20-F 1 zk2431148.htm 20-F RADWARE LTD - 1094366 - 2024
2030-12-31false0001094366FYEurope, the Middle East and Africa. Distribution of the Company’s products on a non-exclusive basis. Related to cost of product purchased from one of the related companies (SecurityDAM Ltd.). On February 17, 2022, the Company acquired all of the technology and other intangible assets from SecurityDAM Ltd., which was a related company and the sole single-managed security service provider of the company. For additional details, see Note 3. The Company leases office space and purchases other miscellaneous services from certain companies, which are considered to be related parties. In addition, the Company provides certain services to related parties. http://fasb.org/us-gaap/2023#UsefulLifeShorterOfTermOfLeaseOrAssetUtilityMember201620222023-12-312038-12-31Basic earnings per share amounts of the benefit resulting from the “Approved, Privileged and Preferred Enterprise” status 0001094366 2023-01-01 2023-12-31 0001094366 2022-01-01 2022-12-31 0001094366 2021-01-01 2021-12-31 0001094366rdwr:SkyawkMemberus-gaap:SeriesAPreferredStockMember 2022-04-29 0001094366rdwr:SkyawkMemberus-gaap:SeriesAPreferredStockMember 2023-12-31 0001094366rdwr:SkyawkMemberus-gaap:SeriesAPreferredStockMember 2022-04-01 2022-04-29 0001094366rdwr:SecurityDamLtdMember 2022-02-01 2022-02-17 0001094366rdwr:SecurityDamLtdMember 2022-02-17 0001094366rdwr:SecurityDamLtdMemberus-gaap:DevelopedTechnologyRightsMember 2023-01-01 2023-12-31 0001094366rdwr:SecurityDamLtdMember 2023-12-31 0001094366srt:MaximumMember 2023-01-01 2023-12-31 0001094366 2023-12-31 0001094366 2022-12-31 0001094366rdwr:ForeignBanksAndGovernmentDebenturesMember 2023-12-31 0001094366rdwr:ForeignBanksAndGovernmentDebenturesMember 2022-12-31 0001094366rdwr:CorporateDebenturesMember 2023-12-31 0001094366rdwr:CorporateDebenturesMember 2022-12-31 0001094366 2021-12-31 0001094366 2020-12-31 0001094366us-gaap:CommonStockMember 2020-12-31 0001094366us-gaap:AdditionalPaidInCapitalMember 2020-12-31 0001094366us-gaap:TreasuryStockCommonMember 2020-12-31 0001094366us-gaap:AccumulatedOtherComprehensiveIncomeMember 2020-12-31 0001094366us-gaap:RetainedEarningsMember 2020-12-31 0001094366us-gaap:CommonStockMember 2021-01-01 2021-12-31 0001094366us-gaap:TreasuryStockCommonMember 2021-01-01 2021-12-31 0001094366us-gaap:AdditionalPaidInCapitalMember 2021-01-01 2021-12-31 0001094366us-gaap:AccumulatedOtherComprehensiveIncomeMember 2021-01-01 2021-12-31 0001094366us-gaap:RetainedEarningsMember 2021-01-01 2021-12-31 0001094366us-gaap:CommonStockMember 2021-12-31 0001094366us-gaap:AdditionalPaidInCapitalMember 2021-12-31 0001094366us-gaap:TreasuryStockCommonMember 2021-12-31 0001094366us-gaap:AccumulatedOtherComprehensiveIncomeMember 2021-12-31 0001094366us-gaap:RetainedEarningsMember 2021-12-31 0001094366us-gaap:CommonStockMember 2022-01-01 2022-12-31 0001094366us-gaap:TreasuryStockCommonMember 2022-01-01 2022-12-31 0001094366us-gaap:AdditionalPaidInCapitalMember 2022-01-01 2022-12-31 0001094366us-gaap:RetainedEarningsMember 2022-01-01 2022-12-31 0001094366us-gaap:CommonStockMember 2022-12-31 0001094366us-gaap:AdditionalPaidInCapitalMember 2022-12-31 0001094366us-gaap:TreasuryStockCommonMember 2022-12-31 0001094366us-gaap:RetainedEarningsMember 2022-12-31 0001094366us-gaap:TreasuryStockCommonMember 2023-01-01 2023-12-31 0001094366us-gaap:CommonStockMember 2023-01-01 2023-12-31 0001094366us-gaap:AdditionalPaidInCapitalMember 2023-01-01 2023-12-31 0001094366us-gaap:AccumulatedOtherComprehensiveIncomeMember 2023-01-01 2023-12-31 0001094366us-gaap:CommonStockMember 2023-12-31 0001094366us-gaap:AdditionalPaidInCapitalMember 2023-12-31 0001094366us-gaap:TreasuryStockCommonMember 2023-12-31 0001094366us-gaap:AccumulatedOtherComprehensiveIncomeMember 2023-12-31 0001094366us-gaap:RetainedEarningsMember 2023-12-31 0001094366us-gaap:AccumulatedOtherComprehensiveIncomeMember 2022-01-01 2022-12-31 0001094366us-gaap:RetainedEarningsMember 2023-01-01 2023-12-31 0001094366us-gaap:AccumulatedOtherComprehensiveIncomeMember 2022-12-31 0001094366us-gaap:NoncontrollingInterestMember 2020-12-31 0001094366us-gaap:NoncontrollingInterestMember 2021-01-01 2021-12-31 0001094366us-gaap:NoncontrollingInterestMember 2021-12-31 0001094366us-gaap:NoncontrollingInterestMember 2022-01-01 2022-12-31 0001094366us-gaap:NoncontrollingInterestMember 2022-12-31 0001094366us-gaap:NoncontrollingInterestMember 2023-01-01 2023-12-31 0001094366us-gaap:NoncontrollingInterestMember 2023-12-31 0001094366us-gaap:ParentMember 2020-12-31 0001094366us-gaap:ParentMember 2021-01-01 2021-12-31 0001094366us-gaap:ParentMember 2021-12-31 0001094366us-gaap:ParentMember 2022-01-01 2022-12-31 0001094366us-gaap:ParentMember 2022-12-31 0001094366us-gaap:ParentMember 2023-01-01 2023-12-31 0001094366us-gaap:ParentMember 2023-12-31 0001094366us-gaap:StockOptionMember 2023-01-01 2023-12-31 0001094366rdwr:EmployeeNonEmployeeStockOptionMember 2023-12-31 0001094366us-gaap:StockOptionMember 2022-12-31 0001094366us-gaap:StockOptionMember 2022-01-01 2022-12-31 0001094366us-gaap:StockOptionMember 2023-12-31 0001094366rdwr:ExercisePriceRangeOneMember 2023-01-01 2023-12-31 0001094366rdwr:ExercisePriceRangeOneMember 2023-12-31 0001094366rdwr:ExercisePriceRangeTwoMember 2023-01-01 2023-12-31 0001094366rdwr:ExercisePriceRangeTwoMember 2023-12-31 0001094366rdwr:ExercisePriceRangeThreeMember 2023-12-31 0001094366rdwr:ExercisePriceRangeThreeMember 2023-01-01 2023-12-31 0001094366us-gaap:RestrictedStockUnitsRSUMember 2022-12-31 0001094366us-gaap:RestrictedStockUnitsRSUMember 2023-01-01 2023-12-31 0001094366us-gaap:RestrictedStockUnitsRSUMember 2023-12-31 0001094366us-gaap:CostOfSalesMember 2023-01-01 2023-12-31 0001094366us-gaap:CostOfSalesMember 2022-01-01 2022-12-31 0001094366us-gaap:CostOfSalesMember 2021-01-01 2021-12-31 0001094366us-gaap:ResearchAndDevelopmentExpenseMember 2023-01-01 2023-12-31 0001094366us-gaap:ResearchAndDevelopmentExpenseMember 2022-01-01 2022-12-31 0001094366us-gaap:ResearchAndDevelopmentExpenseMember 2021-01-01 2021-12-31 0001094366us-gaap:SellingAndMarketingExpenseMember 2023-01-01 2023-12-31 0001094366us-gaap:SellingAndMarketingExpenseMember 2022-01-01 2022-12-31 0001094366us-gaap:SellingAndMarketingExpenseMember 2021-01-01 2021-12-31 0001094366us-gaap:GeneralAndAdministrativeExpenseMember 2023-01-01 2023-12-31 0001094366us-gaap:GeneralAndAdministrativeExpenseMember 2022-01-01 2022-12-31 0001094366us-gaap:GeneralAndAdministrativeExpenseMember 2021-01-01 2021-12-31 0001094366us-gaap:TreasuryStockCommonMember 2022-08-31 0001094366us-gaap:TreasuryStockCommonMember 2022-03-31 0001094366rdwr:EmployeeNonEmployeeStockOptionMember 2023-01-01 2023-12-31 0001094366rdwr:EmployeeNonEmployeeStockOptionMember 2022-01-01 2022-12-31 0001094366rdwr:EmployeeNonEmployeeStockOptionMember 2021-01-01 2021-12-31 0001094366rdwr:EmployeeNonEmployeeStockOptionMember 2022-12-31 0001094366us-gaap:RestrictedStockUnitsRSUMember 2022-01-01 2022-12-31 0001094366us-gaap:RestrictedStockUnitsRSUMember 2021-01-01 2021-12-31 0001094366us-gaap:CostOfSalesMemberrdwr:SkyhawkCnpSecurityLtdShareOptionPlanMember 2023-01-01 2023-12-31 0001094366us-gaap:ResearchAndDevelopmentExpenseMemberrdwr:SkyhawkCnpSecurityLtdShareOptionPlanMember 2023-01-01 2023-12-31 0001094366us-gaap:SellingAndMarketingExpenseMemberrdwr:SkyhawkCnpSecurityLtdShareOptionPlanMember 2023-01-01 2023-12-31 0001094366us-gaap:GeneralAndAdministrativeExpenseMemberrdwr:SkyhawkCnpSecurityLtdShareOptionPlanMember 2023-01-01 2023-12-31 0001094366rdwr:SkyhawkCnpSecurityLtdShareOptionPlanMember 2023-01-01 2023-12-31 0001094366us-gaap:TreasuryStockCommonMember 2022-08-01 2022-08-31 0001094366rdwr:SkyhawkCnpSecurityLtdShareOptionPlanMember 2022-12-31 0001094366rdwr:SkyhawkCnpSecurityLtdShareOptionPlanMember 2023-12-31 0001094366rdwr:ExercisePriceRangeFourMember 2023-01-01 2023-12-31 0001094366rdwr:ExercisePriceRangeFourMember 2023-12-31 0001094366us-gaap:CostOfSalesMemberrdwr:SkyhawkCnpSecurityLtdShareOptionPlanMember 2022-01-01 2022-12-31 0001094366us-gaap:ResearchAndDevelopmentExpenseMemberrdwr:SkyhawkCnpSecurityLtdShareOptionPlanMember 2022-01-01 2022-12-31 0001094366us-gaap:SellingAndMarketingExpenseMemberrdwr:SkyhawkCnpSecurityLtdShareOptionPlanMember 2022-01-01 2022-12-31 0001094366us-gaap:GeneralAndAdministrativeExpenseMemberrdwr:SkyhawkCnpSecurityLtdShareOptionPlanMember 2022-01-01 2022-12-31 0001094366rdwr:SkyhawkCnpSecurityLtdShareOptionPlanMember 2022-01-01 2022-12-31 0001094366us-gaap:MoneyMarketFundsMemberus-gaap:FairValueInputsLevel1Member 2023-12-31 0001094366us-gaap:MoneyMarketFundsMember 2023-12-31 0001094366us-gaap:FairValueInputsLevel2Memberrdwr:ForeignBanksAndGovernmentDebenturesMember 2023-12-31 0001094366us-gaap:FairValueInputsLevel2Memberrdwr:CorporateDebenturesMember 2023-12-31 0001094366us-gaap:FairValueInputsLevel1Member 2023-12-31 0001094366us-gaap:FairValueInputsLevel2Member 2023-12-31 0001094366us-gaap:MoneyMarketFundsMemberus-gaap:FairValueInputsLevel1Member 2022-12-31 0001094366us-gaap:MoneyMarketFundsMember 2022-12-31 0001094366us-gaap:FairValueInputsLevel2Memberrdwr:ForeignBanksAndGovernmentDebenturesMember 2022-12-31 0001094366us-gaap:FairValueInputsLevel2Memberrdwr:CorporateDebenturesMember 2022-12-31 0001094366us-gaap:FairValueInputsLevel1Member 2022-12-31 0001094366us-gaap:FairValueInputsLevel2Member 2022-12-31 0001094366us-gaap:MoneyMarketFundsMemberus-gaap:FairValueInputsLevel2Member 2023-12-31 0001094366us-gaap:MoneyMarketFundsMemberus-gaap:FairValueInputsLevel3Member 2023-12-31 0001094366us-gaap:FairValueInputsLevel1Memberrdwr:ForeignBanksAndGovernmentDebenturesMember 2023-12-31 0001094366us-gaap:FairValueInputsLevel3Memberrdwr:ForeignBanksAndGovernmentDebenturesMember 2023-12-31 0001094366us-gaap:FairValueInputsLevel1Memberrdwr:CorporateDebenturesMember 2023-12-31 0001094366us-gaap:FairValueInputsLevel3Memberrdwr:CorporateDebenturesMember 2023-12-31 0001094366us-gaap:FairValueInputsLevel3Member 2023-12-31 0001094366us-gaap:MoneyMarketFundsMemberus-gaap:FairValueInputsLevel2Member 2022-12-31 0001094366us-gaap:MoneyMarketFundsMemberus-gaap:FairValueInputsLevel3Member 2022-12-31 0001094366us-gaap:FairValueInputsLevel1Memberrdwr:ForeignBanksAndGovernmentDebenturesMember 2022-12-31 0001094366us-gaap:FairValueInputsLevel3Memberrdwr:ForeignBanksAndGovernmentDebenturesMember 2022-12-31 0001094366us-gaap:FairValueInputsLevel3Memberrdwr:CorporateDebenturesMember 2022-12-31 0001094366us-gaap:FairValueInputsLevel1Memberrdwr:CorporateDebenturesMember 2022-12-31 0001094366us-gaap:FairValueInputsLevel3Member 2022-12-31 0001094366us-gaap:TechnologyEquipmentMember 2023-12-31 0001094366us-gaap:TechnologyEquipmentMember 2022-12-31 0001094366rdwr:OfficeFurnitureAndEquipmentMember 2023-12-31 0001094366rdwr:OfficeFurnitureAndEquipmentMember 2022-12-31 0001094366us-gaap:LeaseholdImprovementsMember 2023-12-31 0001094366us-gaap:LeaseholdImprovementsMember 2022-12-31 0001094366country:US 2023-01-01 2023-12-31 0001094366country:US 2022-01-01 2022-12-31 0001094366country:US 2021-01-01 2021-12-31 0001094366rdwr:AmericaOtherMember 2023-01-01 2023-12-31 0001094366rdwr:AmericaOtherMember 2022-01-01 2022-12-31 0001094366rdwr:AmericaOtherMember 2021-01-01 2021-12-31 0001094366rdwr:EuropeMiddleEastAfricaMember 2023-01-01 2023-12-31 0001094366rdwr:EuropeMiddleEastAfricaMember 2022-01-01 2022-12-31 0001094366rdwr:EuropeMiddleEastAfricaMember 2021-01-01 2021-12-31 0001094366srt:AsiaPacificMember 2023-01-01 2023-12-31 0001094366srt:AsiaPacificMember 2022-01-01 2022-12-31 0001094366srt:AsiaPacificMember 2021-01-01 2021-12-31 0001094366rdwr:AmericaPrincipallyUnitedStatesMember 2023-12-31 0001094366rdwr:AmericaPrincipallyUnitedStatesMember 2022-12-31 0001094366country:IL 2023-12-31 0001094366country:IL 2022-12-31 0001094366rdwr:EuropeMiddleEastAfricaExcludingIsraelMember 2023-12-31 0001094366rdwr:EuropeMiddleEastAfricaExcludingIsraelMember 2022-12-31 0001094366srt:AsiaPacificMember 2023-12-31 0001094366srt:AsiaPacificMember 2022-12-31 0001094366rdwr:RadwareCoreMember 2023-01-01 2023-12-31 0001094366rdwr:HawksMember 2023-01-01 2023-12-31 0001094366rdwr:RadwareCoreMember 2022-01-01 2022-12-31 0001094366rdwr:RadwareCoreMember 2021-01-01 2021-12-31 0001094366rdwr:HawksMember 2022-01-01 2022-12-31 0001094366rdwr:HawksMember 2021-01-01 2021-12-31 0001094366dei:BusinessContactMember 2023-01-01 2023-12-31 0001094366rdwr:AcquiredTechnologyMember 2023-12-31 0001094366rdwr:AcquiredTechnologyMember 2022-12-31 0001094366rdwr:CustomersRelationshipsBrandNameMember 2023-12-31 0001094366rdwr:CustomersRelationshipsBrandNameMember 2022-12-31 0001094366srt:MinimumMemberrdwr:ComputerPeripheralEquipmentSoftwareMember 2023-01-01 2023-12-31 0001094366srt:MaximumMemberrdwr:ComputerPeripheralEquipmentSoftwareMember 2023-01-01 2023-12-31 0001094366rdwr:ComputerPeripheralEquipmentSoftwareMember 2023-01-01 2023-12-31 0001094366srt:MinimumMemberrdwr:OfficeFurnitureAndEquipmentMember 2023-01-01 2023-12-31 0001094366srt:MaximumMemberrdwr:OfficeFurnitureAndEquipmentMember 2023-01-01 2023-12-31 0001094366rdwr:OfficeFurnitureAndEquipmentMember 2023-01-01 2023-12-31 0001094366srt:MinimumMember 2023-01-01 2023-12-31 0001094366rdwr:Product1Member 2023-01-01 2023-12-31 0001094366rdwr:Product1Member 2022-01-01 2022-12-31 0001094366rdwr:Service1Member 2023-01-01 2023-12-31 0001094366rdwr:Service1Member 2022-01-01 2022-12-31 0001094366rdwr:SubscriptionMember 2023-01-01 2023-12-31 0001094366rdwr:SubscriptionMember 2022-01-01 2022-12-31 0001094366srt:MinimumMemberus-gaap:RestrictedStockUnitsRSUMember 2022-01-01 2022-12-31 0001094366us-gaap:EmployeeStockOptionMember 2023-01-01 2023-12-31 0001094366us-gaap:EmployeeStockOptionMember 2022-01-01 2022-12-31 0001094366us-gaap:EmployeeStockOptionMember 2021-01-01 2021-12-31 0001094366srt:MinimumMember 2023-12-31 0001094366srt:MaximumMember 2023-12-31 0001094366srt:StandardPoorsARatingMembercountry:IL 2023-01-01 2023-12-31 0001094366srt:StandardPoorsAAARatingMembercountry:IL 2023-01-01 2023-12-31 0001094366srt:StandardPoorsBBBPlusRatingMembercountry:IL 2023-01-01 2023-12-31 0001094366country:USus-gaap:DebtSecuritiesMember 2023-12-31 0001094366rdwr:InvestmentGeographicRegionOtherMemberus-gaap:DebtSecuritiesMember 2023-12-31 0001094366rdwr:StandardPoorsMinusOrBetterRatingMember 2023-12-31 0001094366rdwr:StandardPoorsOrPlusRatingMember 2023-12-31 0001094366srt:MinimumMemberus-gaap:RestrictedStockUnitsRSUMember 2023-01-01 2023-12-31 0001094366srt:MaximumMemberus-gaap:RestrictedStockUnitsRSUMember 2023-01-01 2023-12-31 0001094366rdwr:SkyawkMember 2023-01-01 2023-12-31 0001094366us-gaap:SubsequentEventMember 2024-01-01 2024-12-31 0001094366srt:MaximumMemberus-gaap:RestrictedStockUnitsRSUMember 2022-01-01 2022-12-31 0001094366rdwr:InvestmentGeographicRegionEuropeMemberus-gaap:DebtSecuritiesMember 2023-12-31 0001094366currency:ILS 2023-01-01 2023-12-31 0001094366rdwr:DevelopmentZoneMemberrdwr:TechnologicalPreferredEnterpriseMemberrdwr:ParentSubsidiaryMember 2023-01-01 2023-12-31 0001094366rdwr:DevelopmentZoneMember 2016-01-01 2016-12-31 0001094366rdwr:DevelopmentZoneMember 2023-01-01 2023-12-31 0001094366rdwr:ElsewhereInIsraelMember 2016-01-01 2016-12-31 0001094366rdwr:ElsewhereInIsraelMember 2017-01-01 2017-12-31 0001094366rdwr:ElsewhereInIsraelMemberrdwr:TechnologicalPreferredEnterpriseMemberrdwr:ParentSubsidiaryMember 2023-01-01 2023-12-31 0001094366rdwr:DevelopmentZoneMember 2017-01-01 2017-12-31 0001094366srt:MaximumMember 2017-12-01 2017-12-22 0001094366srt:MinimumMember 2017-12-01 2017-12-22 0001094366rdwr:PreferredTechnologicalEnterpriseMember 2022-01-01 2022-12-31 0001094366us-gaap:ForeignCountryMemberrdwr:UnitedStatesSubsidiaryMember 2023-12-31 0001094366us-gaap:ForeignCountryMemberrdwr:UnitedStatesSubsidiaryMember 2023-01-01 2023-12-31 0001094366us-gaap:ForeignCountryMemberrdwr:UnitedStatesSubsidiaryMemberus-gaap:EarliestTaxYearMember 2022-01-01 2022-12-31 0001094366us-gaap:ForeignCountryMemberrdwr:UnitedStatesSubsidiaryMemberus-gaap:LatestTaxYearMember 2022-01-01 2022-12-31 0001094366us-gaap:ProductMember 2023-01-01 2023-12-31 0001094366us-gaap:ProductMember 2022-01-01 2022-12-31 0001094366us-gaap:ProductMember 2021-01-01 2021-12-31 0001094366us-gaap:ServiceMember 2023-01-01 2023-12-31 0001094366us-gaap:ServiceMember 2022-01-01 2022-12-31 0001094366us-gaap:ServiceMember 2021-01-01 2021-12-31 iso4217:ILSxbrli:shares xbrli:pure xbrli:shares iso4217:USDxbrli:shares iso4217:ILS iso4217:USD

 
UNITED STATES
 SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
 
FORM 20-F
 

REGISTRATION STATEMENT PURSUANT TO SECTION 12(b) OR (g) OF THE SECURITIES EXCHANGE ACT OF 1934
 
OR
 
ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
 
For the fiscal year ended
December 31, 2023

OR
 
TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
 
For the transition period from __________ to __________
 
OR
 
SHELL COMPANY REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
 
Date of event requiring this shell company report _________
 
Commission file number: 000-30324
 
image00004.jpg
 
RADWARE LTD.
(Exact name of registrant as specified in its charter)
 
Israel
(Jurisdiction of incorporation or organization)
 
22 Raoul Wallenberg Street, Tel Aviv 6971917, Israel
(Address of principal executive offices)
 
Guy Avidan
 Chief Financial Officer
  Tel. +972-3-7668666, Fax: +972-3-7668982
  22 Raoul Wallenberg Street, Tel Aviv 6971917, Israel
 (Name, Telephone, E-mail and/or Facsimile number and Address of Company Contact Person)
 
Securities registered or to be registered pursuant to Section 12(b) of the Act:
 
Title of each class Trading Symbol 
Name of each exchange on which registered
 
Ordinary Shares,
 NIS 0.05 par value per share
RDWR
The Nasdaq Stock Market LLC
 

Securities registered or to be registered pursuant to Section 12(g) of the Act:
None
(Title of Class)
 
Securities for which there is a reporting obligation pursuant to Section 15(d) of the Act:
None
(Title of Class)
 
Indicate the number of outstanding shares of each of the issuer’s classes of capital or common stock as of the close of the period covered by the annual report:
 
41,698,876 Ordinary Shares, NIS 0.05 par value per share
 
Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act.
 
 Yes            No
 
If this report is an annual or transition report, indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934.
 
Yes           ☒ No
 
Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.
 
Yes           No
 
Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files).
 
Yes           No
 
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” and “emerging growth company” in Rule 12b-2 of the Exchange Act.
 
Large Accelerated Filer ☐
Accelerated Filer
Non-Accelerated Filer 
Emerging growth company
 
- 2 -

 
If an emerging growth company that prepares its financial statements in accordance with U.S. GAAP, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act.
 
Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report.
 
If securities are registered pursuant to Section 12(b) of the Act, indicate by check mark whether the financial statements of the registrant included in the filing reflect the correction of an error to previously issued financial statements.
 
Indicate by check mark whether any of those error corrections are restatements that required a recovery analysis of incentive-based compensation received by any of the registrant’s executive officers during the relevant recovery period pursuant to §240.10D-1(b).
 
Indicate by check mark which basis of accounting the registrant has used to prepare the financial statements included in this filing:
 
U.S. GAAP
 
International Financial Reporting Standards as issued by the International Accounting Standards Board
 
Other
 
If “Other” has been checked in response to the previous question, indicate by check mark which financial statement item the registrant has elected to follow:
 
Item 17      Item 18
 
If this is an annual report, indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act).
 
Yes           No
 
- 3 -

 

INTRODUCTION
 
Unless the context otherwise requires, all references in this Annual Report on Form 20-F (this “annual report”) to “we,” “us,” “our,” the “Company,” and “Radware” are to Radware Ltd. and its subsidiaries.
 
When the following terms and abbreviations appear in the text of this annual report, they have the meanings indicated below:
 

“Articles of Association” is to our Amended and Restated Articles of Association;
 

“Companies Law” or the “Israeli Companies Law” are to the Israeli Companies Law, 5759-1999, as amended;
 

“dollars,” “$,” or “US$” are to U.S. dollars;
 

“EUR” are to euros;
 

“Nasdaq” is to the Nasdaq Stock Market LLC;
 

“NIS” or “shekels” are to New Israeli Shekels;
 

“ordinary shares” are to our ordinary shares, par value NIS 0.05 per share;
 

the “SEC” is to the U.S. Securities and Exchange Commission;
 

the “U.S.” is to the United States; and
 

“U.S. GAAP” are to generally accepted accounting principles in the United States.
 
We have registered trademarks for, among others, Radware®; Radware Logo:
 
®; OnDemand Switch®; Alteon®; APSolute®; LinkProof®; DefensePro®; CID®; SIPDirector®; AppDirector®; AppXcel®; AppXML®; AppWall®; APSolute Insite®; StringMatch Engine®; Web Server Director®; APSolute Vision®; vDirect®; Alteon VA®; AppShape®; FastView®; DefenseFlow®; Virtual DefensePro®; VADI® (Virtual Application Delivery Infrastructure); Radware SecurPath®; ShieldSquare® and the ShieldSquare Logo: ®, and we have non-registered trademarks for, among others, ADC-VX™; Inflight™; and CyberStack™. Unless the context otherwise indicates, all other trademarks and trade names appearing in this annual report are owned by their respective holders.
 
Our consolidated financial statements appearing in this annual report are prepared in dollars and in accordance with U.S. GAAP and are audited in accordance with the standards of the Public Company Accounting Oversight Board in the United States.
 
4


Statements made in this annual report concerning the contents of any contract, agreement or other document are summaries of such contracts, agreements or documents and are not complete descriptions of all of their terms. If we filed any of these documents as an exhibit to this annual report or to any registration statement or reports that we previously filed, you may read the document itself for a complete description of its terms, and the summary included herein is qualified by reference to the full text of the document, which is incorporated by reference into this annual report.
 
Unless otherwise indicated, information contained in this annual report concerning our industry and the markets in which we operate, including our competitive position and market opportunity, is based on information from our own management estimates and research, as well as from industry and general publications and research, surveys and studies conducted by third parties. Management estimates are derived from publicly available information, our knowledge of our industry and assumptions based on such information and knowledge, which we believe to be reasonable. Our management estimates have not been verified by any independent source, and we have not independently verified any third-party information. In addition, assumptions and estimates of our and our industry’s future performance are necessarily subject to a high degree of uncertainty and risk due to a variety of factors, including those described in Item 3.D “Risk Factors” below.

CAUTIONARY STATEMENT REGARDING
FORWARD-LOOKING STATEMENTS
 
Except for the historical information contained herein, the statements contained in this annual report are forward-looking statements, within the meaning of the Private Securities Litigation Reform Act of 1995 and other federal securities laws with respect to our business, financial condition and results of operations. Actual results could differ materially from those anticipated in these forward-looking statements as a result of various factors, including all the risks discussed in “Risk Factors” and elsewhere in this annual report.
 
We urge you to consider that statements that use the terms “believe,” “expect,” “plan,” “intend,” “estimate,” “anticipate,” and similar expressions or future or conditional verbs such as “will,” “should,” “would,” “may,” and “could” are intended to identify forward-looking statements.  Such forward-looking statements appear in Item 3.D “Risk Factors,” Item 4 “Information on the Company,” and Item 5 “Operating and Financial Review and Prospects” as well as elsewhere in this annual report. These statements reflect our current views with respect to future events, are based on assumptions and are subject to risks and uncertainties, including those discussed under Item 3.D “Risk Factors” and in our other filings with the SEC.  Readers are cautioned not to place undue reliance on these forward-looking statements, which speak only as of the date hereof. Except as required by applicable law, including the securities laws of the United States, we do not intend to update or revise any forward-looking statements, whether as a result of new information, future events or otherwise.
 
5

Table of Contents

  8
8
8
8
A.
[Reserved]
9
B.
Capitalization and Indebtedness
9
C.
Reasons for the Offer and Use of Proceeds
9
D.
Risk Factors
9
40
A.
History and Development of the Company
40
B.
Business Overview
41
C.
Organizational Structure
63
D.
Property, Plants and Equipment
65
66
66
A.
Operating Results
66
B.
Liquidity and Capital Resources
79
C.
Research and Development, Patents and Licenses, etc.
82
D.
Trend Information
83
E.
Critical Accounting Estimates
87
92
A.
Directors and Senior Management
92
B.
Compensation
96
C.
Board Practices
100
D.
Employees
105
E.
Share Ownership
106
F.
Disclosure of a Registrant’s Action to Recover Erroneously Awarded Compensation
109
110
A.
Major Shareholders
110
B.
Related Party Transactions
112
C.
Interests of Experts and Counsel
116
117
A.
Consolidated Statements and Other Financial Information
117
B.
Significant Changes
117

6

118
A.
Offer and Listing Details
118
B.
Plan of Distribution
118
C.
Markets
118
D.
Selling Shareholders
118
E.
Dilution
118
F.
Expenses of the Issue
118
119
A.
Share Capital
119
B.
Memorandum and Articles of Association
119
C.
Material Contracts
119
D.
Exchange Controls
119
E.
Taxation
135
F.
Dividends and Paying Agents
135
G.
Statement by Experts
135
H.
Documents on Display
135
I.
Subsidiary Information
135
J.
Annual Report to Security Holders
135
136
138
  139
139
139
140
[Reserved] 140
140
141
141
142
143
143
144
144
145
Insider Trading Policy
 145
Cybersecurity
145
  147
147
147
147
  149

7

Part I
 
ITEM 1.          IDENTITY OF DIRECTORS, SENIOR MANAGEMENT AND ADVISERS
 
Not applicable.
 
ITEM 2.          OFFER STATISTICS AND EXPECTED TIMETABLE
 
Not applicable.
 
ITEM 3.          KEY INFORMATION
 
8


A.          [Reserved]
 
B.          Capitalization and Indebtedness
 
Not applicable.
 
C.          Reasons for the Offer and Use of Proceeds
 
Not applicable.
 
D.          Risk Factors
 
You should carefully consider the following risks before deciding to purchase, hold or sell our ordinary shares. Our business, operating results, and financial condition could be seriously harmed due to any of the following risks. The following risks are not the only risk factors facing our Company. Additional risks and uncertainties not presently known to us or that we currently deem immaterial may also affect our business. The trading price of our ordinary shares could decline due to any of these risks. You should also refer to the other information contained or incorporated by reference in this annual report, before making any investment decision regarding our Company.
 
Summary of Risk Factors
 
The following constitutes a summary of the material risks relevant to an investment in our Company:

Risks Related to Our Business and Our Industry
 
Changing or severe global economic conditions could have a material adverse effect on our results of operations.
 
