Please ensure Javascript is enabled for purposes of website accessibility
Small-Cap Confidential
Undiscovered stocks that can make you rich

Cabot Small Cap Confidential 226

We’re adding a pure-play security solutions provider to Cabot Small-Cap Confidential to increase our security software exposure. This company is growing revenue well over 20% and is expanding its portfolio of solutions to address large and rapidly growing markets.

Cabot Small Cap Confidential 226

[premium_html_toc post_id="145858"]

image-blank.png
image-blank.png
image-blank.png

THE BIG IDEA
Are you concerned about cyberattacks?

Are your mobile devices, smart home devices and computers secure on your home network? What about in your car? At work?

These are questions people try not to think about too much. But the evidence suggests a dramatic increase in vulnerabilities and exposures every year.

Just look at the latest data from the National Vulnerability Database. It shows the number of common vulnerabilities and exposures (CVEs) more than doubled last year. There are now over 90,000 CVEs lurking out there on the web.

csc226-p1-200x171.png

If you’re in charge of IT and security at your company, you don’t want to wait to do something until your computers have succumbed to the Wannacry ransomware attack. Or see a red skull with crossbones on your screen, letting you know NotPetya ransomware is staring your organization in the face.

The bottom line is that most of us participate in an ever-expanding network of connected devices and data mining applications, whether at work, at home or just out and about in the world.

These attacks are getting more sophisticated. And organizations need to know if and where they are vulnerable, if they’ve been compromised, if their network infrastructure is ready to deal with an attack, and how to react when an attack comes.

In short, organizations need effective cybersecurity and IT operations solutions that are easy to install and easy to use. And increasingly, these tools need to allow both security and operations teams to work together to protect against bad actors.

This team approach to combatting cyberattacks has given rise to SecOps. SecOps is a management approach that allows these two critical teams to share processes and tools to drive digital innovation with today’s connected technologies, while safeguarding their organization from the growing risks that come with interconnectivity.

Cyberattack statistics show why this unified front is so important, and why operationalizing the security of IT is becoming a mainstream concept. Attacks increasingly come on work days, suggesting social engineering and user interaction are the preferred attack vectors. What’s more, one of the greatest concerns is that attacks are coming from inside a company’s own network using stolen credentials. That means employee user names and passwords are being stolen, then used to break in.

The result is that over 60% of organizations are receiving more alerts than they can handle. And they need help.

One small-cap company that’s answering the call is Rapid7 (RPD).


THE COMPANY/PRODUCT


Rapid7 (RPD) is a $1.1 billion market cap software company on a mission to solve complex security and IT operations challenges by providing innovative solutions that are easy to set up and use.

Customers use its cloud-based and on-premise software solutions to better understand, prioritize and address the threats facing their physical, virtual and cloud assets, including threats that arise from the actions of people within their own walls.

Armed with the company’s solutions, clients can unify operational data from across their systems and run it through an advanced analytics platform. This helps them securely develop, operate and manage the sophisticated apps and services that are required to succeed in the digital age.

Simply put, Rapid7 protects an organization’s best interests in an increasingly complex, chaotic and interconnected digital world. That’s a high value proposition, and it is the reason analysts are increasingly bullish on its long-term growth potential.

The Boston-based company was founded in 2000 by three men that previously worked together at a software company: Alan Matthews, Tas Giakouminakis and Chad Loder. As the story goes, they repeatedly heard that organizations struggled with huge and complex security issues since they couldn’t see what was on their network and assets. That meant they couldn’t address weak spots and persistent threats.

With no major security solution on the market that provided comprehensive security assessment across network, hardware, software, web and database components, they decided to build their own. While working on the idea, the trio often traveled to midtown Manhattan on the “Rapid7” train. They went with that as a name, and the rest is history!

Today, Rapid7 has over 7,000 customers (up 13% over the last year) across 125 countries, including 52% of the Fortune 100. Customers come in all shapes and sizes, and include mid-market, enterprises, non-profits, government agencies and educational institutions. They also come from all industries. Management has recently said it is doing very well in technology, health care, insurance, retail and energy.

csc226-p2-1024x449.png

The company’s drive to develop security solutions that can be quickly installed and are easy to use appears to be hitting the mark. Revenue growth was a very respectable 28% in 2017 and crossed the $200 million threshold for the first time.

csc226-p3a.png

With a broader set of solutions to sell as part of its entry into the emerging SecOps movement, which brings together security and IT operations, and a transition to an easy-to-deploy Software-as-a-Service (SaaS) pricing model, Rapid7 is landing larger deals, more multi-product deals and more customers.

