SolarWinds Corp - Quarter Report: 2021 March (Form 10-Q)

UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

Washington D.C. 20549

FORM 10-Q

(Mark One)


☑			QUARTERLY REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the quarterly period ended March 31, 2021


☐			TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the transition period from to

Commission File Number: 001-38711

SolarWinds Corporation

(Exact name of registrant as specified in its charter)


Delaware						81-0753267
(State or other jurisdiction of incorporation or organization)						(I.R.S. Employer Identification No.)

7171 Southwest Parkway

Building 400

Austin, Texas 78735

(512) 682.9300

(Address and telephone number of principal executive offices)

Securities registered pursuant to Section 12(b) of the Act:


Title of Each Class	Trading Symbol	Name of Each Exchange on Which Registered
Common Stock, $0.001 par value	SWI	New York Stock Exchange

Indicate by check mark whether the registrant: (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. þ Yes ¨ No

Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files). þ Yes ¨ No

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company," and "emerging growth company" in Rule 12b-2 of the Exchange Act.


Large accelerated filer	☑	Accelerated filer	☐
Non-accelerated filer	☐	Smaller reporting company	☐
Emerging growth company	☐

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ☐

Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). ☐ Yes þ No

On May 3, 2021, 315,731,293 shares of common stock, par value $0.001 per share, were outstanding.

SOLARWINDS CORPORATION

Table of Contents


PART I - FINANCIAL INFORMATION
		Page
Item 1.	Financial Statements	5
	Condensed Consolidated Balance Sheets as of March 31 , 202 1 and December 31, 2020	5
	Condensed Consolidated Statements of Operations for the three month periods ended March 31 , 202 1 and 20 20	6
	Condensed Consolidated Statements of Comprehensive Income (Loss) for the three month periods ended March 31 , 202 1 and 20 20	7
	Condensed Consolidated Statements of Stockholders' Equity for the three month periods ended March 31 , 202 1 and 20 20	8
	Condensed Consolidated Statements of Cash Flows for the three month periods ended March 31 , 202 1 and 20 20	9
	Notes to the Condensed Consolidated Financial Statements	10
	1. Organization and Nature of Operations
	2. Summary of Significant Accounting Policies
	3. Goodwill
	4. Fair Value Measurements
	5. Debt
	6. Earnings (Loss) Per Share
	7. Income Taxes
	8. Commitment and Contingencies
Item 2.	Management's Discussion and Analysis of Financial Condition and Results of Operations	17
Item 3.	Quantitative and Qualitative Disclosures of Market Risk	31
Item 4.	Controls and Procedures	32
PART II - OTHER INFORMATION
Item 1.	Legal Proceedings	33
Item 1A.	Risk Factors	33
Item 2.	Unregistered Sales of Equity Securities and Use of Proceeds	36
Item 6.	Exhibits	36
	Signatures	38
	Certifications

Safe Harbor Cautionary Statement

This Quarterly Report on Form 10-Q contains forward-looking statements within the meaning of Section 21E of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), and the Private Securities Litigation Reform Act of 1995. Such statements may be signified by terms such as “aim,” “anticipate,” “believe,” “continue,” “expect,” “feel,” “intend,” “estimate,” “seek,” “plan,” “may,” “can,” “could,” “should,” “will,” “would” or similar expressions and the negatives of those terms. In this report, forward-looking statements include statements regarding our financial projections, future financial performance and plans and objectives for future operations including, without limitation, the following:

•expectations regarding our financial condition and results of operations, including revenue, non-GAAP revenue, revenue growth, revenue mix, cost of revenue, operating expenses, operating income, non-GAAP operating income, non-GAAP operating margin, adjusted EBITDA and adjusted EBITDA margin, cash flows and effective income tax rate;

•findings from our investigations into the cyberattack on our Orion Software Platform and internal systems (the "Cyber Incident"), including our understanding of the nature, source and duration of the attack and our plans to ensure our products and internal systems are secure and provide additional information regarding our findings, as well as our expectations regarding the impact of the Cyber Incident on our business and reputation, the success of our related mitigation and remediation efforts and the additional costs, liabilities and other adverse consequences that we may incur as a result of the Cyber Incident;

•expectations regarding the impact the government investigations and litigation resulting from the Cyber Incident may have on our business;

•expectations regarding the potential spin-off of our N-able business into a newly created and separately traded public company;

•expectations regarding investment in product development and our expectations about the results of those efforts;

•expectations concerning acquisitions and opportunities resulting from our acquisitions;

•expectations regarding hiring additional personnel globally in the areas of sales and marketing and research and development;

•intentions regarding our international earnings;

•expectations regarding our capital expenditures;

•expectations regarding the impact of the COVID-19 pandemic on our business, results of operations and financial condition; and

•our beliefs regarding the sufficiency of our cash and cash equivalents, cash flows from operating activities and borrowing capacity.

Forward-looking statements involve known and unknown risks, uncertainties and other factors that may cause our actual results, performance or achievements to be materially and adversely different from any future results, performance or achievements expressed or implied by the forward-looking statements. Factors that could cause or contribute to such differences include, but are not limited to, the following:

•risks related to cyberattacks, including the Cyber Incident, and other security incidents resulting in compromises or breaches of our and our customers’ systems or, theft or misappropriation of our and our customers’ proprietary and confidential information, as well as exposure to legal and other liabilities, including the related risk of higher customer, employee and partner attrition and the loss of key personnel, as well as negative impacts to our sales, renewals and upgrades;

•risks related to the potential spin-off of our N-able business into a newly created and separately-traded public company, including that the process of potentially completing the spin-off could disrupt or adversely affect the consolidated or separate businesses, results of operations and financial condition, that the spin-off may not achieve some or all of any anticipated benefits with respect to either business, and that the spin-off may not be completed in accordance with our expected plans or anticipated timelines, or at all;

•the possibility that the global COVID-19 pandemic may adversely affect our business, results of operations and financial condition or the impact of the COVID-19 pandemic on the global economy or on the business operations and financial conditions of our customers, their end-customers and our prospective customers;

•the inability to sell products to new customers or to sell additional products or upgrades to our existing customers;

•any decline in our renewal or net retention rates;

•the possibility that general economic conditions or uncertainty cause information technology spending to be reduced or purchasing decisions to be delayed, including as a result of the COVID-19 pandemic;

•the inability to generate significant volumes of high quality sales leads from our digital marketing initiatives and convert such leads into new business at acceptable conversion rates;

•our inability to successfully identify, complete and integrate acquisitions and manage our growth effectively;

•risks associated with our international operations;

•our status as a controlled company;

•the timing and success of new product introductions and product upgrades by SolarWinds or its competitors;

•the possibility that our operating income could fluctuate and may decline as percentage of revenue as we make further expenditures to expand our operations in order to support additional growth in our business;

•potential foreign exchange gains and losses related to expenses and sales denominated in currencies other than the functional currency of an associated entity; and

•such other risks and uncertainties described more fully in documents filed with or furnished to the Securities and Exchange Commission, including the risk factors discussed in our Annual Report on Form 10-K for the year ended December 31, 2020.

Given these risks and uncertainties, you should not place undue reliance on these forward-looking statements. Also, forward-looking statements represent our management’s beliefs and assumptions only as of the date of this Quarterly Report on Form 10-Q. Except as required by law, we assume no obligation to update these forward-looking statements publicly, or to update the reasons actual results could differ materially and adversely from those anticipated in these forward-looking statements, even if new information becomes available in the future.

In this report “SolarWinds,” “Company,” “we,” “us” and “our” refer to SolarWinds Corporation and its consolidated subsidiaries.

PART I: FINANCIAL INFORMATION

Item 1. Financial Statements

SolarWinds Corporation

Condensed Consolidated Balance Sheets

(In thousands, except share and per share information)

(Unaudited)


	March 31,		December 31,
	2021		2020
Assets
Current assets:
Cash and cash equivalents	$	374,352	$	370,498

Accounts receivable, net of allowances of $3,023 and $2,736 as of March 31, 2021 and December 31, 2020, respectively	116,271		114,298
Income tax receivable	2,286		2,273

Prepaid and other current assets	37,501		25,664
Total current assets	530,410		512,733
Property and equipment, net	58,507		58,649
Operating lease assets	108,030		110,961
Deferred taxes	143,080		149,455
Goodwill	4,192,328		4,249,402
Intangible assets, net	524,320		592,985
Other assets, net	37,837		36,298
Total assets	$	5,594,512	$	5,710,483
Liabilities and stockholders’ equity
Current liabilities:
Accounts payable	$	19,299	$	17,932
Accrued liabilities and other	56,594		72,971
Current operating lease liabilities	18,476		17,811

Accrued interest payable	154		157
Income taxes payable	11,324		16,358
Current portion of deferred revenue	343,412		346,075
Current debt obligation	19,900		19,900
Total current liabilities	469,159		491,204
Long-term liabilities:
Deferred revenue, net of current portion	34,853		36,679
Non-current deferred taxes	47,706		59,149
Non-current operating lease liabilities	111,102		115,071
Other long-term liabilities	101,590		115,021
Long-term debt, net of current portion	1,879,936		1,882,672
Total liabilities	2,644,346		2,699,796
Commitments and contingencies (Note 8)

Stockholders’ equity:
Common stock, $0.001 par value: 1,000,000,000 shares authorized and 315,403,617 and 313,039,222 shares issued and outstanding as of March 31, 2021 and December 31, 2020, respectively	315		313
Preferred stock, $0.001 par value: 50,000,000 shares authorized and no shares issued and outstanding as of March 31, 2021 and December 31, 2020, respectively	—		—
Additional paid-in capital	3,124,493		3,112,106
Accumulated other comprehensive income	61,462		127,212
Accumulated deficit	(236,104)		(228,944)
Total stockholders’ equity	2,950,166		3,010,687
Total liabilities and stockholders’ equity	$	5,594,512	$	5,710,483

The accompanying notes are an integral part of these condensed consolidated financial statements.

SolarWinds Corporation

Condensed Consolidated Statements of Operations

(In thousands, except per share information)

(Unaudited)


	Three Months Ended March 31,
	2021		2020
Revenue:
Subscription	$	108,988	$	93,635
Maintenance	123,040		116,349
Total recurring revenue	232,028		209,984
License	24,874		36,966
Total revenue	256,902		246,950
Cost of revenue:
Cost of recurring revenue	26,958		22,501
Amortization of acquired technologies	43,121		44,492
Total cost of revenue	70,079		66,993
Gross profit	186,823		179,957
Operating expenses:
Sales and marketing	83,297		72,378
Research and development	37,761		31,845
General and administrative	47,710		29,755
Amortization of acquired intangibles	20,057		18,296
Total operating expenses	188,825		152,274
Operating income (loss)	(2,002)		27,683
Other income (expense):
Interest expense, net	(16,174)		(24,095)
Other income (expense), net	127		(758)
Total other income (expense)	(16,047)		(24,853)
Income (loss) before income taxes	(18,049)		2,830
Income tax expense (benefit)	(10,889)		2,415
Net income (loss)	$	(7,160)	$	415
Net income (loss) available to common stockholders	$	(7,160)	$	412
Net income (loss) available to common stockholders per share:
Basic earnings (loss) per share	$	(0.02)	$	—
Diluted earnings (loss) per share	$	(0.02)	$	—
Weighted-average shares used to compute net income (loss) available to common stockholders per share:
Shares used in computation of basic earnings (loss) per share	314,246		308,937
Shares used in computation of diluted earnings (loss) per share	314,246		312,865

The accompanying notes are an integral part of these condensed consolidated financial statements.

SolarWinds Corporation

Condensed Consolidated Statements of Comprehensive Income (Loss)

(In thousands)

(Unaudited)


	Three Months Ended March 31,
	2021		2020
Net income (loss)	$	(7,160)	$	415
Other comprehensive income (loss):
Foreign currency translation adjustment	(65,750)		(30,429)

Other comprehensive income (loss)	(65,750)		(30,429)
Comprehensive income (loss)	$	(72,910)	$	(30,014)

The accompanying notes are an integral part of these condensed consolidated financial statements.

SolarWinds Corporation

Condensed Consolidated Statements of Stockholders' Equity

(In thousands)

(Unaudited)


	Three Months Ended March 31, 2021
	Common Stock			Additional Paid-in Capital		Accumulated Other Comprehensive Income (Loss)		Accumulated Deficit		Total Stockholders’ Equity
	Shares	Amount
Balance at December 31, 2020	313,039	$	313	$	3,112,106	$	127,212	$	(228,944)	$	3,010,687
Foreign currency translation adjustment	—	—		—		(65,750)		—		(65,750)
Net loss	—	—		—		—		(7,160)		(7,160)
Comprehensive loss										(72,910)
Exercise of stock options	10	—		11		—		—		11
Restricted stock units issued, net of shares withheld for taxes	1,319	1		(8,398)		—		—		(8,397)
Issuance of stock	820	1		462		—		—		463
Issuance of stock under employee stock purchase plan	216	—		3,129		—		—		3,129
Stock-based compensation	—	—		17,183		—		—		17,183
Balance at March 31, 2021	315,404	$	315	$	3,124,493	$	61,462	$	(236,104)	$	2,950,166


	Three Months Ended March 31, 2020
	Common Stock			Additional Paid-in Capital		Accumulated Other Comprehensive Income (Loss)		Accumulated Deficit		Total Stockholders’ Equity
	Shares	Amount
Balance at December 31, 2019	308,290	$	308	$	3,041,880	$	(5,247)	$	(387,419)	$	2,649,522
Foreign currency translation adjustment	—	—		—		(30,429)		—		(30,429)
Net income	—	—		—		—		415		415
Comprehensive loss										(30,014)
Exercise of stock options	59	—		51		—		—		51
Restricted stock units issued, net of shares withheld for taxes	276	—		(1,548)		—		—		(1,548)
Issuance of stock	1,105	2		627		—		—		629
Issuance of stock under employee stock purchase plan	161	—		2,357		—		—		2,357
Stock-based compensation	—	—		11,367		—		—		11,367

Balance at March 31, 2020	309,891	$	310	$	3,054,734	$	(35,676)	$	(387,004)	$	2,632,364

The accompanying notes are an integral part of these condensed consolidated financial statements.