We depend upon independent distributors to sell our solutions to customers.  If our distributors do not succeed in selling our products and services, we may not be able to operate profitably.
 
We must manage our anticipated growth effectively in order to be profitable.
 
A shortage of components or manufacturing capacity could cause a delay in our ability to fulfill orders or increase our manufacturing costs, and any disruption in our supply chain could have a material adverse effect on our results of operations.
 
We rely on a few vendors to provide our hardware platforms and components for the manufacture of our products.
 
Our success depends on our ability to attract, train and retain highly qualified personnel.
 
9

 
Competition in the market for cyber security and application delivery solutions and in our industry, in general, is intense. If we are unable to compete effectively, we may lose market share, and we may be unable to maintain profitability.
 
We must develop new solutions and enhance existing solutions to remain competitive.
 
Our reputation and business could be harmed based on real or perceived shortcomings, defects or vulnerabilities in our solutions or if our end-users experience security breaches, which could have a material adverse effect on our business, reputation and operating results.
 
As a security provider, if our information technology systems and data, or those of our service providers and other contractors, are compromised by cyber-attackers or other malicious actors, or by a critical system failure, our reputation, financial condition and operating results could be materially adversely affected.
 
Outages, interruptions, or delays in hosting services could impair the delivery of our cloud-based security services and harm our business.
 
Our global operations may expose us to additional risks.
 
We have incurred net losses in the past two years and may incur losses in the future.
 
A slowdown in the growth of the cyber security and application delivery solutions market would reduce our addressable market and solutions sales.
 
If the market for our cloud-based solutions does not continue to develop and grow, we may incur capital and operating losses.
 
Our solutions may have long sales cycles, which may reduce the predictability of our financial performance.
 
We may pursue acquisitions or other investments that could disrupt our business and harm our financial condition.
 
Our business in countries with a history of corruption and transactions with foreign governments increases the risks associated with our international activities.
 
Currency exchange rates and fluctuations of exchange rates could have a material adverse effect on our results of operations.
 
Undetected defects and errors may increase our costs and impair the market acceptance of our products.
 
Our business and operating results could suffer if third parties infringe upon our proprietary technology.
 
Our products may infringe on the intellectual property rights of others.
 
10


Laws, regulations and industry standards affecting our business are evolving, and unfavorable changes could harm our business.
 
Some of our solutions contain “open source” and third-party software, and any failure to comply with the terms of one or more of these open source and third-party software licenses could negatively affect our business.
 
The amount of intangible assets and goodwill on our books may in the future lead to significant impairment charges.
 
Additional tax liabilities, including due to tax positions we have taken, could materially adversely affect our results of operations and financial condition.
 
The enactment of legislation changing the United States’ taxation of international business activities could materially impact our financial position and results of operations.
 
If we are unable to realize our investment objectives, our financial condition and results of operations may be adversely affected.
 
We rely on information technology systems to conduct our businesses, and failure to protect these systems against security breaches and otherwise to implement, integrate, upgrade and maintain such systems in working order could have a material adverse effect on our results of operations, cash flows or financial condition.
 
Major disruptions or deficiencies of our information technology systems could disrupt our operations and cause unanticipated increases in our costs.
 
Our business may be affected by sanctions, export controls and similar measures targeting Russia and other countries and territories as well as other responses to Russia’s military conflict in Ukraine, including indefinite suspension of operations in Russia and dealings with Russian entities by many multi-national businesses across a variety of industries.
 
Climate change may have an adverse impact on our business.
 
Our disclosures and initiatives related to environmental, social and governance (“ESG”) matters expose us to numerous risks, including risks to our reputation, business, financial performance and growth.
 
Risks Related to the Market for Our Ordinary Shares
 
The late Yehuda Zisapel (and following his death, his estate), Nava Zisapel, and Roy Zisapel, our President, Chief Executive Officer and a director, may exert significant influence in the election of our directors and over the outcome of other matters requiring shareholder approval.
 
Provisions of our Articles of Association and Israeli law as well as the terms of our equity incentive plan could delay, prevent or make a change of control of us more difficult or costly, which could depress the price of our ordinary shares.
 
Our share price has been volatile in the past and may be subject to volatility in the future.
 
11


If we are characterized as a passive foreign investment company, our U.S. shareholders may suffer adverse tax consequences.
 
If a U.S. person is treated as owning at least 10% of our ordinary shares, such holder may be subject to adverse U.S. federal income tax consequences.
 
Risks Related to Operations in Israel
 
Political, economic and military instability in the Middle East or Israel, including the state of war declared in Israel in October 2023, may harm our business.
 
The tax benefits we may receive in connection with our preferred enterprise program require us to satisfy prescribed conditions and may be terminated or reduced in the future. This would increase taxes and decrease our net profit.
 
We have obtained benefits from the Israeli Innovation Authority that subject us to ongoing restrictions.
 
It may be difficult to enforce a U.S. judgment against us or our officers and directors and to assert U.S. securities laws claims in Israel.
 
Your rights and responsibilities as a shareholder will be governed by Israeli law, which may differ in some respects from the rights and responsibilities of shareholders of U.S. companies.
 
Risks Related to Our Business and Our Industry
 
Changing or severe global economic conditions could have a material adverse effect on our results of operations.
 
Our business is affected by global economic conditions, uncertainties and downturns, including as a result of the state of war declared in Israel in October 2023 and instability in the Middle East (see the risk factor below titled “Political, economic and military instability in the Middle East or Israel, including the state of war declared in Israel in October 2023, may harm our business”), the war in Ukraine (see the risk factor below titled “Our business may be affected by sanctions, export controls and similar measures targeting Russia and other countries and territories as well as other responses to Russia’s military conflict in Ukraine, including indefinite suspension of operations in Russia and dealings with Russian entities by many multi-national businesses across a variety of industries”), the tensions between China and Taiwan, and central banks in the markets in which we operate that have tightened their monetary policies and raised interest rates, which may impact current and anticipated market demand for our solutions. Uncertainties about current global economic conditions continue to pose a risk as our current or prospective customers may postpone or reduce demand and spending priorities in response to such uncertainties. This could result in, among other things, a reduction in our revenues or a failure to achieve anticipated revenue growth, longer sales cycles, and slower adoption of new technologies as well as downward pressure on the price of our solutions. Other macro conditions may have other adverse effects on the economy, which are difficult to predict, such as instability of any bank with which we maintain a commercial relationship, inflation pressures, rising interest rates or a period of elevated interest rates. Each of the above events could have a material adverse effect on our business, operating results, and financial condition.
 
12


We depend upon independent distributors to sell our solutions to customers.  If our distributors do not succeed in selling our products and services, we may not be able to operate profitably.
 
Our growth strategy depends upon, among other things, increasing sales of our solutions, both directly and indirectly through our different distribution channels. We sell our solutions primarily to independent distributors, including value added resellers (VARs), original equipment manufacturers (OEMs) and global system integrators (GSIs), and are highly dependent upon these distributors’ active marketing and sales efforts. Our distribution agreements with our distributors generally are non-exclusive, ranging in duration with no renewal obligation on the part of our distributors. Our distribution agreements also typically do not prevent our distributors from selling products and services of our competitors and do not contain minimum sales or marketing performance requirements. As a result, our distributors may give higher priority to products and services of our competitors or their own products, thereby reducing their efforts to sell our products and services. In addition, we may not be able to maintain our existing distribution relationships, and we may not be successful in replacing them on a timely basis, or at all. We may also need to develop new distribution channels for new products and services, and we may not succeed in doing so. Any changes in our distributor relationships or distribution channels, including a termination or other disruption of our commercial relationship with our distributors or our inability to establish distribution channels for new products and services, could impair our ability to sell our products and services and have a material adverse effect on our business, financial condition and results of operations.
 
We must manage our anticipated growth effectively in order to be profitable.  
 
We have actively expanded our operations in the past and may continue to expand them in the future in order to gain market share in the evolving market for cyber security and application delivery solutions. This expansion has required, and may continue to require, managerial, operational and financial resources.
 
In some cases, we may choose to increase our cost of operations at the expense of our short-term profitability in order to support future expansion and growth. We cannot assure you that we will continue to expand our operations successfully. If we are unable to manage our expanding operations effectively, our revenues may not increase or may decline, our cost of operations may increase, and we may not be profitable. For example, in 2023 and 2022, we recorded an operating loss of $31.7 million and $3.3 million, respectively, and net loss of $21.6 million and $0.2 million, respectively.
 
13


A shortage of components or manufacturing capacity could cause a delay in our ability to fulfill orders or increase our manufacturing costs, and any disruption in our supply chain could have a material adverse effect on our results of operations.
 
Our ability to meet customer demands depends in part on our ability to obtain timely deliveries of parts from our suppliers and contract manufacturers. We cannot assure you that we will not encounter supply and fulfilment issues in the future and certain components are presently available to us only from limited sources (see the risk factor below titled “We rely on a few vendors to provide our hardware platforms and components for the manufacture of our products” and the discussion under Item 4.B “Business Overview—Manufacturing and Suppliers”). We may not be able to diversify sources in a timely and cost-effective manner, which could harm our ability to deliver products to customers and adversely impact present and future sales and profitability.
 
We may experience a shortage of certain component parts as a result of our own manufacturing issues, manufacturing issues at our suppliers or contract manufacturers, capacity problems or transportation and freight carriers issues experienced by our suppliers or contract manufacturers, or strong demand in the industry for those parts, especially if there is growth in the overall economy. If there is growth in the economy, such growth is likely to create greater pressures on us and our suppliers to accurately project overall component demand and component demands within specific product categories and to establish optimal component levels. If shortages or delays persist, such as due to the worldwide chipset shortage, the price of these components may increase, or the components may not be available at all.
 
We may also encounter shortages if we do not accurately anticipate our needs. We may not be able to secure enough components at reasonable prices or of acceptable quality to build new products in a timely manner in the quantities or configurations needed. Accordingly, our revenues and gross margins could be materially and adversely affected until other sources can be developed.
 
In addition, our operating results could be materially and adversely affected if we anticipate greater demand than what transpires, and we commit to purchasing more components than we actually need. We see this specifically with respect to dated components, which we need to order in large quantities due to manufacturing stoppage. Due to technology advancements, we are required from time to time to make “last buy” type of stock purchases of such dated components for our legacy products.
 
Any disruption in our supply chain, such as disruptions resulting from failure in telecommunication systems; acts of war, terrorism, cyber-attacks or natural disasters, including major environmental or public health concerns, such as the COVID-19 pandemic, lack of skilled labor, the disruption of transportation networks, and adverse weather conditions, could have a material adverse effect on our business, financial condition and results of operations.
 
We rely on a few vendors to provide our hardware platforms and components for the manufacture of our products.
 
We primarily rely on a few original design manufacturers, or ODMs, for the manufacture and supply of our hardware platforms, with approximately 92% of our direct product costs in 2023 related to these vendors. If we are unable to continue to acquire from these ODMs and/or other components vendors on acceptable terms or should any of these ODMs and/or components vendors cease to supply us with such platforms or components for any reason, we may not be able to identify and integrate an alternative source of supply in a timely fashion or at the same costs. Any transition to one or more alternate manufacturers could result in delays, operational problems and increased costs, and may limit our ability to deliver our products to our customers on time during such a transition period, any of which could have a material adverse effect on our business, financial condition and results of operations.
 
14


Our success depends on our ability to attract, train and retain highly qualified personnel.
 
Our products and services require sophisticated technology, marketing and sales expertise. Accordingly, we need highly trained research and development, sales, marketing, technical, customer support, operations and IT personnel. Competition for such qualified personnel, especially in the cyber security domain, is intense. In particular, while there has been intense competition for such qualified personnel in the Israeli high-tech industry historically, the industry experienced record growth and activity in the past few years, which contributed to significant levels of employee attrition and is currently facing a severe shortage of skilled human capital, including qualified personnel in the cyber security domain. Additionally, we may be unable to hire or retain talent who are trained in artificial intelligence (AI), machine learning and advanced algorithms, to keep pace with the rapid and continuous technological changes in our industry. In addition, while we utilize non-competition agreements with our employees as a means of improving our employee retention, we may be unable to enforce these agreements under applicable laws. In light of the foregoing, we may not be able to hire or retain sufficient personnel to support our business operations or, if we do, we may be required to offer increased compensation to attract such employees, which could have a material adverse effect on our business, financial condition and results of operations.
 
Competition in the market for cyber security and application delivery solutions and in our industry, in general, is intense. If we are unable to compete effectively, we may lose market share, and we may be unable to maintain profitability.
 
The cyber security and application delivery solutions marketplace is highly competitive and has very few barriers to entry, particularly in our focus areas. We expect competition to intensify in the future, and we may lose market share if we are unable to compete effectively.
 
Most of our competitors have greater financial, personnel and other resources than we have, which may limit our ability to effectively compete with them. We expect to continue to face additional competition as new participants enter the market or extend their portfolios into related technologies. Current and future participants may also be able to respond more quickly to new or emerging technologies and changes in customer demands and to devote greater resources to the development, promotion and sale of their products than we can. Larger companies with substantial resources, brand recognition and sales channels may form consolidation and alliances with or acquire competing cyber security and application delivery solutions and emerge as significant competitors.
 
Competition may result in lower prices or reduced demand for our solutions and a corresponding reduction in our ability to recover our costs, which may impair our ability to achieve, maintain and increase profitability. Furthermore, the dynamic market environment poses a challenge in predicting market trends and expected growth. We cannot assure you that we will be able to implement our business strategy in a manner that will allow us to be competitive. If any of our competitors offer products or services that are more competitive than ours, we could lose market share and our business, financial condition and results of operations could be materially and adversely affected as a result.
 
15


We must develop new solutions and enhance existing solutions to remain competitive.
 
The market for cyber security and application delivery solutions is characterized by rapid technological changes, driven primarily by accelerated digital transformation including a dramatic increase in work from home initiatives, a rapid shift to online business activity, increased migration to cloud environments and the introduction of interactive AI technologies (LLM-based) that enable adversaries a faster time to launch cyber attacks. Such technological changes and transformations are accompanied by, in addition to a rapidly evolving and active cyber threat landscape that is accelerated by weaponized AI tools, changes in networks, applications infrastructure, architecture tools and increasingly demanding compliance mandates. The challenges we face are centered around the timing and effectiveness of response and include:
 

increasing throughput, capacity, performance algorithmic coverage and efficiency of our core products, to cope with growing velocity and complexity of attacks;
 

adapting to fundamental changes in our customers’ data centers’ infrastructure and changes in the locations of applications and data by offering relevant solutions for multi-clouds and hybrid cloud environments;
 

offering new solutions to adapt to the changes in applications’ deployment frameworks, workflows and architectures, massive usage of Application Programming Interface (API) stacks, third-party attacks that require browser security presence, supply chain attacks and new edge delivery technologies in response to the rise of modern applications buildup and delivery requirements;
 

adapting to changes in the cyber threat landscape, by extending our security coverage to include client-side attacks, edge attacks, API-level attacks,  cloud-native attacks (cloud access management and workloads), complex application-level attacks, such as Business Logic Attacks (BLA), encrypted attacks, usage of open source third-party attack libraries, and/or AI, natural language processing (NLP) and automated attacks;
 

addressing new regulations and compliance standards, including those related to publicly exposed services that require the validation of safety of sensitive data provided or consumed by the service consumers;
 

developing and enhancing our cloud, physical and virtual appliances and container offerings and expanding our managed security services capabilities to address the industry trend of providing services for the cloud and through the cloud – organically and inorganically; and
 

increasing our support offerings to address the industry trend of increased customer reliance on third-party provided or managed information technology services.
 
16


In order to meet these challenges and remain competitive in the market, we have introduced, and must continue to introduce, new solutions and enhancements to our existing solutions. Accordingly, our future success will depend, to a substantial extent, on our ability to accurately and timely identify market trends and anticipate changing market requirements and needs; to invest (including through acquisition of complimentary solutions) in research and development and timely develop, introduce and support relevant and desired new solutions and enhancements; and to gain market acceptance of our offerings. There can be no assurances that our continued investment in research and development, including associated capital expenditures, will ultimately allow us to remain competitive in our industry or otherwise result in successful solutions that generate expected sales and support our growth. In addition, diversifying our solution portfolio might expose us to direct competition with new players and might require additional investments in the associated sales and marketing practices.
 
If our research and development efforts do not lead to a corresponding increase in our revenues, if we fail to timely develop and deploy new solutions and enhancements to our existing solutions, or if we fail to gain market acceptance of our new solutions or enhanced solutions, our business, operating results, and financial condition could be materially adversely affected.
 
Our reputation and business could be harmed based on real or perceived shortcomings, defects or vulnerabilities in our solutions or if our end-users experience security breaches, which could have a material adverse effect on our business, reputation and operating results.
 
Any errors, defects, or misconfigurations could cause our solutions to not meet specifications, be vulnerable to security attacks or fail to secure networks or applications, which could negatively impact customer operations and consequently harm our business and reputation. In addition, we may suffer significant adverse publicity and reputational harm and become subject to regulatory and litigation claims if our solutions are associated, or are believed to be associated with, or fail to reasonably protect against, a security attack or a breach at a high-profile customer, a significant customer base or a significant business partner. Many of our customers and business partners are themselves highly regulated entities, which may result in enhanced scrutiny of our security program and controls in the event of a significant cybersecurity incident. Moreover, any actual or perceived cyber-attack, other security breach, exposure or theft of our or our customers’ data, regardless of whether the breach or theft is attributable to the failure of our solutions, could:
 

adversely affect the market’s perception of our security solutions,
 

cause current or potential customers to look to our competitors for alternatives,
 

require us to expend significant financial resources to analyze, correct or eliminate any vulnerabilities, and
 

lead to investigations, litigation, fines and penalties, any of which could have a material adverse effect on our operations, financial condition and reputation.
 
17


Cyber-attackers or other malicious actors are increasingly sophisticated, may be state actors or affiliated with organized crime, and may operate large-scale and complex automated attacks. In addition, the techniques they use to access or sabotage networks or applications or to disrupt operations (for example, via ransomware) change frequently and generally are not recognized until launched against a target. As a result, our solutions may be unable to anticipate these techniques and provide timely or effective protection to our end-users’ networks or applications, particularly due to the increased use by attackers of tools and techniques that are designed to circumvent security controls, to avoid detection and to remove or obfuscate evidence. The global marketplace also expects actors to increasingly develop innovative attack methodologies utilizing AI to identify and exploit vulnerabilities from both technical and social engineering perspectives. In addition, continued remote and hybrid working arrangements at our Company (and at many third-party providers), such as those that evolved during the COVID-19 pandemic and continued after the pandemic, also increase cybersecurity risks due to the challenges associated with managing remote computing assets and the security vulnerabilities that are present in many non-corporate and home networks. We may acquire companies or enter into information technology system integrations with companies that have cybersecurity vulnerabilities or unsophisticated security measures, which would expose us to increased risks. In addition, we cannot comprehensively identify all misconfigurations, “bugs” or vulnerabilities in proprietary or third-party systems or software used by our business, or guarantee that patches or compensating controls will be applied before vulnerabilities can be exploited by a threat actor. If we fail to identify and respond to new and increasingly complex methods of attack or to update our solutions to detect or prevent such threats in time to protect our end-users’ critical business data, the integrity of our solutions and reputation, as well as our business and operating results, could suffer.
 
Furthermore, security breaches or defects in our solutions could result in loss or alteration of, or unauthorized access to, data of customers, employees, business partners and others, including personally identifiable information, as well as proprietary information belonging to our business such as trade secrets, and compromise our customers’ networks and applications that are secured by our physical and cloud solutions. Moreover, any use or integration of generative or other AI in our, or any third party’s, operations, products or services will pose new and/or unknown cybersecurity risks and challenges. If such a security breach results in the disruption or loss of availability, integrity or confidentiality of customers’ data, we could incur significant liability to our customers and to businesses or individuals whose information was being handled by our customers, in addition to liability imposed by regulatory agencies. There can be no assurance that limitation of liability, indemnification or other protective provisions that we attempt to include in our contracts would be applicable, enforceable or adequate in connection with a security breach, or would otherwise protect us from any such liabilities or damages with respect to any particular claim.
 
There is no guarantee that our solutions will be free of flaws or vulnerabilities. Our end-users may also misuse our solutions, which could result in vulnerabilities to a breach or theft of business data. Furthermore, there can be no assurance that our cybersecurity risk management program and processes, including our policies, controls, or procedures, will be fully implemented, complied with or effective in protecting our information technology systems and confidential information.
 
18


As a security provider, if our information technology systems and data, or those of our service providers and other contractors, are compromised by cyber-attackers or other malicious actors, or by a critical system failure, our reputation, financial condition and operating results could be materially adversely affected.
 
We will not succeed with our application and network security solutions unless the marketplace is confident that we provide effective cyber security protection. We provide security solutions, and as a result, we have been, and continue to be, an attractive target of cyber-attacks and other security incidents, which we have experienced from time to time, that threaten the confidentiality, integrity and availability of our computer and information technology at our computer and information technology systems and network environment. We are subject to many different types of attacks, including, among others, malware, viruses and attachments to e-mails, web application attacks, Distributed Denial of Service (DDoS) attacks, and other disruptive activities of individuals or groups, all of which are designed to impede the performance of our solutions, penetrate our network security or the security of our cloud platform or our internal systems, misappropriate proprietary and other important data and personal information we process or maintain and/or cause other interruptions to our services. We and certain of our third-party providers regularly experience cyberattacks and other incidents, and we expect such attacks and incidents to continue in varying degrees. While to date no attacks or incidents have had a material impact on our operations or results, we cannot guarantee that material incidents will not occur in the future. We expect cyberattacks to accelerate on a global basis in both frequency and magnitude, as threat actors are increasingly sophisticated in using techniques and tools – including AI – that can circumvent controls, evade detection and remove forensic evidence. As a result, we may be unable to detect, investigate, remediate or recover from future attacks or incidents, or to avoid a material adverse impact on our information technology systems, confidential information or business. Furthermore, third parties may attempt to illegally induce employees or customers into disclosing our proprietary information or otherwise compromising the security of our internal networks, systems or physical facilities in order to gain access to our data or our customers’ data.  An actual or perceived breach of security in our internal systems could adversely affect the integrity and market perception of our solutions. Furthermore, the costs to eliminate or address security threats and vulnerabilities before or after a cyber-security incident and any resulting regulatory or litigation actions could be significant.
 
We rely on third-party service providers to supply physical hosting, cloud environments, and specific support technologies in order to deliver and support our security solutions, in addition to internal functions, such as human resources, finance, and electronic communications, all of which are designed to enable us to conduct, monitor, and/or protect our business, operations, systems, and data assets. Such third-party service providers have from time to time been subject to, and continue to be subject to, cyber-attacks, malicious actors, and other security incidents. While we periodically evaluate the internal security posture of each third-party service provider to determine their level of compliance, we may not be able to detect any breach in the first instance it occurs. These risks may impact the integrity and availability of our solutions and may expose us to legal and reputational liability.
 
Any significant system failure, accident, attack or security breach could have a material adverse effect on our business, financial condition and results of operations. Remediation efforts or system redundancy or other continuity measures may be ineffective or inadequate and could result in interruptions, delays or cessation of service and loss of existing or potential customers. There can be no assurance that limitation of liability, indemnification or other protective provisions in our contracts would be applicable, enforceable, or adequate in connection with a security breach, or would otherwise protect us from any such liabilities or damages with respect to any particular litigation (including class actions), reputational impacts, and the loss of partners, collaborators and customers. Additionally, our professional, product, and cyber liability insurance coverages may only cover certain liabilities in connection with a security breach or other security incident and may not adequately cover all liabilities actually incurred, and we cannot assure you that insurance will continue to be available to us on commercially reasonable terms, if at all, or that any insurer will not deny coverage as to any future claim.
 
In addition, any such security breach could disrupt or impair our ability to operate our business, including our ability to provide maintenance and support services to our customers. If this happens, our revenues could decline and our reputation and business could suffer.

19


   Outages, interruptions, or delays in hosting services could impair the delivery of our cloud-based security services and harm our business.
 
We offer infrastructure that supports our DDoS Protection services, web application firewall (WAF) and bot management cloud-based services. In addition, we provide other services through the cloud, such as Content Delivery Network (CDN). Despite precautions taken within our own internal network and at these third-party facilities, the occurrence of a natural disaster or an act of terrorism or other unanticipated problems could result in lengthy interruptions in our services.
 
The cloud-based security services that we provide are operated from a network of third-party facilities that host the software and systems that operate these security services. Any damage to, failure of, or significant disruptions (for example, due to ransomware) to, our internal systems or systems at third-party hosting facilities could result in outages or interruptions in our cloud-based services. Outages or interruptions in our cloud-based security services, whether as a result of impacts to our or our third-party hosting facilities or otherwise, may cause our customers to experience cyber-attacks and to believe that our cloud-based security services are unreliable, cause us to issue credits or pay penalties or damages, cause customers to terminate their subscriptions, and adversely affect our reputation and renewal rates and our ability to attract new customers, ultimately harming our business and results of operations.
 
   Our global operations may expose us to additional risks.
 
We currently offer our solutions in over 80 countries. For the years ended December 31, 2023 and 2022, our sales outside North, Central and South America represented approximately 60% and 58%, respectively, of our total sales. We also rely on third-party service providers around the world to supply physical hosting and cloud environments in order to deliver and support our cloud-based services. Our global business operations involve varying degrees of risk and uncertainty inherent in doing business in so many different jurisdictions. Such risks include, among others: difficulties and costs of staffing and managing foreign operations; the possibility of unfavorable circumstances and additional compliance costs arising from host country laws or regulations, including unexpected changes in the interpretations thereof and reduced protection for intellectual property rights in some countries; partial or total expropriation; export duties and quotas; local tax exposure; economic or political instability, including as a result of insurrection, war, natural disasters, and major environmental, climate or public health concerns, such as the COVID-19 pandemic; differences in business practices; recessionary environments in multiple foreign markets; and damage to, or failure of, systems at third-party hosting facilities around the word resulting in outages or interruptions in our cloud-based services. We cannot be certain that the foregoing factors will not have a material adverse effect on our future revenues and, as a result, on our business, operating results, and financial condition.
 
20


   We have incurred net losses in the past two years and may incur losses in the future.
 
We incurred net losses during 2022 and 2023. Our ability to reach, maintain or increase profitability in the future depends in part on the following factors: the economic health of the global economy, including geopolitical tensions; record levels of inflation and rising interest rates or a period of elevated interest rates; the rate of growth of, and changes in technology trends in our market and other industries in which we currently or may in the future operate; our ability to develop and manufacture new products and technologies and deliver new solutions in a timely manner; the competitive position of our products and services; the continued acceptance of our solutions by our customers and in the industries that we serve; and our ability to manage expenses. In the future, it may be necessary to undertake cost reduction initiatives to be profitable, which could lead to a deterioration of our competitive position. Any difficulties that we encounter as we reduce our costs could negatively impact our results of operations and cash flows. Our revenues may not increase or may grow at a lower rate than we have experienced in the past several years or may even decline, which would negatively impact our results of operations and cash flows. We cannot assure you that we will be profitable.
 
We may increase our operating expenses in future periods. Our decision to increase operating expenses and the scope of such increases depends upon several factors, including the market situation and the effectiveness of our past expenditures. We may continue to make additional expenditures in anticipation of generating higher revenues, which we may not realize, if at all, until sometime in the future. This could cause reductions in our profitability or lead to losses. Additionally, a failure of any acquisition or product development initiative to produce increased revenues could have a material adverse effect on our operations and profitability.
 
A slowdown in the growth of the cyber security and application delivery solutions market would reduce our addressable market and solutions sales.
 
The cyber security and application delivery market in which we operate is rapidly evolving, and we cannot assure you that it will continue to develop and grow. In addition, we cannot assure you that our solutions and technology will keep pace with the changes to this market. Market acceptance of cyber security and application delivery solutions may be inhibited by, among other factors, a lack of anticipated congestion and strain on existing network infrastructures and the availability of alternative solutions. If demand for cyber security and application delivery solutions does not continue to grow, or grows at a slower pace than expected, we may not be able to sell enough of our solutions to maintain or increase our profitability.
 
If the market for our cloud-based solutions does not continue to develop and grow, we may incur capital and operating losses.
 
As we continue to expand our cloud-based solution offerings, our investments, both capital and operational, in our cloud business increase. We cannot assure you that sales of our cloud-based solutions will continue to develop and grow. In addition, we cannot assure you that our services and technology will keep pace with the changes in this market. Specifically, the emergence of alternative solutions, such as those offered by Amazon Web Services, Inc. (AWS), Microsoft Azure or Google’s public cloud, may negatively affect sales of our solutions. We recognize a significant portion of revenue from subscriptions over the term of the relevant subscription period, and as a result, downturns or upturns in sales are not immediately reflected in full in our results of operations.
 
21


Our solutions may have long sales cycles, which may reduce the predictability of our financial performance.
 
Our solutions are technologically complex and are typically intended for use in applications that may be critical to the business of our customers. As a result, our pre-sales process can be subject to delays associated with customers’ budgetary constraints and lengthy approval and procurement processes. The sales cycles of our solutions to new customers can last for as long as 12 months (and in some cases even longer, for example, with carrier customers) from initial presentation to sale. Long sales cycles result in a delay to our generation of revenue. Long sales cycles also subject us to risks not usually encountered in short sales cycles, including our customers’ budgetary constraints and internal acceptance reviews and processes prior to purchase. In addition, orders expected in one quarter could shift to another because of the timing of our customers’ procurement decisions. Furthermore, customers may defer orders in anticipation of new solutions or product enhancements introduced by us or by our competitors. These factors complicate our planning processes and reduce the predictability of our financial performance.
 
We may pursue acquisitions or other investments that could disrupt our business and harm our financial condition.
 
As part of our business strategy, we may invest in or acquire complimentary businesses, technologies or assets or enter into joint ventures or other strategic relationships with third parties. Past acquisitions have caused, and future acquisitions may cause, us to assume liabilities, incur acquisition-related costs, incur amortization expenses or realize write-offs on assets no longer being used or phased out. In addition, the future valuation of these acquisitions may decrease from the market price paid by us, which could result in the impairment of our goodwill and other intangible assets associated with the relevant acquired assets. Moreover, our operation of any acquired or merged businesses, technologies or assets could involve numerous risks, including:
 

post-merger integration problems resulting from the combination of any acquired operations with our own operations or from the combination of two or more operations into a new unified entity;
 

diversion of management’s attention from our core business;
 

substantial expenditures, which could divert funds from other corporate uses;
 

entering markets in which we have little or no experience;
 

loss of key employees of the acquired operations; and
 

known or unknown contingent liabilities, including, but not limited to, tax and litigation costs.
 
22


We cannot be certain that any past or future acquisitions or mergers will be successful. If the operation of the business of any future acquisitions or mergers disrupts our operations, our results of operations may be adversely affected, and even if we successfully integrate the acquired business with our own, we may not receive the intended benefits of the acquisition. In addition, our pursuit of potential acquisitions may divert our management’s attention from our core business and require considerable cash outlays at the expense of our existing operations, whether or not such transactions are consummated. A failure of any acquisitions or product developments to produce increased revenues could have a material adverse effect on our operations and profitability.
 
Our business in countries with a history of corruption and transactions with foreign governments increases the risks associated with our international activities.

As we operate and sell internationally, we are subject to the Foreign Corrupt Practices Act of 1977, as amended (the “FCPA”), the U.K. Bribery Act of 2010 (the “UK Bribery Act”) and other laws that prohibit improper payments or offers of payments to foreign governments and their officials and political parties for the purpose of obtaining or retaining business. We have operations, deal with and make sales to governmental customers in countries known to experience corruption, particularly certain emerging countries in Eastern Europe, South and Central America, East Asia, Africa and the Middle East. Our activities in these countries create the risk of unauthorized payments or offers of payments by one of our employees, consultants, channel partners or sales agents that could be in violation of various anti-corruption laws, even though these parties may not be under our control. While we have implemented safeguards to prevent these practices by our employees, consultants, channel partners and sales agents, our existing safeguards and any future improvements may prove to be less than effective, and our employees, consultants, channel partners or sales agents may engage in conduct for which we might be held responsible. Violations of the FCPA, the UK Bribery Act or other anti-corruption laws may result in severe criminal or civil sanctions, including suspension or debarment from government contracting, and we may be subject to other liabilities, which could negatively affect our business, operating results, and financial condition.
 