The net result is growth in the company’s annualized recurring revenue (ARR) figure, which is defined as the annualized value of all recurring revenue-related contracts in place at the end of the quarter. Wall Street analysts love recurring revenue! And Rapid7 says it can grow this figure by an average of 30% through 2020 across its product portfolio. That pledge has gotten the attention of investors.

Platform and Products

The lead products helping Rapid7 grow are InsightVM, InsightIDR and InsightAppSec. These are all based on the company’s quickly evolving cloud-based Insights Platform, which launched in 2015. This platform combines vulnerability management, user behavior analytics-powered SIEM, IT log analytics and applications security data.

The platform collects and unifies the vast wealth of disparate, operational data from across an organization’s entire IT infrastructure and user base, including firewalls, intrusion detection systems (IDS), user directories, computers, mobile and connected devices, apps, cloud activity, etc. That data is then run through advanced analytics to give customers a live, holistic view of all the activity on its network.

csc226-p3b-1024x507.png

Armed with this information, Rapid7’s solutions can help customers:

• Prevent attacks by shining a light on network and application vulnerabilities, cloud service usage, risky user behavior and misconfigured assets.

• Allow customer IT, security and operations teams to quickly detect compromises and attacks, prioritize fixes across infrastructure, apps and endpoints, and respond to breaches when they occur.

• Eliminate and automate repetitive and manual busy-work and data analysis, so customer resources can be directed to strategic, value-added initiatives.

csc226-p4a.png

Rapid7’s platform is designed to support large customers all over the world. Unlike other machine data-driven platforms, it provides live access, and allows customers and integration partners to build apps on top of the data it collects. The company has over 80 integration partners, including IBM, Splunk, HP, ServiceNow, Amazon, Microsoft, BMC and Slack.

Rapid7’s products have been evolving as the company rolls out cloud-based services on the Insights Platform, and with that transition, several legacy solutions have been rolled into new, subscription-based services. The main solutions, as well as high level details on their end-market and subscription cost, are shown in the image below.

Rapid7 also provides Advisory Services to help its customers beef up their security programs. These services have become strategic in nature, driving strong customer relationships and loyalty to Rapid7’s product offerings, but are not a significant revenue-generating activity.

csc226-p4b-1024x461.png

Threat Exposure Management Solutions

Threat Management Solutions provide IT security professionals with a holistic view of their attack vulnerabilities and an automated way to assess the threat landscape as it evolves. These solutions build on traditional vulnerability management tools to incorporate real-world threat information, application security testing abilities, and analytics workflows that facilitate systematic remediation.

InsightVM – Vulnerability Management

InsightVM was released in early-2017 and is the cloud-based version of Rapid7’s award-winning on-premise vulnerability management solution, Nexpose. This flagship product uses live dashboards, analytics and endpoint technology to discover network vulnerabilities as they occur, pinpoint their location, prioritize them and confirm when exposure has been reduced. It is the company’s largest product, and been a strong seller since it was released, with sales accelerating in the second half of 2017. With Rapid7 increasingly focused on cloud-based solutions, many customers that historically used Nexpose are changing to InsightVM.

csc226-p5a-1024x496.png

Metasploit – Penetration Testing

Metasploit is a penetration-testing solution that allows users to simulate real-world attacks on their own network, so security and IT teams are ready when the real thing occurs. The software seamlessly integrates with the Metasploit Framework, an open-source initiative with a community of over 200,000 users all over the world. This community contributes exploitation and reconnaissance modules that help Rapid7’s clients uncover weaknesses in their defenses and patch them up. Rapid7 is currently developing InsightPhish (in beta mode), and I suspect Metasploit will be rolled into that solution when InsightPhish is fully released.

InsightAppSec – Application Security

InsightAppSec is a cloud-based testing tool that identifies security gaps in the most common source of data breaches: web applications. The solution is the next-generation SaaS offering of Rapid7’s on-premise software, AppSpider, which was acquired in the middle of 2015. The tool combines powerful application crawling and attack abilities with suggested fixes. Though just released in Q2 2017, management has said the solution often represents a next step for customers looking to expand their suite of Rapid7 solutions. With more organizations deploying custom apps to remain competitive, it looks like this is an area of rapid growth potential.

csc226-p5b-1024x308.png

Komand – Orchestration & Automation

Komand gives users the ability to automate time-intensive security processes without writing any code. The tool uses plug-ins to connect to existing security tools and lets the user configure automated actions and workflows that dramatically speed up incident detection, response and resolution, while allowing configuration of human decision points where desired. Common-use cases include email phishing investigations, malware investigations and containment, and privilege escalation investigations. Komand was a Boston-based company that was acquired by Rapid7 in July 2017, and the product helps Rapid7 gain exposure to the rapid growth security automation market. Expect more discussion on this product in the future.