SolarWinds Corporation

Condensed Consolidated Statements of Cash Flows

(In thousands)

(Unaudited)


	Three Months Ended March 31,
	2021		2020
Cash flows from operating activities
Net income (loss)	$	(7,160)	$	415
Adjustments to reconcile net income (loss) to net cash provided by operating activities:
Depreciation and amortization	69,685		67,768
Provision for losses on accounts receivable	696		3,014
Stock-based compensation expense	17,063		11,268

Amortization of debt issuance costs	2,239		2,288


Deferred taxes	(8,985)		(8,744)


(Gain) loss on foreign currency exchange rates	(1,041)		983
Other non-cash expenses (benefits)	2,268		(190)
Changes in operating assets and liabilities, net of assets acquired and liabilities assumed in business combinations:
Accounts receivable	(4,076)		(4,084)
Income taxes receivable	(71)		(583)
Prepaid and other assets	(13,190)		(4,092)
Accounts payable	1,520		(3,047)
Accrued liabilities and other	(15,310)		(5,800)
Accrued interest payable	(3)		(45)
Income taxes payable	(17,467)		4,566
Deferred revenue	763		14,739
Other long-term liabilities	—		(85)
Net cash provided by operating activities	26,931		78,371
Cash flows from investing activities


Purchases of property and equipment	(5,806)		(6,536)
Purchases of intangible assets	(2,170)		(1,694)
Acquisitions, net of cash acquired	447		—


Net cash used in investing activities	(7,529)		(8,230)
Cash flows from financing activities


Proceeds from issuance of common stock under employee stock purchase plan	3,129		2,357
Repurchase of common stock and incentive restricted stock	(8,588)		(1,571)
Exercise of stock options	11		51



Repayments of borrowings from credit agreement	(4,975)		(4,975)


Net cash used in financing activities	(10,423)		(4,138)
Effect of exchange rate changes on cash and cash equivalents	(5,125)		(2,420)
Net increase in cash and cash equivalents	3,854		63,583
Cash and cash equivalents
Beginning of period	370,498		173,372
End of period	$	374,352	$	236,955

Supplemental disclosure of cash flow information
Cash paid for interest	$	13,993	$	21,972
Cash paid for income taxes	$	14,408	$	6,035

The accompanying notes are an integral part of these condensed consolidated financial statements.

SolarWinds Corporation

Notes to Condensed Consolidated Financial Statements (Unaudited)

1. Organization and Nature of Operations

SolarWinds Corporation, a Delaware corporation, and its subsidiaries (“Company”, “we,” “us” and “our”) is a leading provider of information technology, or IT, infrastructure management software. Our products give organizations worldwide, regardless of type, size or IT infrastructure complexity, the power to monitor and manage the performance of their IT environments, whether on-premise, in the cloud, or in hybrid infrastructure models. Our approach, which we refer to as the SolarWinds Model, combines powerful, scalable, affordable, easy to use products with high-velocity, low-touch sales. We’ve built our business to enable the technology professionals who use our products to manage “all things IT.” Our range of customers has expanded over time to include network and systems engineers, database administrators, storage administrators, DevOps and service desk professionals, as well as managed service providers, or MSPs. Our SolarWinds Model enables us to sell our products for use in organizations ranging in size from very small businesses to large enterprises.

2. Summary of Significant Accounting Policies

We prepared our interim condensed consolidated financial statements in conformity with United States of America generally accepted accounting principles, or GAAP, and the reporting regulations of the Securities and Exchange Commission, or the SEC. They do not include all of the information and footnotes required by GAAP for complete financial statements. The accompanying condensed consolidated financial statements include the accounts of SolarWinds Corporation and the accounts of its wholly owned subsidiaries. We have eliminated all intercompany balances and transactions.

The interim financial information is unaudited, but reflects all normal adjustments that are, in our opinion, necessary to provide a fair statement of results for the interim periods presented. This interim information should be read in conjunction with the audited consolidated financial statements in our Annual Report on Form 10-K for the year ended December 31, 2020.

Potential Spin-Off of N-able Business

On August 6, 2020, we announced that our board of directors has authorized management to explore a potential spin-off of our N‑able business into a newly created and separately traded public company, and on March 30, 2021, we announced the public filing with the SEC of a Form 10 registration statement with respect to the potential spin-off. If completed, the standalone entity would provide broad cloud-based software solutions for MSPs, enabling them to support digital transformation and growth within small and medium-sized enterprises, or SMEs. SolarWinds would retain its Core IT Management business focused primarily on selling software and cloud-based services to corporate IT organizations. We believe that, if completed, the potential spin-off would allow each company to more effectively pursue its distinct operating priorities, strategies and capital allocation policies, while also allowing shareholders to separately evaluate and value the companies on their distinct markets, strategies and performance. If we proceed with the spin-off, it would be intended to be structured as a tax-free, pro-rata distribution to all SolarWinds shareholders as of a record date to be determined by the board of directors of SolarWinds. If completed, upon effectiveness of the transaction, SolarWinds shareholders would own shares of both companies. Completion of any spin-off would be subject to various conditions, including final approval of our board of directors, and there can be no assurance that the potential spin-off will be completed in the manner described above, or at all.

Spin-off costs incurred were $9.9 million during the three months ended March 31, 2021 which are primarily included in general and administrative expense in the condensed consolidated statements of operations. Spin-off costs include legal, accounting and advisory fees, implementation and integration costs, duplicative costs for subscriptions and information technology systems, employee and contract costs and other incremental separation costs related to the potential spin-off of the N-able business.

Use of Estimates

The preparation of financial statements in conformity with GAAP requires our management to make estimates and assumptions that affect the reported amounts and the disclosure of assets and liabilities at the date of the financial statements and the reported amounts of revenue and expenses during the reporting periods. The actual results that we experience may differ materially from our estimates. The accounting estimates that require our most significant, difficult and subjective judgments include:

•the valuation of goodwill, intangibles, long-lived assets and contingent consideration;

•revenue recognition;

•stock-based compensation;

•income taxes; and

SolarWinds Corporation

Notes to Condensed Consolidated Financial Statements (Unaudited)

•loss contingencies.

Recently Adopted Accounting Pronouncements

There have been no recent accounting pronouncements or changes in accounting pronouncements that are expected to have a material impact on our consolidated financial position, results of operations, or cash flows.

Fair Value Measurements

We apply the authoritative guidance on fair value measurements for financial assets and liabilities that are measured at fair value on a recurring basis and non-financial assets and liabilities, such as goodwill, intangible assets and property, plant and equipment that are measured at fair value on a non-recurring basis.

The guidance establishes a three-tiered fair value hierarchy that prioritizes inputs to valuation techniques used in fair value calculations. The three levels of inputs are defined as follows:

Level 1: Unadjusted quoted prices for identical assets or liabilities in active markets accessible by us.

Level 2: Inputs that are observable in the marketplace other than those inputs classified as Level 1.

Level 3: Inputs that are unobservable in the marketplace and significant to the valuation.

See Note 4. Fair Value Measurements for a summary of our financial instruments accounted for at fair value on a recurring basis. The carrying amounts reported in our consolidated balance sheets for cash, accounts receivable, accounts payable and other accrued expenses approximate fair value due to relatively short periods to maturity.

Accumulated Other Comprehensive Income (Loss)

Changes in accumulated other comprehensive income (loss) by component are summarized below:


	Foreign Currency Translation Adjustments		Accumulated Other Comprehensive Income (Loss)

	(in thousands)




Balance at December 31, 2020	$	127,212	$	127,212
Other comprehensive gain (loss) before reclassification	(65,750)		(65,750)
Amount reclassified from accumulated other comprehensive income (loss)	—		—
Net current period other comprehensive income (loss)	(65,750)		(65,750)
Balance at March 31, 2021	$	61,462	$	61,462

Deferred Revenue

Details of our total deferred revenue balance was as follows:


	Total Deferred Revenue

	(in thousands)
Balance at December 31, 2020	$	382,754

Deferred revenue recognized	(131,972)
Additional amounts deferred	127,483

Balance at March 31, 2021	$	378,265

We expect to recognize revenue related to these remaining performance obligations as of March 31, 2021 as follows:


	Revenue Recognition Expected by Period
	Total		Less than 1 year		1-3 years		More than 3 years

	(in thousands)
Expected recognition of deferred revenue	$	378,265	$	343,412	$	34,495	$	358

SolarWinds Corporation

Notes to Condensed Consolidated Financial Statements (Unaudited)

Deferred Commissions

Details of our deferred commissions balance was as follows:


			(in thousands)
Balance at December 31, 2020			$	14,801

Commissions capitalized			2,000
Amortization recognized			(1,129)
Balance at March 31, 2021			$	15,672

	March 31,		December 31,
	2021		2020

	(in thousands)
Classified as:
Current	$	4,143	$	3,824
Non-current	11,529		10,977
Total deferred commissions	$	15,672	$	14,801

Disaggregation of Revenue

The following table summarizes our revenue by product group:


	Three Months Ended March 31,
	2021		2020

	(in thousands)
Core IT Management product revenue	$	173,856	$	173,737
N-able product revenue	83,046		73,213
Total revenue	$	256,902	$	246,950

Cost of Revenue

Amortization of Acquired Technologies. Amortization of acquired technologies included in cost of revenue relate to our licensed products and subscription products as follows:


	Three Months Ended March 31,
	2021		2020

	(in thousands)
Amortization of acquired license technologies	$	37,336	$	35,572
Amortization of acquired subscription technologies	5,785		8,920
Total amortization of acquired technologies	$	43,121	$	44,492

3. Goodwill

The following table reflects the changes in goodwill for the three months ended March 31, 2021:


	(in thousands)
Balance at December 31, 2020	$	4,249,402

Foreign currency translation and other adjustments	(57,074)
Balance at March 31, 2021	$	4,192,328

SolarWinds Corporation

Notes to Condensed Consolidated Financial Statements (Unaudited)

4. Fair Value Measurements

The following table summarizes the fair value of our financial assets that were measured on a recurring basis as of March 31, 2021 and December 31, 2020. There have been no transfers between fair value measurement levels during the three months ended March 31, 2021.


	Fair Value Measurements at March 31, 2021 Using
	Quoted Prices in Active Markets for Identical Assets (Level 1)		Significant Other Observable Inputs (Level 2)		Significant Unobservable Inputs (Level 3)		Total

	(in thousands)
Money market funds	$	130,000	$	—	$	—	$	130,000
Trading security	—		—		5,287		5,287

Total assets	$	130,000	$	—	$	5,287	$	135,287


	Fair Value Measurements at December 31, 2020 Using
	Quoted Prices in Active Markets for Identical Assets (Level 1)		Significant Other Observable Inputs (Level 2)		Significant Unobservable Inputs (Level 3)		Total

	(in thousands)
Money market funds	$	160,000	$	—	$	—	$	160,000
Trading security	—		—		5,238		5,238

Total assets	$	160,000	$	—	$	5,238	$	165,238

As of March 31, 2021 and December 31, 2020, the carrying value of our long-term debt approximates its estimated fair value as the interest rate on the debt agreements is adjusted for changes in the market rates. See Note 5. Debt for additional information regarding our debt.

5. Debt

The following table summarizes information relating to our debt:


	March 31,				December 31,
	2021				2020
	Amount		Effective Rate		Amount		Effective Rate

	(in thousands, except interest rates)
Revolving credit facility	$	—	—	%	$	—	—	%
First Lien Term Loan (as amended) due Feb 2024	1,925,325		2.86	%	1,930,300		2.90	%


Total principal amount	1,925,325				1,930,300
Unamortized discount and debt issuance costs	(25,489)				(27,728)
Total debt	1,899,836				1,902,572
Less: Current portion of long-term debt	(19,900)				(19,900)
Total long-term debt	$	1,879,936			$	1,882,672

Senior Secured First Lien Credit Facilities

Our first lien credit agreement, as amended, or First Lien Credit Agreement, provides for senior secured first lien credit facilities, consisting of the following as of March 31, 2021:

•a $1.99 billion U.S. dollar term loan, or First Lien Term Loan, with a final maturity date of February 5, 2024; and

SolarWinds Corporation

Notes to Condensed Consolidated Financial Statements (Unaudited)

•a $117.5 million revolving credit facility (with a letter of credit sub-facility in the amount of $35.0 million), or the Revolving Credit Facility, consisting of (i) a $100.0 million multicurrency tranche and (ii) a $17.5 million tranche available only in U.S. dollars, with a final maturity date of February 5, 2022.

Borrowings under our Revolving Credit Facility bear interest at a floating rate which is, at our option, either (1) a Eurodollar rate for a specified interest period plus an applicable margin of 2.50% or (2) a base rate plus an applicable margin of 1.50%, respectively. The Eurodollar rate applicable to the Revolving Credit Facility is subject to a “floor” of 0.0%.

Borrowings under our First Lien Term Loan bear interest at a floating rate which is, at our option, either (1) a Eurodollar rate for a specified interest period plus an applicable margin of 2.75% or (2) a base rate plus an applicable margin of 1.75%, respectively. The Eurodollar rate applicable to the First Lien Term Loan is subject to a “floor” of 0.0%.