Currency exchange rates and fluctuations of exchange rates could have a material adverse effect on our results of operations.
 
We are impacted by exchange rates and fluctuations thereof in a number of ways, including:
 

A large portion of our expenses in Israel, principally salaries and related personnel expenses, are paid in NIS, whereas most of our revenues are generated in U.S. dollars. When the U.S. dollar is weak, our foreign currency-denominated expenses will be higher, whereas if the U.S. dollar is strong, our foreign currency-denominated expenses will be lower. If the NIS strengthens against the U.S. dollar, the dollar value of our Israeli expenses will increase and may have a material adverse effect on our business, operating results, and financial condition;
 
23



A portion of our international sales are denominated in currencies other than U.S. dollars, such as euros, thereby exposing us to currency fluctuations in such international sales transactions;
 

We incur expenses in several other currencies in connection with our operations in Europe and Asia. Devaluation of the U.S. dollar relative to such local currencies causes our operational expenses to increase; and
 

The majority of our international sales are denominated in U.S. dollars. Accordingly, devaluation in the local currencies of our customers relative to the U.S. dollar could cause our customers to decrease orders or default on payment.
 
Not all of our potential exposure to the effect of fluctuations in foreign currency exchange rates on our financial position and results of operations is covered by the foreign currency hedging transactions we engage in from time to time. Furthermore, there can be no assurance that any such hedging transactions will materially reduce the effect of fluctuations in foreign currency exchange rates on such results. For a further discussion of the impact on currency exchange rates on our business, see Item 11 “Quantitative and Qualitative Disclosures About Market Risk.”
 
Undetected defects and errors may increase our costs and impair the market acceptance of our products.
 
Our products have occasionally contained, and may in the future contain, undetected defects or errors, especially when first introduced or when new versions are released, due to defects or errors that we fail to detect, including in components supplied to us by third parties. These defects or errors may be found after the commencement of commercial shipments. In addition, because our customers integrate our products into their networks with products from other vendors, it may be difficult to identify the product that has caused the problem in the network. Regardless of the source of these defects or errors, we will then need to divert the attention of our engineering personnel from our product development efforts to detect and correct these errors and defects. We cannot assure you whether we will incur significant warranty or repair costs, be subject to liability claims for material damages related to product errors or defects or experience any material lags or delays as a result thereof in the future. Any insurance coverage that we maintain may also not provide sufficient protection should a claim be asserted. Moreover, the occurrence of errors and defects, whether caused by our products or the components supplied by another vendor, may result in significant customer relations problems and injure our reputation, thereby impairing the market acceptance of our products.
 
Our business and operating results could suffer if third parties infringe upon our proprietary technology.
 
Our success depends, in part, upon the protection of our proprietary software installed in our products, our trade secrets and trademarks. We seek to protect our intellectual property rights through a combination of trademark and patent law, trade secret protection, confidentiality agreements, and other contractual arrangements with our employees, affiliates, distributors, and others. In the United States and several other countries, we have registered or acquired trademarks. In addition, we have registered patents in the U.S. and other jurisdictions and have pending patent applications and provisional patents in connection with several of our products’ features.
 
24


The protective steps we have taken may be inadequate to deter infringement upon our intellectual property rights or misappropriation of our proprietary information. We may be unable to detect the unauthorized use of our proprietary technology or take appropriate steps to enforce our intellectual property rights. Effective trademark, patent and trade secret protection may not be available in every country in which we offer, or intend to offer, our products. In addition, our competitors may independently develop technologies that are substantially equivalent or superior to our technology. Any licenses for intellectual property that might be required for our services or products may not be available on reasonable terms. Failure to adequately protect our intellectual property rights could devalue our proprietary content, impair our ability to compete effectively, and eventually harm our operating results. Furthermore, defending our intellectual property rights, either by way of initiating intellectual property litigation or defending such, could result in the expenditure of significant financial and managerial resources. Moreover, any adverse outcome of litigation proceedings could impact the value of our proprietary technology and have additional significant financial impacts, which may harm our operating results.
 
Our products may infringe on the intellectual property rights of others.
 
Third parties may assert claims that we have violated a patent, trademark, copyright or other proprietary intellectual property right belonging to them. As is characteristic of our industry, there can be no assurance that our products do not or will not infringe the proprietary rights of third parties, that third parties will not claim infringement by us with respect to patents or other proprietary rights, or that we would prevail in any such proceedings. We have received in the past, and may receive in the future, communications asserting that the technology used in some of our products requires third-party licenses. Any infringement claims, whether or not meritorious, could result in significant costly litigation or arbitration and divert the attention of technical and management personnel. Any adverse outcome in litigation alleging infringement could require us to develop non-infringing technology or enter into royalty or licensing agreements. If, in such situations, we are unable to obtain licenses on acceptable terms, we may be prevented from manufacturing or selling products that infringe such intellectual property of a third party. An unfavorable outcome or settlement regarding one or more of these matters could have a material adverse effect on our business, reputation and operating results.
 
Laws, regulations and industry standards affecting our business are evolving, and unfavorable changes could harm our business.
 
Laws, regulations and industry standards that apply to our business are becoming more prevalent and constantly evolving, particularly in the area of data privacy and cyber security. We may be impacted by changes in privacy-related and cyber security-related regulations governing the collection, use, retention, sharing and security of personal data that we collect, utilize, or otherwise process from our customers and/or visitors to their websites and others. Complying with a diverse range of privacy and cyber security requirements could cause us to incur substantial costs or require us to change our business practices in a manner adverse to our business. Any failure, or perceived failure, by us to comply with any privacy or cyber security-related laws, government regulations or directives, or industry self-regulatory principles could result in damage to our reputation or proceedings or actions against us by governmental entities or others, which could potentially have an adverse effect on our business.
 
25


For example, in the European Economic Area (EEA), we are subject to the General Data Protection Regulation 2016/679 (GDPR) and in the United Kingdom we are subject to the United Kingdom data protection regime consisting primarily of the UK General Data Protection Regulation and the UK Data Protection Act 2018 (UK DP Laws), in each case in relation to our collection, control, processing, sharing, disclosure and other use of data relating to an identifiable living individual (personal data). The GDPR, and national implementing legislation in EEA member states and the United Kingdom, impose a strict data protection compliance regime. GDPR and UK DP Laws can expose us to enforcement actions and investigations by regulatory authorities and potentially result in regulatory penalties and significant legal liability, if our information technology security efforts fail and if we fail to disclose any material cybersecurity incident in an adequate and timely manner. Accordingly, a data security breach or privacy violation that leads to unauthorized access to, disclosure or modification of personal information, that prevents access to personal information or materially compromises the privacy, security, or confidentiality of the personal information, could result in fines, increased costs or loss of revenue. Our compliance with GDPR and UK DP Laws, as well as other data privacy and cyber security laws around the world, evolving regulations of cloud computing, cross-border data transfer restrictions and other domestic or foreign regulations, has required and will continue to require us to invest significant resources in compliance and compliance-related areas. 
 
Furthermore, laws, regulations and industry standards are subject to constant and, at times, drastic changes that, particularly in the case of industry standards, may arrive with little or no notice, and these could either help or hurt the demand for our solutions. If we are unable to adapt our solutions to changing laws, regulations and industry standards in a timely manner, or if our solutions fail to assist our customers with their compliance initiatives, our customers may lose confidence in our solutions and could switch to competing solutions. Recent legal developments in Europe have created complexity and uncertainty regarding transfers of personal data from the EEA and the United Kingdom to the United States. These recent developments may require us to review and amend the legal mechanisms by which we make and/or receive personal data transfers to or in the U.S. Such legal developments also cause us to look at our operations and review our data flows to ensure we can continue to meet clients’ increasing requests for data to remain in-country or in-region. At the same time, if, contrary to this trend, regulations and standards related to cyber security are changed in a manner that makes them less onerous, our customers may view government and industry regulatory compliance as less critical to their businesses, and our customers may purchase fewer of our solutions, or none at all. In either case, our sales and financial results would be negatively impacted and could be materially adversely affected.
 
26


Some of our solutions contain “open source” and third-party software, and any failure to comply with the terms of one or more of these open source and third-party software licenses could negatively affect our business.
 
Some of our products utilize open source technologies. Some open source software licenses require users who distribute or make available as a service open source software as part of their own software product to publicly disclose all or part of the source code of the users’ software product or to make available any derivative works of the open source code on unfavorable terms or at no cost. We cannot be sure that all open source software is submitted for approval prior to use in our products and while we scan the open-source software that we use in our products and patch discovered vulnerabilities, we have no assurance that they will be free from vulnerabilities or malicious code. The use of open-source software in our solutions may expose us, and our customers using our solutions, to additional vulnerabilities and security breaches, which may result in significant adverse impacts to us and our customers. In addition, open source license terms may be ambiguous and many of the risks associated with use of open source software cannot be eliminated, and could, if not properly addressed, negatively affect our business.  We may face ownership claims from third parties over, or seeking to enforce the license terms applicable to, such open source software, including by demanding the release of the open source software, derivative works or our proprietary source code. Any such requirement to disclose our source code or other confidential information related to our products could materially and adversely affect our competitive position and may adversely impact our business, results of operations and financial condition. In addition, if the license terms for the open source code change, we may be forced to re-engineer our software or incur additional costs.
 
In addition, some of our solutions include other software or intellectual property licensed from third parties. This exposes us to risks over which we may have little or no control. There can be no assurance that the licenses from such third-party licensors will continue to be available to us on acceptable terms, if at all. In addition, while we believe we are compliant with the terms of our third-party licenses, such licensors may still assert that we are in breach of the terms of a license, which could give such licensors the right to terminate a license or seek damages from us, or both. Our inability to maintain such licenses or the need to engage in litigation regarding these matters, could result in delays in releases of new products, and could otherwise disrupt our business, unless and until equivalent technology can be identified, licensed, or developed at substantially the same costs to us.
 
The amount of intangible assets and goodwill on our books may in the future lead to significant impairment charges.
 
The amount of goodwill and intangible assets on our consolidated balance sheets was, as of December 31, 2023, approximately $83.7 million, compared to $87.7 million as of December 31, 2022. We regularly review our intangible and tangible assets, including goodwill, for impairment. Goodwill is subject to impairment review at least annually, and other intangible assets are reviewed for impairment when there is an indication that impairment may have occurred. Impairment testing has led to, and may in the future lead to, significant impairment charges.
 
Additional tax liabilities, including due to tax positions we have taken, could materially adversely affect our results of operations and financial condition.
 
We operate our business in various countries, and we attempt to utilize an efficient operating model to optimize our tax payments based on the laws in the countries in which we operate. This can cause disputes between us and various tax authorities in the countries in which we operate, whether due to tax positions that we have taken in various tax returns we have filed or due to determinations we have made not to file tax returns in certain jurisdictions. In particular, not all of our tax returns are final and may be subject to further audit and assessment by applicable tax authorities. There can be no assurance that the applicable tax authorities will accept our tax positions, and, if they do not, we may be required to pay additional taxes. In the past few years, certain tax authorities who have audited our tax returns have rejected our tax positions, and we cannot be sure that our positions will be accepted, and we may end up paying additional taxes, whether as a result of litigation, if instituted, or settlement negotiations. Our reserves, which are based on various assumptions and estimates, may prove to be insufficient and as such, our future results may be adversely affected.
 
27


In recent years, we have seen changes in tax laws resulting in an increase in applicable tax rates, especially increased liabilities of corporations and limitations on the ability to benefit from strategic tax planning, with these laws particularly focused on international corporations. Such legislative changes in one or more jurisdictions in which we operate may have implications on our tax liability and have a material adverse effect on our results of operations and financial condition. For example, the Organization for Economic Cooperation and Development, or the OECD, an intergovernmental organization that aims to promote the economic and social well-being of people around the world, introduced the base erosion and profit shifting (BEPS) project. The BEPS project contemplates changes to numerous international tax principles, as well as national tax incentives, and these changes, if adopted by individual countries, could adversely affect our provision for income taxes. Countries have only recently begun to translate the BEPS recommendations into specific national tax laws, and it remains difficult to predict with accuracy the magnitude of any impact that such new rules may have on our financial results. The U.S. and Israel, among other countries in which we have operations, are members of the OECD.
 
The enactment of legislation changing the United States’ taxation of international business activities could materially impact our financial position and results of operations.
 
Due to the expansion of our international business activities, any changes in the U.S. taxation of such activities may increase our worldwide effective tax rate, and adversely affect our financial position and results of operations. The U.S. presidential administration and members of the U.S. Congress have proposed significant changes in U.S. federal income tax law, regulation and government policy within the United States, which could affect us and our business. For example, the recent Inflation Reduction Act enacted in the United States introduced, among other changes, a 15% corporate minimum tax on certain United States corporations and a 1% excise tax on certain stock redemptions by United States corporations (which the U.S. Treasury indicated may also apply to certain stock redemptions by a foreign corporation funded by certain United States affiliates).  Further, other foreign governments may enact tax laws in response to any changes in the U.S. taxation of international business activities that could result in further changes to global taxation and materially affect our financial position and results of operations. We are currently unable to predict whether these or other changes will occur and, if so, the ultimate impact on our business. To the extent that such changes have a negative impact on us, our suppliers or our consumers, including as a result of related uncertainty, these changes may materially and adversely impact our business, financial condition, results of operations and cash flow.
 
28


If we are unable to realize our investment objectives, our financial condition and results of operations may be adversely affected.
 
We maintain substantial balances of cash and liquid investments as strategic assets for purposes of acquisitions and general corporate purposes, including share repurchases. Our cash, cash equivalents, short- and long-term bank deposits and marketable securities totaled $363.7 million as of December 31, 2023, compared to $432.0 million as of December 31, 2022. The performance of the capital markets is the primary factor that affects the values of funds that are held in marketable securities. These assets are subject to market fluctuations and various developments, including, without limitation, rating agency downgrades that may impair their value. We expect that market conditions will continue to fluctuate and that the fair value of our investments may be affected accordingly, including, without limitation, by rising levels of inflation and interest rates or a period of elevated interest rates.
 
Financial income is a component of our net income and the outlook for our financial income is dependent, in part, on the future direction of interest rates, exchange rates, the amount of any share repurchases or acquisitions that we make and the amount of cash flows from operations that are available for investment. For example, for the years ended December 31, 2023 and 2022, we had $13.9 million and $8.1 million, respectively, of net financial income, that was primarily derived from changes in foreign currency exchange rates and the value of our investments and interest income from our bank deposits. The performance of the capital markets affects the values of our funds that are held in marketable securities. These assets are subject to market fluctuations and will yield uncertain returns. Due to certain market developments, including investments’ rating downgrades, the fair value of these investments may decline. If market conditions continue to fluctuate, the fair value of our investments may be impacted accordingly. Although our investment guidelines stress diversification and capital preservation, our investments are subject to a variety of risks, including risks related to general economic conditions, interest rate fluctuations and market volatility.
 
In particular, our investment portfolios include a significant amount of interest rate-sensitive instruments, such as bonds, which, in addition to the inherent risk associated with the debt, may be adversely affected by changes in interest rates. Changes in interest rates and credit quality may also result in fluctuations in the income derived from, or the valuation of, our fixed income securities. Interest rates are highly sensitive to many factors, including governmental monetary policies, domestic and international economic and political conditions and other factors beyond our control. For example, benchmark interest rates, such as the U.S. Federal Funds Rate, are currently relatively high, which is likely to significantly impact our investment income. Additional increases in interest rates might decrease the value of our investments in fixed-income securities. If increases in interest rates occur during periods when we sell investments to satisfy liquidity needs, we may experience investment losses. Conversely, if interest rates decline, reinvested funds and our investment in bank deposits will earn less than expected.
 
In terms of credit risk, our investment portfolio policy is “buy and hold” while minimizing credit risk by setting maximum concentration limit per issuer and credit rating. Our investments consist primarily of government and corporate bonds and bank deposits. Although we believe that we generally adhere to conservative investment guidelines, if turmoil in the financial markets reoccurs in the future, it may result in impairments of the carrying value of our investment assets since we classify our investments in marketable securities as available-for-sale. Changes in the fair value of investments classified as available-for-sale are not recognized as income (loss) during the period, but rather are recognized as a separate component of equity until realized. Realized losses in our investments portfolio may adversely affect our financial position and results. For example, if we had reported all the changes in the fair values of our investments into income (loss), our reported net loss would have decreased by $4.3 million during the year ended December 31, 2023, and our net loss would have increased by $4.4 million during the year ended December 31, 2022. Any significant decline in our financial income or the value of our investments as a result of continued high interest rates, deterioration in the credit worthiness of the securities in which we have invested, general market conditions or other factors could have an adverse effect on our results of operations and financial condition.
 
29


We rely on information technology systems to conduct our businesses, and failure to protect these systems against security breaches and otherwise to implement, integrate, upgrade and maintain such systems in working order could have a material adverse effect on our results of operations, cash flows or financial condition.
 
The efficient operation of our businesses depends on our computer hardware and software systems. For instance, we rely on information technology systems to process customer orders, manage accounts receivable collections, manage accounts payable processes, track costs and operations, maintain client relationships and accumulate financial results. Despite our implementation of industry-accepted security measures and technology, our information technology systems are vulnerable to, and have been in the past subject to, computer viruses, attempts to insert malicious codes, unauthorized access, phishing efforts, denial-of-service attacks and other cyber-attacks, and we expect to be subject to similar attacks in the future as such attacks become more sophisticated and frequent. A breach of our information technology systems could result in decreased performance, operational difficulties and increased costs, any of which could have a material adverse effect on our business and operating results.
 
Major disruptions or deficiencies of our information technology systems could disrupt our operations and cause unanticipated increases in our costs.

We have invested, and intend to continue to invest, significant capital and human resources in our information technology systems, including in a project for company-wide sales, operations and services support systems. Any major disruptions or deficiencies in the design and implementation of our information technology systems, particularly those that impact our operations, could adversely affect our ability to process customer orders, ship products, provide services and support to our customers, bill and track our customers, timely report our financial results and otherwise run our business.
 
30


Our business may be affected by sanctions, export controls and similar measures targeting Russia and other countries and territories as well as other responses to Russia’s military conflict in Ukraine, including indefinite suspension of operations in Russia and dealings with Russian entities by many multi-national businesses across a variety of industries.
 
As a result of Russia’s military conflict in Ukraine, governmental authorities in the United States, the European Union and the United Kingdom, among others, launched an expansion of coordinated sanctions and export control measures, including, for example:
 

blocking sanctions on some of the largest state-owned and private Russian financial institutions (and their subsequent removal from SWIFT);
 

blocking sanctions against Russian and Belarusian individuals, including the Russian President, other politicians and those with government connections or involved in Russian military activities;
 

blocking sanctions against certain Russian businessmen and their businesses, some of which have significant financial and trade ties to the European Union;
 

blocking of Russia’s foreign currency reserves and prohibition on secondary trading in Russian sovereign debt and certain transactions with the Russian Central Bank, National Wealth Fund and the Ministry of Finance of the Russian Federation;
 

expansion of sectoral sanctions in various sectors of the Russian and Belarusian economies and the defense sector;
 

United Kingdom sanctions introducing restrictions on providing loans to, and dealing in securities issued by, persons connected with Russia;
 

restrictions on access to the financial and capital markets in the European Union, as well as prohibitions on aircraft leasing operations;
 

sanctions prohibiting most commercial activities of U.S., U.K., and E.U. persons in the so-called People’s Republic of Donetsk and the so-called People’s Republic of Luhansk (and, with respect to the E.U., the areas of Kherson and Zaporizhzhia not controlled by the Ukrainian government), with all of these new restrictions largely tracking prior prohibitions relating to Crimea and Sevastopol;
 

enhanced import and export controls and trade sanctions targeting Russia’s imports of technological goods, including E.U. and U.K. prohibitions on exporting a wide range of “industrial” goods to Russia (and on importing a large number of “revenue-generating” goods from Russia).  The restrictions also include bans on the export of large numbers of “luxury” items to Russia (and in some cases also to Belarus), tighter controls on exports and reexports of dual-use items, stricter licensing policy with respect to issuing export licenses, and/or increased use of “end-use” controls to block or impose licensing requirements on exports, as well as higher import tariffs;
 

closure of airspace to Russian aircraft;
 

ban on imports of Russian oil, liquefied natural gas and coal to the United States;
 

ban on imports of Russian fish, seafood, and preparations thereof, alcoholic beverages, non-industrial diamonds, and gold to the United States;
 

a ban on “new investment” in the Russian Federation by a U.S. person, which may be interpreted broadly (with a similar prohibition also enacted by the United Kingdom);
 
31



bans on the provision of certain professional services, including accounting, trust and corporate formation, auditing, and management consulting services, among others; and
 

bans on the provision of services related to the worldwide maritime transportation of seaborne Russian oil, if purchased above a specific price cap.
 
As the conflict in Ukraine continues, there can be no certainty regarding whether the governmental authorities in the United States, the European Union, the United Kingdom or other counties will impose additional sanctions, export controls or other measures targeting Russia, Belarus or other territories. Furthermore, in retaliation against new international sanctions and as part of measures to stabilize and support the volatile Russian financial and currency markets, the Russian authorities also imposed significant currency control measures aimed at restricting the outflow of foreign currency and capital from Russia, imposed various restrictions on transacting with non-Russian parties, banned exports of various products and other economic and financial restrictions.
 
Our business must be conducted in compliance with applicable economic and trade sanctions laws and regulations, including those administered and enforced by the U.S. Department of Treasury’s Office of Foreign Assets Control, the U.S. Department of State, the U.S. Department of Commerce, the United Nations Security Council and other relevant governmental authorities. We must be ready to comply with the existing and any other potential additional measures imposed in connection with the conflict in Ukraine. The imposition of such measures could adversely impact our business, including preventing us from performing existing contracts, recognizing revenue, pursuing new business opportunities or receiving payment for products already supplied or services already performed with customers.
 
In 2023 and 2022, 3% and 7%, respectively, of our total revenues were from sales to customers located in Russia. We continuously review and monitor our contractual relationships with suppliers and customers to establish whether any of them are the target of the applicable sanctions. In the event that we identify a party with which we have a business relationship that is the target of applicable sanctions, we would immediately activate a legal analysis of what gives rise to the business relationship, including any contract, to estimate the most appropriate course of action to comply with the sanction regulations, together with the impact of a contractual termination according to the applicable law, and then proceed as required by the regulatory authorities. However, given the range of possible outcomes, the full costs, burdens, and limitations on our and our customer’s and business partners’ businesses are currently unknown and may become significant.
 
Furthermore, even if an entity is not formally subject to sanctions, customers and business partners of such entity may decide to reevaluate or cancel projects with such entity for reputational or other reasons. As result of the ongoing conflict in Ukraine, many U.S. and other multi-national businesses across a variety of industries, including consumer goods and retail, food, energy, finance, media and entertainment, tech, travel and logistics, manufacturing and others, have indefinitely suspended their operations and paused all commercial activities in Russia and Belarus.  Depending on the extent and breadth of sanctions, export controls and other measures that may be imposed in connection with the conflict in Ukraine, it is possible that our business, financial condition, and results of operations could be materially and adversely affected.
 
32


Climate change may have an adverse impact on our business.

Global climate change may result in certain natural disasters occurring more frequently or with greater intensity, such as earthquake, drought, wildfires, storms, sea-level rise, and flooding, and many believe that the risks related to climate change are increasing in both impact and type of risk. While we do not believe there will be significant near-term impacts to our business and operations due to climate change, long-term impacts remain unknown. These include operational risks impacting, among other things, our supply chain, our personnel or electrical power availability from climate changed-related weather events as well as business and regulatory risks. For example, regulatory risks include changes in laws and regulations on climate change, which may increase our compliance costs and limit our ability to operate. Similarly, evolving customer and other stakeholder expectations and regulatory requirements to reduce carbon emissions could present a risk of loss of business if we are not able to meet those expectations or requirements.

Our disclosures and initiatives related to ESG matters expose us to numerous risks, including risks to our reputation, business, financial performance and growth.

There has been increasing public focus by investors, customers, environmental activists, the media and governmental and nongovernmental organizations on a variety of ESG matters, which may result in increased costs (including but not limited to increased costs related to compliance, stakeholder engagement, and contracting), impact our reputation, or otherwise affect our business performance. As we identify ESG topics for voluntary disclosure, we have expanded and, in the future, may continue to expand, our voluntary disclosures in these areas. Statements about our ESG initiatives and goals, and progress against those goals, may be based on standards for measuring progress that are still developing, internal controls and processes that continue to evolve, and assumptions that are subject to change in the future. If our ESG-related data, processes and reporting are incomplete or inaccurate, or if we fail to achieve progress with respect to our ESG goals on a timely basis, or at all, our reputation, business, financial performance and growth could be adversely affected. In addition, this emphasis on ESG matters has resulted and may result in the adoption of new laws and regulations, including new reporting requirements. If we fail to comply with new laws, regulations or reporting requirements, our reputation and business could be adversely impacted.

Risks Related to the Market for Our Ordinary Shares
 
The late Yehuda Zisapel (and following his death, his estate), Nava Zisapel, and Roy Zisapel, our President, Chief Executive Officer and a director, may exert significant influence in the election of our directors and over the outcome of other matters requiring shareholder approval.
 
As of March 18, 2024, the late Yehuda Zisapel (until recently, the Chairman of our Board of Directors) beneficially owned approximately 4.56% of our outstanding ordinary shares; Nava Zisapel beneficially owned approximately 7.32% of our outstanding ordinary shares; and their son, Roy Zisapel (our President, Chief Executive Officer and a director), beneficially owned approximately 3.66% of our outstanding ordinary shares (see Items 6.E “Share Ownership and 7.A “Major Shareholders”). As a result, if these shareholders act together, they could exert significant influence on the election of our directors and on decisions by our shareholders on matters submitted to shareholder vote, including mergers, consolidations and the sale of all or substantially all of our assets. This concentration of ownership of our ordinary shares could delay or prevent proxy contests, mergers, tender offers, or other purchases of our ordinary shares that might otherwise give our shareholders the opportunity to realize a premium over the then-prevailing market price for our ordinary shares. This concentration of ownership may also adversely affect our share price.
 
 
33


Provisions of our Articles of Association and Israeli law as well as the terms of our equity incentive plan could delay, prevent or make a change of control of us more difficult or costly, which could depress the price of our ordinary shares.
 
The provisions in our Articles of Association relating to the election of our directors in three staggered classes, the submission of shareholder proposals for shareholders meetings and the quorum requirement for adjourned shareholder meetings may have the effect of delaying or making an unsolicited acquisition of our Company more difficult. Israeli corporate and tax laws, including the ability of our Board of Directors to adopt a shareholder rights plan without further shareholder approval, may also have the effect of delaying, preventing or making an acquisition of us more difficult. For example, under the Companies Law, upon the request of a creditor of either party to a proposed merger, an Israeli court may delay or prevent the merger if it concludes that there is a reasonable concern that, as a result of the merger, the surviving company will be unable to satisfy the obligations of any of the parties to the merger. In addition, our Key Employee Share Incentive Plan (1997), as amended, or the Share Incentive Plan, provides that, in the event of a “Hostile Takeover” (which is defined to include, among others, an unsolicited acquisition of more than 20% of our outstanding shares), the vesting of all or a portion of our outstanding equity awards will accelerate, unless otherwise determined by our Board of Directors (or a committee thereof). As a result, an acquisition of our Company that triggers the said acceleration will be more costly to a potential acquirer. These provisions could cause our ordinary shares to trade at prices below the price for which third parties might be willing to pay to gain control over us. Third parties who are otherwise willing to pay a premium over prevailing market prices to gain control of us may be unwilling to do so because of these provisions.
 
34


Our share price has been volatile in the past and may be subject to volatility in the future.
 
The market price for our ordinary shares, as well as the prices of shares of other technology companies, has been volatile. For example, during 2023, the lowest closing price of our share was $14.38, compared to the highest closing price of our share of $23.14 during the same year. The volatility of our share price may have a negative impact on our financial performance as a result of its negative impact on employee retention. Numerous factors, many of which are beyond our control, may cause the market price and trading volume of our ordinary shares to fluctuate significantly and decrease further, including:
 

operating results that do not meet forecasts by securities analysts;
 

announcements concerning us or our competitors;
 

the introduction of new products and new industry standards;
 

general market conditions and changes in market conditions in our industry;
 

the general state of securities markets (particularly the technology sector);
 

political, economic and other developments in the State of Israel, the U.S. and worldwide, including, for example, the Ukraine-Russia and Israel-Hamas military conflicts; and
 

any of the events underlying any of the other risks or uncertainties set forth elsewhere in this annual report actually occurs.
 
If we are characterized as a passive foreign investment company, our U.S. shareholders may suffer adverse tax consequences.
 
Generally, if for any taxable year, after applying certain “look through” tax rules, (i) 75% or more of our gross income is passive income, or (ii) at least 50% of the fair market value of our assets, averaged quarterly over our taxable year, are held for the production of, or produce, passive income, we would be characterized as a passive foreign investment company, or PFIC, for U.S. federal income tax purposes. If we are classified as a PFIC, our U.S. shareholders could suffer adverse U.S. tax consequences, including having gain realized on the sale of our ordinary shares treated as ordinary income, as opposed to capital gain income, and having potentially punitive interest charges apply to such gain. Similar rules would apply to certain “excess distributions” made with respect to our ordinary shares.
 
For our taxable year ended December 31, 2023, we do not believe that we should be classified as a PFIC. There can be no assurance, however, that the IRS will not challenge this treatment, and it is possible that the IRS could attempt to treat us as a PFIC for 2023 and prior taxable years. The tests for determining PFIC status are applied annually, and require a factual determination that depends on, among other things, the composition of our income, assets and activities in each taxable year, and can only be made annually after the close of each taxable year. Furthermore, the aggregate value of our gross assets is likely to be determined in part by reference to the trading price of our ordinary shares, which could fluctuate significantly. We have a substantial balance of cash and other liquid investments, which are passive assets for purposes of the PFIC determination. Accordingly, if our market capitalization declines significantly, it may make our classification as a PFIC more likely for the current or future taxable years. Accordingly, there can be no assurance that we will not become a PFIC in future taxable years. U.S. shareholders should consult with their U.S. tax advisors with respect to the U.S. tax consequences of investing in our ordinary shares. For a more detailed discussion of the rules relating to PFICs and related tax consequences, please see the section of this annual report titled Item 10.E “Taxation—United States Federal Income Tax Considerations.”

35


If a U.S. person is treated as owning at least 10% of our ordinary shares, such holder may be subject to adverse U.S. federal income tax consequences.
 
Depending upon the aggregate value and voting power of our ordinary shares that U.S. persons are treated as owning (directly, indirectly, or constructively), we could be treated as a controlled foreign corporation (a “CFC”). Additionally, because our group consists of one or more U.S. subsidiaries, certain of our non-U.S. subsidiaries will be treated as CFCs, regardless of whether or not we are treated as a CFC. If a U.S. person is treated as owning (directly, indirectly or constructively) at least 10% of the value or voting power of our ordinary shares, such person may be treated as a “U.S. shareholder” with respect to each CFC in our group (if any), which may subject such person to adverse U.S. federal income tax consequences. Specifically, a U.S. shareholder of a CFC may be required to annually report and include in its U.S. taxable income its pro rata share of each CFC’s “Subpart F income,” “global intangible low-taxed income” and investments in U.S. property, whether or not we make any distributions of profits or income of a CFC to such U.S. shareholder. If you are treated as a U.S. shareholder of a CFC, failure to comply with these reporting obligations may subject you to significant monetary penalties and may prevent the statute of limitations with respect to your U.S. federal income tax return for the year for which reporting was due from starting. Additionally, a U.S. shareholder that is an individual would generally be denied certain tax deductions or indirect foreign tax credits that may otherwise be allowable to a U.S. shareholder that is a U.S. corporation. We cannot provide any assurances that we will assist investors in determining whether we or any of our non-U.S. subsidiaries are treated as CFCs or whether any investor is treated as a U.S. shareholder with respect to any of such CFC, nor do we expect to furnish to any U.S. shareholders information that may be necessary to comply with the aforementioned reporting and tax paying obligations. The United States Internal Revenue Service provided limited guidance on situations in which investors may rely on publicly available alternative information to comply with their reporting and tax paying obligations with respect to foreign-controlled CFCs. U.S. investors should consult their advisors regarding the potential application of these rules to their investment in our ordinary shares.
 