Incident Detection and Response Solutions

These solutions are all based on the idea that the best cybersecurity defense begins with understanding the attacker mindset, and quickly identifying changing attack methods.

InsightIDR – User Behavior Analytics & SIEM

InsightIDR (launched in early-2016) is a cloud-based solution that unifies security information and event management (SIEM), user behavior analytics (UBA), and endpoint detection and response (EDR) to flag stealthy attacks. The solution is designed to cut through the noise of worthless attacks and quickly pinpoint intruder activity. It can also set traps for intruders and detect compromised user accounts. Management says InsightIDR has proven to be a great product for both new customer additions and cross-sales, is growing ARR by over 100%, and should be a leading growth solution for several years to come. In Q4, the product was also rated as a Visionary in Gartner’s SIEM Magic Quadrant, which evaluated cloud SIEM providers for the first time.

InsightOps – IT Operations

InsightOps was launched in Q2 2017. The solution centralizes live log and asset data from across an organization’s IT infrastructure (servers, apps, databases, firewalls, cloud services, etc.) into one searchable location. The result is that IT professionals can troubleshoot and monitor endpoints with one, easy-to-use technology.

Two Strategic Priorities Define Rapid7’s Future

Last year was a big one for Rapid7. The company migrated products to its analytics and automation cloud, launched subscription solutions across its SecOps portfolio, acquired Komand to gain access to the rapid growth security orchestration and automation market, and after just six quarters on the market, had InsightIDR recognized as a Visionary in the Gartner SIEM Magic Quadrant.

All of these accomplishments can be wrapped up into two strategic initiatives that Rapid7’s management team discussed at length at its first Analyst Day conference in mid-December.

csc226-p6-1024x428.png

Strategic Initiative #1: Transitioning to Subscription Pricing Model (SaaS)

Almost all software markets are gravitating toward the cloud, and the security software market is no different. Rapid7’s sales people have reported for some time that customers wanted on-premise solutions under a subscription model. In 2016, the company started offering them, beginning with InsightIDR. It was a slam dunk, and sales people found it was much easier to grow their sales funnel by offering solutions that combined easy adoption, ease of use, robust features and powerful capabilities.

That success led to more solutions offered in the cloud. And as of the end of Q2 2017, all of Rapid7’s technologies were cloud-ready and available for purchase under a subscription model. Much of this transition is demand-driven. Give the customer what they want, right? But it also helps Rapid7’s sales teams cross-sell products since customers can simply add another solution with a similar user interface and seamless integration.

The downside is that the transition creates messy financials. That’s because as the company shifts from perpetual licenses, which typically had content, maintenance and support charges kick in after the first two years, to an annual subscription, there’s a reduction in up-front payments.

That’s made up for in year-four, when cumulative SaaS fees surpass the perpetual license fee structure, and ultimately, it can result in up to eight times more recurring revenue per customer!

This comparison chart (below) from Rapid7’s Analyst Day maps it out.

Rapid7 has been going through this transition for a little while now (roughly one-third of customers are on subscriptions), so while it has been compressing profit margins and driving larger operating losses for several quarters, the company is likely near the bottom in gross margins now.

Also, the sales teams have been aligned to sell under the cloud-based subscription model. This is how they are incentivized now, with ARR the critical number driving their commissions moving forward.

The other confusing thing about this transition is a new accounting standard (ASC606) that is affecting all software companies. I’m not going to get into the nitty-gritty of this (see text box on the next page for high level discussion) but will touch on it as it’s relevant.

csc226-p7-1024x472.png
csc226-p8a-1024x236.png

Strategic Initiative #2: Expanding the Product Portfolio

csc226-p8b.png

Rapid7’s second big initiative is to expand beyond core vulnerability management (VM), a roughly $2 billion addressable market, into the broader security operations (SecOps) management market, which includes VM, security incident and event management (SIEM), web app security, IT operations, incident detection and response (IDR), and orchestration and automation markets.

This more than triples the size of the company’s addressable market, to almost $7 billion today ($10 billion by 2020). And, importantly, it positions Rapid7 to address two big trends in security: (1) customer desire to have fewer security solutions providers and (2) security automation.

The SecOps opportunity is largely about bringing IT operations security and developers together to figure out how to operationalize that security. Rapid7 has had early success with its InsightIDR solution, which lends credence to the strategy.

