2023-10-10 17:55:42 ET
Summary
- Tenable, a cybersecurity company, may not appear to be a value stock based on its valuation, but further analysis reveals its value.
- The company has consistently generated revenues and beaten EPS estimates, with a positive outlook from analysts.
- The company's profitability and cash flow margins, as well as its data assets and product strength, contribute to its value in the cybersecurity industry.
- The underlying theme here is that it is important to reassess our concept of what exactly a value stock is, as well as the associated valuation metrics.
Most of us have a bit of "value investing" in us and are constantly on the lookout for the shares of a company that appears to be trading at a discount relative to their fundamentals, such as earnings, and sales. Going by these metrics, Tenable Holdings ( TENB ), a cybersecurity play and which many would classify as a growth name, does not qualify as a value stock due to its inflated valuation, as pictured below.
However, looking deeper, the "F" grade is relative to the wider IT sector and does not consider the company's data assets as I will elaborate further in this thesis whose aim is to show that at around $44.8, the stock is Buy. For this purpose, I will focus on the data aspect by using the Price-to-Book (P/B) multiple and perform a more targeted comparison with peers in the cybersecurity industry to show why this stock represents value.
Why is Tenable a Value Stock
First, I believe a value stock is a company that is established and generates solid results and whose financial forecasts are stable for the future. This is the case for Tenable which has not only regularly increased revenues and non-GAAP EPS since 2018 but also managed to beat consensus earnings estimates as charted below.
Additionally, with a revision score of A as pictured below, whereby analysts have revised both the top line and bottom line higher (with zero downward revisions) during the last three months, the future looks rosy.
Along the same lines, the company has been awarded a profitability grade of B-, with gross profit margins of 76.75% which exceeds peers by more than 56%.
However, looking deeper into the income statement, it suffers from EBIT margins of -7.56% which means a loss-making status. Still, during the second quarter of 2023 (Q2), gross margins have increased as the company scales its public cloud infrastructure, and G&A expense as a percentage of revenue has been reduced to 9% compared to 10% in the first quarter. According to the management, this is the result of a "greater focus on cost containment and efficiencies", and, again, having profitability in mind, operating income guidance for the fiscal year 2023 has been raised, by $5 million.
Ultimately it is the money generated from the business that counts, and, to this end, the higher trailing levered free cash flow margin of 17.91% implies that for every $100 of sales generated, nearly $18 is obtained after the business has met its financial obligations. Consequently, this leads to a healthy balance sheet with a net positive cash position (excluding debt and capital leases of $420 million) of $645.5 million . As such the company can spend capital for growth without the need to borrow at the higher prevailing interest rates in 2023.
At this stage it becomes important to assess product strength and competitive position in the dynamic cybersecurity industry.
Building Better Product by Leveraging Data
At a time when risks are on the rise, especially after the COVID-19-led digital transformation trend, cybercriminals are increasingly on the prowl as the surface area of attack has increased considerably. This increase in exposure is due to employees working from home and IT workloads now also residing on the public clouds in addition to corporate data centers. In this respect, statistics point to 2,200 cyber attacks daily with on average, one data breach costing $9.44 million.
In these circumstances, there is a need for continuous management of the attack surface with the ultimate aim of achieving a coherent remediation plan, which is key to improving the corporate security posture as the IT infrastructure evolves rapidly to cater to new business needs. This is where vulnerability assessment tools like Tenable's Nessus Expert come into play, namely to scan vulnerabilities and prioritize remedial actions.
Now, in view of the heightened risk level, (2,200 cyber attacks daily), such tools also need to incorporate a high level of automation which relieves the SOC (security operations center) team from the need to act on every alert the monitoring system generates since most of them are not likely to result into incidents. In this case, Nessus Expert goes a step further in reducing the number of false positives and negatives, thereby providing a more accurate picture of risks.
Looking deeper, building such tools is only feasible by analyzing contextual exposure data or information pertaining to cybersecurity alerts and incidents from the logs in order to identify potential threat patterns. In other words, it is basically about deriving value from the bodies of knowledge which is already available and further enhanced using AI. Thus, for Tenable's management "cybersecurity and exposure management in particular are big data problems that they are best suited to address" through the use of analytics. They also believe that their data lake or database of raw and processed data about alerts and incidents is the largest repository of contextual exposure data globally.
Now, if this was really the case, it would confer to Tenable a high level of competitive advantage. Checking accordingly, the company's vulnerability management solutions are better compared to Qualys ( QLYS ) and Rapid7 ( RPD ) according to data from January this year and published on Tenable's website. Looking for confirmation from an independent source, I came across PeerSpot which also allocates a better score of 4.2 to Tenable.
This means that it deserves a better valuation in my view.
Valuing in view of Opportunities and Risks
Now, as I pointed out during the introduction, if one proceeds conventionally, the stock looks richly valued as the trailing P/B multiple is 500% above peers, which is huge.
