) rising stock price brings back vivid memories of my tenure at
Goldman Sachs during the Internet bubble. A stock would be deemed
"cheap", because it was trading at
30x revenue (while its peers were trading at 40x). I thought those
days were over. Yet, FEYE (a fairly recent IPO) now trades at
roughly 30x 2014 revenue (at the time of publication in PTT). As a
former portfolio manager, I can't justify this on any metric. In my
recollection, investors have never been able to make money on
established companies trading at 30+ times projected revenue.
FireEye has the leading security solution to prevent Advanced
Persistent Threats ((APTs)), the latest buzzword in security
circles. APTs are nothing more than sophisticated attacks that
sneak into an organization, locate valuable information (e.g.
credit card info) and send that info back to the perpetrator
undetected. Existing security solutions like anti-virus and
firewalls cannot effectively prevent APTs.
With the front page news that Target was hacked leaving tens of
millions of credit cards exposed, the call for a solution was loud.
FireEye quickly emerged as the best solution on the market.
Unfortunately, APT prevention is only a part of a corporation's
security platform. FireEye's appliance does not mean a customer can
forego endpoint protection, firewall, secure web gateway, or
intrusion prevention. Target (
) had plenty of FireEye appliances but it did not prevent the APT
as the appliances flash warnings but you need many highly trained
security professionals to respond with the proper remediation.
Having FireEye appliances is like having a fire alarm, it will
likely warn you (including false positives) but you still need the
fire fighters to put out the fire. (No pun intended). According to
Advanced threat protection appliances are largely
a complementary technology rather than a replacement of
endpoint or signature based protection solutions
The target customer for APT appliances is high end enterprise,
early technology adopters and government entities who want the
latest and greatest security gadgets and have dedicated budget
ready to deploy. Clearly over the last two years, we have seen
these buyers gobble up APT appliances aggressively in order to
prevent themselves from being the next victim. As a result FireEye
has seen its revenue skyrocket from $33 million in 2011 when APTs
started gaining notoriety to $162 million in 2013, a CAGR of
However, as is the case with most high growth companies, the law
of large numbers, customer saturation, and increased competition
starts to slow growth. Most recently, FireEye's product and revenue
growth decelerated to 59%/81% y/y vs. 79%/95% and 73%/108% in the
June and September quarters, respectively. Of course, 70% growth is
great, but putting it into context versus prior quarters of 100%+
shows a marked deceleration.
In fact, FireEye has been growing its sales force by 150% y/y to
achieve much lower revenue (and decelerating) growth rates. That is
not a recipe for success. Further, now that most large enterprises
have deployed APT solutions to some extent, buyers are starting to
show some buyer's remorse. According to Gartner FireEye purchasers,
Similar to other security products that lack clear regulatory
drivers, Gartner customers claim during inquiry calls that they
have difficulties proving business value to management to justify
the costs of these (Fire Eye) products
FireEye currently has the best APT appliance on the market but
competition is picking up. Worse yet, that competition is coming
strong from big industry stalwarts like Cisco (
), Check Point (
), Fortinet (
), and Palo Alto Networks (PANW).
The Time Is Right
Timing is important when it comes to shorts. In my experience,
the best time to initiate a short position is when all the shorts
have given up (also known as capitulation). In this case, a recent
short squeeze has run its course, precipitated by a secondary
offering of 14 million shares. The secondary nearly doubles the
float to 31.5 from 17.5 million post the IPO.
As it turns out, 8.4 million of those shares were sold by
existing shareholders, including the founder. To make matters
worse, FEYE priced the offering at $82, an
to its previous day's closing price (2-5% is the norm). In my
opinion, management realized that an 8.5% discount still
represented a great price at which to cash out.
Investors seemingly caught on to this the following day. The
stock "broke" the $82 deal price, closing at $81.04.
It is well-known on Wall Street that a broken deal price is
generally a very bearish sign
. It indicates massive selling pressure that even the underwriters
(in this case Morgan Stanley, Barclays, JPMorgan and Goldman Sachs)
Another sign that timing is on our side is the large acquisition
of Mandiant. FireEye acquired Mandiant for $1 billion, roughly 10x
revenue, in a mostly stock deal ($106.5 million cash and 21.5
million shares). Mandiant was a high profile leader in the incident
response space. The problem with acquiring Mandiant instead of
continuing the partnership is that there are few obvious synergies.
Mandiant and FireEye target different buyers, end point protection
and network operations, respectively. Acquiring Mandiant instead of
continuing the partnership tells me FireEye realizes that their
growth is decelerating and competition is heating up and the only
way to ward it off is by buying growth.
Acquiring a company so shortly after going public is very rare
and should cause one to ask "if growth is so spectacular in your
core business, why are you taking on additional risk and
management's attention to pursue adjacent areas?" Of course, it's
not overpaying when you use overvalued shares that trade at 30x
revenue to buy a "less overpriced" target for 10x. Using mostly
equity, CEO Dave Dewalt must realize his valuation is absurd and
wants to use his inflated currency to buy the many missing pieces
of security that FireEye is missing.
Don't be surprised if Dewalt does more and more acquisitions
using his overinflated currency. The key question becomes "what
companies are naïve enough to take an extremely overvalued currency
What the Current Valuation Implies
At today's market cap of $13 billion,
FEYE trades at roughly the total addressable market
estimated by IDC for
security products, in 2017.
According to Gartner in 2013 the total security market revenue was
$13.5 billion, broken down as follows: Firewall ($7.5 billion),
Intrusion Prevention ($1.2 billion), Endpoint Protection ($3.4
billion), and Secure Web Gateway ($1.4 billion). FEYE's assertion
that Mandiant triples its total addressable market to $30-40
billion is laughable.
Morgan Stanley's software analyst Keith Weiss (who I think is
the best software analyst on the Street) estimates a bull case of
$3.2 billion revenue (up from $162 million today), operating
margins of 25% (from -72% today) to arrive at a
free cash flow margin of 21% and discounting it back at 12.5%
discount rate arriving at the ultra-bull case scenario of $94. In
other words, if FireEye executes flawlessly for the next 5 years,
the stock is worth $94 today.
I am short FEYE. I wrote this article myself, and it expresses my
own opinions. I am not receiving compensation for it. I have no
business relationship with any company whose stock is mentioned in
IPO Preview: Sabre