The Eurodollar rate is equal to an adjusted London Interbank Offered Rate, or LIBOR, for a one-, two-, three- or six-month interest period with a LIBOR floor of 0%. The base rate for any day is a fluctuating rate per annum equal to the highest of (a) the rate of interest in effect for such day as publicly announced by Credit Suisse as its “prime rate” and (b) the federal funds effective rate in effect on such day plus 0.50% and (c) the one-month adjusted LIBOR plus 1.0% per annum.

The First Lien Term Loan requires equal quarterly repayments equal to 0.25% of the original principal amount.

In addition to paying interest on loans outstanding under the Revolving Credit Facility and the First Lien Term Loan, we are required to pay a commitment fee of 0.50% per annum of unused commitments under the Revolving Credit Facility. The commitment fee is subject to a reduction to 0.375% per annum based on our first lien net leverage ratio.

The First Lien Credit Agreement contains a number of covenants that, among other things, restrict, subject to certain exceptions, our ability to: incur additional indebtedness; incur liens; engage in mergers, consolidations, liquidations or dissolutions; pay dividends and distributions on, or redeem, repurchase or retire our capital stock; and make certain investments, acquisitions, loans, or advances. In addition, the terms of the First Lien Credit Agreement include a financial covenant which requires that, at the end of each fiscal quarter, if the aggregate amount of borrowings under the Revolving Credit Facility exceeds 35% of the aggregate commitments under the Revolving Credit Facility, our first lien net leverage ratio cannot exceed 7.40 to 1.00. The First Lien Credit Agreement also contains certain customary representations and warranties, affirmative covenants and events of default. As of March 31, 2021, we were in compliance with all covenants of the First Lien Credit Agreement.

6. Earnings (Loss) Per Share

A reconciliation of the number of shares in the calculation of basic and diluted earnings (loss) per share follows:


	Three Months Ended March 31,
	2021		2020

	(in thousands)
Basic earnings (loss) per share
Numerator:
Net income (loss)	$	(7,160)	$	415

Earnings allocated to unvested restricted stock	—		(3)
Net income (loss) available to common stockholders	$	(7,160)	$	412
Denominator:
Weighted-average common shares outstanding used in computing basic earnings (loss) per share	314,246		308,937

Diluted earnings (loss) per share
Numerator:
Net income (loss) available to common stockholders	$	(7,160)	$	412
Denominator:
Weighted-average shares used in computing basic earnings (loss) per share	314,246		308,937
Add dilutive impact of employee equity plans	—		3,928
Weighted-average shares used in computing diluted earnings (loss) per share	314,246		312,865

SolarWinds Corporation

Notes to Condensed Consolidated Financial Statements (Unaudited)

The following weighted-average outstanding shares of common stock equivalents were excluded from the computation of the diluted net income (loss) per share attributable to common stockholders for the periods presented because their effect would have been anti-dilutive or for which the performance condition had not been met at the end of the period:


	Three Months Ended March 31,
	2021	2020

	(in thousands)
Stock options to purchase common stock	1,107	247
Performance-based stock options to purchase common stock	130	84
Non-vested restricted stock incentive awards	662	1,669
Performance-based non-vested restricted stock incentive awards	8	845
Restricted stock units	10,927	5,650
Performance stock units	205	677
Employee stock purchase plan	213	177
Total anti-dilutive shares	13,252	9,349

The calculation of diluted earnings (loss) per share requires us to make certain assumptions related to the use of proceeds that would be received upon the assumed exercise of stock options, purchase of restricted stock or proceeds from the employee stock purchase plan.

7. Income Taxes

For the three months ended March 31, 2021 and 2020, we recorded income tax benefit of $10.9 million and income tax expense of $2.4 million, respectively, resulting in an effective tax rate of 60.3% and 85.3%, respectively. The decrease in the effective tax rate for the three months ended March 31, 2021 compared to the same period in 2020 was primarily due to a decrease in income before income taxes and the reversal of uncertain tax positions in the amount of $6.1 million and related accrued interest in the amount of $2.7 million resulting from an IRS settlement agreement entered into during the quarter.

Our policy is to include interest and penalties related to unrecognized tax benefits as a component of income tax expense. At March 31, 2021, we had accrued interest and penalties related to unrecognized tax benefits of approximately $2.6 million.

We file U.S., state and foreign income tax returns in jurisdictions with varying statutes of limitations. The 2012 through 2020 tax years generally remain open and subject to examination by federal, state and foreign tax authorities. We are currently under examination by the IRS for the tax years 2013 through the period ending February 2016. During the three months ended March 31, 2021, we finalized a settlement agreement with the IRS for the tax years 2011 to 2012. We are under audit by the Indian Tax Authority for the 2014 and 2017 tax years. We are currently under audit by the California Franchise Tax Board for the 2012 through 2014 tax years, the Massachusetts Department of Revenue for the 2015 through February 2016 tax years and the Texas Comptroller for the 2015 through 2018 tax years. We are not currently under audit in any other taxing jurisdictions.

8. Commitments and Contingencies

Cyber Incident

On December 14, 2020, we announced that we had been the victim of a cyberattack on our Orion Software Platform and internal systems, or the Cyber Incident. Together with outside security professionals and other third parties, we are conducting investigations into the Cyber Incident which we are close to completing.

Our investigations to date revealed that as part of this attack, malicious code, or Sunburst, was injected into builds of our Orion Software Platform that we released between March 2020 and June 2020. We released remediations for the versions of our Orion Software Platform known to be affected by Sunburst and have taken and expect to continue to take extensive efforts to support and protect our customers.

Expenses Incurred

SolarWinds Corporation

Notes to Condensed Consolidated Financial Statements (Unaudited)

General and administrative expense is presented net of insurance proceeds in the condensed consolidated statements of operations. Expenses include costs to investigate and remediate the Cyber Incident, and legal and other professional services related thereto, and consulting services being provided to customers at no charge, all of which were expensed as incurred.

Litigation, Claims and Government Investigations

As a result of the Cyber Incident, we are subject to numerous lawsuits and investigations. Multiple class action lawsuits alleging, among other things, violations of the federal securities laws are pending against us and certain of our current and former officers. The complainants seek certification of a class of all persons who purchased or otherwise acquired our securities during set periods of time and unspecified monetary damages, costs and attorneys’ fees. In addition, a shareholder derivative action, purportedly on behalf of the Company, is pending in the Western District of Texas asserting breach of duty and other claims against certain of our current and former officers and directors in connection with the cyberattack. We dispute the allegations in these complaints and intend to defend against the claims.

In addition, there are underway numerous investigations and inquiries by domestic and foreign law enforcement and other governmental authorities related to the Cyber Incident, including from the Department of Justice, the Securities and Exchange Commission, and various state Attorneys General. We are cooperating and providing information in connection with these investigations and inquiries and are incurring, and in future periods expect to incur, costs and other expenses in connection with these investigations and inquiries.

While we believe it is reasonably possible that we could incur losses associated with these proceedings and investigations, it is not possible to estimate the amount of any loss or range of possible loss that might result from adverse judgments, settlements, penalties or other resolutions of such proceedings and investigations based on the early stage thereof, the fact that alleged damages have not been specified, the uncertainty as to the certification of a class or classes and the size of any certified class, as applicable, and the lack of resolution on significant factual and legal issues. The Company will continue to evaluate information as it becomes known and will record an estimate for losses at the time or times when it is both probable that a loss has been incurred and the amount of the loss is reasonably estimable. Losses associated with any adverse judgments, settlements, penalties or other resolutions of such proceedings and investigations could be material to our business, results of operations, financial condition or cash flows in future periods.

Additional lawsuits and claims related to the Cyber Incident may be asserted by or on behalf of customers, stockholders or others seeking damages or other related relief and additional inquiries from governmental agencies may be received or investigations by governmental agencies commenced.

Insurance Coverage

We maintain $15 million of cybersecurity insurance coverage to limit our exposure to losses such as those related to the Cyber Incident. As of March 31, 2021, we recorded a loss recovery asset of $9.2 million for insurance proceeds deemed probable of recovery which is included in prepaid and other current assets in our condensed consolidated balance sheet and received payments of $1.0 million for costs incurred.

Other Matters

In addition to the Cyber Incident described above, from time to time we are involved in litigation arising from the normal course of business. In management's opinion, this litigation is not expected to have a material adverse effect on our consolidated financial condition, results of operations or cash flows.

Item 2. Management's Discussion and Analysis of Financial Condition and Results of Operations

The following discussion and analysis of our financial condition and results of operations should be read in conjunction with the condensed consolidated financial statements and related notes thereto included elsewhere in this Quarterly Report on Form 10-Q. In addition to historical condensed consolidated financial information, the following discussion contains forward-looking statements that reflect our plans, estimates and beliefs. Our actual results could differ materially and adversely from those anticipated in the forward-looking statements. Please see the section entitled “Safe Harbor Cautionary Statement” above and the risk factors discussed in our Annual Report on Form 10-K for the year ended December 31, 2020 for a discussion of the uncertainties, risks and assumptions associated with these statements. The following discussion and analysis also includes a discussion of certain non-GAAP financial measures. For a description and reconciliation of the non-GAAP measures discussed in this section, see “Non-GAAP Financial Measures.”

Overview

SolarWinds is a leading provider of information technology, or IT, infrastructure management software. Our products give organizations worldwide, regardless of type, size or IT infrastructure complexity, the power to monitor and manage the performance of their IT environments, whether on-premise, in the cloud, or in hybrid models. We combine powerful, scalable, affordable, easy to use products with a high-velocity, low-touch sales model to grow our business while also generating significant cash flow.

We offer a broad portfolio of infrastructure location-agnostic products to monitor and manage network, systems, desktop, application, storage, database, website infrastructures and IT service desks. We intend to continue to innovate and invest in areas of product development that bring new products to market and enhance the functionality, ease of use and integration of our current products. We believe this will strengthen the overall value proposition of our products in any IT environment.

On February 5, 2016, we were acquired by affiliates of Silver Lake Group, L.L.C and Thoma Bravo, LLC in a take private transaction, or the Take Private. We applied purchase accounting on the date of the Take Private. In October 2018, we completed our initial public offering, or IPO, and once again become a publicly traded company.

Cyber Incident

As previously disclosed, on December 14, 2020, we announced that we had been the victim of a cyberattack on our Orion Software Platform and internal systems, or the “Cyber Incident.” Together with outside security professionals and other third parties, we have been conducting investigations into the Cyber Incident, and are providing an update on our investigations to date.

Investigative Update

Impacted Customers. At the earliest stages of our investigation, we reported up to 18,000 customers could potentially have been vulnerable to SUNBURST, based on our records of the total number of customer downloads of the specific, impacted versions of our Orion Platform products. We now estimate that the actual number of customers who were hacked through SUNBURST to be fewer than 100. It’s important to note that this group of up to 18,000 downloads includes two significant groups that could not have been affected by SUNBURST due to the inability of the malicious code to contact the threat actor command-and-control server: (1) those customers who did not install the downloaded version and (2) those customers who did install the affected version, but only did so on a server without access to the internet. Among a third group of customers, those whose affected servers accessed the internet, we believe, based on sample DNS data, only a very small proportion saw any activity with the command-and-control server deployed by the threat actor. This statistical analysis of the same DNS data leads to our belief that fewer than 100 customers had servers that communicated with the threat actor.

Orion Supply Chain Attack. Our investigations to date have revealed that the threat actor employed novel and sophisticated techniques indicative of a nation state actor and consistent with the goal of cyber espionage via a supply-chain attack. Through the use of the novel SUNSPOT code injector that we discovered in our investigation, the threat actor surreptitiously injected the SUNBURST malicious code solely into builds of the Orion Software Platform. The threat actor undertook a test run of its ability to inject code into builds of the Orion Software Platform in October 2019, months prior to initiating the actual SUNBURST injection into builds of our Orion Software Platform that we released between March and June 2020. We have not identified Sunburst in any of our more than 70 non-Orion products and tools, including those of our N-able business.

Shared IT Environment Activities. While we do not know precisely when or how the threat actor first gained access to our environment, our investigations have uncovered evidence that the threat actor compromised credentials and conducted research and surveillance in furtherance of its objectives through persistent access to our software development environment and internal systems, including our Office 365 environment, for at least nine months prior to initiating the test run in October 2019. We also have found evidence that causes us to believe that the threat actor exfiltrated certain information as part of its research and surveillance. The threat actor created and moved files that we believe contained source code for both Orion and non-Orion

products, although we are unable to determine the actual contents of those files. In addition, the threat actor created and moved additional files, including a file that may have contained data supporting our customer portal application. Although we are unable to determine the actual contents of the files, the information included in our customer portal databases does not contain highly sensitive personal information, such as credit card, social security, passport or bank account numbers, but contains other information such as corporate customer name, business email addresses, business billing addresses, encrypted portal login credentials, IP addresses downloading any software and MAC addresses of the registered Orion servers. Our investigations have also revealed that the threat actor accessed the email accounts of certain of our personnel, some of which contained information related to current or former employees and customers. We are currently in the process of identifying all personal information contained in the emails of these accounts and expect to provide notices to any impacted individuals and other parties as appropriate. The threat actor also moved files to a jump server, which we believe was intended to facilitate exfiltration of the files out of our environment.

Remediation and Secure by Design. We, together with our partners, have undertaken extensive measures to investigate, contain, eradicate, and remediate the Cyber Incident. At this time, we have substantially completed this process and believe the threat actor is no longer active in our environments. As part of our “Secure by Design” initiative, we are working with industry experts to implement enhanced security practices designed to further strengthen and protect our products and environment against these and other types of attacks in the future. To that end, we are further securing our environment and systems, adopting zero trust and least privilege access mechanisms and addressing the possible risks associated with third-party applications access. Additionally, we have made significant progress in redesigning our automated build process to help ensure the security and integrity of the code for our products and that no insertions or alterations have occurred during the build process as happened with SUNSPOT and SUNBURST. We see an opportunity to help lead an industry-wide effort we believe will position SolarWinds as a model for secure software environments, development processes, and products.