The Business Model

Rapid7 generates revenue from on-premise and subscription software licenses (roughly 80% of total revenue), as well as maintenance and support, professional services and managed services (roughly 20% of revenue). Management recently announced that all products, including on-premise versions, will now be sold on a subscription basis, and that they have changed their sales compensation plan so that sales quotas are now based on new annual recurring revenue (ARR), which currently makes up around 70% of total revenue and is growing at around 30%. As the mix of cloud-based subscriptions grows, so too should recurring revenue as a percentage of total revenue. Wall Street will be focused on the ARR figure moving forward, as will we.

csc226-p8c-1024x521.png

The Bottom Line

In 2017, Rapid7 delivered revenue growth of 28% to $201 million and adjusted EPS of $-0.60. Cash flow from operations was $13.3 million. Annualized recurring revenue (ARR) grew by 36% to $165 million, representing 70% of total revenue at the end of the year (up from 66% a year ago). The company ended the year with total cash and investments of $92 million. Fourth-quarter 2017 revenue was up 28% to $57.7 million, driven by bookings in InsightVM and InsightIDR. Adjusted gross margins fell to 72% from 75%, reflecting the change to the SaaS business model. The bottom line was adjusted EPS of $-0.17, versus $-0.13 in the fourth quarter of 2016.

In January, the company completed a secondary offering in which it sold 1.5 million shares, and existing stockholders sold 4.45 million shares, at 22. Rapid7 raised $31 million in the offering, which was extremely well received and has helped increase Rapid7’s public float, while filling up the company’s bank account after the $15 million acquisition of Komand in 2017.

Looking forward, management has set a goal to grow revenue and ARR by around 20% and 30%, respectively, through 2020. That’s likely conservative, but it’s a starting point to scratch out some rough projections (see graph). Guidance says we should expect 2018 revenue of $225 to $234 million on an ASC 606 basis ($239 to $245 million on ASC 605 basis), and non-GAAP EPS to be around $-0.48. Management expects to start delivering operating profits in the second half of 2019 as leverage from the transition to SaaS kicks in, and Rapid7 should deliver its first adjusted EPS profit in 2020.

csc226-p9-1024x557.png


RISK


Expanding to SecOps: As Rapid7 expands it product portfolio deeper into analytics and SecOps, it enters a new competitive environment with more players and greater uncertainty.

Transition to SaaS: The shift from perpetual licenses to subscriptions, along with the change to ASC606 from ASC605, makes for messy financial analysis and creates temporary headwinds on revenue and operating income. While the transition is good for the company in the long-term and analysts recognize that it ultimately drives greater long-term growth, recurring revenue and profitability, there’s no guarantee that management will continue to manage the transition as well as it has to date.

Failure to Detect Vulnerabilities: Customers come to Rapid7 to protect themselves from cyberattacks. If, for any reason, the company’s products and data feeds fail to respond to new methods of attack, its reputation and growth potential could suffer.

International Expansion: Rapid7 is growing quickly overseas (international revenue up 35% in 2017). Given that this expansion effort carries different risks and regulations than in the U.S., it will be necessary for the company and its partners to navigate that landscape with extra discipline and caution.


COMPETITION


Rapid7 competes in the fragmented and rapidly evolving cyber security solutions market. Major competitors include Qualys (QLYS), Tenable Network Security, IBM (IBM), HP (HPE), LogRhythm, AlienVault, Sumo Logic, Splunk (SPLK) and FireEye (FEYE).


THE STOCK


Trading Volume: Rapid7 has a market cap of $1.1 billion and trades an average of 400,000 shares daily. That means roughly $10 million worth of stock trades each day. Our subscriber group shouldn’t move this stock. Volume has been increasing since the company’s stock offering in January.

Historical Price: The company went public on June 11, 2015 at 16 per share. It initially surged, then retreated to 10 in early 2016. Shares were up and down for the rest of the year, but the trend became more consistent as it moved into 2017. Shares traded mostly above their 50-day line until they hit 19 in June, then a little pullback to 15 brought RPD down to its 200-day line. It turned north there and consistently bounced off its 50-day moving average throughout the remainder of 2017. The stock entered 2018 at 19, then rallied to 26 after the secondary offering was announced. A little pullback was met by more buyers and shares just broke out to new highs on analyst upgrades following the Q4 2017 report.

Valuation and Projected Price Target: RPD trades with a 2018 EV/Sales multiple of 4.2 and a 2019 EV/Sales multiple of 3.6, assuming revenue of $240 million (+19.5%) this year and $275 million (+14.5%) next (these estimates fall between expected revenue reported under both ASC606 and ASC605). As the somewhat messy transition to a SaaS model cleans up, margins stabilize and Rapid7 marches toward positive adjusted EPS (expected later in 2019), the stock should benefit from multiple expansion, and potentially, better-than-expected growth. A 2019 EV/Sales ratio target of 4.5 implies 25% upside in the stock, which gives us a price target of 33. That seems like a reasonable starting point to me.