However, the underlying metrics for calculating the book value come from the balance sheet, namely the assets minus liabilities at a specific point in time, and, as such, it measures the historical financial position, not the actual strength which also has to measure the dollar value of the data assets that the company leverages to build more effective solutions like for example Nessus Expert. Thinking aloud, these data assets are indirectly priced in the stock price, with one illustration being a new product launch inducing an upside in the stock as investors become optimistic about the higher potential sales it can generate.
Thus, in the absence of having a dollar value for data assets, one can consider the ratio of the market value to book value or P/B, normally used by investors to identify undervalued stocks, as an indicator of the value of the data assets. This is especially true when compared with other cybersecurity stocks (instead of the wider IT sector) as per the table below and which also form part of Piper Sandler's top picks.
Talking valuations, the company's P/B of 16.95x is lower than the average of 22.92x for the four, implying Tenable trades at a discount. Adjusting its stock accordingly, I have a target of $60.48 based on the current share price of $44.8. Investors will note that I have also reproduced the P/E and P/S to further confirm its undervaluation.
To further justify use of the P/B multiple, there is a trend reversal which occurred around June 2022 in the share price and the book value per share as charted below. Thus from a P/B of around 28x at the end of December 2021, the P/B currently is less than 17x, which is not justified. The reason is that the drop in the share price in the first half of 2022 was not related to its financial performance as the company produced an earnings beat. Instead, the downside came while the Federal Reserve was aggressively tightening monetary policy and also coincided with Tenable acquiring Bit Discovery, specializing in high-fidelity attack surface management for $44.5 million in cash. Now, since the acquisition has enabled it to improve its product offering and be more competitive, I believe the adjustment in the P/B to about 23x becomes justifiable as it also rewards the company.
Discussing further, this P/B of 23x which is about midway between 17x and 28x also represents a fair value as it also accounts for some of the volatility risks inherent in relatively smaller growth stocks like Tenable as seen by the October 9 market volatility following the Israel-Gaza conflict when the stock shed 2.75%. Given that Tenable has higher Growth and Momentum grades as pictured above, the downside may continue in case the conflict takes a more regional dimension involving other nearby states.
On the other hand, the prospect of the conflict expanding geographically triggered a rally in defense stocks, with Lockheed Martin ( LMT ) gaining 8.93%.
Making a Parallel with the Military, and a Buy
Still, just like their defense sector counterparts (with respect to the wider industrial sector), cybersecurity stocks are of strategic importance not only to corporate America but also to protect government agencies against hackers. As a matter of fact, the industry is so important that the FBI has a center dedicated to combatting cyber threats. Now, as seen after the Eastern Europe conflict, rising geopolitical tensions also engender more cybersecurity threats including state-sponsored attacks in their wake, as bad actors try to steal, ransom, or even cripple IT infrastructures.
Consequently, making a parallel with the military, increased hacker sophistication and ability to penetrate vulnerable systems have to be countered with AI-driven vulnerability assessment tools that leverage data and ensure that the corporation complies with the most stringent IT security standards. Thus, as a producer of such tools, Tenable and its cybersecurity peers deserve their premium multiples with respect to the broader IT sector in my view.
Coming back to the value theme, while this is not mandatory, many choose stocks for their dividend-paying ability, but, I remind them that with the Fed's "higher for longer" rhetoric, economic uncertainty, and interest rates in CD accounts fetching above 5%, investors do not necessarily favor those that pay higher distributions. To illustrate my point, I compare the performances of two SPDR ETFs below.
From the capital appreciation perspective, the main take here is that the SPDR Portfolio S&P 500 Growth ETF ( SPYG ) despite paying a much lower dividend yield has performed better than the SPDR Portfolio S&P 500 High Dividend ETF ( SPYD ). In fact, an investment in SPYV would have led to a net capital destruction as the dividend yield of 5.28% is less than the loss of 5.94% for the one-year period. This compares with gains of more than 16% for SPYG. Now, Tenable does not form part of SPYG, but my point here is that we should not blindly opt for dividend paying stocks without due consideration to capital appreciation potential, as, ultimately value investing is also about avoiding losses.
In conclusion, this thesis has shown that it is important to reassess what we perceive as value together with the related metrics as well as consider data assets. After accounting for these, Tenable's stock is potentially trading at a 35% discount and deserves better due to its ability to enhance competitive positioning by deriving more value from its existing data sets.
Editor's Note: This article was submitted as part of Seeking Alpha's Best Value Idea investment competition , which runs through October 25. With cash prizes, this competition -- open to all contributors -- is one you don't want to miss. If you are interested in becoming a contributor and taking part in the competition, click here to find out more and submit your article today!
For further details see:
Tenable: A Value Stock When Considering Data Assets