Expenses

For the three months ended March 31, 2021, we recorded $20.4 million of pretax gross expenses related to the Cyber Incident, partially offset by $10.2 million of expected insurance proceeds for costs we believe are reimbursable and probable of recovery under our insurance coverage, for pretax net expenses of $10.2 million. We have included $0.8 million of these gross expenses in cost of recurring revenue, $0.8 million in sales and marketing expense and $18.8 million in general and administrative expense in the condensed consolidated statements of operations for the three months ended March 31, 2021. General and administrative expense is presented net of insurance proceeds in the condensed consolidated statements of operations. Expenses include costs to investigate and remediate the Cyber Incident, and legal and other professional services related thereto, and consulting services being provided to customers at no charge, all of which were expensed as incurred. These expenses do not include the $20 to $25 million of expected costs in 2021 associated with our “Secure By Design” initiatives which include costs to enhance our security measures across our systems and our software development and build environments.

Litigation, Claims and Government Investigations

As a result of the Cyber Incident, we are subject to numerous lawsuits and investigations or inquiries as described in Part I, Item 1A. Risk Factors – Risks Related to Cybersecurity and the Cyber Incident in our Annual Report on Form 10-K for the year ended December 31, 2020 and Note 8. Commitments and Contingencies in the Notes to Condensed Consolidated Financial Statements included in Item 1 of Part I of this Quarterly Report on Form 10-Q. While we will incur costs and other expenses associated with these proceedings and investigations, it is not possible to estimate the amount of any loss or range of possible loss that might result from adverse judgments, settlements, penalties or other resolutions of such proceedings and investigations based on the early stage thereof, the fact that alleged damages have not been specified, the uncertainty as to the certification of a class or classes and the size of any certified class, as applicable, and the lack of resolution on significant factual and legal issues. We will continue to evaluate information as it becomes known and will record an estimate for losses at the time or times when it is both probable that a loss has been incurred and the amount of the loss is reasonably estimable.

Future Costs

We expect to incur additional legal and other professional services costs and expenses associated with the Cyber Incident in future periods. We expect to recognize these expenses as services are received. Costs related to the Cyber Incident that will be incurred in future periods will include increased expenses associated with ongoing claims, investigations and inquiries, and any new claims, investigations and inquiries, as well as increased customer support activities and other related matters. We expect to incur increased expenses for insurance, finance, compliance activities, and to meet increased legal and regulatory requirements. We are also providing, at our cost, free third-party support services to customers related to the Cyber Incident. Although the ultimate magnitude and timing of expenses or other impacts to our business or reputation related to the Cyber Incident are uncertain, they could be significant. We also expect to incur increased expenses and capital investments related to our “Secure By Design” initiatives.

Insurance Coverage

Impacts of COVID-19

The impact from the rapidly changing market and economic conditions due to the COVID-19 pandemic on our business is uncertain. We initially responded to the COVID-19 pandemic by executing our business continuity plan and transitioning nearly all of our workforce to a remote working environment to prioritize the safety of our personnel. Substantially all of our workforce is currently working remotely. Due to the nature of our business, at this time, we have seen an impact on our financial results, including a decline in license revenue, but do not expect to experience a significant impact on our financial results due to the COVID-19 pandemic. However, we are unable to predict with a level of precision the longer term impact it may have on our business, results of operations and financial condition due to numerous uncertainties, including the duration of the pandemic, actions that may be taken by governmental authorities in response to the pandemic, its impact to the business of our customers and their end-customers and other factors identified in Part I, Item 1A “Risk Factors” in our Annual Report on Form 10-K for the fiscal year ended December 31, 2020. We will continue to evaluate the nature and extent of the impact of the COVID-19 pandemic to our business, consolidated results of operations and financial condition.

Potential Spin-Off of N-able Business

On August 6, 2020, we announced that our board of directors has authorized management to explore a potential spin-off of our N‑able business into a newly created and separately traded public company, and on March 30, 2021, we announced the public filing with the SEC of a Form 10 registration statement with respect to the potential spin-off. If completed, the standalone entity would provide broad cloud-based software solutions for managed service providers, or MSPs, enabling them to support digital transformation and growth within small and medium-sized enterprises, or SMEs. SolarWinds would retain its Core IT Management business focused primarily on selling software and cloud-based services to corporate IT organizations. We believe that, if completed, the potential spin-off would allow each company to more effectively pursue its distinct operating priorities, strategies and capital allocation policies, while also allowing stockholders to separately evaluate and value the companies on their distinct markets, strategies and performance. If we proceed with the spin-off, it would be intended to be structured as a tax-free, pro-rata distribution to all SolarWinds stockholders as of a record date to be determined by the board of directors of SolarWinds. If completed, upon effectiveness of the transaction, SolarWinds stockholders would own shares of both companies. Completion of any spin-off would be subject to various conditions, including final approval of our board of directors, and there can be no assurance that the potential spin-off will be completed in the manner described above, or at all. If we proceed with the spin-off, we currently are targeting to complete the transaction late in the second quarter of 2021.

We have incurred significant costs in connection with exploring the potential spin-off transaction of our N‑able business into a newly created and separately traded public company. Spin-off exploration costs include legal, accounting and advisory fees, implementation and integration costs, duplicative costs for subscriptions and information technology systems, employee and contractor costs and other incremental separation costs related to the potential spin-off of the N‑able business. The potential spin-off transaction results in operating expenses that would not otherwise have been incurred by us in the normal course of our organic business operations. Spin-off exploration costs incurred were $9.9 million during the three months ended March 31, 2021. We expect to incur additional spin-off exploration costs in future periods, although we expect such costs to begin to subside in the second half of the year after completion of the spin-off.

First Quarter Financial Highlights

Our approach, which we call the “SolarWinds Model,” is based on our commitment to building a business that is focused on growth and profitability. Below are our key financial highlights for the three months ended March 31, 2021 as compared to the three months ended March 31, 2020.

Revenue

Our total revenue was $256.9 million and $247.0 million for the three months ended March 31, 2021 and 2020, respectively. Our non-GAAP total revenue, which excludes the impact of purchase accounting, was $257.0 million and $248.5 million for the three months ended March 31, 2021 and 2020, respectively. Recurring revenue, which consists of subscription and maintenance revenue, represented approximately 90% of our total revenue for the three months ended March 31, 2021 compared to 85% for the three months ended March 31, 2020. We have increased our recurring revenue as a result of the growth in our subscription sales and the continued growth of our maintenance revenue.

Our Core IT Management products are targeted for ITOps, DevOps, and IT security professionals and provide hybrid IT performance management with a deep visibility into applications, databases, IT infrastructures, and the full IT stack, while remaining infrastructure-location agnostic. Core IT Management product revenue was $173.9 million and $173.7 million for the three months ended March 31, 2021 and 2020, respectively.

Our N‑able products enable MSPs to deploy, manage and secure technologies for their small and medium size business end-customers, as well as and more efficiently manage their own businesses. N‑able product revenue was $83.0 million and $73.2 million for the three months ended March 31, 2021 and 2020, respectively.

We use Subscription Annual Recurring Revenue, or Subscription ARR, and Total Annual Recurring Revenue, or Total ARR, to evaluate the results of our recurring revenue model. Subscription ARR represents the annualized recurring value of all active subscription contracts at the end of a reporting period. As of March 31, 2021, Subscription ARR was $438.4 million, up from $387.0 million as of March 31, 2020. Total ARR represents the sum of Subscription ARR and the annualized value of all maintenance contracts related to perpetual licenses active at the end of a reporting period. As of March 31, 2021, Total ARR was $961.3 million, up from $861.6 million as of March 31, 2020, reflecting an increase of 11.6%.

As of March 31, 2021, we had over 320,000 customers. We have a broad and diverse customer base that is not concentrated in any segment or vertical industry. We define customers as individuals or entities that have purchased one or more of our products under a unique customer identification number since our inception for our perpetual license products and individuals or entities that have an active subscription for at least one of our subscription products. Each unique customer identification number constitutes a separate customer regardless of the amount purchased. We may have multiple purchasers of our products within a single organization, each of which may be assigned a unique customer identification number and deemed a separate customer.

The SolarWinds Model allows us to both sell to a broad group of potential customers and close large transactions with significant customers. While some customers may spend as little as $100 with us over a twelve-month period, we had 1,074 customers who spent more than $100,000 with us for the trailing twelve-month period ended March 31, 2021 as compared to 926 for the twelve-month period ended March 31, 2020.

We expect that the continued growth in the use of public and private clouds, increased outsourcing of IT management services to MSPs and cross-selling of subscription products into our existing customer base could result in an increase in our subscription revenue. We believe this increase, coupled with continued growth in maintenance revenue, could cause our recurring revenue to increase as a percentage of total revenue over time.

Our license revenue has declined as a percentage of total revenue primarily due to the higher growth of our recurring revenue, the impact of the Cyber Incident on our first quarter results as well as the continued impact of the Covid-19 pandemic, and represented approximately 9.7% of our total revenue in the three months ended March 31, 2021. We expect license revenue to remain flat as a percentage of revenue over time as we grow our recurring revenue while continuing to invest in international sales growth, new product development and enhancements and increased productivity and efficiency of our sales and marketing operations.

Profitability

Our net loss for the three months ended March 31, 2021 was $7.2 million compared to net income of $0.4 million for the three months ended March 31, 2020. Our Adjusted EBITDA was $106.5 million and $110.9 million for the three months ended March 31, 2021 and 2020, respectively.

Cash Flow

We have built our business to generate strong cash flow over the long term. For the three months ended March 31, 2021 and 2020, cash flows from operations were $26.9 million and $78.4 million, respectively. During those periods, our cash flows from operations were reduced by cash payments for interest on our long-term debt of $14.0 million and $22.0 million, respectively and cash payments for income taxes of $14.4 million and $6.0 million, respectively.

Cyber Incident

The Cyber Incident is expected to negatively impact revenue, profitability and cash flows in 2021 and beyond. Certain of our customers have, and others may, defer renewals or cancel subscriptions which would have a negative impact on our revenue. In addition, we expect to incur significant expenses associated with the Cyber Incident in future periods, primarily related to legal proceedings and regulatory investigations, increased customer support activities and other related matters, and increased costs and expenses for insurance, compliance activities, and to meet increased legal and regulatory requirements. We also expect to incur increased expenses and capital investments associated with our “Secure By Design” initiatives in 2021. See Note 8. Commitments and Contingencies in the Notes to Condensed Consolidated Financial Statements in Item 1 of Part I of this Quarterly Report on Form 10-Q for information related to the legal proceedings and governmental investigations related to

the Cyber Incident. While we will incur costs and other expenses associated with these proceedings and investigations, it is not possible to estimate the amount of any loss or range of possible loss that might result from adverse judgments, settlements, penalties or other resolutions of such proceedings and investigations based on the early stage thereof, the fact that alleged damages have not been specified, the uncertainty as to the certification of a class or classes and the size of any certified class, as applicable, and the lack of resolution on significant factual and legal issues.

Components of Our Results of Operations

Revenue

Our revenue consists of recurring revenue and perpetual license revenue.

•Recurring Revenue. The significant majority of our revenue is recurring and consists of subscription and maintenance revenue.

▪Subscription Revenue. We primarily derive subscription revenue from fees received for subscriptions to our SaaS offerings, and to a lesser extent, our time-based license arrangements. Subscription revenue includes sales of our N‑able products as well as our cloud infrastructure, database, application performance management and IT service management, or ITSM products. We generally recognize revenue ratably over the subscription term once the service is made available to the customer or when we have the right to invoice for services performed. We generally invoice subscription agreements monthly based on usage or in advance over the subscription period on either a monthly or annual basis. Our subscription revenue grows as customers add new subscription products, upgrade the capacity level of their existing subscription products or increase the usage of their subscription products. Our revenue from N‑able products increases with the addition of end customers served by our MSP customers, the proliferation of devices managed by those MSPs and the expansion of products used by those MSPs to manage end customers’ IT infrastructures.

•Maintenance Revenue. We derive maintenance revenue from the sale of maintenance services associated with our perpetual license products. Perpetual license customers pay for maintenance services based on the products they have purchased. We recognize maintenance revenue ratably on a daily basis over the contract period. Our maintenance revenue grows when we renew existing maintenance contracts and add new perpetual license customers, and as existing customers add new products. In addition, we typically implement annual price increases for our maintenance services. Customers typically renew their maintenance contracts at our standard list maintenance renewal pricing for their applicable products. We generally invoice maintenance contracts annually in advance.

•License Revenue. We derive license revenue from sales of perpetual licenses of our on-premise network, systems, storage and database management products to new and existing customers. We include one year of maintenance services as part of our customers’ initial license purchase. License revenue is recognized at a point in time upon delivery of the electronic license key. We allocate revenue to the license component based upon our estimated standalone selling prices, which is derived by evaluating our historical pricing and discounting practices in observable bundled transactions.

In April 2020, we launched subscription pricing options for certain of our network, systems and database management products that have historically been sold as perpetual licenses. The new on-premise subscription option gives customers additional flexibility when purchasing our products. The on-premise subscription offerings are time-based revenue arrangements recognized at a point in time upon delivery of the software and support is recognized ratably over the contract period. On-premise subscription offerings are recorded in subscription revenue in our condensed consolidated statement of operations. We plan to continue to sell perpetual licenses for these products and not require customers to transition to a subscription pricing model. The subscription pricing option may impact the mix of license and recurring revenue, but this impact is difficult to predict at this time due to uncertainty regarding the level of customer adoption of the new subscription pricing options. We expect a gradual shift in the mix between license and recurring revenue in each quarter as new customers purchase these on-premise subscription offerings.