Buy Range (next two months): My wide preferred buy range is between 22 and 28. That gives a little upside from here to pick up a few shares and lets us buy down to the 50-day moving average. A narrower buy range in the 23 to 26 range is appropriate for picking up bigger blocks of shares if you can take advantage of a little pullback.

The Next Event: Management will present at the Raymond James conference on Wednesday, March 7, and the Susquehanna Tech Conference on Wednesday, March 14. The next quarterly earnings release date (Q1 2018) is estimated to be in the second week of May.

Rapid7 (RPD) Financials

csc226-financials.png

Rapid7 (RPD 26)
100 Summer Street
13th Floor
Boston, MA 02110
617-247-1717
http://www.rapid7.com

csc226-rpdchart-1024x647.png

UPDATES ON CURRENT RECOMMENDATIONS


Due to the nature of the stocks recommended, it is to your advantage not to share these recommendations.

csc226-portfolio-1024x473.png

Buy means accumulate shares at or around the current price.
Hold means just that; hold what you have. Don’t buy, or sell, shares.
Sell means the original reasons for buying the stock no longer apply, and I recommend exiting the position.
Sell a Half means it’s time to take partial profits. Sell half (or whatever portion feels right to you) to lock in a gain, and hold on to the rest until another ratings change is issued.

The market is pulling back from the quick recovery that began to take shape three weeks ago. Most charts of the major indexes look similar to the S&P 600 Small Cap Index (below). You can point the finger at the rising risk of inflation, accelerating interest rate hikes, Trump’s proposed tariffs on steel and aluminum imports, or just the likelihood that the market isn’t ready to shrug off every potential headwind this time around.

csc226-update.png

Despite the drop this week, a number of growth stocks are performing very well. In our portfolio, seven positions are trading near 52-week highs!

But it’s not time to be overly aggressive. This week, we’re moving incrementally toward a more defensive stance with four positions moving from Buy to Hold, and one position moving to Sell. We also picked up coverage of a new growth stock in the security software business that looks like it could be a future leader in our portfolio.

We had three earnings reports this week, with AppFolio (APPF), AxoGen (AXGN) and U.S. Concrete (USCR) all opening their books. We’ll hear from Materialise (MTLS) next week, and Asure Software (ASUR) the following week.

Updates

AppFolio (APPF) reported early this week and, somewhat surprisingly, the event quashed the momentum that had been building in the stock. It’s now back at 40, where it was two weeks ago. I had been expecting a big jump in the share price, similar to what we witnessed in other SaaS stocks that have pulled back from their November highs. So what happened here?

The culprit is likely an “as expected” report, which just isn’t good enough to drive the stock higher. Nobody should complain about revenue growth of 35.3% to $37.9 million (which beat by $2.4 million) and adjusted EPS of $0.12 (headlines suggested AppFolio missed by delivering $0.07, but that is a GAAP figure, and most analysts focus on the adjusted figure). Another potential issue is that management continues to pass on taking any questions on its conference calls, saying instead that analysts and investors can submit them through the investor relations (IR) website. This is just plain annoying. I get wanting to be different in some ways but fielding questions on conference calls is just part of the deal, and not doing it reduces transparency for those, like me, that like to monitor what analysts are focusing on quarter after quarter. Sure, I can speak with management. But they’re not going to tell me what questions everyone else is asking. That said, AppFolio is releasing 8-K filings with submitted questions. But, c’mon! Does it have to be that difficult?

Moving on, the storyline here remains about the strength AppFolio is enjoying as it brings on higher value subscribers (i.e., larger Property Management customers) and sells more Value+ Services (electronic payments, tenant screening, etc.) into its customer base. In Q4, the number of Property Manager customers was up by 17% (to 11,700) and units under management went up by 21% (to 3.25 million units). Growth in the Legal business, which is less than 10% of revenue, was a modest 15% increase in customers (to 9,350).

Core solutions revenue grew by 27% (40.1% of total revenue), while Value+ Services revenue grew by 42% (54.8% of total revenue). It’s notable that Value+ Services revenue in Q4 is typically weak, but not so this year (a good sign).

The big question here is what’s next? Even AppFolio’s investment bank, Morgan Stanley, is mum on the subject. But clearly the market is looking for AppFolio to lay out its growth path. Will it stick in Property Management? Is there room to grow in Legal? What about a new vertical? These questions remain largely unanswered, other than that management said it is investing back in the Property Management business and may expand into adjacent markets or new vertical markets over time. Boilerplate.

