The document summarizes Websense's financial analyst day presentation. It discusses executing the TRITON strategy through technology leadership, the TRITON security alliance, a customer perspective, and financial strategy. Specifically, it highlights that Websense has transitioned from legacy to TRITON products, with $233 million in TRITON billings in 2012, up from $93 million in 2009. It also notes the company's focus on investing in sales coverage to expand its $625 million install base and win new customers.
11. Initiatives for Sustained Growth
Sales investment Multi-year sustained
growth
Multiple insertion points
Aggressive marketing Extending the
TRITON platform
Customer success
EXECUTE 2013 PLAN 2014 & BEYOND
TALENT STRENGTHEN ECOSYSTEM
Enhancing our trusted Create pull to amplify
advisor skills our push
Strategic engagement
Advanced training of
in the next generation
partner community
IT environment Page 11
12. New Insertion Capability Expands Opportunity
6% 2013
22% ACE-IN-THE-CLOUD
32%
40%
SPEAR-PHISHING APT
WSG
Legacy On-Premise Cloud-Enabled TRITON THREAT*VISION
Filtering TRITON TRITON ENTERPRISE
V - SERIES APPLIANCES
*Represents percent of software install base on each product segment Page 12
13. Websense Addressable Market
Integrated Content Security Gateway
Data Loss Prevention
$7
$6.4B Email Security On Premise
Cloud Security (Web and Email)
$6 $5.9B
Web Security Appliance
Web Security Software
$5
$ Billions
$4 Incremental opportunity
with TRITON products
$3 ~10% CAGR
$2
$1
$0
2013 2014
(1) IDC "Worldwide Web Security 2012-2016 Forecast and 2011 Vendor Shares” (Doc #235515), by Phil Hochmuth, July 2012
(2) IDC "Worldwide Messaging Security 2012-2016 Forecast and 2011 Vendor Shares" (Doc #235544), by Phil Hochmuth, June 2012
(3) IDC, "Worldwide Data Loss Prevention 2012-2016 Forecast and 2011 Vendor Shares" (Doc #23657) by Phil Hochmuth. September 2012
(4) Infonetics Research, "Content Security Appliances, Software and SaaS Quarterly Worldwide Market Share and Forecasts: 3Q12", 11/27/12
19. Transformation of IT Security
TODAY TOMORROW
Data
People
OUTSIDE
Internet Consumer
Applications Storage
Internet
Public Private
Cloud Cloud
NG
DMZ
DMZ
NGFW WEB SECURITY
AV IDS FW PROXY URL FILTER
IPS DLP ANTI-MALWARE
Web Server
INSIDE
Applications Storage PCs People BYOD People
31. Websense – F5 Strategic Partnership
TODAY 2014
Web Application
Web Server Farm
People
2014
Web
People
People
COMMON SECURITY SERVICES & POLICY MANAGEMENT Page 31
35. Real World Phishing Test – Typical Results
29% 71% 15% 85% 35% 65%
Not Opened Email Didn’t Click Link Didn’t Give Credentials
Opened Email Clicked Link Gave Credentials
0% 25% 50% 75% 100%
Location
Outside Company
Inside Company
36. Real Example of Spear-Phishing in Action
• CEO and
executive teams
are being
targeted
• Spear-Phishing
is the most
common tactic of
the bad guys to
get a door open
inside a company
URL SANDBOXED:
http://webdefence.global.blackspider.com/urlwrap/?q=AXicY • Most companies
3RmuMjNwHBHhYGhKKfS0CJJr7ioTC83MTMnOT-
do not have a
defense today
vpCg_Ry85P5ehyNDTLTArOMrA2NDSwoAhOTknMy_VZ
Page 36
The first deal is a fortune 500 global manufacturing company that purchased TRITON Data Security. This was a new customer for Websense and a competitive win against Symantec. They selected TRITON because of the ease of integration into their existing network environment, the scalability and accuracy of our ability to identify specific product designs, and the unique ability for data to be tracked and controlled while employees are outside their corporate network. This win demonstrates the value of one of the key advantages that TRITON provides- specifically data protection whether the data is on or off the corporate network. The second deal is a fortune 500 global defense firm that back in the first quarter of 2012 selected TRITON Data Security over Symantec on the strength of our endpoint capability and our comprehensive ability to cover all network communications channels. In the fourth quarter they extended their investment in the TRITON solution when we were selected to replace their Bluecoat legacy security on the strength of our hybrid cloud-appliance architecture and proven advanced web security capabilities. This win demonstrates our ability to increase our customer lifecycle value through extensions to the integrated TRITON platform.The third deal is a large European government agency that purchased our TRITON hybrid email security solution to replace their legacy Cisco Ironport system. They were an existing TRITON Web Security customer who saw the advantages of the advanced threat protection provided by our cloud-appliance based TRITON Email Security. In addition they saw the operational efficiencies they could gain through consolidation on the TRITON platform. This win demonstrates another dimension of our ability to expand our customer value once they are on the TRITON platform.To summarize: in a world that increasingly demands more advanced security to stop the theft of intellectual property and vital corporate assets, customers continue to recognize that our unique and proven best-in-class TRITON security platform has significant advantages over alternative solutions that only address legacy threats.