Cost of Revenue

•Cost of Recurring Revenue. Cost of recurring revenue consists of technical support personnel costs, royalty fees, public cloud infrastructure and hosting fees and an allocation of overhead costs for our subscription revenue and maintenance services. Allocated costs consist of certain facilities, depreciation, benefits and IT costs allocated based on headcount.

•Amortization of Acquired Technologies. Amortization of acquired technologies primarily consists of amortization related to capitalized costs of technologies acquired in connection with the Take Private, and to a lesser extent, acquired technologies from our other acquisitions.

Operating Expenses

Operating expenses consists of sales and marketing, research and development and general and administrative expenses as well as amortization of acquired intangibles. Personnel costs are the most significant component of operating expenses and consist of salaries, benefits, bonuses, sales commissions, stock-based compensation and an allocation of overhead costs based on headcount. The total number of employees as of March 31, 2021 was 3,342, as compared to 3,298 as of March 31, 2020. Our stock-based compensation expense has increased due to equity awards granted to our employees and directors and we intend to continue to grant equity awards which will result in additional stock-based compensation expense in future periods.

•Sales and Marketing. Sales and marketing expenses primarily consist of related personnel costs, including our sales, marketing and maintenance renewal and subscription retention teams. Sales and marketing expenses also includes the cost of digital marketing programs such as paid search, search engine optimization and management, website maintenance and design. We expect to continue to hire personnel globally to drive new sales and maintenance renewals.

•Research and Development. Research and development expenses primarily consist of related personnel costs. We expect to continue to grow our research and development organization, particularly internationally.

•General and Administrative. General and administrative expenses primarily consist of personnel costs for our executive, finance, legal, human resources and other administrative personnel, general restructuring costs, acquisition costs, certain Cyber Incident and spin-off exploration costs, professional fees and other general corporate expenses. As a result of the Cyber Incident, we expect an increase in general and administrative expenses in the near term.

•Amortization of Acquired Intangibles. We amortize to operating expenses the capitalized costs of intangible assets acquired in connection with the Take Private and our other acquisitions.

Other Income (Expense)

Other income (expense) primarily consists of interest expense and gains (losses) resulting from changes in exchange rates on foreign currency denominated accounts. We expect interest expense to decrease as we repay indebtedness.

Foreign Currency

As a global company, we face exposure to adverse movements in foreign currency exchange rates. Fluctuations in foreign currencies impact the amount of total assets, liabilities, revenue, operating expenses and cash flows that we report for our foreign subsidiaries upon the translation of these amounts into U.S. dollars. See “Item 3. Quantitative and Qualitative Disclosures About Market Risk” for additional information on how foreign currency impacts our financial results.

Income Tax Expense (Benefit)

Income tax expense (benefit) consists of domestic and foreign corporate income taxes related to the sale of products. The tax rate on income earned by our North American entities is higher than the tax rate on income earned by our international entities. We expect the income earned by our international entities to grow over time as a percentage of total income, which may result in a decline in our effective income tax rate. However, our effective tax rate will be affected by many other factors including changes in tax laws, regulations or rates, new interpretations of existing laws or regulations, shifts in the allocation of income earned throughout the world and changes in overall levels of income before tax.

Comparison of the Three Months Ended March 31, 2021 and 2020

Revenue


	Three Months Ended March 31,
	2021				2020
	Amount		Percentage of Revenue		Amount		Percentage of Revenue		Change

	(in thousands, except percentages)
Subscription	$	108,988	42.4	%	$	93,635	37.9	%	$	15,353
Maintenance	123,040		47.9		116,349		47.1		6,691
Total recurring revenue	232,028		90.3		209,984		85.0		22,044
License	24,874		9.7		36,966		15.0		(12,092)
Total revenue	$	256,902	100.0	%	$	246,950	100.0	%	$	9,952

Total revenue increased $10.0 million, or 4.0%, for the three months ended March 31, 2021 compared to the three months ended March 31, 2020. Revenue from North America was approximately 63% and 66% of total revenue for the three months ended March 31, 2021 and 2020, respectively. Other than the United States, no single country accounted for 10% or more of our total revenue during these periods. We expect our international total revenue to increase slightly as a percentage of total revenue as we expand our international sales and marketing efforts across our product lines. Core IT Management product revenue was $173.9 million for the three months ended March 31, 2021 compared to $173.7 million for the three months ended March 31, 2020, representing an increase of 0.1%. N‑able product revenue was $83.0 million for the three months ended March 31, 2021 compared to $73.2 million for the three months ended March 31, 2020, representing an increase of 13.4%.

Recurring Revenue

Subscription Revenue. Subscription revenue increased $15.4 million, or 16.4%, for the three months ended March 31, 2021 compared to the three months ended March 31, 2020, primarily due to sales of additional N‑able products and the effect of the strengthening of most foreign currencies relative to the U.S. dollar. Our subscription revenue increased as a percentage of our total revenue for the three months ended March 31, 2021 compared to the three months ended March 31, 2020.

Our net retention rate for our subscription products was approximately 104% and 105% for the trailing twelve-month periods ended March 31, 2021 and 2020, respectively, and was driven primarily by customer retention and expansion in our N‑able products. We define our net retention rate for subscription products as the implied monthly subscription revenue at the end of a period for the base set of customers from which we generated subscription revenue in the year prior to the calculation, divided by the implied monthly subscription revenue one year prior to the date of calculation for that same customer base.

Maintenance Revenue. Maintenance revenue increased $6.7 million, or 5.8%, for the three months ended March 31, 2021 compared to the three months ended March 31, 2020 primarily due to strong maintenance renewal rates.

Our maintenance renewal rate for our perpetual license products was approximately 91% and 92%, respectively, for the trailing twelve-month periods ended March 31, 2021 and 2020. The decrease in the maintenance renewal rate for the trailing twelve-month period ended March 31, 2021 was primarily due to a decline in renewals during the first quarter due to the Cyber Incident. We expect our maintenance renewal rates may decline or fluctuate in future periods as a result of the Cyber Incident. We define our maintenance renewal rate as the sales of maintenance services for all existing maintenance contracts expiring in a period, divided by the sum of previous sales of maintenance services corresponding to those services expiring in the current period. Sales of maintenance services includes sales of maintenance renewals for a previously purchased product and the amount allocated to maintenance revenue from a license purchase.

License Revenue

License revenue decreased $12.1 million, or 32.7% primarily due to decreased sales of our licensed products as a result of the Cyber Incident, the continuing impact of the difficult economic environment caused by COVID-19 and, to a lesser extent, an increase in the subscription sales of our network, systems and database management products that have historically been sold only as perpetual licenses. We expect our license sales may decline or fluctuate in future periods as a result of the Cyber Incident.

Cost of Revenue


	Three Months Ended March 31,
	2021				2020
	Amount		Percentage of Revenue		Amount		Percentage of Revenue		Change

	(in thousands, except percentages)
Cost of recurring revenue	$	26,958	10.5	%	$	22,501	9.1	%	$	4,457
Amortization of acquired technologies	43,121		16.8		44,492		18.0		(1,371)
Total cost of revenue	$	70,079	27.3	%	$	66,993	27.1	%	$	3,086

Total cost of revenue increased in the three months ended March 31, 2021 compared to the three months ended March 31, 2020 primarily due to increases in public cloud infrastructure and hosting fees related to our subscription products of $1.6 million, personnel costs to support new customers and additional product offerings of $1.1 million, which includes a $0.2 million increase in stock-based compensation expense, depreciation and other amortization of $0.9 million and costs related to the Cyber Incident of $0.8 million. These increases were partially offset by a decrease in amortization of acquired subscription technologies.

Operating Expenses


	Three Months Ended March 31,
	2021				2020
	Amount		Percentage of Revenue		Amount		Percentage of Revenue		Change

	(in thousands, except percentages)
Sales and marketing	$	83,297	32.4	%	$	72,378	29.3	%	$	10,919
Research and development	37,761		14.7		31,845		12.9		5,916
General and administrative	47,710		18.6		29,755		12.0		17,955
Amortization of acquired intangibles	20,057		7.8		18,296		7.4		1,761
Total operating expenses	$	188,825	73.5	%	$	152,274	61.7	%	$	36,551

Sales and Marketing. Sales and marketing expenses increased $10.9 million, or 15.1%, primarily due to increases in personnel costs of $9.0 million, which includes an increase of $3.5 million in stock-based compensation expense, as a result of the SentryOne acquisition in October 2020 and an increase in worldwide sales and marketing bonus expense. In addition, marketing program costs and public relation costs resulting from the Cyber Incident increased $2.0 million. These increases were partially offset by reductions in travel costs of $1.0 million.

Research and Development. Research and development expenses increased $5.9 million, or 18.6%, primarily due to an increase in personnel costs of $6.0 million, which includes an increase in stock-based compensation expense of $1.1 million, partially offset by a reduction in travel costs of $0.3 million. We increased our worldwide research and development employee headcount to expedite delivery of product enhancements and new product offerings to our customers as well as through acquisitions.

General and Administrative. General and administrative expenses increased $18.0 million, or 60.3%, primarily due to $9.2 million of costs related to the exploration of a potential spin-off of our N‑able business, $8.6 million of costs related to the Cyber Incident, net of expected insurance proceeds, and a $3.6 million increase in personnel costs, which includes a $1.8 million increase in stock-based compensation expense. These increases were partially offset by decreases in our provision for losses on accounts receivables of $2.3 million and acquisition costs of $1.3 million. As a result of the Cyber Incident, we expect an increase in general and administrative expenses in the near term.

Amortization of Acquired Intangibles. Amortization of acquired intangibles increased $1.8 million, or 9.6%, primarily due to amortization related to intangibles acquired in the fourth quarter of 2020.

Interest Expense, Net


	Three Months Ended March 31,
	2021				2020
	Amount		Percentage of Revenue		Amount		Percentage of Revenue		Change

	(in thousands, except percentages)
Interest expense, net	$	(16,174)	(6.3)	%	$	(24,095)	(9.8)	%	$	7,921

Interest expense, net decreased by $7.9 million, or 32.9%, in the three months ended March 31, 2021 compared to the three months ended March 31, 2020. The decrease in interest expense is primarily due to decreases in interest rates on our debt and the reduction in our outstanding debt balance related to quarterly principal repayments. The weighted-average effective interest rate on our debt for the three months ended March 31, 2021 was 2.88% compared to 4.42% for the three months ended March 31, 2020. See Note 5. Debt in the Notes to Condensed Consolidated Financial Statements included in Item 1 of Part I of this Quarterly Report on Form 10-Q for additional information regarding our debt.

Other Income (Expense), Net


	Three Months Ended March 31,
	2021				2020
	Amount		Percentage of Revenue		Amount		Percentage of Revenue		Change

	(in thousands, except percentages)

Other income (expense), net	$	127	—	%	$	(758)	(0.3)	%	$	885

Other income (expense), net increased by $0.9 million in the three months ended March 31, 2021 compared to the three months ended March 31, 2020 primarily due to the impact of changes in foreign currency exchange rates related to various accounts for the period.

Income Tax Expense (Benefit)


	Three Months Ended March 31,
	2021					2020
	Amount			Percentage of Revenue		Amount			Percentage of Revenue		Change

	(in thousands, except percentages)
Income (loss) before income taxes	$	(18,049)		(7.0)	%	$	2,830		1.1	%	$	(20,879)
Income tax expense (benefit)	(10,889)			(4.2)		2,415			1.0		(13,304)
Effective tax rate	60.3		%			85.3		%			(25.0)		%

Our income tax benefit for the three months ended March 31, 2021 was $10.9 million as compared to income tax expense of $2.4 million for the three months ended March 31, 2020. The effective tax rate decreased to 60.3% for the period primarily due to a decrease in income before income taxes and the reversal of uncertain tax positions in the amount of $6.1 million and related accrued interest in the amount of $2.7 million due to an IRS settlement agreement entered into during the quarter. For additional discussion about our income taxes, see Note 7. Income Taxes in the Notes to Condensed Consolidated Financial Statements included in Item 1 of Part I of this Form 10-Q.

Non-GAAP Financial Measures

In addition to financial measures prepared in accordance with GAAP, we use certain non-GAAP financial measures to clarify and enhance our understanding, and aid in the period-to-period comparison, of our performance. We believe that these non-GAAP financial measures provide supplemental information that is meaningful when assessing our operating performance because they exclude the impact of certain amounts that our management and board of directors do not consider part of core operating results when assessing our operational performance, allocating resources, preparing annual budgets and determining compensation. Accordingly, these non-GAAP financial measures may provide insight to investors into the motivation and decision-making of management in operating the business. Investors are encouraged to review the reconciliation of each of these non-GAAP financial measures to its most comparable GAAP financial measure included below.

While we believe that these non-GAAP financial measures provide useful supplemental information, non-GAAP financial measures have limitations and should not be considered in isolation from, or as a substitute for, their most comparable GAAP measures. These non-GAAP financial measures are not prepared in accordance with GAAP, do not reflect a comprehensive system of accounting and may not be comparable to similarly titled measures of other companies due to potential differences in their financing and accounting methods, the book value of their assets, their capital structures, the method by which their assets were acquired and the manner in which they define non-GAAP measures. Items such as the amortization of intangible assets, stock-based compensation expense and related employer-paid payroll taxes, acquisition related adjustments, costs related to the exploration of a potential spin-off of our N‑able business, the Cyber Incident and restructuring costs, as well as the related tax impacts of these items can have a material impact on our GAAP financial results.