Risks Related to Operations in Israel
 
Political, economic and military instability in the Middle East or Israel, including the state of war declared in Israel in October 2023, may harm our business.
 
We are incorporated under Israeli law, and our principal offices and manufacturing and research and development facilities are located in Israel. In addition, the majority of our key employees, officers and directors are residents of Israel. Accordingly, political, economic, and security conditions in Israel and the surrounding region could directly affect our business, and our operations and financial results could be adversely affected in the event of any political instability, terrorism, armed conflicts, or other hostilities involving Israel.
 
In October 2023, Hamas terrorists and members of other terrorist organizations infiltrated Israel’s southern border from the Gaza Strip and conducted a series of attacks on civilian and military targets. Hamas also launched extensive rocket attacks on Israeli population and industrial centers located along Israel’s border with the Gaza Strip and in other areas within the State of Israel. These attacks resulted in thousands of deaths and injuries, and Hamas additionally kidnapped many Israeli civilians and soldiers.  Following the attacks, the Israeli government declared war against Hamas and commenced a military campaign against these terrorist organizations. In parallel, clashes between Israel and Hezbollah, a militia and political group operating in Lebanon, intensified on Israel’s northern border with Lebanon. Additionally, the Houthis, an extremist Shia-Islamist movement operating in Yemen, launched missile and drone attacks targeted at Israel and ships in the Red Sea, posing a threat to international shipping in the Suez Canal. These armed conflicts may further escalate into a greater regional conflict and could adversely affect our business, operations and financial results.
 
36


These conflicts have also strained Israel’s relationship with some of its Arab citizens, Arab countries and, to some extent, with other countries around the world. In addition, Israel faces threats, including cyber threats, from more distant neighbors, such as Iran, which has previously threatened to attack Israel and is believed to have a presence in Syria, as well as influence over Hamas, Hezbollah and the Houthis. This situation may further escalate in the future, and this instability in the region may affect the global economy and marketplace. There can be no assurance that the political situation and these armed conflicts will not have a material adverse impact on our business in the future.

Furthermore, some of our directors, officers, and employees are, unless exempt, obligated to perform annual military reserve duty, depending upon their age and prior position in the army.  They may also be subject to being called to active duty at any time under emergency circumstances. For example, in connection with the state of war declared in Israel in October 2023, approximately 5% of our total workforce have been called to perform immediate military service, and additional employees may be called as these armed conflicts progress. Such employees may be absent for an extended period of time. Our operations could be disrupted by the absence, for a significant period, of one or more of these officers or other key employees due to military service, and any disruption in our operations could harm our business.

Our commercial insurance does not cover losses that may occur as a result of events associated with the security situation in the Middle East, including the state of war declared in Israel in October 2023, such as damages to our facilities resulting in the disruption of our operations. Although the Israeli government currently covers the reinstatement value of direct damages that are caused by terrorist attacks or acts of war, we cannot be assured that this government coverage will be maintained or will be adequate in the event we submit a claim. We could be adversely affected by any major hostilities, including acts of terrorism as well as cyber-attacks or any other hostilities involving or threatening Israel, the interruption or curtailment of trade between Israel and its trading partners, a significant downturn in the economic or financial condition of Israel, or a significant increase in the rate of inflation. For example, in February 2024, in connection with the war declared in Israel in October 2023, Moody’s Investors Service (Moody’s) has downgraded the Government of Israel’s foreign-currency and local-currency issuer ratings to A2 from A1, and other global rating agencies may take similar actions. Such downgrades might adversely affect the macroeconomic conditions in which we operate and also potentially deter foreign investment in Israel or Israeli companies, which may, among other things, hinder our ability to raise additional funds, if deemed necessary by our management and Board of Directors.

Furthermore, some neighboring countries, as well as certain companies, organizations and movements, continue to participate in a boycott of Israeli firms and others doing business with Israel or with Israeli companies. In the past several years, and with greater intensity after the state of war declared in Israel in October 2023, there have been increased efforts by activists to cause companies and consumers to boycott Israeli goods based on Israeli government policies. Similarly, Israeli companies are limited in conducting business with entities from several countries. Restrictive laws, policies or practices directed towards Israel or Israeli businesses could have an adverse impact on our operating results, financial condition or the expansion of our business.

37


Finally, political conditions within Israel may affect our operations. Israel has held five general elections between 2019 and 2022, and, prior to October 2023, the Israeli government pursued extensive changes to Israel’s judicial system, which sparked extensive political debate and unrest. In response to the proposed changes to Israel’s judicial system, certain leading international financial institutions, including investment banks, investors and key economists, have indicated several causes for concern, including that such proposed changes, if adopted, may cause a downgrade to Israel’s sovereign credit rating and Israel’s international standing. To date, these initiatives have been substantially put on hold. If such changes to Israel’s judicial system are again pursued by the government and approved by the parliament, this may have an adverse effect on our business, our results of operations and our ability to raise additional funds, if deemed necessary by our management and Board of Directors.

The tax benefits we may receive in connection with our preferred enterprise program require us to satisfy prescribed conditions and may be terminated or reduced in the future. This would increase taxes and decrease our net profit.
 
We have in the past benefited, and currently benefit, from certain government programs and tax benefits in Israel, including in connection with our preferred enterprise program (see under Item 10.E “Taxation—Israeli Tax Considerations”). To remain eligible to obtain such tax benefits, we must continue to meet certain conditions. If we fail to comply with these conditions in the future, the benefits we receive could be cancelled, and we may have to pay certain taxes. We cannot guarantee that these programs and tax benefits will be continued in the future, at their current levels or at all.  If these programs and tax benefits are ended, our tax expenses and the resulting effective tax rate reflected in our financial statements may increase and as such our business, financial condition and results of operations could be materially and adversely affected.
 
We have obtained benefits from the Israeli Innovation Authority that subject us to ongoing restrictions. 
 
We have in the past received, and in the future may apply for, royalty-bearing or non-royalty bearing grants from the Israeli Innovation Authority (formerly known as the Office of the Chief Scientist of the Israeli Ministry of Economy and Industry), or the IIA, for research and development programs that meet specified criteria pursuant to the Law for the Encouragement of Research, Development and Technological Innovation in Industry, 1984 (formerly known as the Law for Encouragement of Research and Development in Industry, 1984), and the regulations promulgated thereunder, or the Innovation Law. The terms of the IIA grants limit our ability to manufacture products outside of Israel or to transfer technologies in or outside Israel if such products or technologies were developed using know-how developed with or based upon IIA grants. In addition, a change of control in us and the acquisition of 5% or more of our ordinary shares by a non-Israeli may require notification to the IIA and the provision of an undertaking to comply with the Innovation Law, some of the principal restrictions and penalties of which are the transferability limits described above and elsewhere in this annual report.
 
38


It may be difficult to enforce a U.S. judgment against us or our officers and directors and to assert U.S. securities laws claims in Israel.
 
We are incorporated under the laws of the State of Israel, our corporate headquarters is located in Israel and several of our current officers and directors reside in Israel. Service of process upon us, our Israeli subsidiary, our directors and officers and the Israeli experts, if any, named in this annual report, substantially all of whom reside outside the United States, may be difficult to obtain within the United States. Furthermore, because a majority of our assets and investments, and substantially all of our directors, officers and such Israeli experts are located outside the United States, any judgment obtained in the United States against us or any of them may be difficult to collect within the United States and may not be enforced by an Israeli court.
 
We have been informed by our legal counsel in Israel that it may also be difficult to assert U.S. securities law claims in original actions instituted in Israel. Israeli courts may refuse to hear a claim based on an alleged violation of U.S. securities laws if they determine that Israel is not the most appropriate forum to bring such a claim. In addition, even if an Israeli court agrees to hear a claim, it may determine that Israeli law and not U.S. law is applicable to the claim. There is little binding case law in Israel addressing these matters. If U.S. law is found to be applicable, the content of applicable U.S. law must be proven as a fact, which can be a time-consuming and costly process.  Certain matters of procedure will also be governed by Israeli law.
 
Subject to specified time limitations and legal procedures, under the rules of private international law currently prevailing in Israel, Israeli courts may enforce a U.S. judgment in a civil matter, including a judgment based upon the civil liability provisions of the U.S. securities laws as well as a monetary or compensatory judgment in a non-civil matter, only if the following key conditions are met:
 

subject to limited exceptions, the judgment is final and non-appealable;
 

the judgment was given by a court competent under the laws of the state of the court and is otherwise enforceable in such state;
 

the judgment was rendered by a court competent under the rules of private international law applicable in Israel;
 

the laws of the state in which the judgment was given provide for the enforcement of judgments of Israeli courts;
 

adequate service of process has been effected and the defendant has had a reasonable opportunity to present his arguments and evidence;
 

the judgment is enforceable under the laws of State of Israel and its enforcement is not contrary to the law, public policy, security, or sovereignty of the State of Israel;
 

the judgment was not obtained by fraud and does not conflict with any other valid judgment in the same matter between the same parties; and
 

an action between the same parties in the same matter was not pending in any Israeli court at the time the lawsuit was instituted in the U.S. court.
 
39


Your rights and responsibilities as a shareholder will be governed by Israeli law, which may differ in some respects from the rights and responsibilities of shareholders of U.S. companies.
 
The rights and responsibilities of the holders of our ordinary shares are governed by our Articles of Association and Israeli law. These rights and responsibilities differ in some respects from the rights and responsibilities of shareholders in typical U.S.-based corporations. For example, a shareholder of an Israeli company has a duty to act in good faith toward the company and other shareholders and to refrain from abusing its power in the company, including, among other things, in voting at the general meeting of shareholders on matters such as amendments to a company’s articles of association, increases in a company’s authorized share capital, mergers and acquisitions and interested party transactions requiring shareholder approval. In addition, a shareholder who knows that it possesses the power to determine the outcome of a shareholder vote or to appoint or prevent the appointment of a director or executive officer in the company has a duty of fairness toward the company. There is limited case law available to assist us in understanding the implications of these provisions that govern shareholders’ actions. These provisions may be interpreted to impose additional obligations and liabilities on holders of our ordinary shares that are not typically imposed on shareholders of U.S. corporations.
 
ITEM 4.          INFORMATION ON THE COMPANY
 
A.          History and Development of the Company
 
Corporate History and Details
 
Radware Ltd. was organized in May 1996 as a corporation under the laws of the State of Israel and commenced operations in 1997. Our principal executive offices are located at 22 Raoul Wallenberg Street, Tel Aviv 6971917, Israel and our telephone number is 972-3-766-8666. Our website address is www.radware.com (information contained on our website is not incorporated herein by reference and shall not constitute part of this annual report). In addition, the SEC maintains a website that contains reports, proxy and information statements, and other information regarding issuers that file electronically with the SEC: http://www.sec.gov.
 
As of September 1, 1998, we established Radware Inc., our wholly owned subsidiary in the United States (Radware US), which conducts the sales and marketing of our products and services in the Americas and is our authorized representative and agent in the United States. The principal offices of Radware US are located at 575 Corporate Dr., Lobby 2, Mahwah, New Jersey 07430 and its telephone number is 201-512-9771. We also have several other wholly owned subsidiaries worldwide handling primarily local support and promotion activities.
 
In September 1999, we conducted the initial public offering of our ordinary shares that commenced trading on the Nasdaq.
 
In the past decade we have made several acquisitions, including, most recently (February 2022), the acquisition of the technology and operations of DC Security Ltd. (previously known as SecurityDAM Ltd., or SecurityDAM, a related party and a cloud DDoS network operator that supplied us with scrubbing center services used for the provision of our cloud DDoS Protection Service.
 
 
40


Recent Major Business Developments
 
In February 2022, we announced a strategic initiative to accelerate the growth of our cloud security business, which entails, among other things, the acquisition of the technology and operations of SecurityDAM, growing our innovation center in India, and expanding our cloud service capacity and delivery network. For additional details, see also Item 7.B “Related Party Transactions.”

In May 2022, we announced the launch of SkyHawk (CNP) Security Ltd., or SkyHawk Security, a spinoff of our former cloud native protector business with a strategic external investment of an affiliate of Tiger Global Management.
 
Commencing January 1, 2023, we have determined that the Company operates in two reportable segments. While we transitioned into two reportable segments, we remain focused on the consolidated results as an important measure of performance, particularly given the high level of cooperation among these two segments, i.e., between Radware’s Core Business and each of SkyHawk Security and EdgeHawk Security Ltd.EdgeHawk. We refer to SkyHawk Security and EdgeHawk collectively as the “Hawks”.
 
For a discussion of our reportable segments, see Item 4.B “Business Overview—General.”
 
For recent major product activities, see Item 4.B “Business Overview—Our Solutions” under the captions “Recent Solution Offering Activities” and “Recent Partnerships Activities.”
 
For a discussion of our capital expenditures and divestitures, see Item 5.B “Liquidity and Capital Resources – Principal Capital Expenditures and Divestitures.”
 
B.          Business Overview
 
Overview
 
General
 
We are a provider of cyber security and application delivery solutions for cloud, on-premises, and software defined data centers (SDDC). Our solutions secure the digital experience by providing infrastructure, application, and network protection and availability services to enterprises globally. Our solutions are deployed by, among others, enterprises, carriers, and cloud service providers.

41


Our solutions are offered in two main categories:


Products – We offer a range of cloud-based subscriptions, on-premises products, software products and product subscriptions (or a combination of these) to our customers.
 

Services – We offer managed services, professional services, technical support and training and certification to our customers and partners.

The sections below provide an overview of our key solutions and services according to the above go-to-market targets.
 
Reportable Segments
 
In previous reporting periods (until December 31, 2022), we operated in one reportable segment. Commencing January 1, 2023, we have determined that the Company operates in two reportable segments:
 

Radware’s Core Business - this segment consists of our core business operations, including our cloud security as-a-service products, application and data centers security products and our application availability products; and
 

The Hawks’ Business – this segment consists of the operations of our two subsidiaries: SkyHawk Security, a spinoff of our former cloud native protector business which now provides an agentless Cloud-native threat Detection and Response (CDR), combined with Cloud Infrastructure Entitlement Manage (CIEM), Cloud Security Posture Management CSPM and Autonomous Purple Team for AWS Google Cloud and Azure, and EdgeHawk, which is engaged in transforming routers and network nodes into security platforms.
 
While we transitioned into two reportable segments, we remain focused on the consolidated results as an important measure of performance, particularly given the high level of cooperation among these two segments, i.e., between Radware’s Core Business and each of SkyHawk Security and EdgeHawk.
 
For additional details regarding these two reportable segments, see Item 5.A – “Operating Results” and Notes 2ac and 15 to our consolidated financial statements included elsewhere in this annual report.
 
Our Products
 
Our cloud-based subscription offering consists of the following key cloud-based subscriptions:

o
Cloud DDoS Protection Service. Our Cloud DDoS Protection Service provides a full range of enterprise-grade DDoS protection services in the cloud. Based on our DDoS protection technology, it aims to offer organizations wide security coverage, accurate detection and short time to protect from today’s dynamic and evolving DDoS attacks. We offer a multi-vector DDoS attack detection and mitigation service, handling network-layer attacks, server-based attacks and application-layer DDoS attacks.
 
42


Our Cloud DDoS Protection Service is offered in multiple deployment options to meet an organization’s specific needs:
 

Always-On Cloud DDoS Protection Service. This service provides always-on protection where traffic is always routed through Radware’s cloud security scrubbing centers with no on-premise device required for detection and mitigation. This service is recommended for organizations that have applications hosted in the cloud or those that are not able to deploy an on-premise attack mitigation device in their data center.
 

Always-On Hybrid Cloud DDoS Protection Service. This service integrates with our on-premise DDoS Protection device. The traffic is mitigated in the on-premise device and diverted through Radware’s cloud security scrubbing centers upon a large volumetric DDoS attack that aims to saturate the internet pipe. This service is recommended for organizations that place a high premium on the user experience and wish to avoid even the slightest possible downtime as a result of DDoS attacks.
 

On-Demand Cloud DDoS Protection Service. This service protects against internet pipe saturation and is activated when the attack threatens to saturate the organization’s internet pipe. This service is recommended for organizations that are looking for the lowest cost solution and are less sensitive to real-time detection of DDoS attacks.
 

On-Demand Cloud Hybrid DDoS Protection Service. The on-premise DefensePro device detects and mitigates all types of DDoS attacks in real-time, while volumetric DDoS attacks are diverted and mitigated in the cloud. This service is recommended for organizations that can deploy an on-premise device in their data centers.
 
o
Cloud Web DDoS Protection. We offer our Cloud DDoS Protection users an additional protection layer dedicated to detecting and mitigating sophisticated application-layer DDoS attacks. Our Cloud Web DDoS Protection uses advanced L7 behavioral-based detection and mitigation techniques to block sophisticated Web DDoS Tsunami attacks, offering protection against advanced HTTP/S floods that use randomization techniques to bypass traditional protections.
 
43

o
Cloud WAF Service. Our Cloud WAF Service provides enterprise-grade, continuously adaptive web application and API protection. Based on our ICSA Labs certified web application firewall, it provides full coverage of OWASP Top-10 threats and automatically adapts protections to evolving threats and protected assets. Cloud WAF service includes built-in DDoS protection, integrated bot mitigation and application analytics to simplify security event management by taking massive amounts of alerts and consolidating them into a small, manageable set of user activities. With our SecurePath® architecture, Cloud WAF Service can be easily deployed as an API-based, out-of-path service across any hybrid or cloud environment, securing applications with centralized visibility and management console.
Our Cloud WAF is available in two packages:
 

o
Enterprise Package: Includes a comprehensive web security coverage, including OWASP Top-10, advanced attacks and zero-day attack protection, that is fully managed and monitored 24x7 and designed to guarantee service availability at any given time with protection against today’s emerging web application and DDoS attacks.
 

o
Enterprise Premium Package: Includes all web security and managed services offered in the Enterprise package, in addition to a dedicated technical account manager and an Emergency Response Team (“ERT”) expert as well as pre and post attack alerts and reports and ongoing updates from Radware’s security experts.
 
o
Bot Manager. Our Bot Manager provides comprehensive protection of web applications, mobile apps and APIs from automated threats like bots. Bot Manager provides precise bot management across all channels by combining behavioral modeling for granular intent analysis, collective bot intelligence and fingerprinting of browsers, devices and machines. It is designed to protect against all forms of account takeover (credential stuffing, brute force, etc.), denial of inventory, DDoS, ad and payment fraud and web scraping to help organizations safeguard and grow their online operations.
 
o
Cloud-Native Protector (“CNP”) Service. The CNP service provides an agentless cloud-native security solution for applications, workloads and infrastructure hosted on AWS and Microsoft Azure. The CNP service offers multi-layered protection to reduce risk by continuously verifying compliance against multiple security standards, identifying publicly exposed assets, keeping track of asset inventory with prioritized cross-cloud visibility, fortifying the cloud threat surface with context-aware smart hardening, and providing advanced attack detection and remediation capabilities to stop data theft attempts.
 
o
Cloud Application Protection Services. Our Cloud Application Protection Services secure business applications through a single platform, including WAF, bot management, API protection and application DDoS protection. Our Cloud Application Protection Services offer the following application security capabilities:
 

Protect Digital Assets and Data. Our Cloud Application Protection Services protect digital assets and customer data in multiple environments, such as on-premise, virtual clouds, private clouds, public clouds, hybrid environments, or Kubernetes.
 

Protect Against OWASP Vulnerabilities. Our solution helps protect against various known attack vectors, including the OWASP Top 10 Web Application Security Risks, Top 10 API Security Vulnerabilities, and Top 21 Automated Threats to Web Applications.
 

Protect Against Zero-Day Attacks. Our positive security model assists in stopping unknown threats in their tracks. Our machine-learning analysis engine continuously studies application traffic and end-user behavior to build and enhance security policies that reduce exposure to zero-day attacks.
 
44



Detect, Manage, and Mitigate Bots. Our solution detects and distinguishes between “good” bots and “bad” bots to protect websites, mobile apps, and APIs against a wide range of application attacks, such as account takeover credential, denial of inventory, ad and payment fraud, web scraping and more.
 

Protect APIs. API attacks are a rapidly growing threat to business applications and customer data. Our solution combines behavioral analysis and policy automation to protect evolving API matrix from increasingly sophisticated API assaults.
 

Client-Side Protection From Supply Chain Attacks. As server-side security improves, more hackers target the less protected and rarely monitored client side. Radware helps protect end users’ data when interacting with any third-party services in the application supply chain, including form jacking, skimming and DOM XSS.
 

Mitigate Application-Level DDoS Assaults. Our Web DDoS Protection solution helps detect and mitigate HTTP-based DDoS assaults. Utilizing multi-patented, behavioral-based algorithms, it automatically generates precise signatures in real time to stop disruptive web DDoS attacks without blocking legitimate user traffic.
 
Our physical and software products consist of the following key products:

o
DefensePro Attack Mitigation Device. DefensePro® provides automated DDoS protection from fast-moving, high-volume, encrypted, or very-short-duration threats and is part of Radware’s attack mitigation solution. It defends against Internet of Things (IoT)-based, Burst, DNS and TLS/SSL attacks to secure organizations against emerging network multi-vector attacks, ransom DDoS campaigns, IoT botnets, phantom floods, and other types of cyberattacks.
 
o
Radware Kubernetes WAF. Radware Kubernetes WAF is a Web Application Firewall solution for CI/CD environments orchestrated by Kubernetes. Our Kubernetes WAF integrates with common software provisioning, testing and visibility tools in the CI/CD pipeline offering both IT security and DevOps personnel detailed insight down to the pod and container levels, and enables organizations to implement application and data security in on-premise and cloud-based implementations.
 
o
Alteon® Application Delivery Controller (ADC). Alteon is our application delivery and security solution that manages application traffic across cloud and data center locations, optimizing availability and performance. It provides advanced, end-to-end local and global load balancing capabilities for web, cloud and mobile-based applications. Alteon integrates multiple application protection services to provide protection against an array of cyber threats. Alteon’s analytics also provides insightful visibility so that IT managers can manage and guarantee application service level agreement (SLA) and stay ahead of cyberattacks.
 
45


We offer Alteon ADC in three different packages (available on each of its models and throughput levels) to address different deployment scenarios and needs:


Alteon Deliver Package. For applications that require high performance ADCs with advanced layer 4-7 ADC functionality.
 

Alteon Perform Package. For deployments requiring performance optimization, advanced application performance monitoring, global server load balancing, link load balancing, and automated/optimized ADC service operation.
 

Alteon Secure Package. For applications that require our most advanced protections, including an embedded WAF module, authentication gateway, bot management, threat intelligence feeds (ERT Security Updates Service, ERT Active Attackers Feed, and ERT Location-based Mitigation), and SSL processing from perimeter security devices (with its embedded SSL inspection module).
 
o
LinkProof NG. LinkProof® NG is a multi-homing and enterprise gateway solution that allows service level availability and continuous connectivity of enterprise and cloud-based applications. It is an application-aware multi-homing and link load balancing module that delivers 24/7 continuous connectivity and service level assurance, improved performance, and cost-effective scalability of bandwidth for corporate and cloud-based applications.
 
o
Cyber Controller. Our Cyber Controller is a unified solution for management, configuration and attack lifecycle. The Cyber Controller provides enhanced security, increased visibility and an improved user experience via multiple security operation dashboards for a unified view into attack lifecycle and mitigation analysis for both inline and out-of-path DDoS deployments. Cyber Controller provides network analytics with comprehensive visibility of traffic statistics during peacetime and attack, and simplified management and configuration with unified visibility and control.
 
Cyber Controller supports several licenses according to each customer-managed environment and customer needs:
 

o
Cyber Controller Standard: Provides the network management tool and network monitoring tool for the Radware family of cyber security and application delivery solutions. It provides our customers immediate visibility to health, real-time status, performance and security of our products from one central, unified console. An analytics module provides an intuitive, customizable Graphical User Interface with granular forensic insights into application performance, denial-of-service and web application attacks.
 

o
Cyber Controller X: In addition to the “Standard” license features, provides the ability to manage the DefensePro X product line using the new Cyber Controller X stream.
 

o
Cyber Controller Plus: An add-on on top of either the “Standard” or “X” licenses, enabling orchestration, automation and out-of-path capabilities for attack life-cycle management.
 
46


o
MSSP Portal. The Managed Security Service Provider (MSSP) Portal is a turnkey, multi-tenant DDoS detection and mitigation service portal. The Portal collects and aggregates security attack measurement and events (including traffic utilization, attack distribution and alerts) and displays them in real-time and historical reports. Our MSSP Portal enables service providers to resell cyber security mitigation services to their customers as a managed service.
 
Our product-based subscription offering consists of the following product-based subscriptions:

o
ERT Security Updates Subscription (SUS). Our Security Update Subscription is a security-advisory and managed monitoring and detection system dedicated to protecting network elements, hosts, and applications against the latest security vulnerabilities and threats. The Security Update Subscription delivers periodic, emergency, and custom attack signature updates to subscribers to protect against known attack patterns. The service is available for DefensePro and Alteon Integrated WAF.
 
o
ERT Active Attackers Feed. Our ERT Active Attackers Feed (EAAF) is a threat intelligence feed designed to protect against emerging DDoS threats, including those involving IoT botnets and new DNS attack vectors. The EAAF subscription enhances our attack mitigation solution by identifying and blocking IP addresses involved in major attacks in real time to offer preemptive protection from known attackers. This subscription is available for DefensePro, Alteon ADC and Cloud Application Protection Services.
 
o
ERT Protection Packages. Our ERT Protection packages bundle our ERT services into two packages: ERT Silver Protection Package and ERT Gold Protection Package. ERT Silver Protection Package consolidates ERT Security Update Subscription, ERT Active Attackers Feed, and Location-based Mitigation. ERT Gold Protection Package includes ERT under Attack Service on top of the ERT Silver Package.
 
o
Alteon Global Elastic License (GEL). Alteon GEL is a purchasing and deployment subscription that enables a high level of flexibility for ADC services across datacenters, private and public clouds. GEL enables dynamic ADC capacity allocation and the ability to move that capacity across environments, without having to invest separately in a dedicated ADC infrastructure for each and every location where organization’s applications are deployed (e.g. on-premise, public cloud, etc.). This application delivery licensing model helps to eliminate planning risks in the purchase and deployment of ADC services, enabling continuous investment protection of the ADC infrastructure throughout its lifecycle duration.
 
o
Location-based Mitigation. Our location-based mitigation solution is a subscription offering that enables network traffic filtering by countries and regions based on the geolocation mapping of IP subnets. The subscription also supports per-policy block and allow lists, making it a beneficial solution for carriers and service providers that wish to protect multitenant networks. The subscription helps organizations comply with global and industry regulation requirements such as the Office of Foreign Assets Control and others. This subscription is available for DefensePro and Alteon ADC.
 
47


Customer Services
 
We offer managed services, professional services, technical support and training and certification to our customers and partners. Our key customer services consist of the following:

o
Certainty Support Program. We offer technical support for all our products through our Certainty Support Program. Certainty support levels include:
 

o
Basic. This level provides business day access, including weekends from 9 a.m. to 5 p.m. (local time) to technical support center services, and technical documentation, either via the Web, e-mail or direct phone support during working days. New software releases are available for units covered under the certainty support program.
 

o
Standard. This level increases access to the technical support center 24/7/365 and adds next business day replacement of failed hardware and waives customer shipping costs.
 

o
Advanced. This level increases the certainty support level standard to four hours’ replacement of failed hardware advanced replacement.
 
o
Professional Services. Our professional services group is staffed by a global team of experts possessing extensive knowledge and experience in security and application delivery both in data centers and the cloud. The group offers a full range of services to design, implement, automate, and optimize our customer solutions. We offer the following key professional services:
 

o
Design and Planning. This service plans and designs applications for future growth with Radware engineers. The service starts with a review of business goals, network optimization assessment and an overview of application architecture and security requirements to help create a comprehensive deployment plan that is tailored to organizational IT requirements.
 

o
Application and Security Optimization Services. This service analyzes and reviews the current implementation and design and provides recommendations to help optimize the system and achieve business goals.


o
Resident Engineer. Our Resident Engineer service is a proactive on-site engineer who performs operations, design and automation activities. From initial deployment to ongoing management and day-to-day operation, our Resident Engineer service decreases the time demands on our customers’ staff, allowing them to focus on their core business.
 

o
Technical Account Manager. Our technical account manager is a proactive consultant that implements best practices, provides guidance and optimizes networking and application resources.
 
48


o
ERT Service.  Our ERT is a group of security experts available 24x7 for proactive security support services for customers facing an array of application- and network-layer attacks. These services include:
 

o
ERT Managed Security Service. Our ERT offers a fully managed application- and network-security service. The service covers a broad range of attack types from different forms of DDoS to a variety of application attacks against our customers’ servers or data centers. It includes immediate response, onboarding, consulting, remote management, and reporting.
 

o
ERT Under-Attack Service. The ERT under-attack service offers 24x7 access to a security expert within 10 minutes. The ERT engineer will take the lead, fight off attacks and provide postmortem analysis of security events. The ERT under-attack service lets organizations know there is someone to rely on, guaranteeing support throughout the attack life cycle from the moment it begins. The ERT experts are available 24x7 and assist large enterprises worldwide with complex multi-vector attacks against their networks, data centers and application services.
 
Recent Solution Offering Activities
 
During 2023, our key solution offering activities consisted of the following:
 

We have announced the opening of additional Cloud Security centers in Melbourne (Australia), Toronto (Canada), Auckland (New Zealand), and Tel Aviv (Israel). The facilities are designed to reduce traffic latency, as well as increase service redundancy and mitigation capacity to help customers defend against denial-of-service attacks, web application attacks, malicious bot traffic, and attacks on APIs.
 

We have introduced a new Cloud Web DDoS Protection solution. The new solution is designed to minimize the growing gap between standard DDoS mitigation and an emerging generation of more aggressive, layer 7, HTTP, and HTTPS Flood attacks—also known as Web DDoS Tsunami attacks. Our solution mitigates these encrypted, high-volume, multi-vector threats that evade standard web application firewalls (WAF) and network-based DDoS tools, essentially rendering them ineffective.
 

We have added to our Cloud WAF service a new advanced service called Client-Side Protection. As server-side security improves, more hackers target the less protected and rarely monitored client side. Our Cloud WAF Client-Side Protection service ensures the protection of end users’ data when interacting with any third-party services in the application supply chain, including form jacking, skimming and DOM XSS.
 
49



We have announced enhancements to our Bot Manager solution to help organizations prevent nefarious bots from bypassing their defenses to gain unlawful access to native Android and iOS (Google and Apple) mobile applications.
 

We have added to our Bot Manager Blockchain-based protection option. The Blockchain mitigation relies on Crypto Challenge mitigation, which is based on the cryptographic proof-of-work concept used in various blockchains, and designed to deliver continuous, invisible browser-based challenges to suspected bots that automatically and exponentially become more difficult if solved. The Blockchain-based protection mitigates CAPTCHA solving bots and avoider bots.
 

We have improved our customer experience by launching a new unified portal for our cloud WAF, API Protection, Bot Manager, and Cloud DDoS. The new portal allows centralized security management through a single dashboard for a customer’s applications across all platforms and all security modules.
 

We have introduced a new line of DefensePro X attack mitigation platforms. The next-generation solution combines high performance and DDoS mitigation capacity protection with enriched usability and visibility to defend against increasingly sophisticated cyber threats. To answer the cybersecurity needs of medium-sized businesses as well as enterprises, Tier-1 service providers, and carriers, the DefensePro X lineup offers five new hardware platforms and one virtual platform with a wide range of DDoS protections.
 

We have announced new platforms for our Alteon ADC product line:
 

Alteon 7 series. This is a high-end performance application delivery appliance with high performance SSL with support for latest encryption standards (i.e. ECC). The new platform, with models 7700 and 7100, offers on-demand 100 & 200 Gbps throughput scalability and designed for carriers, mobile operators and large enterprises.