From Labs diagram:10 million emails per hour2.5 billion URLS per day400 million web sites probed per day1 billion links from Facebook per day1.1 billion pieces of content inspected per dayFrom Steven:WEB• 29.7billion requests per month – 3.3TB data per month• Requests detected by ACE analytics in the past month for Cloud Web: 7.3 million (note – not all of them are to do with security threats)• Malware blocks (either category-based or with ACE) in the past month: 28.7 million EMAIL• 1B emails per month – 58,000 messages per minute – peak over 1,000 emails per second.• 175,000 emails containing malware detected before AV sigs available in the last month
This slide shows the dramatic increase in our addressable market with out transformation – the opportunity associated with the new offerings is more than 2x the software only opportunityThe bottom of the chart shows the opportunity for software-only Web security – essentially a flat market out through 2013, consistent with the renewal nature of the business As we’ve added new products, including SaaS, appliance-based Web security and integrated content gateway offerings, we have nearly tripled our opportunity over time.Now its up to us to leverage our leadership position and deliver growth
Map of world on one half where we canShow where we’re making investmentKey metrics about the investmentDrive new customer acquisitionDrive upgrading customer baseChannel Development for ScaleExpand beyond Web Security bothSales force & Channel alignment
Differentiation from the Threat IntelligenceBest of breed Threat & Security IntelligenceActive participation the seeking out threatsLeveraging the network of existing customersExtending the view into the cloud infrastructureBuilding more detection by accessing mobile SPsThreatSeeker & ThreatScope – targeting and isolation threatsLeveraging cloud technology in threat protectionMany security solutions are delivered FROM the cloudReal security is only viable while USING the cloud
600% increase in…Cloud-based sandboxingPersistent analysis…Sphere phishing – good…Threatscope – fireeye-like feed the intelligence cloudClose on the “unknown "holes".Unifies 900M+ endpointsAnalyzes 3-5B requests/dayFacebook PartnershipLargest Intelligence Network
INFORMATION TECHNOLOGY & ATTACK SURFACE LANDSCAPES EVOLVINGSoftware-as-a-Service – Majority of IT application – outsourcedCloud computing, Dense Virtual Data Centers – Data everywhereTHREATS & PREDATORS ARE LONG-TERM & BUSINESS DRIVENAdvanced Persistent Threats – live inside foreverIntellectual Property fueling global – advanced attacksTRITON & THREATSEEKER UNIQUELY…Cover all the paths the threats traverseVisibility from the outside – stopping threats from enteringSeeking out from inside – preventing threats from getting data out
In the position and the right materials (stuff) for vast growthGood position for the future – positions and close…Unifies 900M+ endpointsAnalyzes 3-5B requests/dayFacebook PartnershipLargest Intelligence NetworkPATHS TO ALL ATTACKSWeb space the advent of the cloud based applicationsMessaging moving to the cloud from mobile, etc.Data - going all directions (virtualized, cloudiezed)ATTACKS LEVERAGE CONTENTHeavy used of encryption Custom layering and technologyCONTENT SECURITY REQUIREDAll security solutions eventually review data for real protectionWeb and Message drive and deliver CONTENT