Non-GAAP Revenue

We define non-GAAP subscription revenue, non-GAAP maintenance revenue, non-GAAP license revenue and non-GAAP total revenue, as subscription revenue, maintenance revenue, license revenue and total revenue, respectively, excluding the impact of purchase accounting from our acquisitions. We monitor these measures to assess our performance because we believe our revenue growth rates would be overstated without these adjustments. We believe presenting non-GAAP subscription revenue, non-GAAP maintenance revenue, non-GAAP license revenue and non-GAAP total revenue aids in the comparability between periods and in assessing our overall operating performance.


	Three Months Ended March 31,
	2021		2020


	(in thousands)
Revenue:
GAAP subscription revenue	$	108,988	$	93,635
Impact of purchase accounting	79		1,513
Non-GAAP subscription revenue	109,067		95,148
GAAP maintenance revenue	123,040		116,349
Impact of purchase accounting	—		—
Non-GAAP maintenance revenue	123,040		116,349
GAAP total recurring revenue	232,028		209,984
Impact of purchase accounting	79		1,513
Non-GAAP total recurring revenue	232,107		211,497
GAAP license revenue	24,874		36,966
Impact of purchase accounting	—		—
Non-GAAP license revenue	24,874		36,966
Total GAAP revenue	$	256,902	$	246,950
Impact of purchase accounting	$	79	$	1,513
Total non-GAAP revenue	$	256,981	$	248,463

Non-GAAP Operating Income and Non-GAAP Operating Margin

We provide non-GAAP operating income and related non-GAAP margin using non-GAAP revenue as discussed above and excluding such items as the write-down of deferred revenue related to purchase accounting, amortization of acquired intangible assets, stock-based compensation expense and related employer-paid payroll taxes, acquisition and other costs, spin-off exploration costs, restructuring costs and Cyber Incident costs. Management believes these measures are useful for the following reasons:

•Amortization of Acquired Intangible Assets. We provide non-GAAP information that excludes expenses related to purchased intangible assets associated with our acquisitions. We believe that eliminating this expense from our non-GAAP measures is useful to investors, because the amortization of acquired intangible assets can be inconsistent in amount and frequency and is significantly impacted by the timing and magnitude of our acquisition transactions, which also vary in frequency from period to period. Accordingly, we analyze the performance of our operations in each period without regard to such expenses.

•Stock-Based Compensation Expense and Related Employer-Paid Payroll Taxes. We provide non-GAAP information that excludes expenses related to stock-based compensation and related employer-paid payroll taxes. We believe that the exclusion of stock-based compensation expense provides for a better comparison of our operating results to prior periods and to our peer companies as the calculations of stock-based compensation vary from period to period and company to company due to different valuation methodologies, subjective assumptions and the variety of award types. Employer-paid payroll taxes on stock-based compensation is dependent on our stock price and the timing of the taxable events related to the equity awards, over which our management has little control, and does not correlate to the core operation of our business. Because of these unique characteristics of stock-based compensation and related employer-paid payroll taxes, management excludes these expenses when analyzing the organization’s business performance.

•Acquisition and Other Costs. We exclude certain expense items resulting from acquisitions, such as legal, accounting and advisory fees, changes in fair value of contingent consideration, costs related to integrating the acquired businesses, deferred compensation, severance and retention expense. In addition, we exclude certain other costs including expense related to our offerings. We consider these adjustments, to some extent, to be unpredictable and dependent on a significant number of factors that are outside of our control. Furthermore, acquisitions result in operating expenses that would not otherwise have been incurred by us in the normal course of our organic business operations. We believe that providing these non-GAAP measures that exclude acquisition and other costs, allows users of our financial statements to better review and understand the historical and current results of our continuing operations, and also facilitates comparisons to our historical results and results of less acquisitive peer companies, both with and without such adjustments.

•Spin-off Exploration Costs. We exclude certain expense items resulting from the exploration of a potential spin-off transaction of our N‑able business into a newly created and separately traded public company. These costs include legal, accounting and advisory fees, implementation and integration costs, duplicative costs for subscriptions and information technology systems, employee and contractor costs and other incremental separation costs related to the potential spin-off of the N‑able business. The potential spin-off transaction results in operating expenses that would not otherwise have been incurred by us in the normal course of our organic business operations. We believe that providing non-GAAP measures that exclude these costs facilitates a more meaningful evaluation of our operating performance and comparisons to our past operating performance.

•Restructuring Costs. We provide non-GAAP information that excludes restructuring costs such as severance and the estimated costs of exiting and terminating facility lease commitments, as they relate to our corporate restructuring and exit activities and costs related to the separation of employment with executives of the Company. These costs are inconsistent in amount and are significantly impacted by the timing and nature of these events. Therefore, although we may incur these types of expenses in the future, we believe that eliminating these costs for purposes of calculating the non-GAAP financial measures facilitates a more meaningful evaluation of our operating performance and comparisons to our past operating performance.

•Cyber Incident Costs. We exclude certain expenses resulting from the Cyber Incident. Expenses include costs to investigate and remediate the Cyber Incident, and legal and other professional services related thereto, and consulting services being provided to customers at no charge. Cyber Incident costs are provided net of expected and received insurance reimbursements, although the timing of recognizing insurance reimbursements may differ from the timing of recognizing the associated expenses. We expect to incur significant legal and other professional services expenses associated with the Cyber Incident in future periods. The Cyber Incident results in operating expenses that would not have otherwise been incurred by us in the normal course of our organic business operations. We believe that providing non-GAAP measures that exclude these costs facilitates a more meaningful evaluation of our operating performance and comparisons to our past operating performance. We continue to invest significantly in cybersecurity and expect to make additional investments. These estimated investments are in addition to the Cyber Incident costs and not included in the net Cyber Incident costs reported.


	Three Months Ended March 31,
	2021			2020

	(in thousands, except margin data)
GAAP operating income (loss)	$	(2,002)		$	27,683
Impact of purchase accounting	79			1,513
Stock-based compensation expense and related employer-paid payroll taxes	18,112			11,483
Amortization of acquired technologies	43,121			44,492
Amortization of acquired intangibles	20,057			18,296
Acquisition and other costs	926			1,943
Spin-off exploration costs	9,895			—
Restructuring costs	409			222
Cyber Incident costs	10,163			—
Non-GAAP operating income	$	100,760		$	105,632
GAAP operating margin	(0.8)		%	11.2		%
Non-GAAP operating margin	39.2		%	42.5		%

Adjusted EBITDA and Adjusted EBITDA Margin

We regularly monitor adjusted EBITDA and adjusted EBITDA margin, as it is a measure we use to assess our operating performance. We define adjusted EBITDA as net income or loss, excluding the impact of purchase accounting on total revenue, amortization of acquired intangible assets and developed technology, depreciation expense, stock-based compensation expense and related employer-paid payroll taxes, restructuring costs, acquisition and other costs, spin-off exploration costs, Cyber Incident costs, interest expense, net, debt related costs including fees related to our credit agreements, debt extinguishment and refinancing costs, unrealized foreign currency (gains) losses, and income tax expense (benefit). We define adjusted EBITDA margin as adjusted EBITDA divided by non-GAAP revenue. Adjusted EBITDA has limitations as an analytical tool, and you should not consider it in isolation or as a substitute for analysis of our results as reported under GAAP. Some of these limitations are: although depreciation and amortization are non-cash charges, the assets being depreciated and amortized may

have to be replaced in the future, and adjusted EBITDA does not reflect cash capital expenditure requirements for such replacements or for new capital expenditure requirements; adjusted EBITDA excludes the impact of the write-down of deferred revenue due to purchase accounting in connection with our acquisitions, and therefore includes revenue that will never be recognized under GAAP; adjusted EBITDA does not reflect changes in, or cash requirements for, our working capital needs; adjusted EBITDA does not reflect the significant interest expense, or the cash requirements necessary to service interest or principal payments, on our debt; adjusted EBITDA does not reflect tax payments that may represent a reduction in cash available to us; and other companies, including companies in our industry, may calculate adjusted EBITDA differently, which reduces its usefulness as a comparative measure.

Because of these limitations, you should consider adjusted EBITDA alongside other financial performance measures, including net income (loss) and our other GAAP results. In evaluating adjusted EBITDA, you should be aware that in the future we may incur expenses that are the same as or similar to some of the adjustments in this presentation. Our presentation of adjusted EBITDA should not be construed as an inference that our future results will be unaffected by the types of items excluded from the calculation of adjusted EBITDA. Adjusted EBITDA is not a presentation made in accordance with GAAP and the use of the term varies from others in our industry.


	Three Months Ended March 31,
	2021			2020

	(in thousands, except margin data)
Net income (loss)	$	(7,160)		$	415
Amortization and depreciation	69,685			67,768
Income tax expense (benefit)	(10,889)			2,415
Interest expense, net	16,174			24,095
Impact of purchase accounting on total revenue	79			1,513
Unrealized foreign currency (gains) losses	(1,041)			983
Acquisition and other costs	926			1,943
Spin-off exploration costs	9,895			—
Debt related costs	99			93
Stock-based compensation expense and related employer-paid payroll taxes	18,112			11,483
Restructuring costs	409			222
Cyber Incident costs	10,163			—
Adjusted EBITDA	$	106,452		$	110,930
Adjusted EBITDA margin	41.4		%	44.6		%

Liquidity and Capital Resources

Cash and cash equivalents were $374.4 million as of March 31, 2021. Our international subsidiaries held approximately $193.0 million of cash and cash equivalents, of which 43.8% were held in Euros. We intend either to invest our foreign earnings permanently in foreign operations or to remit these earnings to our U.S. entities in a tax-free manner with the exception for immaterial state income taxes. The Tax Act imposed a mandatory transition tax on accumulated foreign earnings and eliminates U.S. federal income taxes on foreign subsidiary distribution.

Our primary source of cash for funding operations and growth has been through cash provided by operating activities. We continue to evaluate the nature and extent of the impact of the Cyber Incident to our business and financial position. Currently it is not possible to estimate the amount of loss or range of possible loss that might result from adverse judgments, settlements, penalties, or other resolution of the proceedings and investigations resulting from the Cyber Incident. Such potential payments, if great enough, could have an adverse effect on our liquidity. In addition, there continues to be uncertainty in the rapidly changing market and economic conditions related to the COVID-19 pandemic. However, despite these uncertainties, we believe that our existing cash and cash equivalents, our cash flows from operating activities and our borrowing capacity under our credit facilities will be sufficient to fund our operations, fund required debt repayments and meet our commitments for capital expenditures for at least the next 12 months.

Although we are not currently a party to any material definitive agreement regarding potential investments in, or acquisitions of, complementary businesses, applications or technologies, we may enter into these types of arrangements, which could reduce our cash and cash equivalents, require us to seek additional equity or debt financing or repatriate cash generated by our international operations that could cause us to incur withholding taxes on any distributions. Additional funds from financing arrangements may not be available on terms favorable to us or at all.

Indebtedness

As of March 31, 2021, our total indebtedness was $1.9 billion, with up to $117.5 million of available borrowings under our revolving credit facility. See Note 5. Debt in the Notes to Condensed Consolidated Financial Statements included in Item 1 of Part I of this Quarterly Report on Form 10-Q for additional information regarding our debt.

First Lien Credit Agreement

The First Lien Credit Agreement, as amended, provides for a senior secured revolving credit facility in an aggregate principal amount of $117.5 million, or the Revolving Credit Facility, consisting of a $17.5 million U.S. dollar revolving credit facility, or the U.S. Dollar Revolver, and a $100.0 million multicurrency revolving credit facility, or the Multicurrency Revolver. The Revolving Credit Facility includes a $35.0 million sublimit for the issuance of letters of credit. The First Lien Credit Agreement also contains a term loan facility (which we refer to as the First Lien Term Loan, and together with the Revolving Credit Facility, as the First Lien Credit Facilities) in an original aggregate principal amount of $1,990.0 million.

The First Lien Credit Agreement provides us the right to request additional commitments for new incremental term loans and revolving loans, in an aggregate principal amount not to exceed (a) the greater of (i) $400.0 million and (ii) 100% of our consolidated EBITDA, as defined in the First Lien Credit Agreement (calculated on a pro forma basis), for the most recent four fiscal quarter period, or the First Lien Fixed Basket, plus (b) the amount of certain voluntary prepayments of the First Lien Credit Facilities, plus (c) an unlimited amount subject to pro forma compliance with a first lien net leverage ratio not to exceed 4.75 to 1.00.

All commitments under the Revolving Credit Facility will mature on February 5, 2022. The First Lien Term Loan will mature on February 5, 2024.

The First Lien Term Loan requires equal quarterly repayments equal to 0.25% of the original principal amount.

Summary of Cash Flows

Summarized cash flow information is as follows:


	Three Months Ended March 31,
	2021		2020

	(in thousands)
Net cash provided by operating activities	$	26,931	$	78,371
Net cash used in investing activities	(7,529)		(8,230)
Net cash used in financing activities	(10,423)		(4,138)
Effect of exchange rate changes on cash and cash equivalents	(5,125)		(2,420)
Net increase in cash and cash equivalents	3,854		63,583

Operating Activities

Our primary source of cash from operating activities is cash collections from our customers. We expect cash inflows from operating activities to be affected by the timing of our sales. Our primary uses of cash from operating activities are for personnel-related expenditures, and other general operating expenses, as well as payments related to taxes, interest and facilities.

For the three months ended March 31, 2021 as compared to the three months ended March 31, 2020, the decrease in cash provided by operating activities was primarily due to decreased cash inflows resulting from the changes in our operating assets and liabilities. The net cash outflow resulting from the changes in our operating assets and liabilities was $47.8 million for the three months ended March 31, 2021 as compared to a net cash inflow $1.6 million for the three months ended March 31, 2020 and was primarily due to the timing of sales and cash payments and receipts. During the three months ended March 31, 2021, cash flow from operations was impacted by lower license sales and maintenance renewal bookings, as well as an increase in cash payments for expenses, resulting from the Cyber Incident. In addition, cash flows from operations for the three months ended March 31, 2021 were reduced by increases in cash payments for annual bonuses, expenses related to the potential spin-off of the N‑able business and cash paid for taxes.

