Qualys : Q3 FY 2022 Investor Presentation

Investor Presentation

SecurityandCompliancefortheDigitalTransformation

Sumedh Thakar, President and CEO

Joo Mi Kim, CFO

November 2, 2022

Safe Harbor

This presentation includes forward-looking statements within the meaning of the federal securities laws. Forward-looking statements generally relate to future events or our future financial or operating performance. Forward-looking statements in this presentation include, but are not limited to, the following list:

• our business and financial performance and expectations for future periods, including the rate of growth of our business and market share gains;
• our expectations regarding our Qualys Cloud Platform and the benefits and capabilities of our platform;
• our expectations regarding the growth, benefits and market acceptance of our Vulnerability Management, Detection and Response application;
• our total addressable market;
• our expectations regarding the timing of future products and features;
• the benefits of our new and upcoming products, features, integrations, collaborations and joint solutions;
• our strategy and our business model and our ability to execute such strategy;
• our guidance for revenues, GAAP EPS and non-GAAP EPS for the fourth quarter and full year 2022; and
• our expectations for the number of weighted average diluted shares outstanding and the GAAP and non-GAAP effective income tax rate for the fourth quarter and full year 2022.

Our expectations and beliefs regarding these matters may not materialize, and actual results in future periods are subject to risks and uncertainties that could cause actual results to differ materially from those projected. These risks include:

• our ability to continue to develop platform capabilities and solutions;
• the ability of our platform and solutions to perform as intended;
• customer acceptance and purchase of our existing solutions and new solutions;
• real or perceived defects, errors or vulnerabilities in our products or services;
• our ability to retain existing customers and generate new customers;
• the budgeting cycles and seasonal buying patterns of our customers, and the length of our sales cycle;
• the impact of the ongoing COVID-19 coronavirus pandemic and related public health measures on our business and the global economy;
• our ability to manage costs as we increase our customer base and the number of our platform solutions;
• the market for cloud solutions for IT security and compliance not increasing at the rate we expect;
• competition from other products and services;
• fluctuations in currency exchange rates;
• unexpected fluctuations in our effective income tax rate on a GAAP and non-GAAP basis;
• our ability to effectively manage our rapid growth and our ability to anticipate future market needs and opportunities;
• any unanticipated accounting charges; and
• general market, political, economic and business conditions in the United States as well as globally.

These additional risks include those set forth in our filings with the Securities and Exchange Commission, including our latest Form 10-Q and 10-K. The forward-looking statements in this presentation are based on information available to us as of today, and we disclaim any obligation to update any forward-looking statements, except as required by law. We also remind you that this presentation will include a discussion of GAAP and non-GAAP financial measures. The non-GAAP financial measures are not intended to be considered in isolation or as a substitute for results prepared in accordance with GAAP. The GAAP financial measures, and a reconciliation of the non-GAAP financial measures discussed in this presentation to the most directly comparable GAAP financial measures are included in the appendix of this presentation.

2

Investment Highlights

Industry-leading cloud security and compliance platform

Multiple levers of recurring revenue growth

Scalable business model and industry- leading profitability

Uniquely positioned to capitalize on stack consolidation and move to the cloud

3

Advantages of the Qualys Cloud Platform

One view across the entire global hybrid-IT environment, allowing customers to

consolidatetheir stack for better IT, security and compliance visibility

No hardware to buy or manage

Nothing to install or manage, and all services are accessible via web interface.

Always

Up-to-date

Largest knowledge base of vulnerability signatures. Real time security updates.

Lower operating costs

With everything in the cloud there is no capex and no extra human resources needed.

Data stored securely

Data stored and processed in a n-tiered architecture of load- balanced servers.

Easy to deploy and maintain

Easily perform assessments across global hybrid-IT environment.

Unprecedented scaling

Seamlessly add new coverage, users and services as you need them.

Available as a Public or on-premises Private Cloud

Full server rack

For governments, enterprises, and MSSPs

Standalone appliance

For small businesses

Virtual rack

For governments, enterprises, and MSSPs

FedRAMP authorized

4

Securing IT Infrastructure with Qualys

Continuously Reducing Time to Resolution with Context

Global Asset Inventory	Risk Mitigation	Threat Detection & Response
Discover all managed & unmanaged	DevOps - Shift Left	Anti Malware Protection
Hardware and Software Inventory	Continuous Vulnerability Detection	Continuous Telemetry Collection
Categorize, Normalize & Enrich	Misconfig Detection	Context Enrichment
Organize with auto-tagging	System Hardening	Breach Detection
External asset exposure	Patching & Misconfig Remediation	Respond & Quarantine

5