Alteon 6300. This is a modular platform with selectable I/O and SSL acceleration modules, high performance SSL with support for latest encryption standards (i.e. ECC). The platform is designed for carriers, mobile operators and very large enterprises with On-demand 60 and 90Gbps throughput scalability.
 
Recent Partnerships Activities
 
During 2023, our key activities regarding our offerings through partners and solution providers consisted of the following:
 

In January 2023, we introduced a new global Radware Cybersecurity Partner Program. The global program offers our existing and prospective ecosystem partners a more lucrative and systematic approach to creating, managing, and growing sales opportunities based on our cloud security services and solutions. Equipped with new participation tiers, training, certifications, financial incentives, and support materials, it is designed to empower our ecosystem partners to accelerate their growth and improve operating margins. This includes resellers, managed security service providers, carriers, and cloud service providers.
 

In September 2023, we launched an enhanced program for MSSPs, which is designed to make it easier for MSSPs to expand their value-added service portfolio and manage the hosted security services needed to address the surge in cyberattacks and shortage in skilled cybersecurity talent. To accelerate revenue growth, partners are granted access to new licensing models, expanded technical training, and more marketing and sales enablement tools.
 
50


Our Competitive Strengths
 
Our solutions incorporate proprietary and innovative cyber security and application delivery technologies that help our customers to secure the digital experience for users of business-critical applications. We believe our competitive strengths are based on several elements, including the following:
 

Innovation, Proprietary Technologies, and Thought Leadership. We are offering innovative solutions in our domain. We were one of the first companies to offer hybrid attack mitigation solutions; behavioral DDoS attacks detection with automated real-time signature creation for attack mitigation; device fingerprinting technology implementation for Bot-based attacks detection; auto-policy generation for our WAF solution; protection against encrypted attacks without opening the sessions for DDoS protection; and AI to detect attacks targeting workloads in public clouds. We believe this has given us significant expertise, know-how, and leadership in the market for cyber-attack mitigation solutions, and we take part in many technology communities, standard organizations, and open source projects. At the same time, we continue to invest in research and development of cyber security and application delivery technologies in order to introduce new and innovative solutions, which are supported and protected by multiple patents and proprietary rights.
 

Automation. We are offering automated attack detection and mitigation solutions that reduce the total cost of ownership of cyber security solutions, including behavioral analysis technology to detect zero-day DDoS attacks; automated real-time signature creation for DDoS attacks mitigation; intent-based behavioral analysis and machine learning (or “ML”) models to detect automated Bot attacks; and machine learning (positive security model) to detect zero-day web application attacks.
 

Wide attacks coverage. Our solutions offer a wide coverage against attacks, including mitigation of all four generations of Bot attacks; negative and positive security models to defend against known (OWASP top-10) and zero-day web application attacks (standard solutions typically cover OWASP top-10 attacks only); and advanced DDoS attacks protection such as DNS flood attacks, burst floods, SSL flood attacks, IoT botnets and Web DDoS attacks.
 
51



Industry Awards. We gained multiple industry awards during 2023, including the following:
 

o
Quadrant Knowledge Solutions – 2023 DDoS Mitigation SPARK Matrix™, July 2023 – Leader
 

o
Quadrant Knowledge Solutions – 2023 WAF SPARK Matrix™, December 2023 – Leader
 

o
Quadrant Knowledge Solutions – 2023 Bot Management SPARK Matrix™, July 2023 – Leader
 

o
GigaOm Research – GigaOm Radar for DDoS Protection 2023 – Leader and Fast Mover
 

o
GigaOm Research – GigaOm Radar for Application and API Protection: March 2023, Leader and Fast Mover
 
We were named winner of two 2023 Cybersecurity Excellence Awards. Our API Discovery and Protection solution received gold honors in the API Security category, and the Radware SecurePath® architecture won gold in the Web Application Security category – March 2023.
 
We were named a winner in the 19th Annual 2023 Globee® Cybersecurity Awards. The Radware SecurePath® application security architecture was awarded gold honors in the Web Application Security and Firewalls category – March 2023.
 
We are not responsible for the determinations of any of these awards or the entities or publications that award them.
 
Our Growth Strategy
 
Our growth strategy is based on several key elements:
 

Focus on cloud and application security. We aim to offer superior and innovative cyber security solutions and cloud-based solutions and expand our portfolio in these two dimensions. We also invest in go-to-market efforts related to cloud security services and public cloud solutions.
 

Invest in data center solutions. We continue to develop and sell holistic cyber security and application delivery solutions for physical, cloud, and hybrid data centers and cloud applications.
 

Increase our market footprint. We believe that a significant market opportunity exists to sell our solutions with the complementary products and services provided by other organizations with whom we wish to collaborate. To that end, we have already established strategic relationships with various third parties, including leading global-class partners, such as Cisco, Check Point, and Nokia, which provide critical access to certain large customers allowing us to sell our solutions. We intend to further increase our market footprint through collaboration with leading partners.
 
52



Expand our footprint in the medium sized enterprise market. The needs of the mid-market enterprises regarding the management of cyber security risks are substantially similar to the needs of the large enterprise market, but their capacity and access to skilled talent are more limited. We believe that our fully managed cloud security services can be a great fit for this market, and we intend to further expand our market footprint in this segment.
 

Pursue acquisitions and investments. In order to achieve our business objectives, we may evaluate and pursue the acquisition of, or significant investments in, other complementary companies, technologies, products, and/or businesses that enable us to enhance and increase our technological capabilities and expand our product and service offerings.
 
Sales and Marketing
 
Sales.  We market and sell our products and services primarily through indirect sales channels that consist of distributors and resellers located in North, Central and South America, Europe, Africa, Asia, and Australia. In addition, we generate direct sales to selected customers mainly in the United States. Our direct sales channels are supported by our sales and marketing managers who are also responsible for recruiting potential distributors and resellers and for initiating and managing marketing projects in their assigned regions. The sales managers are supported by our internal sales support staff that help generate and qualify leads for the sales managers. We have subsidiaries and representative offices and branches in multiple countries to cover the above mentioned regions (see Item 4.C “Organizational Structure”), to promote and market our products and services and provide customer support in their respective regions.
 
Marketing.  Our marketing strategy is to enhance brand recognition and maintain our reputation as a provider of technologically advanced, quality cyber security and application delivery solutions to help drive demand for our products and services.  We seek to build upon our marketing and branding efforts globally to achieve greater worldwide sales and leverage sophisticated digital platforms and activity to scale our presence globally. Our marketing initiatives are principally directed at developing brand awareness, optimizing our digital presence, searchability and awareness, generating qualified leads and providing sales and marketing tools to our distributors/resellers to promote sales. We participate in major trade shows and virtual events, regionally based events/seminars and offer support to our distributors and resellers who participate in these events. We also participate in our partners’ events, such as Cisco Live and Checkpoint Experience, to promote our solutions within their audiences. Additionally, we focus on our customer base to deliver an integrated Customer 360 experience including regular communications, facilitating support and training needs, maximizing customer lifetime value and developing customer advocacy. We also invest in online and search engine advertising campaigns, public relations, and regionalized field marketing campaigns. In addition to our independent marketing efforts, we invest in joint marketing efforts with our distributors, OEMs, VARs, GSIs, and other companies that have formed strategic alliances with us.
 
53


Customers and End-Users
 
With the exception of our limited direct sales to selected customers, we sell our products and services through distributors or resellers who then sell our products and services to end-users.
 
We have a globally diversified end-user base, consisting of corporate enterprises, including banks, insurance companies, manufacturing, retail companies, media companies, government agencies and utilities, and service providers, such as telecommunication carriers, internet service providers, cloud service providers, and application service providers. Customers in these different vertical markets deploy Radware products for availability, performance and security of their applications.
 
In 2023, approximately 40% of our revenues were in the North, Central and South America (principally in the United States), 37% were in Europe, Middle East and Africa (EMEA) and 23% in Asia-Pacific, compared to 42%, 36% and 22%, respectively, in 2022, and 45%, 34% and 21%, respectively, in 2021. Other than the United States, which accounted for 28% of our total revenues in 2023, no other single country accounted for more than 10% of our revenues for 2023, 2022, and 2021.
 
In 2023, approximately 56% of our revenues derived from product sales and 44% derived from service sales, compared to 59% and 41%, respectively, in 2022 and 59% and 41%, respectively, in 2021. 
 
In 2023, approximately 77% of our revenues derived from the enterprise market and 23% derived from the carrier market, compared to approximately 74% and 26%, respectively, in 2022, and 73% and 27%, respectively, in 2021.
 
As of December 31, 2023, 2022, and 2021, no single customer accounted for more than 10% of our revenues.
 
For additional details regarding the breakdown of our revenues by geographical distribution and by activity, see Item 5.A – “Operating Results.”
 
Seasonality

Our quarterly operating results have been, and are likely to continue to be, influenced by seasonal fluctuations in our sales and by seasonal purchasing patterns of some of our customers. Our operating results in the fourth quarter tend to be higher than other quarters as some of our customers tend to make greater capital and operational expenditures as well as expenditures relating to service renewals towards the end of their own fiscal years, thereby increasing orders for our products, support and subscription services in the fourth quarter.

Customer Support Services
 
Our technical support team, which consisted of 356 employees worldwide as of December 31, 2023, supports our sales force during the sales process, assists our customers, resellers and distributors with the initial installation, set-up and ongoing support of our products, and trains them on how to best use our solutions. The technical support team also assists with service onboarding processes and provides training to end-users of our services. In addition, our technical team trains and certifies our distributors and resellers to provide limited technical support in each of the geographical areas in which our products are sold and is directly responsible for remote support. Our Certainty Support Program offerings allow customers to automatically obtain new software versions of their products and obtain optimized performance by purchasing any of the following optional offerings: extended warranty, software updates, 24x7 help-desk (directly to our customers and through our distributors), on-site support and unit replacement. Some of our on-site services are provided by third-party contractors.
 
54


Research and Development
 
We invest in research and development to expand and enhance the features of our existing solutions, to develop new solutions and features and to improve our existing technologies and features. We believe that our future success is dependent upon our ability to maintain our technological expertise, enhance our existing solutions and introduce, on a timely basis, new commercially viable solutions that will address the needs of our customers. Accordingly, we intend to continue devoting a significant portion of our personnel and financial resources to research and development. In order to identify market needs and to define appropriate product specifications, as part of the product development process we seek to maintain close relationships with current and potential distributors, customers and vendors in related industry sectors.
 
As of December 31, 2023, our research and development staff consisted of 408 employees and 71 subcontractors. Research and development activities take place mainly at our facilities in Israel; Bangalore, India; Vancouver, Canada; and North Carolina, United States. We employ established procedures for the required management, development and quality assurance of our new product developments. Our research and development organization is divided into Application Security, Infrastructure Security, Application Delivery, Management and Control, Cloud Services, and Chief Technology Officer groups. Within those groups the organization is divided according to our existing product solutions.  Each product group is headed by a group leader and includes team leaders and engineers. Each group has a dedicated quality assurance team.  In addition, we have an infrastructure department responsible for the development of our platforms that are the basis for all products, serving all product groups, which consist of a senior group leader, group leaders, team leaders, and engineers. The heads of all research and development divisions report to either the Chief Operating Officer or the Chief Technology Officer.
 
See also below under “Government Regulations – Israeli Innovation Authority.”
 
Manufacturing and Suppliers
 
Our quality assurance testing, final integration, packaging, and shipping operations as well as part of our final assembly activities are primarily performed at our facility in Jerusalem, Israel. All our products are Underwriters Laboratories (UL) and ISO 9001:2008 compliant and some of them have also achieved industry certifications.
 
55


We rely to a large extent on third-party manufacturing vendors to provide our finished products. In this respect, these vendors primarily provide us with manufacturing assembly services in order to deliver the finished goods while we perform the final integration of the products. All components and subassemblies included in our products are supplied to the manufacturing vendors by several suppliers and subcontractors. Each of the manufacturing vendors monitors each stage of the components production process, including the selection of components and subassembly suppliers. Thereafter, each of the manufacturing vendors makes the final assembly in their own facility. Our primary manufacturing vendors are ISO 9001 certified, indicating that each of their manufacturing processes adheres to established quality standards.
 
We primarily rely on two ODMs to manufacture and to supply our hardware platforms. In 2023, approximately 46% of our direct product costs were from one of these vendors and 41% were from the other vendor. Additionally, we rely on two other ODMs, which made up 5% of our direct product costs in 2023. The rest of our ODMs accounted for 2% or less individually in 2023.
 
We conduct a business continuity plan (BCP) with all our vendors to ensure an immediate recovery in case of crisis that might jeopardize the supply of our products and services. For example, in order to overcome the risk of not meeting the committed SLA to our customers due to importation blocking in different countries associated with the outbreak of the COVID-19 pandemic, we had allocated sufficient inventory that was sent directly from the ODM vendors to worldwide warehouses to be shipped to customers, when needed, at the destination country, rather than being shipped from Israel. In this respect, we have been certified during 2021 for ISO 22301 (Business Continuity Management System). Furthermore, in order to minimize potential delays in product supplies by certain of our ODMs whose lead time had been significantly extended due to the worldwide chipset shortage, we had paid expedite fees to several components manufacturers. However, if we are unable to continue to acquire those platforms or components from these platform manufacturers and vendors on acceptable terms, or should any of these suppliers cease to supply us, on a timely basis, with such platforms or components for any reason, we may not be able to identify and integrate an alternative source of supply in a timely fashion or at the same costs. Any transition to one or more alternate suppliers would likely result in delays, operational problems, and increased costs, and may limit our ability to deliver our products to our customers on time for such transition period, although we believe we have levels of inventory that will assist us to transition to alternate suppliers smoothly.
 
Proprietary Rights
 
We rely on patent, trademark and trade secret laws, as well as confidentiality agreements and other contractual arrangements with our employees, distributors and others to protect our technology.  We have a policy that requires our employees to execute employment agreements, including confidentiality and non-competition provisions.
 
We have registered trademarks for, among others, Radware®, Radware Logo:
 
®, OnDemand Switch®, Alteon®, APSolute®, LinkProof®, DefensePro®, CID®, SIPDirector®, AppDirector®, AppXcel®, AppXML®, AppWall®, APSolute Insite®, StringMatch Engine®, Web Server Director®, APSolute Vision®, vDirect®, Alteon VA®, AppShape®, FastView®, DefenseFlow®, Virtual DefensePro®, Radware SecurPath®, VADI® (Virtual Application Delivery Infrastructure),  ShieldSquare® and the ShieldSquare Logo: ®, and we have non-registered trademarks for, among others, ADC-VX™, Inflight™, and CyberStack™.  We own registered U.S. copyrights in all of our primary software product lines.
 
56


We have registered patents in the United States, Canada and other jurisdictions for, among others, our triangle redirection method used for the global load balancing in our AppDirector product; our mechanism for efficient management and optimization of multiple links used in our LinkProof product; our method for load balancing by global proximity used in our AppDirector product; our method for controlling traffic on links between autonomous Border Gateway Protocol (BGP) systems; the stateful distribution of copied SSL traffic; the transparent inspection of encrypted client traffic; the activation of multiple virtual services on a switching platform; the behavioral analysis and detection of zero-day and DDoS network attack patterns; a new method based on Quantiles for network edge DDoS and network anomalies protection in our DefensePro product; our new paraphrase-based algorithm for WebDDoS or Web floods and keyless HTTPS attack mitigation behavioral mechanisms in our DefensePro; our enhanced domain name service floods behavioral protection and UDP protections; our web and API application protection (including the business logic attacks), including our Bot Manager augmented by the new public identity and block-chain based methods for addressing  automated threats (for public-facing services) and advanced threats; our new client side protection to address sensitive PII leakage attacks resulting from untrusted third parties; our new AI/ML methods to address and automate analysis of our cloud WAF (CWAF) customer’s applications for proactive false-positive and false-negative service tuning, a geographically based traffic distribution; Zero-day attacks such as Log4j malicious strings, use of OpenAI-related APIs for embedding AI-assistance in various use-cases; a generic proximity based site selection for global load balancing; an internal hardware connectivity plane architecture; a specific proximity-based site selection for global load balancing of HTTP transactions implemented in our Alteon products; and additional patents in the software-defined networking (SDN) field, around a new concept of cyber control and automation for our DefenseFlow product.
 
We have pending patent applications and provisional patents in connection with several methods and features used in our products or that we plan to implement in the future. These applications may not result in any patent being issued, and, even if issued, the patents may not provide adequate protection against competitive technology and may not be held valid and enforceable if challenged.  In addition, other parties may assert rights as inventors of the underlying technologies, which could limit our ability to fully exploit the rights conferred by any patent that we receive. Our competitors may be able to design around a patent we receive, and other parties may obtain patents that we would need to license or circumvent in order to exploit our patents.
 
57


Competition
 
The cyber security and application delivery market is highly fragmented and competitive, and we expect competition to intensify in the future.
 
Our principal competitors are:
 

DDoS Mitigation: Akamai Technologies, Inc., or Akamai, Imperva Inc., or Imperva, Netscout Systems, Inc., and Cloudflare, Inc.
 

Web Application Firewalls and Bot Management: Akamai, Imperva, Cloudflare, Inc., F5 Networks, Inc., or F5, and AWS
 

Application Delivery: F5, A10 Networks, Inc., and Citrix Systems, Inc.
 

CDR: Gem Security, Inc.
 
We expect to continue to face additional competition as new participants enter the market or extend their portfolios into related technologies. Larger companies with substantial resources, brand recognition and sales channels may also form consolidation and alliances with or acquire competing providers of application delivery or application and network security solutions and emerge as significant competitors.
 
We are seeing new types of competitors from within the public cloud providers – as more companies rely on these environments to host their services and applications, these vendors start providing cyber security solutions that are typically fairly basic and customized for their own environment.  As we see more and more companies relying on more than one public cloud vendor, we expect to see additional competitors and rapid evolution of solutions and offerings.
 
An increase in competition may lower prices and reduce demand and margins as well as increase costs associated with sales and marketing to maintain or increase market share; which, in turn, may impair our ability to increase profitability. Furthermore, the dynamic market environment, as illustrated by the above acquisitions, poses a challenge in predicting market trends and expected growth. We believe that our products and services have several competitive advantages in performance and accuracy and that our future success will depend primarily on our continued ability to provide more technologically advanced and cost-effective application delivery and cyber security solutions, and more responsive customer service and support, than our competitors. However, we cannot assure you that all products and services we offer in our portfolio will compete successfully with similar competitor solutions. See also above under “Business Overview.”
 
Government Regulations
 
Data Privacy and Data Protection Laws
 
Our activities in the cyber security market require that we comply with laws and regulations in the area of data privacy and data protection governing the collection, use, retention, sharing and security of personal data. For example, the GDPR and UK DP Laws (each as referenced above), include operational requirements for companies that receive or process personal data of residents of the European Union and the UK, and non-compliance will result in significant penalties. Many other countries in which we operate have their own data protection and data security laws that we need to comply with in collecting, utilizing, or otherwise processing personal data from our customers and/or visitors to their websites and others. 
 
58


Environmental and Security Management Regulations
 
Our activities in Europe require that we comply with European Union Directives with respect to product quality assurance standards and environmental standards. The “RoHs” and RoHs II Directives require products sold in Europe to meet certain design specifications, which exclude the use of hazardous substances. Directive 2002/96/EC on Waste Electrical and Electronic Equipment (known as the “WEEE” Directive) requires producers of electrical and electronic equipment to register in different European countries and to provide collection and recycling facilities for used products. We believe we are currently in compliance with the RoHs and WEEE regulations, ISO 14001 standards (regrading Environmental Management Systems), ISO/IEC 27001:2013 and ISO 27032: 2012 standards (both in regard to Information Security Management System), ISO 28000 (Supply Chain Security management) and OHSAS 18001:2007 (Occupational Health and Safety Management).
 
Israeli Innovation Authority
 
From time to time, eligible participants may receive grants under programs of the IIA. This governmental support is conditioned upon the participant’s ability to comply with certain applicable requirements and conditions specified in the IIA’s programs and the Innovation Law.
 
Under the Innovation Law, research and development programs that meet specified criteria and are approved by the Research Committee of the IIA are eligible for grants usually of up to 55% of certain approved expenditures of such programs, as determined by said committee.
 
The Innovation Law provides that know-how developed under an approved research and development program or rights associated with such know-how (1) may not be transferred to third parties in Israel without the approval of the IIA (such approval is not required for the sale or export of any products resulting from such research or development) and (2) may not be transferred to any third parties outside Israel, except in certain special circumstances and subject to the IIA’s prior approval, which approval, if any, may generally be obtained, subject to payment of a transfer fee pursuant to which the grant recipient pays to the IIA a portion of the sale price paid in consideration for such IIA-funded know-how; or a portion of the consideration paid in respect of licensing the IIA-funded know-how, as the case may be (according to certain formulas, which may result in repayment of up to 600% of the grant amounts plus interest). Under certain circumstances, such as in the event that the grant recipient receives know-how from a third party in exchange for its IIA-funded know-how, such transfer fee may not apply.
 
The Innovation Law imposes reporting requirements with respect to certain changes in the ownership of a grant recipient. The law requires the grant recipient and its controlling shareholders and foreign interested parties to notify the IIA of any change in control of the recipient or a change in the holdings of the means of control of the recipient and requires a non-Israel interested party to undertake to the IIA to comply with the Innovation Law.  In addition, the rules of the IIA may require additional information or representations in respect of certain of such events. For this purpose, “control” is defined as the ability to direct the activities of a company other than any ability arising solely from serving as an officer or director of the company.  A person is presumed to have control if such person holds 50% or more of the means of control of a company. “Means of control” refers to voting rights or the right to appoint directors or the chief executive officer. An “interested party” of a company includes a holder of 5% or more of its outstanding share capital or voting rights, its chief executive officer and directors, someone who has the right to appoint its chief executive officer or at least one director, and a company with respect to which any of the foregoing interested parties owns 25% or more of the outstanding share capital or voting rights or has the right to appoint 25% or more of the directors. Accordingly, any non-Israeli who acquires 5% or more of our ordinary shares will be required to notify us that it has become an interested party and needs to sign an undertaking to comply with the Innovation Law.
 
59


The Israeli authorities have indicated in the past that the government may further reduce or abolish the IIA grants in the future.  Even if these grants are maintained, we cannot presently predict what would be the amounts of future grants, if any, that we might receive.
 
In 2023, 2022, and 2021, we were qualified to participate in projects funded by the IIA to develop generic technology relevant to the development of our products. We were eligible to receive grants constituting between 30% and 55% of certain research and development expenses relating to these projects. The grants under these projects are not required to be repaid by way of royalties.
 
In addition, one of our Israeli subsidiaries received royalty-bearing grants from the IIA for an approved research and development project. The grants under this project are required to be repaid based on revenues from the sale of products incorporating or based upon know-how developed, in whole or in part with the grants. These grants amounted to $0.4 million for the year ended December 31, 2023.
 
Research and development grants deducted from research and development expenses, net amounted to $0.4 million, $1.3 million, and $1.3 million for the years ended December 31, 2023, 2022, and 2021, respectively.
 
Environmental, Social and Governance Matters

At Radware, we aim to help customers protect their critical applications and secure their digital experiences. As we pursue this goal, we recognize our responsibility to promote socially and environmentally responsible economic growth through our business practices. In order to promote this corporate responsibility and sustainability approach, we have implemented, and will continue to implement, various ESG principles and activities into our daily business practices, including, but not limited to, those summarized below.

Most recently, in December 2021, we have also released our inaugural ESG Report available at www.radware.com/corporategovernance (information contained on our website, including in our ESG report, is not incorporated herein by reference and shall not constitute part of this annual report) to expand our ESG-related disclosures regarding what we have accomplished thus far on this front and what we strive to achieve.

Environmental

We aim to build a more sustainable world through the products, services, and solutions we offer and the way we operate. This means, among other things, that we aim to operate our business in a manner which meets or exceeds all environmental laws and compliance guidelines and strive to improve our environmental performance across our entire supply chain.
 
60


While we continue to develop a program that recognizes our environmental impact, we have already implemented various activities to measure and foster our environmental focus, including the following highlights:
 

We have implemented key performance indicators (KPIs), which set quantitative reduction goals for the use of water, power and paper;
 

We work with our suppliers to maintain compliance with various environmental laws and guidelines, such as RoHS and WEEE in the EU, and adopted our Conflict Minerals Policy available at www.radware.com/corporategovernance/conflictminerals (information contained on our website, including in our Conflict Minerals Policy, is not incorporated herein by reference and shall not constitute part of this annual report), which outlines our practices and procedures with respect to responsible sourcing of minerals from conflict-affected and high-risk areas; and
 

Our corporate headquarters in Tel Aviv, Israel, as well as our training rooms in Tel Aviv are designed in the “TED” style to serve as multifunctional work spaces while the operations room utilizes NVX video technology in order to minimize the amount of copper wiring required to function and travel. At our headquarters, we offer EV charging stations to our employees and visitors, and where applicable according to local requirements, we offer recycling and properly dispose of e-waste.
 
Social

We believe that the foundation of our success lies in our diverse, engaged, and motivated workforce, and we continuously advocate for our team by creating a work environment in which our employees can thrive in the spirit of productivity and development. This means, among other things, that we aim to operate our business in a manner which promotes a work environment that is free of discrimination and harassment and otherwise attends to our employees’ wellbeing.
 
While we continue to develop a program that recognizes our social impact, we have already implemented various activities to measure and foster our focus on social impact, including the following highlights:
 

We are an equal-opportunity employer and make employment decisions based on a person’s qualifications and our business needs. This is demonstrated by our Human Rights and Labor Standards Policy;
 

Our corporate policy maintains zero tolerance for harassment, sexual harassment, and discrimination, and it imposes significant consequences for behavior deemed to create a hostile work environment. This is demonstrated by our Code of Conduct and Ethics as well as our Human Rights and Labor Standards Policy;
 
61



We offer what we believe is an attractive mix of compensation and benefit plans to support our employees’ and their families’ physical, mental, and financial well-being. This includes allowing the majority of our employees to have a direct ownership interest in Radware by participating in our equity-based incentive plans; and
 

We are focused on maintaining a healthy, safe, and secure work environment that protects our employees and the public from harm. This is demonstrated by the measures we implemented in order to overcome the challenges presented by the COVID-19 pandemic. We implemented a hybrid work model, which enables our employees to work partly remote and partly in the office. We believe that this flexibility drives increased job satisfaction while addressing the major challenges of remote work, such as isolation and lack of community.
 
Governance

As part of our sustainable and other ESG operations policies, we aim to conduct our corporate governance and build corporate behavior mechanisms to align with the interest of all our stakeholders. This means, among other things, that we developed and strive to maintain a strong set of corporate values that will inspire ethical behavior across all decision-making processes, and a management and control system so that ethics and security issues are given their due weight.
 
While we continue to develop a program that recognizes our corporate governance and ethical conduct, we have already implemented various activities to measure and foster this focus, including the following highlights:
 

Corporate Governance and Board Practices: Our corporate governance policies and practices are designed to foster effective board oversight in service of the long-term interests of our shareholders. Our Board of Directors consists of 8 members, of whom seven qualify as “independent directors” under the Nasdaq rules and one is female. The Audit and Compensation Committees of our Board of Directors, which are charged with significant functions in our risk oversight and compensation philosophy, respectively, both currently consist of three members, all of whom qualify as “independent directors” under the Nasdaq rules. For further details on our corporate governance, as well as our Board of Directors and its committees’ roles and practices, see Items 6.C “Board Practices” and 16.G “Corporate Governance.”
 

Ethical Business Conduct: All our directors, officers, consultants, service providers and employees are expected to conduct themselves in accordance with our Code of Conduct and Ethics available at http://www.radware.com/corporategovernance/ (information contained on our website, including in our Code of Conduct and Ethics, is not incorporated herein by reference and shall not constitute part of this annual report). Our Code of Conduct and Ethics is intended to promote various elements of ethical business conduct, such as compliance with laws; avoiding conflict of interests and personal exploitation of corporate opportunities; fair dealing; confidentiality of information; and other policies and guidelines in connection with insider trading and anti-corruption laws and policies.
 
62


C.          Organizational Structure
 
We have a wholly owned subsidiary in the United States, Radware Inc., which conducts the sales and marketing of our products and services in the United States. We also have subsidiaries in other countries, most of which typically conduct sales and marketing of our products and services in their respective locations. Our subsidiaries include (unless otherwise indicated, all subsidiaries are wholly owned):
 
Name of Subsidiary
Place of Incorporation
Radware Inc.
New Jersey, United States
Radware UK Limited
United Kingdom
Radware France
France
Radware Srl
Italy
Radware GmbH
Germany
Nihon Radware KK
Japan
Radware Australia Pty. Ltd.
Australia
Radware Singapore Pte. Ltd.
Singapore
Radware Korea Ltd.
Korea
Radware Canada Inc.
Canada
Radware India Pvt. Ltd.
India
Kaalbi Technologies Limited Ltd.
India
Radware (India) Cyber Security Solutions Private Limited
India
Radware China Ltd.
睿伟网络科技(上海)有限公司
China
Radware (Hong Kong) Limited
Hong Kong
Radyoos Media Ltd.*
Israel
Radware Canada Holdings Inc.
Canada
Radware Iberia, S.L.U.
Spain
Edgehawk Security Ltd.
Israel
SkyHawk (CNP) Security Ltd.**
Israel
SkyHawk Security, Inc.***
Delaware, United States
CSR Cloud Security Ltd.
Israel
Radware (Colombia) S.A.S.
Colombia
 
* We own approximately 91.0% of this subsidiary, which ceased its activities in 2017.
 
** We own approximately 76.2% of this subsidiary.
 
*** Wholly-owned by SkyHawk (CNP) Security Ltd.
 
63

 
The late Yehuda Zisapel, one of our co-founders and shareholders and, until recently, the Chairman of our Board of Directors, is the father of Roy Zisapel, our President, Chief Executive Officer and director.  Either the late Yehuda Zisapel (and following his death, his estate), his late brother, Zohar Zisapel, (and following his death, his heirs – Michael Zisapel and Klil Zisapel), and Nava Zisapel (or all of them together) are founders, directors and/or shareholders of several other companies which, together with our Company and our subsidiaries listed above, are known as the RAD-Bynet Group. These companies include, among others:
 
AB-NET Communications Ltd.
Binat Business Ltd.
BYNET Data
Communications Ltd.*
Bynet Data Centers Ltd.
CloudRide Ltd.*
BYNET Electronics Ltd.*
BYNET SEMECH (outsourcing) Ltd.*
Bynet Software Systems Ltd.
Bynet System Applications Ltd.*
Ceragon Networks Ltd.
Internet Binat Ltd.*
Packetlight Networks Ltd.
RAD-Bynet Properties and Services (1981) Ltd.*
Radbit Computers, Inc.
RADCOM Ltd.
RAD Data Communications Ltd.*
Radiflow Ltd.
 
RADWIN Ltd.
DC Protection Ltd. (previously known as SecurityDAM Ltd.)

 

*Denotes a RAD-Bynet Group company with which we currently transact business
 
The late Yehuda Zisapel (and following his death, his estate), Michael Zisapel and Klil Zisapel also hold shares in Carteav Ltd. and Tupaia Ltd., start-up companies that are not considered part of the RAD -Bynet group.
 
The RAD-Bynet Group also includes several other holdings, real estate companies, biotech and pharmaceutical companies and the above list does not constitute a complete list of all entities within the RAD-Bynet Group or of all the holdings of Yehuda Zisapel’s estate, Michael Zisapel, Klil Zisapel and Nava Zisapel.
 
Members of the RAD-Bynet Group are actively engaged in designing, manufacturing, marketing, and supporting data communications products, none of which currently compete with our products. Some of the products of members of the RAD-Bynet Group are complementary to, and may be used in connection with, our products and services. See also Item 7.B “Related Party Transactions.”
 
64


D.          Property, Plants and Equipment
 
General. We operate from leased premises mainly in Tel Aviv, Jerusalem and Ramat Gan in Israel and New Jersey in the United States. We also lease premises in several locations in Europe, North America, South America and Asia-Pacific for the activities of our subsidiaries, representative offices and branches. Our aggregate annual rent expenses under these leases were approximately $6.1 million in 2023.
 