Investing Activities

Investing cash flows consist primarily of cash used for acquisitions, capital expenditures and intangible assets. Our capital expenditures primarily relate to purchases of leasehold improvements, computers, servers and equipment to support our domestic and international office locations. Purchases of intangible assets consist primarily of capitalized research and development costs.

Net cash used in investing activities decreased in the three months ended March 31, 2021 as compared to the three months ended March 31, 2020 primarily due to a decrease in cash used for purchases of property and equipment.

Financing Activities

Financing cash flows consist primarily of issuance and repayments associated with our long-term debt, the proceeds from the issuance of shares of common stock through equity incentive plans and the repurchase of unvested incentive restricted stock and common stock to satisfy withholding tax requirements related to the settlement of restricted stock units.

Net cash used in financing activities increased in the three months ended March 31, 2021 as compared to the three months ended March 31, 2020 due to an increase in repurchases of common stock, partially offset by an increase in proceeds from issuance of common stock under our employee stock purchase plan. In the three months ended March 31, 2021 we withheld and retired shares of common stock to satisfy $8.4 million of statutory withholding tax requirements that we pay in cash to the appropriate taxing authorities on behalf of our employees related to the settlement of restricted stock units during the period. These shares are treated as common stock repurchases in our condensed consolidated financial statements. For each period, we made quarterly principal payments of $5.0 million due under our First Lien Credit Agreement.

Contractual Obligations and Commitments

As of March 31, 2021, there have been no material changes in our contractual obligations and commitments as of December 31, 2020 that were disclosed in our Annual Report on Form 10-K.

Critical Accounting Policies and Estimates

Our condensed consolidated financial statements are prepared in conformity with GAAP and require our management to make estimates and assumptions that affect the reported amounts of assets, liabilities, revenue, costs and expenses and related disclosures. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances. Actual results may differ from these estimates, and such estimates may change if the underlying conditions or assumptions change. To the extent that there are differences between our estimates and actual results, our future financial statement presentation, financial condition, results of operations and cash flows will be affected, perhaps materially.

In many cases, the accounting treatment of a particular transaction is specifically dictated by GAAP and does not require management’s judgment in its application, while in other cases, management’s judgment is required in selecting among available alternative accounting standards that allow different accounting treatment for similar transactions. We believe that these accounting policies requiring significant management judgment and estimates are critical to understanding our historical and future performance, as these policies relate to the more significant areas of our financial results. These critical accounting policies are:

•the valuation of goodwill, intangibles, long-lived assets and contingent consideration;

•revenue recognition;

•stock-based compensation;

•income taxes; and

•loss contingencies.

A full description of our critical accounting policies that involve significant management judgment appears in our Annual Report on Form 10-K for the year ended December 31, 2020 filed with the SEC on March 1, 2021. There have been no material changes to our critical accounting policies and estimates since that time.

Recent Accounting Pronouncements

See Note 2. Summary of Significant Accounting Policies in the Notes to Condensed Consolidated Financial Statements in Item 1 of Part I of this Quarterly Report on Form 10-Q, for a full description of recent accounting pronouncements, if any, which is incorporated herein by reference.

Off-Balance Sheet Arrangements

During the three months ended March 31, 2021, we did not have any relationships with unconsolidated organizations or financial partnerships, such as structured finance or special purpose entities that would have been established for the purpose of facilitating off-balance sheet arrangements or other contractually narrow or limited purposes.

Item 3. Quantitative and Qualitative Disclosures About Market Risk

Interest Rate Risk

We had cash and cash equivalents of $374.4 million and $370.5 million at March 31, 2021 and December 31, 2020, respectively. Our cash and cash equivalents consist primarily of bank demand deposits and money market funds. We hold cash and cash equivalents and short-term investments for working capital purposes. Our investments are made for capital preservation purposes, and we do not enter into investments for trading or speculative purposes.

We do not have material exposure to market risk with respect to our cash and cash equivalents, as these consist primarily of highly liquid investments purchased with original maturities of three months or less at March 31, 2021.

We had total indebtedness with an outstanding principal balance of $1.9 billion at each of March 31, 2021 and December 31, 2020. Borrowings outstanding under our credit agreement bear interest at variable rates equal to applicable margins plus specified base rates or LIBOR-based rates with a 0% floor. As of March 31, 2021 and December 31, 2020, the annual weighted-average rate on borrowings was 2.86% and 2.90%, respectively. If there was a hypothetical 100 basis point increase in interest rates, the annual impact to interest expense would be approximately $19.3 million. This hypothetical change in interest expense has been calculated based on the borrowings outstanding at December 31, 2020 and a 100 basis point per annum change in interest rate applied over a one-year period.

We do not have material exposure to fair value market risk with respect to our total long-term outstanding indebtedness which consists of $1.9 billion U.S. dollar term loans as of March 31, 2021, not subject to market pricing.

See Note 5. Debt in the Notes to Condensed Consolidated Financial Statements in Item 1 of Part I of this Quarterly Report on Form 10-Q for additional information regarding our debt.

Foreign Currency Exchange Risk

As a global company, we face exposure to adverse movements in foreign currency exchange rates. We primarily conduct business in the following locations: the United States, Europe, Canada, South America and Australia. This exposure is the result of selling in multiple currencies, growth in our international investments, additional headcount in foreign countries and operating in countries where the functional currency is the local currency. Specifically, our results of operations and cash flows are subject to fluctuations in the following currencies: the Euro, British Pound Sterling and Australian Dollar against the United States Dollar, or USD. These exposures may change over time as business practices evolve and economic conditions change, including as a result of the impact of the COVID-19 pandemic on the global economy or governmental actions taken in response to the COVID-19 pandemic. Changes in foreign currency exchange rates could have an adverse impact on our financial results and cash flows.

Our condensed consolidated statements of operations are translated into USD at the average exchange rates in each applicable period. Our international revenue, operating expenses and significant balance sheet accounts denominated in currencies other than the USD primarily flow through our United Kingdom and European subsidiaries, which have British Pound Sterling and Euro functional currencies, respectively. This results in a two-step currency exchange process wherein the currencies other than the British Pound Sterling and Euro are first converted into those functional currencies and then translated into USD for our consolidated financial statements. As an example, revenue for sales in Australia is translated from the Australian Dollar to the Euro and then into the USD.

Our statement of operations and balance sheet accounts are also impacted by the re-measurement of non-functional currency transactions such as intercompany loans, cash accounts held by our overseas subsidiaries, accounts receivable denominated in foreign currencies, deferred revenue and accounts payable denominated in foreign currencies.

Foreign Currency Transaction Risk

Our foreign currency exposures typically arise from selling annual and multi-year maintenance contracts and subscriptions in multiple currencies, accounts receivable, intercompany transfer pricing arrangements and other intercompany transactions. Our foreign currency management objective is to minimize the effect of fluctuations in foreign exchange rates on selected assets or liabilities without exposing us to additional risk associated with transactions that could be regarded as speculative.

We utilize purchased foreign currency forward contracts to minimize our foreign exchange exposure on certain foreign balance sheet positions denominated in currencies other than the Euro. We do not enter into any derivative financial instruments for trading or speculative purposes. Our objective in managing our exposure to foreign currency exchange rate fluctuations is to reduce the impact of adverse fluctuations in such exchange rates on our earnings and cash flow. The notional amounts and currencies underlying our foreign currency forward contracts will fluctuate period to period as they are principally dependent on the balances of the balance sheet positions that are denominated in currencies other than the Euro held by our global entities. There can be no assurance that our foreign currency hedging activities will substantially offset the impact of fluctuation in

currency exchange rates on our results of operations and functional positions. As of March 31, 2021 and December 31, 2020, we did not have any forward contracts outstanding and while we do not have a formal policy to settle all derivatives prior to the end of each quarter, our current practice is to do so. The effect of derivative instruments on our condensed consolidated statements of operations was insignificant for the three months ended March 31, 2021 and 2020.

We are exposed to credit-related losses in the event of non-performance by counterparties to derivative financial instruments, but we do not expect any counterparties to fail to meet their obligations given their high credit ratings. In addition, we diversify this risk across several counterparties and actively monitor their ratings.

Foreign Currency Translation Risk

Fluctuations in foreign currencies impact the amount of total assets, liabilities, revenue, operating expenses and cash flows that we report for our foreign subsidiaries upon the translation of these amounts into U.S. dollars. If there is a change in foreign currency exchange rates, the amounts of assets, liabilities, revenue, operating expenses and cash flows that we report in U.S. dollars for foreign subsidiaries that transact in international currencies may be higher or lower to what we would have reported using a constant currency rate. To the extent the U.S. dollar strengthens against foreign currencies, the translation of these foreign currency denominated transactions results in reduced assets, liabilities, revenue, operating expenses and cash flows for our international operations. Similarly, our assets, liabilities, revenue, operating expenses and cash flows will increase for our international operations if the U.S. dollar weakens against foreign currencies. The conversion of the foreign subsidiaries’ financial statements into U.S. dollars will also lead to remeasurement gains and losses recorded in income, or translation gains or losses that are recorded as a component of accumulated other comprehensive income (loss).

Item 4: Controls and Procedures

Evaluation of Disclosure Controls and Procedures

Our management, with the participation of our Chief Executive Officer and our Chief Financial Officer, evaluated the effectiveness of our disclosure controls and procedures as of March 31, 2021. The term “disclosure controls and procedures,” as defined in Rules 13a-15(e) and 15d-15(e) under the Securities Exchange Act of 1934, as amended (the “Exchange Act”), means controls and other procedures of a company that are designed to ensure that information required to be disclosed by a company in the reports that it files or submits under the Exchange Act is recorded, processed, summarized and reported, within the time periods specified in the SEC’s rules and forms.

Disclosure controls and procedures include, without limitation, controls and procedures designed to ensure that information required to be disclosed by a company in the reports that it files or submits under the Exchange Act is accumulated and communicated to the company’s management, including its principal executive and principal financial officers, as appropriate to allow timely decisions regarding required disclosure. Management recognizes that any controls and procedures, no matter how well designed and operated, can provide only reasonable assurance of achieving their objectives and management necessarily applies its judgment in evaluating the cost-benefit relationship of possible controls and procedures. Based on the evaluation of our disclosure controls and procedures as of March 31, 2021, our Chief Executive Officer and Chief Financial Officer concluded that, as of such date, our disclosure controls and procedures were effective at a reasonable assurance level.

Changes in Internal Control over Financial Reporting

There were no changes in our internal control over financial reporting that occurred during the quarter ended March 31, 2021 that have materially affected, or are reasonably likely to materially affect, our internal control over financial reporting.

PART II: OTHER INFORMATION

Item 1. Legal Proceedings

For a description of the lawsuits and government investigations or inquiries related to the Cyber Incident, see Item 2, "Management's Discussion and Analysis of Financial Condition and Results of Operations" and Note 8. Commitments and Contingencies in the Notes to Condensed Consolidated Financial Statements in Item 1 of Part I of this Quarterly Report on Form 10-Q, which description is incorporated herein by reference.

In addition, from time to time, we have been and may be involved in various legal proceedings and claims arising in our ordinary course of business. Other than with respect to the Cyber Incident, neither we nor any of our subsidiaries is a party to, and none of our respective property is the subject of, any material legal proceeding. However, the outcome of legal proceedings and claims brought against us are subject to significant uncertainty. Therefore, if one or more of these legal matters were resolved against us in the same reporting period for amounts in excess of management’s expectations, our consolidated financial statements for a particular period could be materially adversely affected.

Item 1A. Risk Factors

With the exception of the following updated risk factors, there have been no other material changes in our risk factors from those disclosed in Part I, Item 1A, under the heading “Risk Factors” in our Annual Report on Form 10-K for the year ended December 31, 2020.

Risks Related to Cybersecurity and the Cyber Incident

Cyberattacks, including the Cyber Incident, and other security incidents have resulted, and in the future may result, in compromises or breaches of our and our customers’ systems, the insertion of malicious code, malware, ransomware or other vulnerabilities into our systems and products and in our customers’ systems, the exploitation of vulnerabilities in our and our customers’ environments, theft or misappropriation of our and our customers’ proprietary and confidential information, interference with our and our customers’ operations, exposure to legal and other liabilities, higher customer, employee and partner attrition, negative impacts to our sales, renewals and upgrade and reputational harm and other serious negative consequences, any or all of which could materially harm our business.

We are heavily dependent on our technology infrastructure to operate our business, and our customers rely on our products to help manage and secure their own IT infrastructure and environments, including their and their customers’ confidential information. Despite our implementation of security measures and controls, our systems and those of third parties upon whom we rely are vulnerable to attack from numerous threat actors, including sophisticated nation-state and nation-state-supported actors (including advanced persistent threat intrusions). Threat actors have been, and may in the future be, able to compromise our security measures or otherwise exploit vulnerabilities in our systems, including vulnerabilities that may have been introduced through the actions of our employees or contractors or defects in the design or manufacture of our products and systems or the products and systems that we procure from third parties. In doing so, they have been, and may in the future be, able to breach or compromise our IT systems, including those which we use to design, develop, deploy and support our products, and access and misappropriate our, our current or former employees’ and our customers’ proprietary and confidential information, including our software source code, introduce malware, ransomware or vulnerabilities into our products and systems and create system disruptions or shutdowns. By virtue of the role our products play in helping to manage and secure the environments and systems of our customers, attacks on our systems and products can result in similar impacts on our customers’ systems and data.