That said, if we look at R&D spending, it was higher than consensus, which suggests ongoing investments in something. And with a very efficient business model, AppFolio should be turning on the free cash flow faucet right now. Adjusted EPS was $0.45 in 2017, and that should go up to around $0.70 in 2018 as revenue expands by at least 26%.

At the moment, AppFolio isn’t a strong performing stock, but it’s holding at support around the 40 level. The stock isn’t telling us to load up, but it’s also not quite broken enough to sell. I’m moving the stock to Hold and watching closely. HOLD.

Apptio (APTI) management presented at several conferences this week, including JMP Securities, KeyBanc and Morgan Stanley. I haven’t seen any major updates, which isn’t too surprising given the company just reported a few weeks ago. The company continues to pioneer the Technology Business Management (TBM) market with 14 different modules, and it’s working to drive faster growth in companies with somewhat smaller IT budgets (but still very large by most standards). It also took out a small competitor, Digital Fuel, that has strong ties to VMware (through a strategic partnership) and a loyal, albeit small, customer base. It’s a good story and one that’s not on a lot of Main Street investors’ radar. And the stock continues to perform very well. Let’s stick with it until the trend breaks. BUY.

Arena Pharmaceuticals (ARNA) pulled back toward the end of last week but has since bounced off its 50-day line as buyers step in to pick up shares. One of the potentially huge catalysts with the stock lies in Arena’s etrasimod asset, a sphingosine-1-phosphate (S1P) receptor modulator currently under evaluation for multiple autoimmune diseases, including ulcerative colitis (UC), pyoderma gangrenosum (PG) and primary biliary cholangitis (PBC).

S1P modulation has the potential for effective treatment in over 100 conditions, and second-generation candidates, including etrasimod and Celgene’s ozanimod are expected to cause fewer adverse side effects than first-generation products, mainly the multiple sclerosis (MS) drug Ginelya, which is owned by Novartis (and which will succumb to generic competition in 2019). The reduced side effects are due to the more targeted nature of these treatments, which target specific S1P receptors to reduce the risk of cardiac and pulmonary toxicities.

Interestingly, this week, we heard that Celgene received a refusal-to-file letter from the FDA after the company’s marketing application for ozanimod (for MS) had insufficient pharmacology data. One expects this to be a temporary setback and that the data will be delivered at some point. In the meantime, it leaves the door open for Arena’s etrasimod to pick up ground as one of few oral S1P modulators in development that has the potential to address a wide range of indications. That could be helping the stock now.

We are marching toward several significant events with the stock. We’re awaiting etrasimod ulcerative colitis (UC) Phase 2 Data, which could come any day. Also, Q4 2017 results should be out the week after next, and given the nature of things, it would make sense to combine this event with the UC data readout.

Lastly, next Tuesday (March 6), Arena will present Phase 1 and preclinical data for ADP371, a non-opioid investigational candidate in a Phase 2 evaluation for treatment of abdominal pain associated with Crohn’s disease. Not a lot of value is being given to this internally developed asset yet, but that will change as/if it progresses through trials (currently in a Phase 2 study, results due out before the end of June). BUY.
Earnings: Estimated March 14

Asure Software (ASUR) is still trading in the 13 to 15 range, where it spent most of February. That could change in a couple of weeks; the company is due to report Q4 2017 earnings on Thursday, March 15. As I said last week, I think the business continues to do well and has years of growth ahead of it as Asure rolls up small service bureaus that are using its software. BUY.
Earnings: March 15

AxoGen (AXGN) had a terrific day yesterday with the nerve repair specialist’s stock closing up 16% and blasting through a previous all-time high. The reason was the Q4 2017 earnings result, which I didn’t expect to be a major event since management pre-released in January, when it said revenue would be up around 45%. I did expect discussion around product development. We were hit with good news on both fronts!

Fourth-quarter revenue growth came in at a whopping 49.1%, and EPS loss of seven cents was a penny better than expected. Management didn’t change guidance for at least 40% revenue growth in 2018, but clearly that represents a floor, and everybody expects AxoGen to do much better. Bullish signs include deeper penetration into existing accounts, which are buying more products from AxoGen, modest growth in active accounts (up 31% to 591 over the last year), and a total of 60 direct sales reps, with the company projecting to add 15 more in 2018 (eight were already added in Q1).

