, 2026?
Tenable added 406 new enterprise platform customers in the quarter and had 2,204 customers with at least $100,000 in annual contract value at period-end, an 8% increase year over year. The dollar-based net expansion rate on a last-twelve-months basis was 105%.
How much stock did Tenable (TENB) repurchase under its share buyback program?
In the three months ended March 31, 2026, Tenable spent $130.2 million repurchasing common stock. Since the program began, it has bought a total of 16.7 million shares for $492.4 million, reducing cash but returning capital to shareholders while maintaining substantial liquidity.
What are the main components of Tenable (TENB)’s revenue mix by product type?
For the quarter ended March 31, 2026, Tenable generated $243.2 million from subscriptions, $10.2 million from perpetual license and maintenance, and $8.7 million from professional services and other revenue. Subscriptions accounted for about 93% of total revenue, underscoring the company’s recurring model.