10-K 1 zfox-20240131.htm 10-K 10-K
FYfalse00018235751313http://fasb.org/us-gaap/2023#UsefulLifeTermOfLeaseMemberP1YP1Yhttp://fasb.org/us-gaap/2023#OtherLiabilitiesNoncurrenthttp://fasb.org/us-gaap/2023#OtherLiabilitiesNoncurrentone year 2020 2021 2022 20232018 2019 2020 2021 2022 2023one yearP5MP7M0001823575zfox:RestrictedStockUnitsOutstandingMemberus-gaap:RestrictedStockUnitsRSUMember2022-08-042023-01-310001823575zfox:InfoarmorNoteMemberzfox:PromissoryNotePayableMember2021-06-072021-06-0700018235752022-08-040001823575zfox:CostOfRevenueServicesMember2022-08-042023-01-310001823575zfox:LgcsEarnoutSharesMember2023-02-012024-01-310001823575zfox:PublicWarrantMemberus-gaap:FairValueInputsLevel3Member2023-01-310001823575zfox:PIPEInvestorsMember2022-08-042023-01-310001823575zfox:ZeroFoxMember2022-08-030001823575us-gaap:GeneralAndAdministrativeExpenseMember2023-02-012024-01-310001823575srt:MaximumMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:TwoThousandSixteenEquityIncentivePlanMember2016-08-312016-08-310001823575zfox:ConvertibleSeniorCashMember2022-08-032022-08-030001823575zfox:RestrictedStockUnitsIssuedAndOutstandingMember2023-01-310001823575zfox:SharePriceEqualsOrGreaterThanSeventeenPointFiveZeroPerShareMember2022-08-030001823575zfox:ZerofoxIncMemberzfox:SeriesDRedeemableConvertiblePreferredStockMember2022-08-030001823575zfox:SubscriptionRevenueMember2022-08-042023-01-3100018235752022-01-310001823575zfox:SeriesARedeemableConvertiblePreferredStockMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2021-12-310001823575zfox:InfoArmorMember2024-01-310001823575zfox:OtherMember2022-02-012022-08-030001823575us-gaap:RetainedEarningsMember2023-02-012024-01-310001823575us-gaap:TransferredOverTimeMember2023-02-012024-01-310001823575zfox:TwoThousandAndTwentyTwoIncentiveEquityPlanMember2024-01-312024-01-310001823575zfox:LookingglassCyberSolutionsIncMemberus-gaap:CustomerRelationshipsMember2023-04-2100018235752024-02-012024-01-310001823575us-gaap:CommonStockMember2023-01-310001823575us-gaap:AdditionalPaidInCapitalMemberzfox:ZerofoxIncMember2022-08-030001823575us-gaap:GeographicConcentrationRiskMemberus-gaap:SalesRevenueNetMemberus-gaap:NonUsMember2022-02-012022-08-030001823575zfox:SeriesERedeemableConvertiblePreferredStockMemberzfox:ZerofoxIncMember2022-01-310001823575zfox:ZeroFoxMember2023-02-012024-01-310001823575zfox:ZerofoxIncMember2022-01-310001823575us-gaap:MeasurementInputSharePriceMemberzfox:SponsorEarnoutSharesMember2024-01-310001823575zfox:WarrantsAndRightsSubjectToMandatoryRedemptionTwoMember2024-01-310001823575us-gaap:PaymentInKindPIKNoteMemberzfox:ConvertibleNotesMember2023-01-310001823575zfox:ZerofoxIncMemberzfox:SeriesD1RedeemableConvertiblePreferredStockMember2022-01-310001823575us-gaap:AdditionalPaidInCapitalMember2024-01-310001823575zfox:SeriesA1RedeemableConvertiblePreferredStockMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-030001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMember2024-01-310001823575zfox:SeriesRedeemableConvertiblePreferredStockMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-01-012022-08-030001823575zfox:ServicesRevenueMemberzfox:OtherServicesMember2022-08-042023-01-310001823575zfox:ServicesRevenueMemberzfox:BreachServicesMember2022-08-042023-01-310001823575zfox:PIPEInvestorsMember2022-02-012022-08-030001823575us-gaap:PreferredStockMemberzfox:SeriesD2RedeemableConvertiblePreferredStockMember2022-02-012022-08-030001823575zfox:LookingglassCyberSolutionsIncMemberus-gaap:DevelopedTechnologyRightsMember2023-04-210001823575us-gaap:CommonClassAMemberus-gaap:CommonStockMember2022-08-030001823575zfox:ZerofoxIncMemberzfox:SeriesD1RedeemableConvertiblePreferredStockMember2022-08-030001823575us-gaap:FairValueInputsLevel3Memberus-gaap:FairValueMeasurementsRecurringMemberzfox:PublicWarrantsMember2023-01-310001823575zfox:ZerofoxIncMemberus-gaap:CommonStockMember2022-01-310001823575us-gaap:PreferredStockMemberzfox:SeriesERedeemableConvertiblePreferredStockMember2022-02-012022-08-030001823575zfox:ConvertibleNotesMember2024-01-310001823575zfox:CostOfRevenueServicesMember2023-02-012024-01-310001823575zfox:SharePriceEqualsOrGreaterThanTwelvePointFivePerShareMember2022-08-030001823575us-gaap:RetainedEarningsMember2024-01-3100018235752024-01-01zfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:MembershipServicesMember2022-08-030001823575us-gaap:RestrictedStockUnitsRSUMember2023-01-310001823575zfox:TriggeringEventIvMemberzfox:LgcsEarnoutSharesMembersrt:ScenarioForecastMember2024-04-302024-04-300001823575zfox:PurchaseConsiderationLiabilitySharesMemberus-gaap:CommonStockMember2023-02-012024-01-310001823575zfox:OtherMember2022-08-042023-01-310001823575srt:MaximumMemberzfox:TwoThousandSeventeenEquityIncentivePlanMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2017-08-310001823575zfox:CommonStockWarrantsMember2023-02-012024-01-3100018235752022-08-04zfox:BreachMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-030001823575zfox:ZerofoxIncMemberzfox:SeriesC1RedeemableConvertiblePreferredStockMember2022-01-310001823575us-gaap:AccumulatedOtherComprehensiveIncomeMember2022-08-042023-01-310001823575zfox:SponsorEarnoutSharesMember2024-01-310001823575us-gaap:FairValueMeasurementsRecurringMember2023-01-310001823575us-gaap:AdditionalPaidInCapitalMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-030001823575us-gaap:AdditionalPaidInCapitalMember2022-08-030001823575us-gaap:TrademarksAndTradeNamesMember2022-02-012023-01-310001823575us-gaap:RedeemableConvertiblePreferredStockMemberzfox:ZerofoxIncMember2022-02-012022-08-030001823575zfox:ServicesRevenueMemberzfox:OtherServicesMember2023-02-012024-01-310001823575us-gaap:CommonStockMember2024-01-310001823575us-gaap:ResearchAndDevelopmentExpenseMember2023-02-012024-01-310001823575zfox:CostOfRevenueServicesMember2022-02-012022-08-0300018235752022-08-032022-08-030001823575zfox:ComputerHardwareAndPurchaseSoftwareMember2024-01-3100018235752024-01-01zfox:BreachMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-030001823575us-gaap:RevenueFromRightsConcentrationRiskMemberus-gaap:SalesRevenueNetMemberus-gaap:NonUsMember2022-02-012022-08-030001823575us-gaap:CustomerRelationshipsMember2024-01-3100018235752022-01-012022-08-030001823575zfox:PublicWarrantMemberus-gaap:FairValueInputsLevel3Member2023-02-022024-01-310001823575zfox:LgcsEarnoutSharesMember2024-01-310001823575srt:MinimumMember2022-08-042023-01-310001823575zfox:ZerofoxIncMemberzfox:SeriesSeedRedeemableConvertiblePreferredStockMember2022-08-030001823575zfox:DeferredRevenueCurrentAndNonCurrentMember2023-01-310001823575zfox:BreachServicesMembersrt:MaximumMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2023-02-012024-01-3100018235752022-02-012023-01-310001823575zfox:DevelopedTechnologyMember2022-02-012023-01-310001823575us-gaap:RetainedEarningsMember2022-08-030001823575country:US2023-02-012024-01-310001823575zfox:PrivateWarrantMemberus-gaap:FairValueInputsLevel3Member2022-08-040001823575us-gaap:PreferredStockMemberzfox:SeriesBRedeemableConvertiblePreferredStockMember2022-02-012022-08-030001823575zfox:InfoarmorNoteMemberzfox:PromissoryNotePayableMember2021-06-070001823575us-gaap:ShareBasedCompensationAwardTrancheThreeMemberzfox:SponsorEarnoutSharesMember2024-01-310001823575zfox:ReportingUnitMember2024-01-310001823575zfox:PrivateWarrantsMember2023-01-310001823575zfox:ConvertibleNotesMember2023-01-310001823575zfox:AmendedLoanAndSecurityAgreementMemberzfox:StifelNoteMember2023-01-310001823575us-gaap:StateAndLocalJurisdictionMember2024-01-310001823575us-gaap:MeasurementInputPriceVolatilityMemberzfox:SponsorEarnoutSharesMember2023-01-310001823575zfox:ZerofoxIncMemberus-gaap:CommonStockMember2022-08-042023-01-310001823575us-gaap:SoftwareAndSoftwareDevelopmentCostsMember2024-01-310001823575us-gaap:GeneralAndAdministrativeExpenseMember2022-08-042023-01-310001823575us-gaap:CustomerConcentrationRiskMemberus-gaap:AccountsReceivableMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-01-012022-08-030001823575us-gaap:TransferredAtPointInTimeMember2023-02-012024-01-310001823575us-gaap:TransferredOverTimeMember2021-02-012022-01-310001823575zfox:SeriesRedeemableConvertiblePreferredStockMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-030001823575srt:MinimumMember2023-02-012024-01-310001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMemberus-gaap:CommonStockMember2022-01-012022-08-030001823575us-gaap:StateAndLocalJurisdictionMember2023-02-012024-01-310001823575zfox:StockOptionsIssuedAndOutstandingMember2024-01-310001823575zfox:PublicWarrantMemberus-gaap:FairValueInputsLevel3Member2022-01-310001823575zfox:PrivateWarrantsMemberus-gaap:FairValueInputsLevel1Memberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001823575zfox:AlsopLouieConvertibleNoteMember2024-01-3100018235752023-07-310001823575us-gaap:AdditionalPaidInCapitalMemberzfox:PIPEInvestorsMember2022-08-042023-01-310001823575us-gaap:PreferredStockMemberzfox:SeriesCRedeemableConvertiblePreferredStockMember2022-02-012022-08-0300018235752021-02-012022-01-310001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMember2021-01-012021-12-310001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMember2021-12-310001823575zfox:LoanAndSecurityAgreementMemberzfox:StifelNoteMember2021-01-070001823575us-gaap:RetainedEarningsMember2023-01-310001823575zfox:AccountsReceivableNetCurrentMember2023-01-310001823575us-gaap:WarrantMemberzfox:CommonStockWarrantsMember2022-08-042023-01-310001823575zfox:LookingglassCyberSolutionsIncMember2023-04-212023-04-210001823575zfox:SeriesBRedeemableConvertiblePreferredStockMemberzfox:ZerofoxIncMember2022-01-310001823575srt:MinimumMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2024-01-310001823575zfox:BreachServiceMembersrt:MinimumMember2023-02-012024-01-310001823575zfox:DeferredRevenueCurrentAndNonCurrentMember2024-01-310001823575us-gaap:WarrantMember2022-02-012022-08-030001823575zfox:ComputerHardwareAndPurchaseSoftwareMember2023-01-310001823575us-gaap:SellingAndMarketingExpenseMember2022-08-042023-01-310001823575zfox:SponsorEarnoutSharesMember2022-08-030001823575us-gaap:PaymentInKindPIKNoteMember2022-08-030001823575us-gaap:RetainedEarningsMemberzfox:ZerofoxIncMember2022-01-3100018235752022-02-010001823575us-gaap:LeaseholdImprovementsMember2023-01-310001823575zfox:LookingglassCyberSolutionsIncMemberus-gaap:TrademarksAndTradeNamesMember2023-04-212023-04-210001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:MembershipServicesMember2022-01-012022-08-030001823575us-gaap:CommonStockMember2022-08-042023-01-310001823575zfox:HaveliMergerAgreementMember2023-02-012024-01-310001823575zfox:ConvertibleSeniorCashMemberus-gaap:DebtInstrumentRedemptionPeriodOneMember2022-08-032022-08-030001823575us-gaap:WarrantMember2023-02-012024-01-310001823575us-gaap:AdditionalPaidInCapitalMember2022-08-042023-01-3100018235752023-10-312023-10-310001823575srt:MaximumMember2023-02-012