We believe that the following offices and facilities are suitable and adequate for our operations as currently conducted and as currently foreseen. In the event that additional or substitute offices and facilities are required, we believe that we could obtain such offices and facilities at commercially reasonable rates.
 
Israel. Our headquarters and principal administrative, finance, research and development and marketing operations are located in approximately 108,000 square feet of leased office space in Tel Aviv, Israel, in two buildings: one building, consisting of approximately 40,000 square feet, plus storage and parking space, and the second building, consisting of approximately 68,000 square feet, plus parking spaces. Both buildings have leases that expire in June 2030 (with one of the two buildings having a termination option by us in June 2025 by way of prior notice) and are leased from, among others, affiliated companies owned by the late Yehuda Zisapel, Nava, Zisapel and/or the late Zohar Zisapel (and following his death, his heirs – Michael Zisapel and Klil Zisapel), as applicable. For more information, see Item 7.B “Related Party Transactions.”
 
In addition, we lease approximately 3,600 square feet of space in Jerusalem, Israel, for development facilities from an affiliated company owned by the late Yehuda Zisapel and Nava Zisapel. The lease expires in July 2025. We also lease approximately 15,000 square feet for manufacturing facilities in Jerusalem, Israel, from an affiliated company owned by the late Yehuda Zisapel, Nava, Zisapel and the late Zohar Zisapel (and following his death, his heirs– Michael Zisapel and Klil Zisapel). The lease expires in August 2028. For more information, see Item 7.B “Related Party Transactions.”
 
We also lease approximately 6,620 square feet of space in Ramat Gan, for operations of one of our subsidiaries. The lease expires in September 2026.
 
Other locations. In the United States, we lease approximately 16,900 square feet of property in Mahwah, New Jersey, consisting of approximately 12,700 square feet of office space and 4,200 square feet of warehouse space from a company controlled by the late Yehuda Zisapel, Nava, Zisapel and the late Zohar Zisapel (and following his death, his heirs – Michael Zisapel and Klil Zisapel). The lease expires in December 2025. For more information, see Item 7.B “Related Party Transactions.”
 
We lease approximately 3,850 square feet of property for our research and development facilities in North Carolina, the lease for which will expire in March 2026.
 
We also lease facilities for the operation of our subsidiaries and representative offices in several locations in Europe, North America, South America, and Asia-Pacific, all from unrelated third parties.
 
65


ITEM 4A.          UNRESOLVED STAFF COMMENTS
 
None.
 
ITEM 5.             OPERATING AND FINANCIAL REVIEW AND PROSPECTS
 
Our discussion and analysis of our financial condition and results of operation are based upon our consolidated financial statements, which have been prepared in accordance with U.S. GAAP. Our operating and financial review and prospects should be read in conjunction with our financial statements, accompanying notes thereto and other financial information appearing elsewhere in this annual report.
 
A.          Operating Results
 
Overview
 
General
 
We are a provider of cyber security and application delivery solutions for cloud, on-premises, and SDDC. Our solutions secure the digital experience by providing infrastructure, application, and network protection and availability services to enterprises globally. Our solutions are deployed by, among others, enterprises, carriers, and cloud service providers.

We began sales in 1997, and currently have nearly 30 local offices, subsidiaries or branches globally across Asia-Pacific, Europe, and North, Central and South America.

We sell through sales channels such as resellers and distributors whereas most of our direct sales are to strategic customers.

Most of our revenues are generated in dollars or are dollar-linked, and the majority of our expenses are incurred in dollars. As such, the dollar is our functional currency. Our consolidated financial statements are prepared in dollars and in accordance with U.S. GAAP.
 
Our revenues are derived from sales of our solutions:
 

We recognize physical and software product revenues when control of the product is transferred to the customer (i.e., when our performance obligation is satisfied), which typically occurs at shipment, and we recognize revenues from product and cloud subscriptions, as part of the product revenues, ratably over the subscription period.
 

Revenues from post-contract customer support (PCS), which mainly represents help-desk support and unit repairs or replacements, professional services, and ERT services, are recognized ratably over the contract or subscription period, which is typically between one year and three years.
 
Our revenues are also attributed to geographic areas based on the location of the end-users.
 
In the years ended December 31, 2023, 2022, and 2021, revenues derived from sales of the Company’s products and product subscriptions constituted approximately 56%, 59%, and 59%, respectively, of our total revenues, with the remaining revenues being derived from services.
 
66


Results of Operations
 
The following discussion of our results of operations for the years ended December 31, 2023, 2022, and 2021, including the following tables, which present selected financial information in dollars and as a percentage of total revenues, are based upon our consolidated statements of operations contained in our financial statements for those periods, and the related notes, included in this annual report.
 
The following table sets forth, for the periods indicated, certain financial data concerning our consolidated operating results:

 
   
2023
   
2022
   
2021
 
   
(US $ in thousands)
 
Revenues:
     

   

   
Products
 
$
145,541
   
$
172,161
    $
170,438
 
Services
   
115,751
     
121,265
     
116,058
 
     
261,292
     
293,426
     
286,496
 
Cost of revenues:
                       
Products
   
41,450
     
43,014
     
42,191
 
Services
   
10,260
     
10,870
     
10,255
 
     
51,710
     
53,884
     
52,446
 
                         
Gross profit
   
209,582
     
239,542
     
234,050
 
Operating expenses, net:
                       
                         
Research and development, net
   
82,617
     
86,562
     
74,098
 
Sales and marketing
   
126,237
     
126,533
     
119,842
 
General and administrative
   
32,408
     
29,786
     
21,885
 
Total operating expenses, net
   
241,262
     
242,881
     
215,825
 
Operating income (loss)
   
(31,680
)
   
(3,339
)
   
18,225
 
Financial income, net
   
13,927
     
8,052
     
4,407
 
Income (loss) before taxes on income
   
(17,753
)
   
4,713
     
22,632
 
Taxes on income
   
3,837
     
4,879
     
14,821
 
Net income (loss)
   
(21,590
)
   
(166
)
   
7,811
 

67

 
The following table sets forth, for the periods indicated, certain financial data expressed as a percentage of our total revenues:
 
   
2023
   
2022
   
2021
 
                   
Revenues:
   

   

   

Products
    56 %     59 %      59 %
Services
    44
      41      
41
 
     
100
      100
      100
 
Cost of Revenues:
                       
Products
     16        15        15  
Services
     4        4        3  
       20        19        18  
Gross profit
   
80
     
81
     
82
 
Operating expenses, net:
                       
Research and development, net
   
32
     
30
     
26
 
Sales and marketing
   
48
     
43
     
42
 
General and administrative
   
12
     
10
     
7
 
Total operating expenses, net
   
92
     
83
     
75
 
Operating income (loss)
   
(12
)
   
(1
)
   
6
 
Financial income, net
   
5
     
3
     
2
 
Income (loss) before taxes on income
   
(7
)
   
2
     
8
 
Taxes on income
   
(1
)
   
(2
)
   
(5
)
Net income (loss)
   
(8
)%
   
0
%
   
3
%
 
Comparison of Years Ended December 31, 2023, 2022, and 2021
 
Revenues.
 
Our revenues are derived from sales of our solutions. Revenues from physical products and software-based products are recognized when control of the promised goods is transferred to the customer, either upon shipment or when the product is delivered, depending on the commercial terms of each transaction. Revenues from cloud subscriptions are recognized ratably over the subscription period. Revenues from post-contract customer support, which represent mainly help-desk support, unit repairs or replacements, professional services and ERT services are recognized ratably over the contract period. For additional details regarding the manner in which we recognize revenues, see the discussion under the caption “Critical Accounting Estimates – Revenue Recognition” below.
 
The following table provides a breakdown of our consolidated revenues by type of revenues both in dollars and as a percentage of total revenues for the past three fiscal years, as well as the percentage change between such periods:
 
(US$ in thousands,
except percentages)
 
2023
   
2022
   
2021
   
% Change
2023 vs. 2022
   
% Change
2022 vs. 2021
 
Products
   
145,541
     
56
%
   
172,161
     
59
%
   
170,438
     
59
%
   
(15
)%
   
1
%
Services
   
115,751
     
44
%
   
121,265
     
41
%
   
116,058
     
41
%
   
(5
)%
   
4
%
Total
   
261,292
     
100
%
   
293,426
     
100
%
   
286,496
     
100
%
   
(11
)%
   
2
%
 
68


The following table shows a breakdown of our consolidated revenues by geographical distribution both in dollars and as a percentage of total revenues for the past three fiscal years, as well as the percentage change between such periods:
 
(US$ in thousands,
except percentages)
 
2023
   
2022
   
2021
   
% Change
2023 vs. 2022
   
% Change
2022 vs. 2021
 
North, Central and South America (principally the United States)(*)
   
103,435
     
40
%
   
123,947
     
42
%
   
128,770
     
45
%
   
(17
)%
   
(4
)%
EMEA (Europe, the Middle East and Africa)
   
96,488
     
37
%
   
104,219
     
36
%
   
98,388
     
34
%
   
(7
)%
   
6
%
Asia-Pacific
   
61,369
     
23
%
   
65,260
     
22
%
   
59,338
     
21
%
   
(6
)%
   
10
%
Total
   
261,292
     
100
%
   
293,426
     
100
%
   
286,496
     
100
%
   
(11
)%
   
2
%
 
(*) For the years ended December 31, 2023, 2022, and 2021, our revenues from the United States were $73.0 million, $94.0 million, and $98.9 million, respectively, representing 28%, 32%, and 35% of total revenues for these years, respectively.
 
Revenues in 2023 were $261.3 million compared with revenues of $293.4 million in 2022, a decrease of 11%.  The decline in revenue was primarily attributed to delays in closing large deals due to greater budget constraints of customers, mainly in the Americas, which resulted in a decrease in our on-premises products revenues in 2023 compared to 2022. This decline was partially offset by a growing demand for our cloud-based solutions.
 
Revenues in 2022 were $293.4 million compared with revenues of $286.5 million in 2021, an increase of 2%. The increase in revenues was primarily due to an increase in both product subscriptions revenues and service subscriptions revenues as described in more detail below.
 
In 2023, our product revenues were $145.5 million, a decrease of 15% compared to $172.2 million in 2022. The decline in revenues is attributed primarily to a decrease in our hardware-based products revenues, as the number of large deals in 2023 declined compared to 2022. Those large deals usually include significant hardware-based products revenues. Additionally, the increase demand for our cloud-based solutions impacted our revenues from hardware-based products.
 
In 2022, our product revenues were $172.2 million, an increase of 1% compared to $170.4 million in 2021, reflecting an increase in product subscriptions, partially offset by a decrease in sales of our hardware-based products.
 
In 2023, our service revenues were $115.8 million, a decrease of 5% compared to $121.3 million in 2022. The decrease in service revenues was attributed mainly to the decrease in service revenues derived from large deals, and due to a decrease in support services for our on-premises devices revenues which was partially offset by an increase in service subscription revenues.
 
69


In 2022, our service revenues were $121.3 million, an increase of 4% compared to $116.1 million in 2021. The increase in service revenues was due to the increase in service subscriptions.
 
During 2023, our revenues from the enterprise market decreased by 8% to $201.2 million from $218.0 million in 2022, and revenues from the carrier market decreased by 20% to $60.1 million from $75.4 million in 2022. During 2022, our revenues from the enterprise market increased by 5% to $218.0 million from $208.2 million in 2021, whereas, in 2022, revenues from the carrier market decreased by 4% to $75.4 million from $78.3 million in 2021.
 
Our revenues in North, Central and South America decreased in 2023 by 17% compared to 2022. Revenues from the EMEA region decreased in 2023 by 7% compared to 2022. Revenues in the Asia-Pacific region decreased in 2023 by 6% compared to 2022. The declines in revenues were attributed mainly to decreases in sales of our hardware-based products as described above, and a decrease in support services for our on-premises devices across all regions, partially offset by an increase in our cloud and subscription revenues, mainly in the EMEA and Asia-Pacific regions.

Our revenues in North, Central and South America decreased in 2022 by 4% compared to 2021. Revenues from the EMEA region increased in 2022 by 6% compared to 2021. Revenues in the Asia-Pacific region increased in 2022 by 10% compared to 2021. The growth in EMEA and Asia-Pacific was attributed mainly to our cloud and subscription business and to new logos we added to our cloud security offering; many of them are mid-sized enterprises. The decrease in revenues in North, Central and South America was attributed mainly to elongated sales cycles influenced by the macroeconomic downturn.
 
Other than the United States, no other single country accounted for more than 10% of our revenues for each of the years ended December 31, 2023, 2022, and 2021.
 
Cost of Revenues.
 
Cost of revenues refers to both products and services revenues and consists primarily of the cost of circuit boards and other components required for the assembly of our products, salaries and related personnel expenses for those engaged in the final assembly, and in providing support and maintenance service of our products, license and hosting fees paid to third parties, fees paid to managed security service providers (related parties), inventory write-offs, amortization of acquired technology and other overhead costs.
 
The following table sets forth a breakdown of our cost of revenues between products and services for the periods indicated, in absolute figures and as a percentage of the relative product and services revenues:
 
(US$ in thousands,
except percentages)
 
2023
   
2022
   
2021
 
Cost of Products
   
41,450
     
28.5
%
   
43,014
     
25.0
%
   
42,191
     
24.8
%
Cost of Services
   
10,260
     
8.9
%
   
10,870
     
9.0
%
   
10,255
     
8.8
%
Total
   
51,710
     
19.8
%
   
53,884
     
18.4
%
   
52,446
     
18.3
%

70

 
Cost of products as a percentage of product revenues in 2023 was 28.5%, compared to 25.0% in 2022. Cost of products in 2023 and 2022 included amortization of intangible assets in the amount of $4.0 million and $3.7 million, respectively. Our cost of products as a percentage of product revenues, excluding amortization of intangible assets, represented approximately 25.7% of product revenues in 2023, compared to 22.8% in 2022. Excluding amortization of intangible assets, the increase in cost of products as a percentage of product revenues was mainly attributed to the decrease in our products revenues.
 
Cost of services as a percentage of service revenues in 2023 was 8.9% compared to 9.0% in 2022.
 
Cost of products as a percentage of product revenues in 2022 was 25.0%, compared to 24.8% in 2021. Cost of products in 2022 and 2021 included amortization of intangible assets in the amount of $3.7 million and $1.9 million, respectively. Our cost of products as a percentage of product revenues, excluding amortization of intangible assets, represented approximately 22.8% of product revenues in 2022, compared to 23.7% in 2021. Excluding amortization of intangible assets, the decrease in cost of products as a percentage of product revenues was mainly due to a different mix of sales of our products and product subscriptions, as there was an increase in product subscriptions and a decrease in hardware-based products.
 
Cost of services as a percentage of service revenues in 2022 was 9.0% compared to 8.8% in 2021.
 
Operating Expenses, Net.
 
The following table sets forth a breakdown of our operating expenses, net for the periods indicated as well as the percentage change between such periods:
 
(US$ in thousands,
except percentages)
 
2023
   
2022
   
2021
   
% Change
2023 vs. 2022
   
% Change
2022 vs. 2021
 
Research and development, net
 
$
82,617
   
$
86,562
   
$
74,098
     
(5
)%
   
17
%
Sales and marketing
   
126,237
     
126,533
     
119,842
     
0
%
   
6
%
General and administrative
   
32,408
     
29,786
     
21,885
     
9
%
   
36
%
Total
 
$
241,262
   
$
242,881
   
$
215,825
     
(1
)%
   
13
%

Our operating expenses, net decreased 1% in 2023 to $241.3 million from $242.9 million in 2022. The decrease of $1.6 million was primarily attributed to the decrease of $6.1 million in personnel costs and related expenses, mainly due to a decrease in average headcount compared to the previous year and a decrease in other salary related expenses, such as sales incentive commissions and a decrease of $2.2 million in fees paid to subcontractors. The decrease was  partially offset by an increase of $6.5 million in share-based compensation expenses.
 
Our operating expenses, net increased by 13% in 2022 to $242.9 million from $215.8 million in 2021. The increase was primarily attributed to increased personnel costs and related expenses, additional operating costs following the acquisition of SecurityDAM in February 2022, increased share-based compensation expenses, increased travel expenses, and increased fees paid for hosting services and subcontractors.
 
71


Research and Development Expenses, Net.
 
Research and development, or R&D, expenses, net consist primarily of salaries and related personnel expenses, costs of subcontractors, and prototype expenses related to the design, development, quality assurance and enhancement of our solutions, and depreciation of equipment purchased for the development and testing processes. All R&D costs are expensed as incurred. We believe that continued investment in R&D is critical to attaining our strategic product objectives.
 
R&D expenses, net were $82.6 million in 2023, a decrease of $3.9 million, or 5%, compared with R&D expenses, net of $86.6 million in 2022. This decrease was primarily a result of: (1) a $2.5 million decrease in personnel costs, mainly due to a decrease in average headcount compared to the previous year, and (2) a $2.2 million decrease in amounts paid to subcontractors, partially offset by a $1.2 million increase in share-based compensation expenses (see also “Share-based compensation expenses” below). There was no significant impact due to the strengthening of the dollar against the NIS since the Company hedged most of its salary related expenses.
 
R&D expenses, net were $86.6 million in 2022, an increase of $12.5 million, or 17%, compared with R&D expenses, net of $74.1 million in 2021. This increase was primarily a result of: (1) $7.8 million due to an increase in personnel costs, including salary raises awarded and increases in average headcount compared to the previous year and additional personnel costs as part of the acquisition of SecurityDAM in February 2022, (2) $0.8 million related to additional rent and maintenance expenses due to SecurityDAM office spaces, (3) a $1.5 million increase in amounts paid to subcontractors, and (4) a $1.9 million increase in share-based compensation expenses (see also “Share-based compensation expenses” below). There was no significant impact due to the strengthening of the dollar against the NIS since the Company hedged most of its salary related expenses.
 
Sales and Marketing Expenses.
 
Sales and marketing expenses consist primarily of salaries, commissions, and related personnel expenses for those engaged in the sales and marketing of our products and services, operational costs of our offices that are located outside Israel and are engaged in the promotion, marketing and support of our solutions, in addition to the related trade shows, advertising, promotions, website maintenance, and public relations expenses, and amortization of intangible assets.
 
Sales and marketing expenses were $126.2 million in 2023, a decrease of $0.3 million, or less than 1%, compared with sales and marketing expenses of $126.5 million in 2022. This decrease was mainly related to a decrease of $3.6 million in personnel costs, largely due to a decrease in average headcount compared to the previous year, and also a decrease in other salary-related expenses, such as sales incentive commissions, partially offset by an increase of $2.0 million in marketing-related expenses, and a $1.3 million increase in share-based compensation expenses (see also “Share-based compensation expenses” below).

72

 
Sales and marketing expenses were $126.5 million in 2022, an increase of $6.7 million, or 6%, compared with sales and marketing expenses of $119.8 million in 2021. This increase was mainly related to (1) an increase of $2.3 million in marketing-related expenses, (2) a $2.0 million increase in travel expenses, and (3) a $2.4 million increase in share-based compensation expenses (see also “Share-based compensation expenses” below).
 
General and Administrative Expenses.
 
General and administrative expenses consist primarily of salaries and related personnel expenses for executive, accounting, and administrative personnel, professional fees (which include legal, audit and additional consulting fees), bad debt expenses, acquisition related costs, and other general corporate expenses.
 
General and administrative expenses were $32.4 million in 2023, an increase of $2.6 million, or 9%, compared with general and administrative expenses of $29.8 million in 2022. The increase in general and administrative expenses in 2023 was primarily due to (1) a $4.0 million increase in share-based compensation expenses (see also “Share-based compensation expenses” below), and (2) an increase of $0.3 million related to revaluation of contingent consideration recorded as part of the acquisition of SecurityDAM, partially offset by a $2.1 million decrease in professional services due to lower D&O insurance costs and one time transaction costs we recorded in 2022, as part of the acquisition of SecurityDAM.
 
General and administrative expenses were $29.8 million in 2022, an increase of $7.9 million, or 36%, compared with general and administrative expenses of $21.9 million in 2021. The increase in general and administrative expenses in 2022 was primarily due to (1) a $5.3 million increase in share-based compensation expenses (see also “Share-based compensation expenses” below), (2) a $0.9 million increase related to personnel costs and related expenses, (3) a $1.0 million increase related to transaction costs as part of the acquisition of SecurityDAM in February 2022, and (4) a $0.8 million increase related to revaluation of contingent consideration recorded as part of the acquisition of SecurityDAM.
 
For a discussion of the impact of foreign currency fluctuations on our business, see Item 11 “Quantitative and Qualitative Disclosures about Market Risk.”
 
Share-based compensation expenses.
 
Our expenses also include the recognition of share-based compensation, which is allocated among cost of sales, research, and development expenses, marketing and selling expenses and general and administrative expenses, based on the division in which the recipient of the option grant is employed.  The share-based compensation is amortized to operating expenses over the requisite service period of the individual options.
 


73


The following tables summarize the share options and restricted share units (RSUs) that were granted during the years 2023, 2022, and 2021, and their weighted average grant-date fair value:

             Share options:

   
2023
   
2022
   
2021
 
Grants
   
331,899
     
250,284
     
248,233
 
Weighted-average grant-date fair value
   
5.48
     
6.77
     
6.87
 

RSUs:

   
2023
   
2022
   
2021
 
Grants
   
1,390,718
     
1,947,499
     
1,143,097
 
Weighted-average grant-date fair value
   
15.82
     
21.31
     
32.57
 

Share-based compensation expenses in 2023 totaled $34.0 million, an increase of $6.6 million, or 24%, compared with expenses of $27.4 million in 2022. The increase in our share-based compensation expenses in 2023 was primarily due to equity-based grants made to our Chief Executive Officer (CEO) during 2022 and certain equity-based grants made to employees of Skyhawk Security, our majority-owned subsidiary, during the last quarter of 2022, which resulted in recording higher expenses in 2023.

Share-based compensation expenses in 2022 totaled $27.4 million, an increase of $9.8 million, or 56%, compared with expenses of $17.6 million in 2021. The increase in our share-based compensation expenses in 2022 was primarily due to equity-based grants made to our CEO during 2022 and higher weighted-average grant date fair value of RSUs granted towards the end of 2021, which resulted in recording higher expenses in 2022.

Financial Income, Net.
 
Financial income, net consists primarily of interest earned on short- and long-term bank deposits, amortization of premiums, accretion of discounts, interest and dividends earned on investments in marketable securities, gain from the sale of marketable securities and from income and expenses from the translation of monetary balance sheet items denominated in non-dollar currencies.
 
Financial income, net was $13.9 million in 2023, compared with $8.1 million in 2022. The net increase of $5.9 million was primarily due to higher average interest rates on our bank deposits, which resulted in a $7.0 million increase in interest income and gains from our investments and bank deposits, partially offset by a $1.1 million decrease in foreign currency exchange gains, mainly due to revaluation of liabilities stated in NIS.
 
Financial income, net was $8.1 million in 2022, compared with $4.4 million in 2021. The net increase of $3.7 million was primarily due to a $3.1 million increase in foreign currency exchange gains, mainly due to revaluation of liabilities stated in NIS, and a $0.6 million increase in interest income and gains from our investments and bank deposits.
 
74


Income Taxes.
 
Israeli companies are generally subject to corporate tax on their taxable income at the rate of 23% for the 2023, 2022, and 2021 tax years. We elected to apply the Preferred Enterprise regime under the Law for the Encouragement of Capital Investment, 1959 (the “Investments Law”) as of the 2014 tax year. The election is irrevocable. Under the Preferred Enterprise regime, a preferred income of an enterprise located in the center of Israel is subject to a tax rate of 16%. Pursuant to Amendment 73 to the Investments Law adopted in 2017, a company located in the center of Israel that meets the conditions for “Preferred Technological Enterprises” is subject to a tax rate of 12%. We believe we meet those conditions.
 
We operate our business in various countries and attempt to utilize an efficient operating model to optimize our tax payments based on the laws in the countries in which we operate. This can cause disputes between us and various tax authorities in different parts of the world.
 
In 2023, we recorded pretax loss of $17.8 million as compared to pretax income of $4.7 million in 2022, and our tax expenses were $3.8 million in 2023, a decrease of $1.1 million, or 21%, compared with tax expenses of $4.9 million in 2022. The decrease was mainly attributed to the decrease in our pretax income (loss) compared to the previous year and to a decrease in our uncertain tax positions provision.

Our effective tax rate in 2022 was 104% compared with an effective tax rate of 65% in 2021. The increase in the effective tax rate in 2022 as compared to 2021 was primarily due to an additional provision for unrecognized tax benefit and carryforward losses of which valuation allowance was recorded.

For additional disclosure and explanations regarding our income taxes, including the Preferred Technology Enterprise program, see Note 14 to our consolidated financial statements included elsewhere in this annual report and Item 10.E “Taxation—Israeli Tax Considerations.”
 
Reportable Segments
 
In previous reporting periods (until December 31, 2022), we operated in one reportable segment. Commencing January 1, 2023, we have determined that the Company operates in two reportable segments:
 

Radware’s Core Business - this segment consists of our core business operations, including our cloud security as-a-service products, application and data centers security products and our application availability products; and
 

The Hawks’ Business – this segment consists of the operations of our two subsidiaries: SkyHawk Security, a spinoff of our former cloud native protector business which now provides an agentless Cloud-native threat Detection and Response (CDR), combined with Cloud Infrastructure Entitlement Manage (CIEM), Cloud Security Posture Management CSPM and Autonomous Purple Team for AWS Google Cloud and Azure, and EdgeHawk, which is engaged in transforming routers and network nodes into security platforms.
75


The following tables set forth, for the periods indicated, certain financial data concerning our reportable segments (U.S. dollars in thousands):
 
   
Year ended
December 31, 2023
 
   
Radware Core
   
Hawks
   
Total
 
                   
Revenues
 
$
260,322
   
$
970
   
$
261,292
 
                         
Operating loss
 
$
(16,802
)
 
$
(14,878
)
 
$
(31,680
)

   
Year ended
December 31, 2022
 
   
Radware Core
   
Hawks
   
Total
 
                   
Revenues
 
$
290,408
   
$
3,018
   
$
293,426
 
                         
Operating income (loss)
 
$
8,416
   
$
(11,755
)
 
$
(3,339
)

   
Year ended
December 31, 2021
 
   
Radware Core
   
Hawks
   
Total
 
                   
Revenues
 
$
283,913
   
$
2,583
   
$
286,496
 
                         
Operating income (loss)
 
$
24,114
   
$
(5,889
)
 
$
18,225
 
 
Revenues of the Hawks’ reportable segment was immaterial during the years ended December 31, 2021 through December 31, 2023, therefore, there is no separate discussion about revenues of each segment during those years. For a discussion about the revenues on a consolidated basis, see Item 5.A “Operating Results.”
 
Operating expenses of the Hawks’ business consist primarily of salaries and related personnel expenses, costs of subcontractors, agent fees and share-based compensation expenses.
 
Operating loss of the Hawks’ business was $14.9 million in 2023, $11.8 million in 2022 and $5.9 million in 2021.
 
The increase of $3.1 million in the operating loss of the Hawks’ segment in 2023 compared to 2022 was primarily a result of an increase of $1.9 million in salaries and related personnel costs, mainly due to an increase in average headcount, $1.6 million increase in share-based compensation expenses and a decrease of $2.0 million in revenues. This was partially offset by a decrease of $1.7 million in costs of subcontractors and agents and a decrease of $0.5 million in hosting fees.
 
76


The increase of $5.9 million in the operating loss of the Hawks’ segment in 2022 compared to 2021 was primarily a result of an increase of $2.5 million in salaries and related personnel costs, mainly due to an increase in average headcount, $1.3 million increase in share-based compensation expenses and an increase of $1.5 million in fees paid to subcontractors and agents.
 
Operating expenses of the Radware core business segment consist primarily of salaries and related personnel expenses including commissions paid to our sales team, marketing related expenses, hosting services fees, rent and office maintenance fees, professional services, costs of subcontractors and share-based compensation expenses.
 
The operating loss of the Radware core business segment was $16.8 million in 2023, compared to operating income of $8.4 million in 2022 and operating income of $24.1 million in 2021.
 
The decrease of $25.2 million in the operating income in 2023 compared to 2022 was primarily a result of the decrease of $30.1 million in the Radware core segment’s revenues. This was partially offset by a decrease of $2.5 million in cost of sales, and a $2.5 million decrease in salaries and related personnel costs, mainly due to the decrease in average headcount compared to the previous year.
 
The decrease of $15.7 million in the operating income of the Radware core segment in 2022 compared to 2021 was primarily a result of an increase of $1.5 million in cost of sales, an increase of $7.8 million in salaries and related  personnel costs including commissions to our sales teams, mainly due to an increase in average headcount, an increase of $8.5 million in share-based compensation expenses, mainly due to equity-based grants made to our CEO during 2022, an increase of $2.1 million in travel expenses and an increase of $2.3 million in marketing-related expenses. This was partially offset by an increase of $6.5 million in the segment’s revenues.
 
For additional details regarding these two reportable segments, see below and Notes 2ac and 15 to our consolidated financial statements included elsewhere in this annual report.
 
Currency Fluctuations and Inflation
 
Our financial results may be negatively impacted by foreign currency fluctuations and inflation. Information required by this section is set forth in Item 11 “Quantitative and Qualitative Disclosures about Market Risk” and in Item 3.D “Risk Factors—Currency exchange rates and fluctuations of exchange rates could have a material adverse effect on our results of operations.”
 
Impact of Governmental Policies
 
For information on the impact of governmental policies on our operations, see Item 4.B “Business Overview—Government Regulations,” Item 3.D “Risk Factors—Laws, regulations and industry standards affecting our business are evolving, and unfavorable changes could harm our business,” and “Item 3.D “Risk Factors—Risks Related to Operations in Israel.”
 
77


Impact of Ukraine-Russia and Israel-Hamas Military Conflicts
 
Following Russia’s military conflict in Ukraine, the United States and other countries launched economic sanctions and severe export control restrictions against Russia and Belarus, and the United States and other countries could launch wider sanctions and export restrictions and take other actions should the conflict further escalate. For information on the possible impact of the Russia-Ukraine conflict, see Item 3.D “Risk Factors—Our business may be affected by sanctions, export controls and similar measures targeting Russia and other countries and territories as well as other responses to Russia’s military conflict in Ukraine, including indefinite suspension of operations in Russia and dealings with Russian entities by many multi-national businesses across a variety of industries.”
 
In October 2023, following the Hamas terrorist attack, the Israeli government declared war against Hamas and commenced a military campaign against these terrorist organizations. In parallel, clashes intensified between Israel and Hezbollah on Israel’s northern border with Lebanon. Additionally, the Houthis launched missile and drone attacks targeted at Israel and ships in the Red Sea, posing a threat to international shipping in the Suez Canal. These armed conflicts may further escalate into a greater regional conflict and could adversely affect our business, operations and financial results. However, to date, we have not experienced any major interruption or material adverse impact on our business activities. For information on the possible impact of the state of war declared in Israel in October 2023, see Item 3.D “Risk Factors—Political, economic and military instability in the Middle East or Israel, including the state of war declared in Israel in October 2023, may harm our business.”
 
Related Parties
 
We have entered into a number of agreements for the lease of real property and the purchase of certain products and services from certain companies, of which the late Yehuda Zisapel, the late Zohar Zisapel (and following his death, his heirs – Michael Zisapel and Klil Zisapel), and/or Nava Zisapel are co-founders, directors and/or shareholders, which form part of the RAD-Bynet Group. In February 2022, we have also acquired the technology and operations of one of these RAD-Bynet Group entities, SecurityDAM. The late Yehuda Zisapel (and following his death – his estate) and his son, Roy Zisapel, our President and Chief Executive Officer and a director, hold a majority stake and a minority stake, respectively, in SecurityDAM. Roy Zisapel also serves as a director of RAD Data Communications Ltd., a company in the RAD-Bynet Group.
 
We believe that the terms of the transactions in which we have entered with these member entities of the RAD-Bynet Group are not different in any material respect from terms we could obtain from unaffiliated third parties and are beneficial to us and no less favorable to us than terms that might be available to us from unaffiliated third parties. The pricing of the transactions was arrived at based on negotiations between the parties. Members of our management reviewed the pricing of the agreements and confirmed that they were not different in any material respect than that which could have been obtained from unaffiliated third parties.