Moreover, the number and scale of cyberattacks have continued to increase and the methods and techniques used by threat actors, including sophisticated “supply-chain” attacks such as the Cyber Incident, continue to evolve at a rapid pace. As a result, we may be unable to identify current attacks, anticipate these attacks or implement adequate security measures. We may also experience security breaches that may remain undetected for an extended period and, therefore, have a greater impact on our systems, our products, the proprietary data contained therein, our customers and ultimately, our business. In addition, our ability to defend against and mitigate cyberattacks depends in part on prioritization decisions that we and third parties upon whom we rely make to address vulnerabilities and security defects. While we endeavor to address all identified vulnerabilities in our products, we must make determinations as to how we prioritize developing and deploying the respective fixes, and we may be unable to do so prior to an attack. Likewise, even once a vulnerability has been addressed, for certain of our products, the fix will only be effective once a customer has updated the impacted product with the latest release, and customers that do not install and run the latest supported versions of our products may remain vulnerable to attack.

Cyberattacks, including the Cyber Incident, and other security incidents have resulted, and in the future may result, in numerous risks and adverse consequences to our business, including that (a) our prevention, mitigation and remediation efforts

may not be successful or sufficient, (b) our confidential and proprietary information, including our source code, as well as information that related to current or former employees and customers may be accessed, exfiltrated, misappropriated, compromised or corrupted, (c) we incur significant financial, legal, reputational and other harms to our business, including loss of business, decreased sales, severe reputational damage adversely affecting current and prospective customer, employee or vendor relations and investor confidence, U.S. or foreign regulatory investigations and enforcement actions, litigation, indemnity obligations, damages for contractual breach, penalties for violation of applicable laws or regulations, including laws and regulations in the United States and other jurisdictions relating to the collection, use and security of user and other personally identifiable information and data, significant costs for remediation, impairment of our ability to protect our intellectual property, stock price volatility and other significant liabilities, (d) our insurance coverage, including coverage relating to certain security and privacy damages and claim expenses, may not be available or sufficient to compensate for all liabilities we incur related to these matters or that we may face increased costs to obtain and maintain insurance in the future and (e) our steps to secure our internal environment, adapt and enhance our software development and build environments and ensure the security and integrity of the products that we deliver to customers may not be successful or sufficient to protect against future threat actors or cyberattacks. We have incurred and expect to continue to incur significant expenses related to our cybersecurity initiatives.

The Cyber Incident has had and may continue to have an adverse effect on our business, reputation, customer, employee and partner relations, results of operations, financial condition and cash flows.

The Cyber Incident has harmed, and is likely to continue to harm, our reputation and brand positioning, our customer, employee and partner relations and our operations and business as a result of both the impact it has had on our relationships with existing and prospective customers and the significant time and resources that our personnel have had to devote to responding to the Cyber Incident. Customers have and may in the future defer purchasing or choose to cancel or not renewal their agreements or subscriptions with us as a result of the Cyber Incident.

We have and expect to continue to expend significant costs and expenses related to the Cyber Incident including in connection with our investigations, our remediation efforts, our compliance with applicable laws and regulations in connection with any access to and exfiltration of information related to our current or former employees and customers, and our measures to address the damage to our reputation, customer, employee and partner relations. We are also expending additional costs in connection with our Secure by Design and related initiatives. If we are unable to rebuild the trust of our current and prospective customers and partners, negative publicity continues and/or our personnel continue to have to devote significant time to the Cyber Incident, our business, market share, results of operations and financial condition will be negatively affected.

We are party to lawsuits and the subject of governmental investigations related to the Cyber Incident. Numerous domestic and foreign governmental authorities are investigating events related to the Cyber Incident, including how it occurred, the consequences thereof and our response thereto, in addition to inquiries under various data protection and privacy regulations such as the European Union’s General Data Protection Regulation. We also may become subject to additional inquiries or investigations with respect to any provision of notices to impacted individuals and parties in connection with the threat actor’s access to email accounts of certain of our personnel. We are a party to lawsuits in the U.S. and additional claims may be asserted by or on behalf of customers, stockholders or others seeking monetary damages or other relief. These investigations, claims and regulatory compliance efforts are resulting, and are expected to result in the future, in the incurrence of significant costs and expenses (which may not be covered by insurance), the diversion of management’s attention from the operation of our business and have a negative impact on employee morale. The resolution of these investigations, claims and regulatory compliance efforts, including providing indemnity to our officers and directors, may result in additional costs and other liabilities, which may not be covered by insurance.

As a result of the Cyber Incident and market forces beyond our control, the cost of our insurance may increase substantially, and we may not be able to obtain additional or comparable insurance coverage on commercially reasonable terms. In addition, governmental authorities investigating the Cyber Incident may seek to impose undertakings, injunctive relief, consent decrees, or other civil or criminal penalties, which could, among other things, materially increase our software development and related expenses or otherwise require us to alter how we operate our business. Further, any legislative or regulatory changes adopted in reaction to the Cyber Incident could require us to make modifications to the operation of our business that could have an adverse effect and/or increase or accelerate our compliance costs.

In addition, we are still investigating the Cyber Incident. While we do not know precisely when or how the threat actor first gained access to our environment, our investigations have uncovered evidence that the threat actor compromised credentials and conducted research and surveillance in furtherance of its objectives through persistent access to our software development environment and internal systems, including our Office 365 environment, for at least nine months prior to initiating the test run in October 2019. We also have found evidence that causes us to believe that the threat actor exfiltrated certain information as part of its research and surveillance. The threat actor created and moved files that we believe contained source code for both Orion and non-Orion products, although we are unable to determine the actual contents of those files. In addition, the threat

actor created and moved additional files, including a file that may have contained data supporting our customer portal application. Although we are unable to determine the actual contents of the files, the information included in our customer portal databases does not contain highly sensitive personal information, such as credit card, social security, passport or bank account numbers, but contains other information such as corporate customer name, business email addresses, business billing addresses, encrypted portal login credentials, IP addresses downloading any software and MAC addresses of the registered Orion servers. Our investigations have also revealed that the threat actor accessed the email accounts of certain of our personnel, some of which contained information related to current or former employees and customers. We are currently in the process of identifying all personal information contained in the emails of these accounts and expect to provide notices to any impacted individuals and other parties as appropriate. The threat actor also moved files to a jump server, which we believe was intended to facilitate exfiltration of the files out of our environment. The discovery of new or different information regarding the Cyber Incident, including with respect to its scope, the activities of the threat actor within our environment and the related impact on our systems, products, current or former employees and customers, could increase our costs and liabilities related to the Cyber Incident and result in further damage to our business, reputation, intellectual property, results of operations and financial condition. The Cyber Incident also may embolden other threat actors to further target our systems, which could result in additional harm to our business. Although we have and expect to continue to deploy significant resources as part of our “Secure by Design” plan, we cannot ensure that our steps to secure our internal environment, improve our software development and build environments and protect the security and integrity of the products that we deliver will be successful or sufficient to protect against future threat actors or cyberattacks or perceived by existing and prospective customers as sufficient to address the harm caused by the Cyber Incident.

Risks Related to Government Regulation

We are subject to various global data privacy and security regulations, which could result in additional costs and liabilities to us.

Our business is subject to a wide variety of local, state, national and international laws, directives and regulations that apply to the collection, use, retention, protection, disclosure, transfer and other processing of personal data. These data protection and privacy-related laws and regulations continue to evolve and may result in ever-increasing regulatory and public scrutiny and escalating levels of enforcement and sanctions and increased costs of compliance. In the United States, these include rules and regulations promulgated under the authority of the Federal Trade Commission, and state breach notification laws. In connection with the Cyber Incident, Our investigations have revealed that the threat actor accessed the email accounts of certain of our personnel, some of which contained information related to current or former employees and customers. We are currently in the process of identifying all personal information contained in the emails of these accounts and expect to provide notices to any impacted individuals and other parties as appropriate. Such notices may cause additional harm to our reputation and business and may result in a loss of customers or additional investigations, claims and other related costs and expenses. In addition, if we experience another security incident with personal data issue, we may be required to inform the representative state attorney general or federal or country regulator, media and credit reporting agencies, and any customers whose information was stolen, which could further harm our reputation and business. Other states and countries have enacted different requirements for protecting personal information collected and maintained electronically. We expect that there will continue to be new proposed laws, regulations and industry standards concerning privacy, data protection and information security in the United States, the European Union and other jurisdictions, and we cannot yet determine the impact such future laws, regulations and standards will have on our business or the businesses of our customers, including, but not limited to, the European Union’s General Data Protection Regulation, which came into force in May 2018 and created a range of new compliance obligations, and significantly increased financial penalties for noncompliance, as well as the July 2020 Schrems II case that the E.U.-U.S. Privacy Shield, a mechanism for the transfer of personal data from the European Union to the United States, was invalid and imposed additional obligations in connection with the use of standard contractual clauses approved by the European Commission.

Failure to comply with laws concerning privacy, data protection and information security could result in enforcement action against us, including fines, imprisonment of company officials and public censure, claims for damages by end customers and other affected individuals, damage to our reputation and loss of goodwill (both in relation to existing end customers and prospective end customers), any of which could have a material adverse effect on our operations, financial performance and business. In addition, we could suffer adverse publicity and loss of customer confidence were it known that we did not take adequate measures to assure the confidentiality of the personally identifiable information that our customers had given to us. This could result in a loss of customers and revenue that could jeopardize our success. We may not be successful in avoiding potential liability or disruption of business resulting from the failure to comply with these laws and, even if we comply with laws, may be subject to liability because of the Cyber Incident or other security incidents. If we were required to pay any significant amount of money in satisfaction of claims under these laws, or any similar laws enacted by other jurisdictions, or if we were forced to cease our business operations for any length of time as a result of our inability to comply fully with any of these laws, our business, operating results and financial condition could be adversely affected. Further, complying with the applicable notice requirements in connection with the Cyber Incident or another security incident may result in significant costs.

Additionally, our business efficiencies and economies of scale depend on generally uniform product offerings and uniform treatment of customers across all jurisdictions in which we operate. Compliance requirements that vary significantly from jurisdiction to jurisdiction impose added costs on our business and can increase liability for compliance deficiencies.

Item 2. Unregistered Sales of Equity Securities and Use of Proceeds

Issuer Purchases of Equity Securities


Period	Number of Shares Purchased (1)	Average Price Paid Per Share		Total Number of Shares Purchased as Part of a Publicly Announced Plan or Program	Approximate Dollar Value of Shares That May Yet Be Purchased Under the Plan or Program (in thousands)
January 1-31, 2021	—	$	—	—	$	—
February 1-28, 2021	—	—		—	—
March 1-31, 2021	156,025	1.22		—	—
Total	156,025			—

________________

(1)All repurchases relate to employee held restricted stock that is subject to vesting. Unvested shares are subject to a right of repurchase by us in the event the employee stockholder ceases to be employed or engaged (as applicable) by us prior to vesting. All shares in the above table were shares repurchased as a result of us exercising this right and not pursuant to a publicly announced plan or program.

Item 6. Exhibits

EXHIBIT INDEX


Exhibit Number						Exhibit Title
3.1						Third Amended and Restated Certificate of Incorporation as currently in effect (incorporated by reference to Exhibit 3.1 to the Company’s Current Report on Form 10-Q (File No. 001-38711), filed with the Securities and Exchange Commission on November 27, 2018)
3.2						Amended and Restated Bylaws as currently in effect (incorporated by reference to Exhibit 3.2 to the Company’s Current Report on Form 10-Q (File No. 001-38711), filed with the Securities and Exchange Commission on November 27, 2018)
10.1#						Transition Agreement, dated as of January 1, 2021, between SolarWinds Corporation and Kevin B. Thompson (incorporated by reference to Exhibit 10.2 to the Company’s Current Report on Form 8-K (File No. 001-38711), filed with the Securities and Exchange Commission on January 6, 2021)
10.2#						Amendment to Employment Agreement, dated as of January 4, 2021, between SolarWinds Corporation and Sudhakar Ramakrishna (incorporated by reference to Exhibit 10.1 to the Company’s Current Report on Form 8-K (File No. 001-38711), filed with the Securities and Exchange Commission on January 6, 2021)
10.3#						Second Amendment to Employment Agreement, dated March 9, 2021, between SolarWinds Corporation and Sudhakar Ramakrishna (incorporated by reference to Exhibit 10.1 to the Company’s Current Report on Form 8-K (File No. 001-38711), filed with the Securities and Exchange Commission on March 11, 2021)
31.1*						Certification of Chief Executive Officer pursuant to Exchange Act Rules 13a-14(a) and 15d-14(a), as adopted pursuant to Section 302 of the Sarbanes-Oxley Act of 2002
31.2*						Certification of Chief Financial Officer pursuant to Exchange Act Rules 13a-14(a) and 15d-14(a), as adopted pursuant to Section 302 of the Sarbanes-Oxley Act of 2002
32.1**						Certifications of Chief Executive Officer and Chief Financial Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002
101*						Interactive Data Files (formatted as Inline XBRL)
104*						Cover Page Interactive Data File (formatted as Inline XBRL and contained in Exhibit 101)


#			Indicates management contract or compensatory plan or arrangement.
*			Filed herewith
**			The certifications attached as Exhibit 32.1 accompanying this Quarterly Report on Form 10-Q, are deemed furnished and not filed with the Securities and Exchange Commission and are not to be incorporated by reference into any filing of the Registrant under the Securities Act of 1933, as amended, or the Securities Exchange Act of 1934, as amended, whether made before or after the date of this Quarterly Report on Form 10-Q, irrespective of any general incorporation language contained in such filing

SOLARWINDS CORPORATION

SIGNATURE

Pursuant to the requirements of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned thereunto duly authorized.


		SOLARWINDS CORPORATION

Dated:	May 10, 2021	By:	/s/ J. Barton Kalsu

			J. Barton Kalsu
			Chief Financial Officer
			(Principal Financial and Accounting Officer)