On the product front, AxoGen reports that its trials continue to show the benefits of its nerve repair solutions over alternatives, even in instances with very large gaps in the nerve. It also announced its expansion into breast reconstruction (expected, but good to get confirmation), where it is teaching techniques to plastic surgeons to restore sensation to women who are undergoing reconstruction after mastectomy. It has initiated the Sensation Neurotization Outcomes for Women (Sensation-Now) clinical registry, which is expected to show meaningful recovery and quality-of-life improvements for these women.

The launch in breast reconstruction neurotization means partnering with 20 to 25 centers by the end of the year. Interestingly, management said the additional cost of using AxoGen’s products and procedures is expected to be passed on to the hospital. Why? Because these are high-value patients that hospitals want to attract. They (and their insurance policies) spend a lot of money at the hospital, and being able to offer sensation back after breast reconstruction is absolutely, 100%, going to help differentiate hospitals that offer it from those that don’t (that’s my estimate, which I think is conservative!).

The bottom line here is that AxoGen appears to still be early in its lifecycle. It’s growing in its core business, expanding into oral and maxillofacial, as well as breast reconstruction neurotization, as well as pain (remember it introduced a nerve cap product in 2017). These aren’t huge markets by the standards of big companies, but for a $1 billion market cap pure-play nerve repair specialist, they are exactly the type of markets we like to see—ones where they can go in and become market leaders.

The stock is up over 100% since I added it in July, and with this big breakout, I suggest holding off on any major purchases. Moving to Hold. HOLD.

BioTelemetry (BEAT) reported a great quarter last week that highlighted the progress made integrating LifeWatch, growing partnerships (Apple and Onduo, plus others yet-to-be announced) and developing products with the patch form-factor. There was also a fair amount of tough talk related to statements from competitor iRhythm’s (IRTC) management on that company’s Q4 2017 conference call, which suggested reimbursement rates for MCT products (which BioTelemetry sells) are typically limited to a narrow set of indications and are not covered by many health plans at all. This appears to be a completely false statement, and BioTelemetry’s CEO Joe Capper said as much. That back and forth didn’t matter much this week as both stocks, along with the broader health care sector, fell. BioTelemetry is now back near its 50- and 200-day moving averages (where it was a month ago). We’re up 10% (on par with the small-cap index) and I believe the stock has a lot more upside. But I don’t like how it failed to break above the 35 to 36 range for a third time in five months (first in October, then again in January). Let’s be a little cautious here and move to Hold. HOLD.

Datawatch (DWCH) attracted a few buyers this week but the trend is still not strong here and enthusiasm for the stock has clearly faded since the Angoss acquisition quashed rumors that Datawatch was on the market, even though 80% of Angoss’ revenue is recurring, and the two companies share many clients, especially in the financial services industry. Continue to hold. HOLD.

Everbridge (EVBG) didn’t do much this week after last week’s Q4 report showed revenue growth of 37% and management guided for around 30% growth in 2018, ahead of consensus estimates for 26% growth. A lot of that projected outperformance is due to the proposed acquisition of Unified Messaging Systems (UMS), but let’s not be too picky here. The offer for UMS has just begun. Shares are up over 100% since we added them to the portfolio. Management presented at the KeyBank conference this week and moves on to Raymond James on Monday. HOLD.

Instructure (INST) was just added in January but the company, which sells academic and enterprise learnings software, has been a strong performer and is up roughly 30% since we added it. A recent secondary offering was well received, and Instructure continues to grab customers from Blackboard (in academic markets) and make inroads into the enterprise space with Bridge, its corporate learning and performance management solution. Keeping at Buy, just take it slow. BUY.

LogMeIn (LOGM) has flat-lined in the narrow, five-point range between its 50- and 200-day moving averages (at 120 and 115, respectively). There have been so many changes here with the GoTo acquisition and, now, the purchase of Jive Communications (for $342 million), which plays in the $25 billion unified communications market, that I wouldn’t be surprised if investors take a few quiet months to digest the changes. That said, LogMeIn appears ready and willing to pounce on opportunities to build itself into a collaboration software powerhouse, so let’s keep holding on and see where this ride takes us. HOLD HALF.