For more details about these transactions, see below under Item 7.B “Related Party Transactions.”
 
78


B.          Liquidity and Capital Resources
 
General
 
Since our inception, we have financed our operations through a combination of issuing equity securities, including two public offerings in October 1999 and February 2000, research and development and marketing grants from the Government of Israel, and cash generated by operations.
 
The total Radware Ltd. shareholders’ equity as a percentage of its total assets was 50% on December 31, 2023, compared with 52% on December 31, 2022 and 58% on December 31, 2021.
 
Cash and cash equivalents, short- and long-term bank deposits and short- and long-term marketable securities were $363.7 million on December 31, 2023, compared with $432.0 million and $465.8 million on December 31, 2022 and 2021, respectively.
 
Principal Capital Expenditures and Divestitures
 
Capital expenditures were $5.4 million, $8.8 million, and $5.6 million for the years ended December 31, 2023, 2022, and 2021, respectively. These expenditures were mainly comprised of investments in cloud infrastructure, enterprise resource planning (ERP) modules, leasehold improvements, machinery and equipment, computers, lab equipment and testing tools.
 
In 2024, we anticipate that the majority of our capital expenditures will be primarily for additional infrastructure to support our cloud-based solutions and for R&D testing, lab equipment and additional investments in our ERP system.
 
In May 2022, we announced the launch of SkyHawk Security, a spinoff of our former cloud-native Cloud Native Protector business with a strategic external investment of an affiliate of Tiger Global Management (the “SkyHawk Spinoff”).
 
Other than the SkyHawk Spinoff, we did not have any principal divestitures in the past three years.
 
Working Capital and Cash Flows
 
The following table presents the major components of net cash flows used in and provided by operating, investing, and financing activities for the periods presented (dollars in thousands(:
 
   
2023
   
2022
   
2021
 
Net cash provided by (used in) operating activities
 
$
(3,500
)
 
$
32,148
   
$
71,774
 
Net cash provided by (used in) investing activities
   
92,779
     
(56,018
)
   
7,849
 
Net cash used in financing activities
   
(64,926
)
   
(22,458
)
   
(41,881
)
 
Net cash provided by (used in) operating activities for 2023, 2022 and 2021 was $(3.5) million, $32.1 million, and $71.8 million, respectively. Our net income (loss) in 2023, 2022, and 2021 was $(21.6) million, $(0.2) million, and $7.8 million, respectively.
 
79


Net cash used in operating activities was $3.5 million for the year ended December 31, 2023, compared to net cash provided by operating activities of $32.1 million for the year ended December 31, 2022. The change resulted primarily from an increase in our net loss of $21.4 million, a decrease of $0.8 million in accrued interest on bank deposits, a decrease of $28.4 million in deferred revenues, a decrease of $4.3 million in inventories, and a decrease of $4.3 million in trade payables. These decreases were partially offset by an increase of $12.6 million in other payables and accrued expenses, an increase of $6.7 million in share-based compensation, an increase of $2.1 million in other assets and prepaid expenses, and a $2.0 million increase in trade receivables.
 
Net cash provided by operating activities was $32.1 million for the year ended December 31, 2022, compared to $71.8 million for the year ended December 31, 2021. The change resulted primarily from a decrease in our net income of $8.0 million, a decrease of $4.9 million in accrued interest on bank deposits, a decrease of $6.6 million in deferred revenues, a decrease of $2.2 million in inventories, a decrease of $1.9 million in operating lease liabilities, net, a decrease of $8.2 million in trade receivables, net, and a decrease in other payables of $26.3 million, mainly related to $15.4 million cash paid during the first quarter of 2022 for a settlement we reached with the Israeli Tax Authority during November 2021. These decreases were partially offset by an increase of $1.5 million in depreciation and amortization, an increase of $9.8 million in share-based compensation, an increase of $4.3 million in other assets and prepaid expenses, and a $1.7 million increase in trade payables.
 
Net cash provided by investing activities was $92.8 million for the year ended December 31, 2023, an increase of $148.8 million compared to net cash used in investing activities of $56.0 million for the year ended December 31, 2022. The change was primarily due to a net increase of $115.4 million in proceeds from short- and long-term deposits and marketable securities, the non-recurrence of the $30.0 million acquisition payment related to SecurityDAM in 2022, and a decrease of $3.4 million in capital expenditures.

Net cash used in investing activities was $56.0 million for the year ended December 31, 2022, a change of $63.9 million compared to net cash provided by investing activities of $7.8 million for the year ended December 31, 2021. The change was primarily due to a net decrease of $30.6 million in proceeds from short- and long-term deposits and marketable securities, a decrease of $30.0 million due to the acquisition payment related to SecurityDAM, and an increase of $3.2 million in capital expenditures.

Net cash used in financing activities was $64.9 million for the year ended December 31, 2023, an increase of $42.5 million compared to net cash used in financing activities of $22.5 million for the year ended December 31, 2022. The increase in net cash used in financing activities was attributed to the non-recurrence of the $35.0 million proceeds from the issuance of Preferred A shares in our subsidiary SkyHawk Security in 2022, the $2.1 million contingent consideration paid to SecurityDAM and an increase of $3.7 million in repurchase of our ordinary shares. In addition, proceeds from the exercise of share options decreased by $1.7 million.

Net cash used in financing activities was $22.5 million for the year ended December 31, 2022, a decrease of $19.4 million compared to net cash used in financing activities of $41.9 million for the year ended December 31, 2021. Net cash used in financing activities was attributed primarily to the repurchase of our ordinary shares. In 2022 and 2021, we repurchased ordinary shares in the amount of $59.5 million and $52.5 million, respectively. In addition, proceeds from the exercise of share options decreased by $8.6 million, and in 2022, we received $35.0 million in proceeds from the issuance of Preferred A shares in our subsidiary, SkyHawk Security.

80


Cash and Cash Equivalents

As of December 31, 2023, we had cash and cash equivalents, including short- and long-term bank deposits and short- and long-term marketable securities, of $363.7 million, compared to $432.0 million as of December 31, 2022 and $465.8 million as of December 31, 2021. As of December 31, 2023, approximately 46%, 28% and 26% of our short-term bank deposits were deposited in Israel with major Israeli banks which are rated AAA, A and BBB+, respectively, as determined by S&P’s Maalot. As of December 31, 2023, the longest contractual duration of any of our bank deposits was 2.0 years, the weighted-average duration of our deposits was 1.11 years, and the weighted average time to maturity was 0.36 years.
 
Our marketable securities portfolio includes investments in foreign banks and government debentures and in debt securities of corporations. The financial institutions that hold our marketable securities are major U.S. financial institutions, located in the United States.  As of December 31, 2023, 45% of our marketable securities portfolio was invested in debt securities of financial institutions and 55% in debt securities of corporations. From a geographic perspective, 76% of our marketable securities portfolio was invested in debt securities of U.S. issuers, 6% was invested in debt securities of European issuers and 18% was invested in debt securities of other geographic-located issuers. As of December 31, 2023, 92% of our marketable securities portfolio was rated A- or higher and 8% was rated BBB+, as determined by S&P.
 
There are no material legal restrictions, taxes, or other costs associated with transferring our funds held in U.S. financial institutions to Israeli financial institutions, and we have access to all of our cash as needed for our operations. Although we have various subsidiaries throughout the world, there are no material legal, tax, or other cost impediments to our transferring cash to these subsidiaries for operations as and when needed or to such subsidiaries transferring cash to us to meet our own cash obligations. Further, we believe we generate sufficient cash from our Israeli operations to fund our operating and capital requirements and, therefore, do not need or intend to repatriate any of the earnings of our foreign subsidiaries.
 
81


Other Material Contractual Obligations
 
The following table summarizes our material contractual obligations as of December 31, 2023 and the effect those commitments are expected to have on our liquidity and cash flow.
 
 
Payments Due by Period (US $ in thousands)
Contractual
obligations
Total
Less than 1 year*
1-3 years
3-5
years
More than
5 years
Operating leases (1)
22,265
4,937
7,673
5,834
3,821
Total contractual cash obligations (2)
22,265
4,937
7,673
5,834
3,821

* Become due during 2024.
 
(1) Consists of outstanding operating leases for the Company’s facilities. The lease agreements expire in the years 2024 to 2030, although certain of our leases have renewal options.
 
(2) Severance payments of $4.4 million are payable only upon termination, retirement, or death of the respective employee and there is no obligation for benefits accrued prior to 2007 if the employee voluntarily resigns. Since we are unable to reasonably estimate the timing of settlement, such payments are not included in the table. See also Note 2(w) of our consolidated financial statements.
 
Market Risk
 
We are exposed to market risk, including fluctuations in interest rates and foreign currency exchange rates. Additional information about market risk is set forth in Item 11 “Quantitative and Qualitative Disclosures about Market Risk.”
 
Outlook
 
Our capital requirements depend on numerous factors, including market acceptance of our products and services and the resources we allocate to our operating expenses.  Since our inception, we have experienced substantial increases in our expenditures consistent with growth in our operations and personnel, and we may increase our expenditures in the foreseeable future in order to execute our strategy.
 
We anticipate that operating activities as well as capital expenditures will demand the use of our cash resources. We believe that our cash balances will provide sufficient cash resources to finance our operations and the projected marketing and sales activities and research and development efforts and other elements of our strategy for a period of no less than the next 12 months.
 
C.          Research and Development, Patents and Licenses, etc.
 
In order to accommodate the rapidly changing needs of our markets, we place considerable emphasis on research and development projects designed to improve our existing product lines, develop new product lines and customize our products to meet our customers’ needs. As of December 31, 2023, we had 408 employees and 71 subcontractors engaged primarily in research and development activities, compared to 419 employees and 75 subcontractors at the end of 2022, and 365 employees and 68 subcontractors at the end of 2021. For a further discussion of research and development, see Item 5.A “Operating Results.”
 
For a discussion regarding the benefits provided under programs of the IIA, see Item 4.B “Business Overview—Israeli Innovation Authority.”
 
82


D.          Trend Information
 
General
 
We have identified the following key trends and uncertainties that we believe will materially influence our market, financial condition and the demand for our solutions:
 

Applications are migrating to the public cloud.  The migration to public cloud exposes organizations to new threats that require consistent security across all cloud environments. Organizations also prefer to purchase security services as a subscription, to match the subscription-based consumption of hosting services.
 

Datacenter architecture is changing. Datacenter architecture is changing to include various models such as a physical datacenter, a virtual datacenter, a software defined datacenter, and private or public cloud. New emerging edge clouds, coupled with the emerging 5G breakouts and SD-WAN, will enable enterprises to effectively leverage cloud-native services and edge computing services. Many organizations use a mixed infrastructure that includes a combination of one or more of the above and therefore require broader overarching protection that encompasses both the datacenter and multi-cloud-based applications. In addition, this mixed environment often involves multiple vendors and creates challenges in IT staffing and operational costs, which increase the needs for hybrid cloud services, managed “single pane of glass” style security services and modern automated data center technologies.
 

Application modernization requires new security tools. Application infrastructure is changing, from monolithic applications to modern applications and websites in which deployment workflows, front-end built-tools and API-centric architectures are used. The rise of cloud-native ecosystems, increasingly adapting cloud-direct and micro-services architecture packaged as containers, is providing a built-in “on-demand” elasticity and availability application infrastructure. This enables introducing and running the new generation of cloud-native applications, in a fast, adaptive and more efficient way by interacting with DevOps CICD tools and methods. As such, the AppSec blast radius is expanded and requires injection of security controls within the application lifecycle at early stages, to avoid slowdown in development, to sanitize, for example, usage of opensource software used by developers and might leak in malicious code (recent Log4J library). Various “shift-right” and “shift-left” methods are used and specifically adapted for various target deployment environments.
 

The above-mentioned cloud-native application delivery opens the door for leakage through the open cloud interface. A new family of attack surfaces manifested by the fact that the cloud APIs are publicly published, and DevOps processes are done from the outside of the cloud “perimeter” (the insider becomes the outsider). “Cloud-native” infiltrations are enabled by the usage of cloud-IAM (identify and access) misconfigurations or account take over techniques and by various vulnerabilities of publicly exposed web and API interfaces. This creates a need for a new protection posture for compliance, permissions hardening, vulnerabilities detection as well as cloud-native detection (infiltrations and exfiltration) and response tools under new industry categories: CIEM (Cloud Infrastructure Entitlement Management), CSPM (Cloud Security Posture Management), CWPP (Cloud Workload Protector Platform), and CTDR (Cloud Threat Detection and Response).
 
83



Organizations’ attack surfaces are increasing due to a changing economy. This was caused by a combination of two forces. First, working from home, primarily due to the restraints associated with COVID-19, required organizations to enable remote access to applications and services that were previously not exposed. This eliminated the traditional network perimeter, and now, even after The World Health Organization determined that COVID-19 no longer fit the definition of a public health emergency, every home computer or mobile device has become the new perimeter. Second, an increase in the online consumption of goods has accelerated organizations’ digital transformation and migration to the cloud. The result is more opportunities for attackers to leverage the increased attack surface.
 

Increasing complexity and intensity of security threats, including in view of AI-weaponized attacks. The increasing complexity and intensity of the security threats landscape requires expertise in identifying the attacks and state-of-the-art security to mitigate the attacks and safeguard the assets. Attack delivery is aided by the growing presence of connected devices (IoT), which increases the threat surface against any kind of infrastructure, as well as traffic encryption (dark data) assisting in hiding attacks. Furthermore, attack tools are increasingly available to all through the dark net and becoming more sophisticated as hackers use automation and weaponize AI. Increasing focus is currently centered around the new opportunities of weaponizing AI enabled by OpenAI. This leads to ever morphing and scalable attack vectors at all levels, from volumetric botnets through web and API-centric attacks, as well as new attack surfaces that utilize Kubernetes-platforms (container orchestration platform of choice). The mass amount of uncontrolled IoT devices and cloud hosting opens the door for a new generation of botnets and automated bots that are hard to classify and block. Most organizations are not able to keep up with these developments with their internal cyber security resources and seek managed security services.
 

Increasing expectations for applications availability and frictionless performance, due to the increasing dependence on applications in today’s business world. Businesses are sensitive to the resilience and availability of their applications, given their customers’ expectations of flawless experience and optimal performance. As such, exposed web and API based applications are the target for attackers that utilize both the server side as well as the client/browser side platforms for spreading their malicious code. New security controls utilize the power of AI and machine learning to control the delivery of AppSec services (control false positives) as well as detection of zero-days.
 
84



Israel-Hamas and Ukraine-Russia Military Conflicts. The state of war declared in Israel in October 2023 (see the risk factor titled “Political, economic and military instability in the Middle East or Israel, including the state of war declared in Israel in October 2023, may harm our business”) and the Russia-Ukraine war (see the risk factor titled “Our business may be affected by sanctions, export controls and similar measures targeting Russia and other countries and territories as well as other responses to Russia’s military conflict in Ukraine, including indefinite suspension of operations in Russia and dealings with Russian entities by many multi-national businesses across a variety of industries”).
 
We believe that our business, comprised of application security and delivery solutions, is positioned to effectively navigate the headwinds resulting from the above-mentioned industry dynamics due to the following key factors:
 

We have developed a broad portfolio of solutions to address the challenges and meet the requirements arising from these trends.
 

We continuously focus on innovation and believe that our solutions have, in many instances, a technological advantage over competing solutions.
 

We offer our solutions in a wide array of deployment models (on-premise solutions, managed services, cloud-based solutions, etc.), in order to support various customers’ business models. We believe this flexibility addresses the complexity and diversity of the current application and infrastructure ecosystem.
 
We believe that the advantages of our offerings, coupled with the above-mentioned industry dynamics and trends, place us in a position to meet our business plans. Nevertheless, meeting our business plans and implementing our growth strategy, as more fully described under Item 4.B “Business Overview–Our Growth Strategy” above, may not convert into revenues growth in a given period, due to our shift towards subscription-based product sales, where revenues are recognized throughout the subscription period.
 
In addition, while we believe that the above trends may present some opportunities for us, they also pose significant challenges, risks, and uncertainties, including the following:
 

We operate in a highly competitive environment, and some of our competitors have larger internal resources, and a larger installed base.
 

While we believe that the shift towards a subscription-based business model is a strategic transition towards higher growth and profitability in the long term, we may not be successful in its execution, including an inability to maintain a high subscription renewal rate.
 

In addition, our customers’ purchasing decisions are related to the conditions in our industry and in the various regions and geographical markets in which we operate and are tied to the overall IT spending climate. Uncertainty about current global economic conditions continues to pose a risk as customers may postpone or reduce spending in response to such uncertainties. In particular, the Israel-Hamas and Ukraine-Russia military conflicts may negatively affect economic conditions regionally, as well as globally, disrupt operations, affect supply chains, or otherwise negatively impact our business.
 

The other risks and uncertainties we face, as described under Item 3.D “Risk Factors.”
 
85


State of War in Israel Update

In October 2023, Hamas terrorists and members of other terrorist organizations infiltrated Israel’s southern border from the Gaza Strip and conducted a series of attacks on civilian and military targets. Hamas also launched extensive rocket attacks on Israeli population and industrial centers located along Israel’s border with the Gaza Strip and in other areas within the State of Israel. These attacks resulted in thousands of deaths and injuries, and Hamas additionally kidnapped many Israeli civilians and soldiers.  Following the attacks, the Israeli government declared war against Hamas and commenced a military campaign against these terrorist organizations. In parallel, clashes intensified between Israel and Hezbollah on Israel’s northern border with Lebanon. Additionally, the Houthis launched missile and drone attacks targeted at Israel and ships in the Red Sea, posing a threat to international shipping in the Suez Canal. These armed conflicts may further escalate into a greater regional conflict and could adversely affect our business, operations and financial results.
 
These conflicts have also strained Israel’s relationship with some of its Arab citizens, Arab countries and, to some extent, with other countries around the world. In addition, Israel faces threats, including cyber threats, from more distant neighbors, such as Iran, which has previously threatened to attack Israel and is believed to have a presence in Syria as well as influence over Hamas, Hezbollah and the Houthis. This situation may further escalate in the future, and this instability in the region may affect the global economy and marketplace. There can be no assurance that the political situation and these armed conflicts will not have a material adverse impact on our business in the future.

Furthermore, some of our directors, officers and employees are, unless exempt, obligated to perform annual military reserve duty, depending upon their age and prior position in the army. They may also be subject to being called to active duty at any time under emergency circumstances. For example, in connection with the state of war declared in Israel in October 2023, certain of our employees and consultants in Israel have been called to perform immediate military service and additional employees may be called as these armed conflicts progress. Our operations could be disrupted by the absence, for a significant period, of one or more of these officers or other key employees due to military service, and any disruption in our operations could harm our business.

In addition, in February 2024, in connection with the war declared in Israel in October 2023, Moody’s has downgraded Government of Israel’s foreign-currency and local-currency issuer ratings to A2 from A1, and other global rating agencies may take similar actions. Such downgrades might adversely affect the macroeconomic condition in which we operate, and also potentially deter foreign investment into Israel or Israeli companies, which may, among other things, hinder our ability to raise additional funds, if deemed necessary by our management and board of directors.

86


E.          Critical Accounting Estimates
 
In many cases, the accounting treatment of a particular transaction is specifically dictated in U.S. GAAP and does not require management’s judgment in its application. There are also areas in which management’s judgment in selecting among available alternatives would produce a materially different result. Our management has reviewed these critical accounting policies and related disclosures with the Audit Committee of our Board of Directors (the “Audit Committee”). See Note 2 to our consolidated financial statements included elsewhere in this annual report, which contains additional information regarding our accounting policies and other disclosures required by U.S. GAAP.
 
Our management believes that the significant accounting policies that affect its more significant judgments and estimates used in the preparation of its consolidated financial statements and that are the most critical to aid in fully understanding and evaluating our reported financial results include the following:
 

Revenue recognition;
 

Investment in marketable securities;
 

Business combinations;
 

Goodwill and impairment of long-lived assets;
 

Share-based compensation; and
 

Income taxes.
 
Revenue Recognition. We recognize revenues in accordance with ASC No. 606, “Revenue from Contracts with Customers.” As such, we identify a contract with a customer, identify the performance obligations in the contract, determine the transaction price, allocate the transaction price to each performance obligation in the contract and recognize revenues when (or as) we satisfy a performance obligation.
 
Our solutions are sold primarily through distributors and resellers, all of which are considered end-users.
 
Our arrangements typically contain various combinations of its products, subscriptions and PCS, which are distinct and are accounted for as separate performance obligations. We allocate the transaction price to each performance obligation based on its relative standalone selling price (“SSP”). If the SSP is not observable, we estimate the SSP taking into account available information such as geographic specific factors, customer grouping and internally approved historical pricing guidelines related to the performance obligation. For PCS and subscriptions, we determine the standalone selling price based on observable renewals prices or standalone subscription transactions. For products, the SSP is not observable, and therefore, we estimate the product SSP taking into account available information such as geographic specific factors, customer grouping and internally approved historical pricing guidelines.
 
 
87


Deferred revenues represent mainly the unrecognized revenue collected for subscriptions and for PCS. Such revenues are recognized ratably over the term of the related agreement and are classified as short- and long-term based on their contractual term.
 
We record a provision for estimated sale returns, credits and stock rotation granted to customers on our products in the same period that the related revenues are recorded in accordance with ASC 606. Those estimates are based on historical sales returns and other factors known to us. Such provisions amounted to $3.3 million and $1.0 million as of December 31, 2023 and 2022, respectively.
 
Investment in Marketable Securities. We account for investments in marketable securities in accordance with Accounting Standards Codification, or ASC 320, “Investments – Debt Securities.” Management determines the appropriate classification of our investments at the time of purchase and reevaluates such determinations at each balance sheet date.
 
We classified all our debt securities as available-for-sale marketable securities. Debt securities are carried at fair value, with the unrealized gains and losses reported in “accumulated other comprehensive income (loss)” in shareholders’ equity, except for changes in allowance for expected credit losses, which is recorded in financial income, net. Realized gains and losses on sales of investments are included in financial income, net and are derived using the specific identification method for determining the cost of securities.
 
The amortized cost of debt securities is adjusted for amortization of premiums and accretion of discounts to maturity. Such amortization together with interest on securities are included in financial income, net.
 
We periodically evaluate our available-for-sale debt securities for impairment. If the amortized cost of an individual security exceeds its fair value, we consider our intent to sell the security or whether it is more likely than not that we will be required to sell the security before recovery of its amortized basis. If either of these criteria are met, we write down the security to its fair value and record the impairment charge in financial income, net in our consolidated statements of income (loss). If neither of these criteria are met, we determine whether credit loss exists. Credit loss is estimated by considering changes to the rating of the security by a rating agency and any adverse conditions specifically related to the security, as well as other factors. Credit loss impairments for both the years ended December 31, 2023 and 2022 were immaterial.
 
Business Combinations.  We account for business combinations in accordance with ASC No. 805, "Business Combinations" ("ASC 805"). Under ASU No. 2017-01, “Business Combinations (Topic 805): Clarifying the Definition of a Business (“2017-01”), we first determine whether substantially all of the fair value of the gross assets acquired is concentrated in a single identifiable asset or a group of similar identifiable assets. If this threshold is met, the single asset or group of assets, as applicable, is not a business.
 
88


ASC No. 805 requires allocations of tangible assets acquired, liabilities assumed and intangible assets acquired based on their estimated fair values. Any excess of the fair value of purchase consideration over the fair values of these identifiable assets and liabilities is recorded as goodwill.
 
When we acquire a business, the purchase price is allocated to the tangible and identifiable intangible assets, net of liabilities assumed. Any residual purchase price is recorded as goodwill. The allocation of the purchase price requires management to make significant estimates in determining the fair values of assets acquired and liabilities assumed, especially with respect to intangible assets. We use the Discounted Cash Flow Method to assign fair values to acquired identifiable intangible assets. These estimates can include, but are not limited to, the cash flows that an asset is expected to generate in the future, forecasted future revenue, forecasted operating results, discount rates and the appropriate weighted-average cost of capital. These estimates are inherently uncertain and unpredictable.
 
These models are based on reasonable estimates and assumptions given available facts and circumstances, including industry estimates and averages, as of the acquisition dates and are consistent with the plans and estimates of management.
 
During the measurement period, which may be up to one year from the acquisition date, adjustments to the fair value of these tangible and intangible assets acquired and liabilities assumed may be recorded, with the corresponding offset to goodwill. Upon the conclusion of the measurement period or final determination of the fair value of assets acquired or liabilities assumed, whichever comes first, any subsequent adjustments are recorded to in our consolidated statements of income (loss).
 
Goodwill and impairment of long-lived assets.  Goodwill represents the excess of the purchase price in a business combination over the fair value of the net tangible and intangible assets acquired. Under ASC 350 “Intangibles – Goodwill and Other” (ASC 350), goodwill is not amortized, but rather is subject to an annual impairment test. ASC 350 requires goodwill to be tested for impairment at least annually or between annual tests in certain circumstances and written down when impaired. Goodwill is tested for impairment by comparing the fair value of each reporting unit with its carrying value.
 
ASC 350 allows an entity to first assess qualitative factors to determine whether it is necessary to perform a quantitative goodwill impairment test. If the qualitative assessment does not result in a more likely than not indication of impairment, no further impairment testing is required. If the entity elects not to use this option, or if the entity determines that it is more likely than not that the fair value of a reporting unit is less than its carrying value, then the entity prepares a quantitative analysis to determine whether the carrying value of a reporting unit exceeds its estimated fair value. If the carrying value of a reporting unit exceeds its estimated fair value, the entity recognizes an impairment of goodwill for the amount of this excess.
 
89


In previous reporting periods (until December 31, 2022), we operated in one reportable segment. Commencing January 1, 2023, we have determined that the Company operates in two reportable segments. We conduct our annual test of impairment for goodwill on December 31 of each year, or more frequently if impairment indicators are present. No impairment loss was recorded during each of 2023, 2022, and 2021.
 
Share-based compensation. We account for share-based compensation in accordance with ASC 718, “Compensation-Stock Compensation” (ASC 718). ASC 718 requires companies to estimate the fair value of equity-based payment awards on the date of grant using an option-pricing model. The value of the portion of the award that is ultimately expected to vest is recognized as an expense over the requisite service periods in our consolidated statements of income (loss).
 
Some of our subsidiaries have share option plans pursuant to which qualified directors and employees may be granted options for the purchase of securities of the subsidiaries. Share-based compensation expenses recorded on the subsidiaries' level are presented in non-controlling interests.
 
We recognize compensation expenses for the value of our awards based on the accelerated attribution method over the requisite service period of each of the awards, net of estimated forfeitures. Forfeitures are estimated at the time of grant and revised, if necessary, in subsequent periods if actual forfeitures differ from those estimates. Estimated forfeitures are based on actual historical pre-vesting forfeitures.
 
We selected the Black-Scholes-Merton option pricing model to account for the fair value of our share-options awards with only service conditions and whereas the fair value of the RSUs awards is based on the market value of the underlying shares at the date of grant.
 
During 2020, the Board of Directors of the Company approved a market-condition based RSUs equity grant to the Chief Executive Officer of the Company. The vesting of the market-condition based RSUs granted during 2020 is dependent upon the Company’s share performance over the requisite service period.
 
On July 28, 2022, the Board of Directors of the Company approved an equity grant to the Chief Executive Officer of the Company, which is comprised of RSUs, market-condition based RSUs and market-condition based share options. The equity grant includes grants for the years 2022, 2023, and 2024 and are fixed monetary amounts ($7,725, $5,000, and $5,000, respectively).
 
Market-condition based RSUs’ vesting is dependent upon the fulfillment of certain market conditions and will vest, or partially vest, depending on the Company's share performance compared to other companies that are listed on the NASDAQ CTA Cybersecurity Index over the requisite service period, which is up to three years.
 
Market-based condition share options’ vesting is dependent upon the fulfillment of certain market conditions and will vest depending on the Company's share performance over the requisite service period, which is up to three years.
 
For the 2024 grants, the Company recorded a liability in the consolidated balance sheets for the RSUs and the market-condition based RSUs as the Company has an obligation to issue a variable number of shares for which the monetary amount is fixed and the key terms and conditions of the equity grant are known.
 
90


The fair value of the market-condition based awards was determined using a Monte Carlo simulation methodology.
 
The option-pricing model requires a number of assumptions, of which the most significant are the expected stock price volatility and the expected option term. Expected volatility was calculated based upon actual historical stock price movements over a historical period equivalent to the option’s expected term. The expected option term represents the period of time that options are expected to be outstanding. Expected term of options is based on historical experience. The risk-free interest rate is based on the yield from U.S. treasury bonds with an equivalent term. We have historically not paid dividends and have no foreseeable plans to pay dividends.
 
Income Taxes. We account for income taxes in accordance with ASC 740, “Income Taxes.” This statement prescribes the use of the liability method whereby deferred tax assets and liability account balances are determined based on differences between financial reporting and tax bases of assets and liabilities and are measured using the enacted tax rates and laws that will be in effect when the differences are expected to reverse. We provide a valuation allowance, if necessary, to reduce deferred tax assets to their estimated realizable value if it is more likely than not that a portion or all of the deferred tax assets will not be realized.
 
ASC 740 contains a two-step approach to recognizing and measuring a liability for uncertain tax positions. The first step is to evaluate the tax position taken or expected to be taken in a tax return by determining if the weight of available evidence indicates that it is more likely than not that, on an evaluation of the technical merits, the tax position will be sustained on audit, including resolution of any related appeals or litigation processes. The second step is only addressed if the first step has been satisfied (i.e., the position is more likely than not to be sustained), otherwise a full liability in respect of a tax position not meeting the more likely than not criteria is recognized. The second step is to measure the tax benefit as the largest amount that is more than 50% likely to be realized upon ultimate settlement. We accrue interest and penalty, if any, that are related to unrecognized tax benefits in taxes on income. Although we believe we have adequately reserved for our uncertain tax positions, no assurance can be given that the final tax outcome of these matters will not be different. We adjust these reserves in light of changing facts and circumstances, such as the closing of a tax audit, the refinement of an estimate or changes in tax laws. To the extent that the final tax outcome of these matters is different than the amounts recorded, such differences will impact the provision for income taxes in the period in which such determination is made. The provision for income taxes includes the impact of reserve provisions and changes to reserves that are considered appropriate, as well as the related interest and penalties.
 
Accounting for tax positions requires judgments, including estimating reserves for potential uncertainties. We also assess our ability to utilize tax attributes, including those in the form of carryforwards for which the benefits have already been reflected in the financial statements. We do not record valuation allowances for deferred tax assets that we believe are more likely than not to be realized in future periods. While we believe the resulting tax balances as of December 31, 2023 and 2022 are appropriately accounted for, the ultimate outcome of such matters could result in favorable or unfavorable adjustments to our consolidated financial statements and such adjustments could be material. See Note 14 to our consolidated financial statements included elsewhere in this annual report for further information regarding income taxes. We have filed or are in the process of filing local and foreign tax returns that are subject to audit by the respective tax authorities. The amount of income tax we pay is subject to ongoing audits by the tax authorities, which often result in proposed assessments. See “Results of Operations—Income Taxes” above.
 
While we believe that we have adequately provided for any reasonably foreseeable outcomes related to tax audits and settlement, our future results may include favorable or unfavorable adjustments to our estimated tax liabilities in the period the assessments are made or resolved, audits are closed or when statutes of limitation on potential assessments expire.
 
91


ITEM 6.          DIRECTORS, SENIOR MANAGEMENT AND EMPLOYEES
 
A.          Directors and Senior Management
 
The following table lists our current directors and senior management:
 
Name
Age
Position
Yuval Cohen (1)(2)
61
Chairman of the Board of Directors
Yair Tauman (1)(2)(3)(4)
75
Director
Stanley B. Stern (2)(4)(6)(7)
66
Director, Chairman of the Nomination and Corporate Governance Committee
Naama Zeldis (2)(3)(4)(5)
60
Director, Chairperson of the Audit Committee
Meir Moshe (2)(3)(5)(7)
69
Director, Chairman of the Compensation Committee
Israel Mazin (2)(6)(7)
64
Director
Alex Pinchev (1)(2)
73
Director
Roy Zisapel (5)
53
President, Chief Executive Officer and Director
Guy Avidan
61
Chief Financial Officer
Yoav Gazelle
54
Chief Business Officer
David Aviv
68
Chief Technology Officer
Gabi Malka
48
Chief Operating Officer
Sharon Trachtman
55
Chief Marketing Officer
Riki Goldriech
47
Chief People Officer
 
(1)  Term as director expires at the annual meeting of shareholders to be held in 2024.
(2)  Qualified as an independent director, as determined under the Nasdaq rules.
(3)  Serves on the Compensation Committee of the Board of Directors (the “Compensation Committee”).
(4)  Serves on the Audit Committee.
(5)  Term as director expires at the annual meeting of shareholders to be held in 2025.
(6)  Term as director expires at the annual meeting of shareholders to be held in 2026.
(7)  Serves on the Nomination and Corporate Governance Committee of the Board of Directors (the “Nomination and Corporate Governance Committee”).

92

 
Yuval Cohen has served as Chairman of our Board of Directors since November 2023 and as a member of our Board of Directors since December 2021. He is the founding and managing partner of Fortissimo Capital, a private equity fund headquartered in Israel, which was established in 2004. From 1997 through 2002, Mr. Cohen was a General Partner at Jerusalem Venture Partners, an Israeli-based venture capital fund, and prior thereto, he held executive positions at various Silicon Valley companies, including DSP Group, Inc. (Nasdaq: DSPG) and Intel Corporation (Nasdaq: INTC). Currently, Mr. Cohen serves as the chairman of the board of directors of Kornit Digital Ltd. (Nasdaq: KRNT). He also serves on the board of directors of several privately-held portfolio companies of Fortissimo. Mr. Cohen holds a B.Sc. degree in industrial engineering from the Tel Aviv University and an M.B.A. from Harvard University.
 
Yair Tauman has served as a member of our Board of Directors since October 2010. He is the Vice Dean of the Adelson School of Entrepreneurship in the Interdisciplinary Center (IDC) in Herzliya, Israel and was previously the Dean of the Arison School of Business in the IDC. He is also a Leading Professor of Economics and the Director of the Stony Brook Center for Game Theory, New York. He was a professor at Tel Aviv University for 25 years until 2009 and, prior thereto, served as a professor at the Kellogg School of Management at Northwestern University. His areas of research include game theory and industrial organization. Professor Tauman currently serves on the board of directors of other private companies from different sectors, including online auctions, social networking and fintech. Professor Tauman obtained his Ph.D. and M.Sc. degrees in mathematics as well as a B.Sc. in mathematics and statistics from The Hebrew University, Israel.
 
Stanley B. Stern has served as a member of our Board of Directors since September 2020. Mr. Stern is currently the chairman of the board of directors of AudioCodes Ltd. (Nasdaq, TASE: AUDC) (AudioCodes), a leading vendor of advanced communications software, products and productivity solutions for the digital workplace, and serves as the lead director of Ormat Technologies, Inc. (NYSE: ORA). He previously served as a member of the board of directors of Ekso Bionics Holdings, Inc. (Nasdaq: EKSO) from 2014 until 2023. Since 2013, Mr. Stern has served as the president of Alnitak Capital, a strategic advisory firm, engaged primarily in high-tech, alternative energy and healthcare. Previously, from 1982 until 2000 and from 2004 until 2013, Mr. Stern served in various positions at Oppenheimer & Co., including as a Managing Director and Head of Investment Banking, Technology, Israeli Banking and FIG. From 2002 until 2004, he was a Managing Director and the Head of Investment Banking at C.E. Unterberg, Towbin. From January 2000 until January 2002, Mr. Stern was the President of STI Ventures Advisory USA Inc., a venture capital firm focusing on technology investments. In the past, Mr. Stern was a board member of several public and private companies, including Given Imaging Ltd. and Fundtech Ltd., and the chairman of the boards of directors of Tucows, Inc. and of SodaStream International Ltd., until its sale to Pepsico in December 2018. Mr. Stern holds a B.A. degree in economics and accounting from City University of New York, Queens College, and an M.B.A. from Harvard University.
 
Naama Zeldis has served as a member of our Board of Directors since September 2020. Ms. Zeldis served as the Chief Executive Officer of Aquarius-Spectrum Ltd., a private company specializing in innovative solutions for monitoring urban water pipes and detecting hidden leaks from the earliest stage, until January 2023. Formerly, Ms. Zeldis served as Chief Financial Officer for a variety of high-tech and industrial companies, such as Tahal Group from 2013 to 2020, Netafim Ltd. from 2005 to 2013, the Israeli subsidiary of Electronic Data Systems from 2001 to 2005 and Radguard Ltd., formerly with the RAD-Bynet Group, from 1999 to 2001. Ms. Zeldis currently serves on the board of directors of Electra Real Estate Ltd. (TASE: ELCRE), a global real estate private equity firm, Orbit Technologies Ltd. (TASE: ORBI), a company specializing in satellite communications, tracking systems, airborne communication and audio managements solutions, and on the board of directors of Aquarius Engines (A.M.) Ltd. (TASE: AQUA), a developer of a Free Piston Linear Engine, which is integrated into a comprehensive, reliable, cost-effective, green energy generator. Ms. Zeldis has also served as a member of the boards of directors of several other companies, including Nova Measuring Instruments Ltd. (Nasdaq: NVMI), Rafael Advanced Defense Systems Ltd. and Metalink Ltd. She holds a B.A. degree in accounting from the Tel Aviv University and a B.A. degree in economics and an M.B.A. from the Hebrew University in Jerusalem.
 
93


Meir Moshe has served as a member of our Board of Directors since May 2022. Mr. Moshe has held senior positions in the financial sector over the past four decades, including as our Chief Financial Officer from 1999 to 2016 and as our interim Chief Financial Officer from June 2021 to February 2022. Mr. Moshe has served as a director and member of the audit committee in multiple public companies, including Otonomo Technologies Ltd. (Nasdaq: OTMO) from 2022 to 2023, Ability Inc. (Nasdaq: ABIL) from 2016 to 2017, Carasso Motors Ltd. (TASE: CRSM) from 2018 to 2019 and Albert Technologies Ltd. (LSE: ALB) from 2018 to 2019. He currently provides consulting services to public companies. He holds a B.Sc. degree in economics and accounting from Tel Aviv University, Israel and is a certified public accountant.
 
Israel Mazin has served as a member of our Board of Directors since October 2023. Mr. Mazin is the Chairman, CEO and Co-Founder of MEMCYCO (Memco-Cyber-Corporation), a Digital-Watermark Authentication technology for B2B and B2C online communication, since 2021.  Prior to that, Mr. Mazin was a founding member of several technology companies, including OpTier, an APM market leader that was acquired by SAP in 2015, and Memco Software, a security software company that went public on Nasdaq and was later acquired by Platinum Technology. Mr. Mazin also co-founded Shadow Technologies, a non-profit company that consolidates crowd opinion online reviews.  Mr. Mazin is also an active investor in real estate, high tech, and bio-tech startups. In 2018, Mr. Mazin received an honorary degree from the Holon Institute of Technology. 
 
Alex Pinchev has served as a member of our Board of Directors since November 2023. Mr. Pinchev has held numerous leadership and board positions across several high-tech companies throughout his career, including, most recently, as the Chairman of Flicent, Inc. and as a board member in several private companies, including SuSe S.A., StackState B.V. and Velotix Ltd. He previously served as an Executive Vice President and president of global sales, services, and field marketing of Red Hat, Inc. from 2003 to 2012 and as an Executive Vice President and president of global sales and marketing of Rackspace Limited (NASDAQ: RXT) from 2016 to 2017. He also served as the CEO of Acronis during 2012-2013. He was a board member of several public companies, in Quantum Corporation (NYSE: QMCO) and BMC Software, Inc. (NYSE:BMC). He currently serves on the boards of several privately owned companies and continues to advise and invest in startups and firms seeking global expansion through Capri Ventures, an early-stage fund that he founded. Mr. Pinchev holds a Masters degree in applied mathematics and computer science from the ITMO University in St. Petersburg, Russia.
 
94


Roy Zisapel, co-founder of our Company, has served as our President and Chief Executive Officer and a director since our inception in May 1996.  Mr. Zisapel also serves as a director of Radware US and other subsidiaries. From 1996 to 1997, Mr. Zisapel was a team leader of research and development projects for RND Networks Ltd. From 1994 to 1996, Mr. Zisapel was employed as a software engineer for unaffiliated companies in Israel. Currently, Mr. Zisapel serves on the board of directors of Israel Acquisitions Corp (NASDAQ: ISRL). Mr. Zisapel also serves as a director of Rad Data Communications Ltd., a private company in the RAD-Bynet Group. Mr. Zisapel has a B.Sc. degree in mathematics and computer science from Tel Aviv University, Israel.
 
Guy Avidan has served as our Chief Financial Officer since February 2022. Prior to joining Radware, he was with Kornit Digital (NASDAQ:KRNT), where he served as President at KornitX from November 2020 to November 2021 and as Chief Financial Officer from November 2014 to November 2020, in which role he led Kornit to its initial public offering on Nasdaq. Prior to joining Kornit Digital, Mr. Avidan was Vice President of Finance and Chief Financial Officer at AudioCodes (NASDAQ: AUDC). In addition, Mr. Avidan has 15 years of experience serving in various other executive capacities, including co-President and Chief Financial Officer at MRV Communications, Inc. (NASDAQ: MRVC), as well as Vice President of Finance and Chief Financial Officer at Ace North Hills, which was acquired by MRV Communications. Mr. Avidan is a certified public accountant and holds a B.A. degree in economics and accounting from Haifa University in Israel.
 
Yoav Gazelle has served as our Chief Business Officer since January 2022 and as our Vice President, International Sales since January 2019. Prior to that, Mr. Gazelle served as our Vice President, EMEA & CALA from June 2013 to January 2019. Prior to joining Radware, between 2000 and 2013, Mr. Gazelle held a variety of sales, marketing and business development positions in ECI Telecom Ltd., including President, Head of Europe and the Americas from January 2012 to March 2013. Mr. Gazelle holds a B.Sc. degree in electrical and electronic engineering from the Technion – The Israeli Institute of Technology, Israel.
 
David Aviv has served as our Chief Technology Officer since 2016 and as our Vice President, Advanced Services, since 2004. Mr. Aviv oversees the technology strategy for the Company’s solutions for enterprise, carrier and cloud solutions and is involved in researching and developing key algorithms and concepts that will guide the direction of the Company’s future solutions. Prior to joining Radware, he was the VP of Engineering at Ofek, an Israel-based ILEC and a senior consultant. Prior to that, until 2000, Mr. Aviv served in the Israeli Air Force as a senior technical leader. He also serves as the Technical Chairman of the Israeli Telecom Standards Body committee. Mr. Aviv holds a Ph.D. degree in Electrical Engineering (EE) from the Naval Postgraduate School in Monterey, California, a B.S. degree in Electrical Engineering from Ben-Gurion University and a M.S. degree in Electrical Engineering from Tel Aviv University, Israel.
 
Gabi Malka has served as our Chief Operating Officer since March 2014. Mr. Malka oversees product management, research & development, cloud services, and customer support. From May 2005 to February 2014, Mr. Malka served as Vice President of Research & Development at HP Software (formerly Mercury). Prior to HP Software, from 2000 to 2005, Mr. Malka served as Vice President of Research & Development of AppStream (acquired by Symantec). Prior to AppStream, from 1998 to 2000, Mr. Malka directed Research & Development at Amdocs Limited. Mr. Malka holds a B.A. from American InterContinental University and has furthered his post-graduate education at Tel Aviv University (Lahav Business School) and Harvard Business School.
 
95


Sharon Trachtman has served as our Chief Marketing Officer since February 2021. In parallel she continues to serve as our Chief Business Operation Officer. Ms. Trachtman has been with our Company since its start of operations in 1997. Since September 1997, she has held various senior positions in Radware, such as Product Management Vice President and Marketing Vice President. From November 1994 to September 1997, Ms. Trachtman was a product line marketing manager for Scitex Corporation.  Ms. Trachtman holds a B.A. degree in computer science and philosophy from Bar-Ilan University, Israel.
 
Riki Goldriech has served as our Global VP HR since 2016 and as our Chief People Officer since 2022. Ms. Goldriech brings more than 13 years of human resources experience to her role. Prior to Radware, Ms. Goldriech managed the human resources function at Hewlett-Packard Enterprise (HPE) Software in Israel. Ms. Goldriech has also held multiple human resources posts at HPE Israel. Ms. Goldriech holds a B.Sc. degree in computer science and logistics-economics and an MBA from Bar-Ilan University.
 
Additional Information
 
Under Nasdaq requirements, a majority of the members of our Board of Directors are required to be “independent” as defined under the Nasdaq rules. We currently satisfy this requirement because seven of our eight directors qualify as “independent directors” under the Nasdaq rules.
 
On March 10, 2024, Yehuda Zisapel, a co-founder and shareholder of the Company who served as a member of our Board of Directors since our inception in May 1996 and as Chairman of our Board of Directors from May 1996 until August 2006 and again from November 2009 until November 2023, passed away. Roy Zisapel, our President, Chief Executive Officer and director. is the son of Nava Zisapel, who is one of our major shareholders, and the late Mr. Yehuda Zisapel. There are no other family relationships between any of the directors or members of senior management named above.
 
We are not aware of any arrangements or understandings with major shareholders, customers, suppliers or others, pursuant to which (1) any person referred to above was selected as a director or member of senior management or (2) any director will receive compensation by a third party in connection with his or her candidacy or board service in the Company.

B.          Compensation
 
General
 
Our objective is to attract, motivate and retain highly skilled personnel who will assist Radware to reach its business objectives, performance and the creation of shareholder value and otherwise contribute to our long-term success. Our compensation policy for our executive officers and directors, or the Compensation Policy, which is approved by our shareholders, is designed to correlate executive compensation with our objectives and goals.

96


The following table sets forth all salaries, fees, commissions and bonuses and pension retirement and other similar benefits we paid or accrued with respect to all of our directors and officers as a group for the 2023 fiscal year. The table does not include any amounts we paid to reimburse any of our affiliates for costs incurred in providing us with services during such period.

   
Salaries, fees, commissions and bonuses
   
Pension, retirement
and other similar benefits
 
             
2022 - All directors and officers as a group, consisting of 14 persons*
 
$
3,307,407
   
$
527,559
 
2023 - All directors and officers as a group, consisting of 15 persons**
 
$
2,419,283
   
$
475,235
 

*  Includes one person who served as our officer in 2022 and is no longer serving as our officer and one director who was appointed during 2022.
 
** Includes one person who served as our director in 2023 and is no longer serving on our Board of Directors and two directors who were appointed during 2023.
 
During 2023, we granted to our directors and officers listed in Item 6.A “Directors, Senior Management and Employees,” in the aggregate, 273,941 RSUs at a weighted average grant date fair value per RSU of $19.28 and options to purchase 331,899 ordinary shares at a weighted average exercise price per share of $17.63. The options expire 62 months after grant. The weighted-average grant date fair value of these options was $5.48 per option. 
 
For a discussion of the accounting method and assumptions used in valuation of such share-based compensation, see Note 2(s) to our consolidated financial statements included elsewhere in this annual report. See also Item 6.E “Share Ownership.”
 
For a discussion of the compensation granted to our five most highly compensated executive officers during 2023, see “Compensation of Executive Officers” below, and for a discussion of the compensation paid to our non-employee directors, see “Compensation of Directors” below.
 
We currently hold directors and officers liability insurance with an aggregate coverage limit of $35 million, including side A coverage. In addition, we provide our directors and officers indemnification pursuant to the terms of a Letter of Indemnification substantially in the form approved by our shareholders.
 
97


Compensation of Executive Officers
 
The table and summary below outline the compensation granted to our five most highly compensated executive officers during or with respect to the year ended December 31, 2023. We refer to the five individuals for whom disclosure is provided herein as our “Covered Executives.”

For purposes of the table and the summary below, “compensation” includes base salary, bonuses, equity-based compensation, retirement or termination payments, benefits and perquisites such as car, phone and social benefits, and any undertaking to provide such compensation. All amounts reported in the table are in terms of cost to the Company, as recognized in our financial statements for the year ended December 31, 2023.

Name and Principal Position (1)
Year
Salary
Bonus (including Sales Commissions) (2)
Equity-Based
Compensation (3)
All Other
Compensation (4)
Total
(US$ In Thousands)
Roy Zisapel, President, Chief Executive Officer and Director
2023
450 (5)
 (6)
2,451
139*
3,040
Guy Avidan, Chief Financial Officer
2023
308
 
261
67
636
Yoav Gazelle, Chief Business Officer
2023
240
198
214
40
692
Gabi Malka, Chief Operating Officer
2023
319
 
139
73
531
David Aviv, Chief Technology Officer
2023
300
 
139
72
511
 

(1)
Unless otherwise indicated herein, all Covered Executives are (i) employed on a full-time (100%) basis; and (ii) subject to customary confidentiality, intellectual property assignment and non-solicitation provisions as well as an undertaking not to compete with us or in our field of business for at least 12 months following termination of employment.
 

(2)
Amounts reported in this column represent annual bonuses, including sales commissions. Consistent with our Compensation Policy, such bonuses are based upon (i) for non-sales executive officers - achievement of milestones and targets and the measurable results of the Company, as compared to our budget and/or work plan for the relevant year. The bonus (of up to 10% of the annual bonus) is based on the achievement and performance of pre-determined key performance indicators (KPIs), and, in any event, not to exceed the amount of 200% of the base salary; and (ii) for sales executive officers - achievement of targets of revenues generated by the individual and/or his/her team or division and/or the Company and in any event, not to exceed the amount of four annual base salaries of such executive.
 
98



(3)
Amounts reported in this column represent the grant date fair value in accordance with accounting guidance for share-based compensation. For a discussion of the assumptions used in reaching this valuation, see Note 2(s) to our consolidated financial statements included elsewhere in this annual report.
 

(4)
Amounts reported in this column include benefits and perquisites, including those mandated by applicable law. Such benefits and perquisites may include, to the extent applicable to the Covered Executive, payments, contributions and/or allocations for savings funds (e.g., Managers Life Insurance Policy), education funds (“keren hishtalmut”), pension, severance, vacation, car or car allowance, medical insurances and benefits, risk insurances (e.g., life or work disability insurance), phone, convalescence or recreation pay, relocation, payments for social security, tax gross-up payments and other benefits and perquisites consistent with Radware’s guidelines. Unless otherwise indicated herein, all Covered Executives (i) are entitled to a notice period of at least one month prior to termination (other than termination for cause), during which they are generally entitled to all compensation and rights under their employment agreements; and (ii) are not entitled to any special bonuses or benefits upon a change of control of our Company, other than a potential acceleration of the vesting of their share options pursuant to our equity incentive plan, as more fully described in Item 6.E “Share Ownership.”
 

(5)
As approved by our shareholders on July 28, 2022, as of such date, Roy Zisapel’s gross base salary increased from $400,000 to $450,000 and his annual bonus increased from $400,000 to $600,000 (however, the actual payout, based on performance, could reach $900,000 for overperformance).
 

(6)
Consistent with our Compensation Policy, and as approved by our shareholders on July 28, 2022, Roy Zisapel is entitled to an annual bonus of up to $600,000 (however, the actual payout, based on performance, could reach $900,000 for overperformance).
 
* Social contributions paid in Israel are denominated in NIS, whereas our functional currency is dollars and therefore fluctuations in dollar amounts may be attributed to exchange rate fluctuations.
 
As approved by our shareholders on July 28, 2022, the terms of compensation of Roy Zisapel, our President, Chief Executive Officer and director, were modified, such that, commencing July 28, 2022, (i) his gross base salary is $450,000 per annum (payable in NIS); (ii) his annual bonus is $600,000 (payable in NIS) for on-target (100%) performance; however, the actual payout, based on performance, could reach $900,000 for overperformance (or the equivalent in NIS); and (iii) he is entitled to annual grants of a combination of time-based restricted share units, performance-based restricted share units, and performance-based share options, with a total grant value of $7.725 million, $5.0 million and $5.0 million, for 2022, 2023, and 2024, respectively. For additional details, see Proposal 3 of the Proxy Statement filed as Exhibit 99.2 to the Report of Foreign Private Issuer on Form 6-K we submitted to the SEC on June 23, 2022.
 
Compensation of Directors
 
Our non-employee directors are entitled to the following compensation: (i) annual compensation in the amount of NIS 120,800 (equivalent to approximately $33,556, based on the exchange rate published by the Bank of Israel on March 10, 2023, which was NIS 3.60 = $1.00) per year of service; (ii) per meeting remuneration of NIS 3,600 (equivalent to approximately $1,000, based on the exchange rate published by the Bank of Israel on March 10, 2023, which was NIS 3.60 = $1.00) for each Board or committee meeting attended, provided that the director is a member of such committee; (iii) compensation for telephonic participation in board and committee meetings (where other members physically attend) in an amount of 60% of what is received for physical participation; and (iv) compensation for board and committee meetings held via electronic means without physical participation in an amount of 50% of what is received for physical meetings. All amounts payable under items (i), (ii), (iii), and (iv) above are subject to adjustment for changes in the Israeli consumer price index after December 2007 and changes in the amounts payable pursuant to Israeli law from time to time.

99


In addition, our non-employee directors are entitled to a grant of options under our share option plans to purchase 20,000 ordinary shares for each year in which such non-employee director holds office. The options are granted for three years in advance, and therefore every director receives an initial grant of options to purchase 60,000 ordinary shares that vest over a period of three years, with a third (20,000) to vest upon each anniversary of service, provided that the director still serves on the Company’s Board of Directors on the date of vesting. The grant is made on the date of the director’s election (or the date of commencement of office, if different), and thereafter, every three years, if reelected, an additional grant of options to purchase an additional 60,000 ordinary shares will be made on the date of each annual meeting in which such director is reelected. The exercise price of all options shall be equal to the fair market value of the ordinary shares on the date of the grant (i.e., an exercise price equal to the market price of our ordinary shares on the date of the annual meeting approving the election or reelection of a director or the date of commencement of office, if different).

C.          Board Practices
 
Introduction
 
Since we are incorporated as an Israeli company, we are subject to the provisions of the Companies Law and the regulations adopted thereunder. In addition, since our ordinary shares are listed on the Nasdaq Global Select Market, we are also subject to the Nasdaq rules.
 
According to the Companies Law and our Articles of Association, the oversight of the management of our business is vested in our Board of Directors. Our Board of Directors may exercise all powers and may take all actions that are not specifically granted to our shareholders. As part of its powers, our Board of Directors may cause us to borrow or secure payment of any sum or sums of money for our purposes, at times and upon terms and conditions as it determines, including the grant of security interests in all or any part of our property.
 
Our Articles of Association provide for a Board of Directors of not less than five and not more than nine directors. Currently, our Board of Directors consists of eight directors. In accordance with current Nasdaq requirements, nominees for election as directors are approved and recommended to the Board of Directors by our Nomination and Corporate Governance Committee.
 
Under the Companies Law, our Board of Directors is required to determine the minimum number of directors having accounting and financial expertise, as defined in regulations promulgated under the Companies Law, that our Board of Directors should have.  In determining the number of directors required to have such expertise, the Board of Directors must consider, among other things, the type and size of the company and the scope and complexity of its operations. Our Board of Directors has determined that we require at least one director with the requisite financial and accounting expertise and that Naama Zeldis has such expertise.
 
100


Staggered Board
 
In accordance with the terms of our Articles of Association, our Board of Directors is divided into three classes with each class of directors serving until, generally, the third annual meeting following their election as follows:
 
Class
 
Term expiring at
the annual meeting
for the year
 
Directors
               
Class I
 
2024
 
Yair Tauman and Yuval Cohen
Class II
 
2025
 
Roy Zisapel, Naama Zeldis and Meir Moshe
Class III
 
2026
 
Stanley Stern, Israel Mazin and Alex Pinchev*

* Mr. Pinchev was appointed in November 2023 and, in accordance with our Articles of Association, will be presented for election in the next annual general meeting of shareholders for a term of two years, ending on the annual general meeting to be held in 2026.
 
At each annual meeting of shareholders after the initial classification, the successors to directors whose terms will then expire will be elected to serve from the time of election and qualification until the third annual meeting following such election. Directors are elected by a simple majority of the votes cast by our shareholders at an annual general meeting, whereas a director’s removal from office requires the vote of at least 75% of the voting power represented at the general meeting. Any additional directorships resulting from an increase in the number of directors will be distributed among the three classes so that, to the nearest extent possible, each class will consist of one-third of the directors. This classification of our Board of Directors may have the effect of delaying or preventing changes in control or management of our Company.
 
For a description of how long our directors and officers have served in their current positions, please see Item 6.A “Directors and Senior Management.”
 
External Directors and Israeli Relief Regulations
 
Under the Companies Law, companies incorporated under the laws of Israel whose shares are listed for trading on a stock exchange or have been offered to the public in or outside of Israel, are required to appoint at least two external directors. However, pursuant to Israeli regulations promulgated under the Companies Law, companies whose shares are traded on specified non-Israeli stock exchanges, including Nasdaq, and which do not have a controlling shareholder, such as Radware, may elect to opt out of the requirement to maintain external directors as well as elect to opt out of the composition requirements under the Companies Law with respect to the audit and compensation committees.
 
101


Consistent with the aforesaid relief regulations, in February 2020, we elected to opt out from the requirement to appoint external directors and from the composition requirements for the audit and compensation committees under the Companies Law. Our eligibility to opt out is conditioned upon: (i) the continued listing of our ordinary shares on the Nasdaq (or one of a few other specified non-Israeli stock exchanges); (ii) there not being a controlling shareholder of our Company; and (iii) our compliance with the SEC rules and Nasdaq requirements as to the composition of (a) our board of directors (which requires that we maintain a majority of independent directors on our board of directors) and (b) the audit and compensation committees of our Board of Directors (which, subject to certain exceptions, requires that such committees consist solely of independent directors (at least three and two members, respectively), as described under the Nasdaq rules).

Our election to exempt our Company from compliance with the external director and audit and compensation committee requirements can be reversed at any time by our Board of Directors, in which case we would need to hold a shareholder meeting to once again appoint external directors, whose election, by a special majority, would initially be for a three-year term.
 
Our Committees
 
The Board of Directors appoints committees to help carry out its duties. Each committee reports the results of its meetings to the full Board of Directors. The Board of Directors established an Audit Committee and a Compensation Committee and, from time to time, establishes other “ad-hoc” committees of members of the Board of Directors for specific duties or assignments and limited duration.
 
Audit Committee
 
Our ordinary shares are listed on the Nasdaq Global Select Market, and we are subject to the Nasdaq rules applicable to listed companies. Under the Nasdaq rules, we are required to have an audit committee consisting of at least three independent directors, all of whom are financially literate and one of whom has accounting or related financial management expertise. To the extent a company is required to appoint external directors, the audit committee must include all of the external directors and comply with additional requirements as to the composition thereof under the Companies Law. However, when we elected to exempt our Company from the external director requirement, we concurrently elected to exempt our Company from all of such requirements.
 
Our Board has determined that all directors serving on our Audit Committee (namely, Naama Zeldis, Stanley Stern and Prof. Yair Tauman) meet the independence standards required of Audit Committee members by the Securities Exchange Act of 1934, as amended (the “Exchange Act”) and the Nasdaq rules. In addition, the Board of Directors has determined that Naama Zeldis is considered an “audit committee financial expert” (as defined by SEC rules).
 
In accordance with the Nasdaq rules, our Audit Committee has adopted a charter that sets forth the Audit Committee’s purpose and responsibilities, which include, among other things, (1) assisting the Board of Directors in fulfilling its responsibility for oversight of the quality and integrity of our accounting, auditing and financial reporting practices and financial statements, and the independence qualifications and performance of our independent auditors, and (2) selecting, evaluating and, where appropriate, recommending to replace the independent auditors (or to nominate the independent auditors subject to shareholder approval) and pre-approving audit engagement fees and all permitted non-audit services and fees. Our Audit Committee must also review and approve all related party transactions specified under Item 7.B “Related Party Transactions” of Form 20-F.
 
102


In accordance with the Companies Law, the duties of our Audit Committee, in addition to the requirements imposed by the Nasdaq rules, include, among other things, (1) identifying irregularities in the business management of the Company, including in consultation with the internal auditor and/or the Company’s independent accountants, and recommending remedial measures to the Board of Directors, (2) reviewing, and, where appropriate, approving certain interested party transactions specified under the Companies Law, as more fully described in Exhibit 2.1 to this annual report under the heading “Approval of Specified Related Party Transactions under Israeli Law,” and (3) examining and monitoring the work of our internal auditor.
 
Our Audit Committee also functions as our Qualified Legal Compliance Committee, or the QLCC. In its capacity as the QLCC, our Audit Committee is responsible for investigating reports of perceived material violations of U.S. federal or state securities laws, breaches of fiduciary duty or similar violations by our officers, directors, employees, or any of our agents.
 
Compensation Committee
 
Pursuant to applicable Nasdaq rules, the compensation payable to a company’s chief executive officer and other executive officers must generally be approved by a compensation committee comprised solely of independent directors. To the extent a company is required to appoint external directors, the compensation committee must include all of the external directors and comply with additional requirements as to the composition thereof under the Companies Law. However, when we elected to exempt our Company from the external director requirement, we concurrently elected to exempt our Company from all of such requirements.
 
Under the Companies Law, the role of the compensation committee includes recommending to the Board of Directors, for ultimate shareholder approval by a special majority, a policy governing the compensation of office holders based on specified criteria; reviewing, from time to time, modifications to the compensation policy and examining its implementation; approving the actual compensation terms of office holders prior to approval thereof by the Board of Directors; and resolving whether to exempt the compensation terms of a candidate for chief executive officer from shareholder approval. The Companies Law defines the term “office holder” of a company to include a director, the chief executive officer, the chief financial officer, a vice president and any officer of the company that reports directly to the chief executive officer.
 
Pursuant to its charter, our Compensation Committee is authorized to make decisions regarding executive compensation and terms and conditions of employment, to follow market trends and provide recommendations to the Board of Directors in connection with the Company’s general compensation philosophy and policies, as well as to recommend that the Board of Directors issue options under our share option plans. The Compensation Committee reviews, recommends, and determines, on behalf of the Board of Directors, the amounts and types of compensation to be paid to the Company’s Chief Executive Officer and other executive officers.
 
Our Compensation Committee currently consists of Meir Moshe, Prof. Yair Tauman, and Naama Zeldis, all of whom are independent directors.
 
103


Nomination and Corporate Governance Committee
 
Our Board of Directors formed a Nomination and Corporate Governance Committee in October 2023. The role of our Nomination and Corporate Governance Committee is, among other things, to assist our Board of Directors by identifying individuals qualified to become Board members, consistent with criteria approved by the Board, and to recommend to the Board the director nominees for the next annual meeting of shareholders and the individuals to be appointed to the Board from time to time; to develop and recommend to the Board matters of corporate governance; to lead the Board in its annual review of the Board and management’s performance; and to recommend to the Board director nominees for each committee.
 
Pursuant to its charter, our Nomination and Corporate Governance Committee is authorized, among other things, to seek individuals qualified to become directors for recommendation to the Board, consistent with criteria identified by the Board; monitor and evaluate the orientation and training needs of directors and make recommendations to the Board where appropriate; assist the Board in determining and monitoring whether or not each director and prospective director is “independent” within the meaning of any rules and laws applicable to us; receive comments from all directors and report annually to the Board with an assessment of the Board’s performance; periodically review our policies, practices and disclosures with respect to sustainability and environmental, social and governance factors; and review, as it deems appropriate, the succession planning for our senior executive officers.
 
Our Nomination and Corporate Governance Committee currently consists of Stanley Stern, Meir Moshe, and Israel Mazin, all of whom are independent directors.
 
Nomination of Directors
 
Nominees for election as directors are approved and recommended to the Board of Directors by our Nomination and Corporate Governance Committee.
 
Board and Committee Meetings
 
The table below describes the number of meetings and attendance rates of our Board of Directors, Audit Committee and Compensation Committee in 2023*:

 
&#