Materialise (MTLS) is essentially unchanged over the past week and hasn’t been getting any help from the broader European markets, which are well off their early-2018 highs and now back to their February lows. That said, there’s been a lot of news on the stock specific front with other players in the 3D space reporting. Remember, Materialise benefits from broad strength in the market since it combines software, prototyping and production in one company. First, Hewlett-Packard (HPQ) delivered a great quarter, albeit not because of 3D printing. But the company has introduced a new, lower priced (starts around $50K, if you’re interested) Jet Fusion 300/500 series that can print parts in full color. I’ve talked about how 3D printing is a long-term play, and HP’s management commented on why that’s the case, saying, “…if we’re really going to disrupt this $12 trillion manufacturing industry, we’ve got to get folks to design for 3D. It’s not just replacing a part today that’s injection molded. It’s saying is there a better way to design that part.” Second, we heard from both Stratasys (SSYS) and 3D Systems (DDD). Those stocks went in opposite directions (Stratasys down, 3D Systems up). 3D Systems reports that the market is improving and its preliminary results were way above consensus. This is all interesting stuff, but it’s best not to read too much into the tea leaves. We’ll get details on Materialise when the company reports next Tuesday. For now, keep holding. HOLD.
Earnings: March 6

Q2 Holdings (QTWO) traded in some extremely wide ranges in the days following its Q4 report two Wednesdays ago. But the stock closed higher on all those days as buyers stepped in, and it is close to an all-time high now. The quarterly report highlighted several large, Tier 1 deals, which come with some execution risk and longer implementations than smaller bank deals. But as I said last week, they are also more valuable, and the move up market suggests Q2 has significant long-term growth ahead as it becomes a strategic partner to large banks. A $230 million convertible debt deal appears to have been well-received, and I like the story. That said, after a big push in the stock in 2018 and a 90%+ gain under our belts, let’s be just a little cautious and curb new buying for the moment. Moving to Hold. HOLD.

U.S. Concrete (USCR) had been trading in a range between 70 and 86 since June but closed just below the low end of the range yesterday after a volatile day of trading. The catalyst was the Q4 2017 earnings report, which was released yesterday morning. The headline was a $13.9 million miss on revenue, which was up 7.1% to $341.4 million in the quarter, and a $0.34 miss on EPS, which came in at $0.50. The stock dropped at the open, then clawed its way back into positive territory by the time the conference call started at 10 am ET. Once that wrapped up, the stock, along with the broad market, began to falter.

I would say the storyline here has become a less bullish. There were many more questions from analysts about potential headwinds and challenges than opportunities. And that suggests to me that they are looking for the end of this cycle, likely because interest rates are on their way up, housing starts could easily cool, and inflation will be showing up in U.S. Concrete in areas like wages and input costs (diesel, etc.). While some of these costs can get passed through (as management said on the call), the bottom line is that U.S. Concrete is a cyclical stock and you don’t want to be loading up when end is coming.

Management said it lost about 100,000 yards of concrete sales due to weather, which would have generated around $12 million in revenue (i.e., about the same as the top-line miss). Weather has always been an issue, but it’s been worse lately, and these jobs have been building up. Not necessarily a bad thing, but you don’t want to get so far behind in any one market that you can’t take on new jobs. The Polaris acquisition (aggregate supply) also came up, mainly in the context of profit margins, and management said at this point, it’s not changing the guidance Polaris’ management put out when it was a public company, but that over time, margins will go up as Polaris is integrated into U.S. Concrete’s northern California operations. Then there was the matter of $5 million in workers-comp claims, which nobody wants to see, and which shouldn’t repeat going forward, but was an unfortunate headwind on EPS this quarter. On the flip side, U.S. Concrete should see its tax rate drop from around 40% to 28% in 2018, which will be good for the bottom line.

This all said, the lack of momentum in U.S. Concrete’s stock isn’t a great sign. As I said last week, I’m not opposed to taking profits if the stock isn’t able to get moving in the right direction again. And that’s what we’re going to do today. Since we added the stock in the beginning of last year, it has performed in-line with the small cap index, which is perfectly fine since it’s up 11%. But that’s not the type of returns we expect over a year or more. And with U.S. Concrete’s peers, Vulcan Materials (VMC), Eagle Materials (EXP) and Martin Marietta Materials (MLM) also all faltering, there doesn’t appear to be a lot of support for concrete and aggregate stocks right now. Moving to Sell. SELL.

Please email me at tyler@cabotwealth.com with any questions or comments about any of our stocks, or anything else on your mind.

Next Cabot Small-Cap Confidential issue is scheduled for April 6, 2018
Cabot Small-Cap Confidential is published by the Cabot Wealth Network, an independent publisher of investment advice. Neither the corporation nor its employees are compensated in any way by the companies whose stocks we recommend. Sources of information are believed to be reliable, but they are in no way guaranteed to be complete or without error. Recommendations, opinions or suggestions are given with the understanding that subscribers acting on information assume all risks involved. Copyright © 2018 - COPYING AND/OR ELECTRONIC TRANSMISSION OF THIS NEWSLETTER IS A VIOLATION OF THE U.S. COPYRIGHT LAW. For the protection of our subscribers, if copyright laws are violated by any subscriber, the subscription will be terminated.

[premium_html_footer]