024-01-310001823575us-gaap:CommonClassBMemberus-gaap:CommonStockMember2022-08-042023-01-310001823575zfox:StifelWarrantMemberzfox:BlackScholesMember2023-04-210001823575zfox:ServicesRevenueMember2022-02-012022-08-030001823575zfox:SeriesERedeemableConvertiblePreferredStockMemberzfox:ZerofoxIncMember2022-08-030001823575us-gaap:PreferredStockMemberzfox:SeriesSeedRedeemableConvertiblePreferredStockMember2022-02-012022-08-030001823575zfox:LoanAndSecurityAgreementMemberzfox:StifelNoteMember2023-02-012024-01-310001823575us-gaap:RestrictedStockUnitsRSUMember2022-08-042023-01-3100018235752021-02-010001823575us-gaap:RedeemableConvertiblePreferredStockMemberzfox:ZerofoxIncMember2022-01-310001823575zfox:ServicesRevenueMemberzfox:OtherServicesMember2022-02-012022-08-030001823575us-gaap:PrepaidExpensesAndOtherCurrentAssetsMember2023-01-310001823575zfox:ZeroFoxMemberus-gaap:RestrictedStockUnitsRSUMember2023-02-012024-01-310001823575zfox:PublicWarrantMemberus-gaap:FairValueInputsLevel3Member2024-01-310001823575us-gaap:PreferredStockMemberzfox:SeriesDRedeemableConvertiblePreferredStockMember2022-02-012022-08-030001823575zfox:ServicesRevenueMember2022-08-042023-01-310001823575zfox:PublicWarrantMemberus-gaap:FairValueInputsLevel3Member2022-08-030001823575us-gaap:TrademarksAndTradeNamesMember2023-02-012024-01-310001823575zfox:ConvertibleSeniorCashMember2023-02-012024-01-310001823575us-gaap:WarrantMemberzfox:SeriesARedeemableConvertiblePreferredStockWarrantsMember2023-02-012024-01-310001823575srt:MaximumMemberzfox:ZeroFoxMemberus-gaap:RestrictedStockUnitsRSUMember2022-08-042023-01-310001823575zfox:ServicesRevenueMemberzfox:BreachServicesMember2023-02-012024-01-310001823575us-gaap:RetainedEarningsMemberzfox:ZerofoxIncMember2022-08-030001823575us-gaap:CommonClassAMemberus-gaap:CommonStockMember2022-08-042023-01-310001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-06-300001823575srt:MaximumMemberus-gaap:SeriesBPreferredStockMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2016-07-290001823575zfox:HaveliMergerAgreementMemberus-gaap:SubsequentEventMember2024-02-062024-02-060001823575us-gaap:FairValueMeasurementsRecurringMemberzfox:PublicWarrantsMember2024-01-310001823575zfox:IDXMember2023-02-012024-01-310001823575zfox:ServicesRevenueMember2023-02-012024-01-310001823575us-gaap:AdditionalPaidInCapitalMemberzfox:IDXMember2022-08-042023-01-310001823575zfox:PublicWarrantsMember2024-01-310001823575us-gaap:RestrictedStockUnitsRSUMember2023-02-012024-01-310001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMember2023-01-310001823575us-gaap:FairValueInputsLevel2Memberus-gaap:FairValueMeasurementsRecurringMember2024-01-310001823575us-gaap:WarrantMemberzfox:SeriesERedeemableConvertiblePreferredStockWarrantsMember2023-02-012024-01-3100018235752022-11-01zfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:DeferredRevenueMember2024-01-310001823575srt:MinimumMemberzfox:ZerofoxDigitalRiskProtectionMember2023-02-012024-01-310001823575zfox:ConvertibleSeniorCashMemberus-gaap:SubsequentEventMember2024-02-210001823575zfox:AlsopLouieConvertibleNoteMemberzfox:LookingglassCyberSolutionsIncMemberzfox:SubordinatedConvertiblePromissoryNoteMember2023-02-012024-01-310001823575us-gaap:TransferredAtPointInTimeMember2022-08-042023-01-310001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-01-012022-06-300001823575us-gaap:PrepaidExpensesAndOtherCurrentAssetsMember2024-01-310001823575zfox:PIPEInvestorsMemberzfox:ZeroFoxMember2022-08-032022-08-030001823575us-gaap:CommonStockMember2023-02-012024-01-310001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:SeriesA2RedeemableConvertiblePreferredStockMember2022-08-030001823575zfox:ZeroFoxPredecessorMember2023-02-022024-01-310001823575us-gaap:FurnitureAndFixturesMember2024-01-310001823575us-gaap:RelatedPartyMemberzfox:ContractsWithAffiliatesOfMinorityStockholdersMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-01-012022-08-030001823575zfox:LookingglassCyberSolutionsIncMember2023-04-210001823575us-gaap:GeneralAndAdministrativeExpenseMember2022-02-012022-08-030001823575us-gaap:ResearchAndDevelopmentExpenseMember2022-02-012022-08-030001823575zfox:LookingglassCyberSolutionsIncMember2023-07-310001823575zfox:AmendedLoanAndSecurityAgreementMemberzfox:LookingglassCyberSolutionsIncMemberzfox:StifelNoteMember2023-04-210001823575us-gaap:RetainedEarningsMemberzfox:ZerofoxIncMember2022-02-012022-08-030001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-01-012022-08-0300018235752024-01-310001823575zfox:TwoThousandSixteenEquityIncentivePlanMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2023-08-030001823575us-gaap:CommonStockMember2024-01-310001823575us-gaap:FairValueInputsLevel2Memberus-gaap:FairValueMeasurementsRecurringMemberzfox:PublicWarrantsMember2023-01-310001823575zfox:CostOfRevenueSubscriptionMember2022-02-012022-08-030001823575zfox:PIPEInvestorsMemberus-gaap:BridgeLoanMember2022-02-012022-08-030001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMemberus-gaap:CommonStockMember2022-08-030001823575us-gaap:RevenueFromRightsConcentrationRiskMemberzfox:OneCustomerMemberus-gaap:SalesRevenueNetMember2022-08-042023-01-310001823575us-gaap:ShareBasedCompensationAwardTrancheTwoMemberzfox:SponsorEarnoutSharesMember2024-01-310001823575us-gaap:FairValueInputsLevel1Memberus-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001823575us-gaap:WarrantMemberzfox:SeriesERedeemableConvertiblePreferredStockWarrantsMember2022-02-012022-08-030001823575zfox:ZerofoxIncMemberzfox:SeriesD2RedeemableConvertiblePreferredStockMember2022-01-310001823575zfox:PrivateWarrantsMemberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:SeriesA2RedeemableConvertiblePreferredStockMember2016-07-290001823575zfox:PrivateWarrantsMemberus-gaap:FairValueInputsLevel1Memberus-gaap:FairValueMeasurementsRecurringMember2024-01-310001823575zfox:CostOfRevenueSubscriptionMember2023-02-012024-01-310001823575zfox:SeriesA1RedeemableConvertiblePreferredStockMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-01-012022-08-0300018235752023-01-01zfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:DeferredRevenueMember2024-01-310001823575srt:MaximumMemberzfox:ZerofoxDigitalRiskProtectionMember2023-02-012024-01-310001823575zfox:SharesAvailableForFutureGrantUnderThe2022PlanMember2023-01-310001823575zfox:AmendedLoanAndSecurityAgreementMemberzfox:LookingglassCyberSolutionsIncMemberzfox:StifelNoteMember2023-02-012024-01-310001823575zfox:DevelopedTechnologyMember2023-02-012024-01-310001823575zfox:PrivateWarrantsMemberus-gaap:FairValueInputsLevel3Memberus-gaap:FairValueMeasurementsRecurringMember2024-01-310001823575srt:MaximumMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:TwoThousandSixteenEquityIncentivePlanMember2016-08-310001823575zfox:SeriesRedeemableConvertiblePreferredStockMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2021-12-310001823575us-gaap:WarrantMemberzfox:CommonStockWarrantsMember2023-02-012024-01-310001823575zfox:DevelopedTechnologyMember2023-01-310001823575zfox:WarrantsAndRightsSubjectToMandatoryRedemptionTwoMember2023-02-012024-01-310001823575us-gaap:PreferredStockMemberzfox:SeriesARedeemableConvertiblePreferredStockMember2022-02-012022-08-030001823575zfox:ReportingUnitMember2022-08-042023-01-310001823575us-gaap:FairValueInputsLevel2Memberus-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001823575us-gaap:DomesticCountryMember2024-01-310001823575zfox:TwoThousandSeventeenEquityIncentivePlanMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2017-08-312017-08-310001823575zfox:AmendedLoanAndSecurityAgreementMemberzfox:LookingglassCyberSolutionsIncMemberzfox:StifelNoteMember2024-01-310001823575zfox:ZeroFoxPredecessorMember2023-02-010001823575zfox:SponsorEarnoutSharesMember2023-02-012024-01-310001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:CostOfServicesMember2022-01-012022-08-030001823575us-gaap:SeriesBPreferredStockMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-030001823575zfox:LgcsEarnoutSharesMemberzfox:TriggeringEventIiMemberus-gaap:SubsequentEventMember2024-02-282024-02-280001823575zfox:ZeroFoxMember2022-08-032022-08-030001823575zfox:StockOptionsIssuedAndOutstandingMember2023-01-310001823575zfox:DeferredContractAcquisitionCostsCurrentAndNoncurrentMember2023-01-310001823575zfox:SubscriptionsMember2023-02-012024-01-310001823575zfox:LookingglassCyberSolutionsIncMemberus-gaap:TrademarksAndTradeNamesMember2023-04-210001823575us-gaap:FairValueInputsLevel3Memberus-gaap:FairValueMeasurementsRecurringMember2024-01-310001823575zfox:PIPEInvestorsMemberus-gaap:CommonStockMember2022-08-042023-01-310001823575zfox:SharesAvailableForFutureGrantUnderThe2022PlanMember2024-01-3100018235752022-08-04zfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:MembershipServicesMember2022-08-030001823575us-gaap:TransferredOverTimeMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:MembershipServicesMember2022-01-012022-08-030001823575us-gaap:ShareBasedCompensationAwardTrancheThreeMemberzfox:SponsorEarnoutSharesMember2023-01-310001823575zfox:ZeroFoxMember2023-05-012023-07-310001823575zfox:ZerofoxIncMember2022-02-012022-08-030001823575us-gaap:PreferredStockMember2022-02-012022-08-030001823575us-gaap:PreferredStockMemberzfox:SeriesC1RedeemableConvertiblePreferredStockMember2022-02-012022-08-030001823575us-gaap:FairValueInputsLevel3Memberus-gaap:FairValueMeasurementsRecurringMemberzfox:PublicWarrantsMember2024-01-310001823575zfox:InfoArmorMember2023-01-310001823575us-gaap:CustomerConcentrationRiskMemberzfox:OneCustomerMemberus-gaap:AccountsReceivableMember2023-02-012024-01-310001823575zfox:ZerofoxIncMember2022-08-042023-01-310001823575zfox:DevelopedTechnologyMember2024-01-310001823575zfox:SeriesA1RedeemableConvertiblePreferredStockMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2016-07-290001823575zfox:HaveliMergerAgreementMemberus-gaap:SubsequentEventMember2024-02-060001823575us-gaap:CustomerRelationshipsMember2023-01-310001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMemberus-gaap:CommonStockMember2022-08-030001823575zfox:PrivateWarrantsMember2024-01-310001823575zfox:PrivateWarrantMemberus-gaap:FairValueInputsLevel3Member2024-01-310001823575zfox:SeriesBRedeemableConvertiblePreferredStockWarrantsMemberus-gaap:WarrantMember2023-02-012024-01-310001823575zfox:StifelWarrantMemberzfox:BlackScholesMember2024-01-310001823575zfox:AmendedLoanAndSecurityAgreementMemberzfox:StifelWarrantMember2023-04-210001823575zfox:PublicAndPrivateWarrantsMember2024-01-310001823575zfox:LookingglassMemberzfox:HaveliMergerAgreementMemberus-gaap:SubsequentEventMember2024-02-062024-02-0600018235752023-01-01zfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:MembershipServicesMember2022-08-030001823575zfox:TwoThousandSeventeenEquityIncentivePlanMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-030001823575zfox:OptionsToPurchaseCommonStockMemberzfox:CommonStockOptionsOutstandingMember2023-02-012024-01-310001823575zfox:ConvertibleSeniorCashMember2022-08-030001823575zfox:LookingglassCyberSolutionsIncMemberus-gaap:DevelopedTechnologyRightsMember2023-04-212023-04-210001823575zfox:LookingglassCyberSolutionsIncMemberus-gaap:CustomerRelationshipsMember2023-04-212023-04-210001823575us-gaap:FairValueInputsLevel2Memberus-gaap:FairValueMeasurementsRecurringMemberzfox:PublicWarrantsMember2024-01-310001823575us-gaap:AdditionalPaidInCapitalMemberzfox:ZerofoxIncMember2022-02-012022-08-030001823575zfox:LgcsEarnoutSharesMember2023-04-210001823575srt:MaximumMemberus-gaap:FurnitureAndFixturesMember2024-01-310001823575zfox:IDXMember2022-08-042023-01-310001823575us-gaap:FairValueInputsLevel1Memberus-gaap:FairValueMeasurementsRecurringMemberzfox:PublicWarrantsMember2023-01-310001823575zfox:WarrantsAndRightsSubjectToMandatoryRedemptionOneMember2024-01-310001823575zfox:ZerofoxIncMemberzfox:SeriesC1RedeemableConvertiblePreferredStockMember2022-08-030001823575zfox:StifelWarrantMemberzfox:BlackScholesMember2023-02-012024-01-310001823575us-gaap:FairValueInputsLevel1Memberus-gaap:FairValueMeasurementsRecurringMember2023-01-3100018235752023-01-310001823575us-gaap:FairValueMeasurementsRecurringMemberzfox:PublicWarrantsMember2023-01-310001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:MembershipServicesMember2022-07-012022-08-030001823575us-gaap:ShareBasedCompensationAwardTrancheOneMemberzfox:SponsorEarnoutSharesMember2024-01-310001823575zfox:ZerofoxIncMemberzfox:SeriesD2RedeemableConvertiblePreferredStockMember2022-08-030001823575us-gaap:RestrictedStockUnitsRSUMember2024-01-310001823575us-gaap:RevenueFromRightsConcentrationRiskMemberzfox:OneCustomerMemberus-gaap:SalesRevenueNetMember2022-02-012023-01-310001823575us-gaap:ShareBasedCompensationAwardTrancheOneMemberzfox:SponsorEarnoutSharesMember2023-01-310001823575zfox:PrivateWarrantsMemberus-gaap:FairValueInputsLevel2Memberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001823575us-gaap:PrimeRateMemberzfox:LoanAndSecurityAgreementMemberzfox:StifelNoteMember2021-01-070001823575zfox:PrivateWarrantsMemberus-gaap:FairValueMeasurementsRecurringMember2024-01-310001823575us-gaap:FairValueInputsLevel1Memberus-gaap:FairValueMeasurementsRecurringMemberzfox:PublicWarrantsMember2024-01-310001823575zfox:SubscriptionsMemberus-gaap:CostOfSalesMember2022-08-042023-01-310001823575zfox:ZerofoxIncMember2022-08-042023-01-3100018235752022-08-04zfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-030001823575us-gaap:FairValueMeasurementsRecurringMember2024-01-310001823575srt:MaximumMemberzfox:BreachServiceMember2023-02-012024-01-310001823575us-gaap:DomesticCountryMember2023-02-012024-01-310001823575us-gaap:ServiceMember2023-02-012024-01-310001823575us-gaap:SellingAndMarketingExpenseMember2023-02-012024-01-310001823575zfox:AlsopLouieConvertibleNoteMemberzfox:LookingglassCyberSolutionsIncMemberzfox:SubordinatedConvertiblePromissoryNoteMember2023-04-210001823575zfox:ZerofoxIncMemberzfox:SeriesDRedeemableConvertiblePreferredStockMember2022-01-310001823575us-gaap:OtherCurrentAssetsMember2023-01-310001823575zfox:SeriesBRedeemableConvertiblePreferredStockMemberzfox:ZerofoxIncMember2022-08-030001823575zfox:ZeroFoxMember2023-02-012024-01-310001823575zfox:LoanAndSecurityAgreementMemberzfox:StifelNoteMember2021-12-080001823575zfox:SharePriceEqualsOrGreaterThanTwelvePointFivePerShareMember2022-08-032022-08-030001823575us-gaap:ServiceMember2022-02-012022-08-0300018235752022-08-04zfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:DeferredRevenueMember2022-08-030001823575zfox:ContractsWithAffiliatesOfMajorityStockholdersMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-01-012022-08-030001823575zfox:PublicWarrantMemberus-gaap:FairValueInputsLevel3Member2022-02-012022-08-030001823575zfox:DeferredContractAcquisitionCostsCurrentAndNoncurrentMember2024-01-310001823575zfox:OptionsToPurchaseCommonStockMemberzfox:CommonStockOptionsOutstandingMember2022-08-042023-01-310001823575zfox:PrivateWarrantMemberus-gaap:FairValueInputsLevel3Member2023-02-0100018235752023-01-312023-01-310001823575us-gaap:MeasurementInputSharePriceMemberzfox:SponsorEarnoutSharesMember2023-01-310001823575zfox:IDXMember2022-08-032022-08-030001823575us-gaap:AdditionalPaidInCapitalMember2023-01-310001823575zfox:ZeroFoxPredecessorMember2024-01-312024-01-310001823575us-gaap:AccumulatedOtherComprehensiveIncomeMember2023-01-310001823575country:US2022-08-042023-01-310001823575us-gaap:AdditionalPaidInCapitalMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-01-012022-08-030001823575zfox:PublicWarrantMemberus-gaap:FairValueInputsLevel3Member2022-08-052023-01-310001823575zfox:StifelWarrantMemberzfox:BlackScholesMember2023-04-212023-04-210001823575us-gaap:ServiceMember2022-08-042023-01-310001823575zfox:ReportingUnitMember2023-10-310001823575zfox:WarrantsAndRightsSubjectToMandatoryRedemptionOneMembersrt:MinimumMember2024-01-310001823575srt:MaximumMemberzfox:ComputerHardwareAndPurchaseSoftwareMember2024-01-310001823575us-gaap:FairValueInputsLevel2Memberus-gaap:FairValueMeasurementsRecurringMember2023-01-3100018235752022-08-030001823575zfox:SponsorEarnoutSharesMemberus-gaap:CommonStockMember2022-08-042023-01-310001823575zfox:LookingglassMember2023-02-012024-01-310001823575zfox:RestrictedStockUnitsIssuedMemberus-gaap:RestrictedStockUnitsRSUMember2023-02-012024-01-310001823575zfox:SeriesC1RedeemableConvertiblePreferredStockWarrantsMemberus-gaap:WarrantMember2022-02-012022-08-030001823575us-gaap:ResearchAndDevelopmentExpenseMember2022-08-042023-01-310001823575us-gaap:FairValueInputsLevel3Memberus-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMember2023-01-3100018235752022-08-042023-01-310001823575zfox:CallCenterAndMonitoringServicesMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-01-012022-08-030001823575zfox:IDXMember2022-08-030001823575us-gaap:MoneyMarketFundsMemberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001823575zfox:TwoThousandAndTwentyTwoIncentiveEquityPlanMember2023-01-312023-01-310001823575zfox:ConvertibleSeniorCashMemberus-gaap:DebtInstrumentRedemptionPeriodTwoMember2022-08-032022-08-0300018235752024-01-01zfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-030001823575us-gaap:RevenueFromRightsConcentrationRiskMemberzfox:OneCustomerMemberus-gaap:SalesRevenueNetMember2023-02-012024-01-310001823575us-gaap:AccumulatedOtherComprehensiveIncomeMember2023-02-012024-01-310001823575us-gaap:WarrantMember2022-08-042023-01-310001823575zfox:StifelBankMember2024-01-310001823575zfox:ConvertibleSeniorCashMemberus-gaap:SubsequentEventMember2024-02-0600018235752023-01-01zfox:BreachMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-030001823575zfox:InfoarmorNoteMemberzfox:LongTermDebtCurrentMemberzfox:PromissoryNotePayableMember2023-02-012024-01-310001823575zfox:PrivateWarrantMemberus-gaap:FairValueInputsLevel3Member2023-01-310001823575zfox:ConvertibleSeniorCashMemberus-gaap:SubsequentEventMember2024-03-040001823575srt:MaximumMember2024-01-310001823575zfox:LookingglassCyberSolutionsIncMemberzfox:LgcsEarnoutSharesMember2023-04-212023-04-210001823575srt:MinimumMemberzfox:WarrantsAndRightsSubjectToMandatoryRedemptionTwoMember2024-01-310001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-042023-01-310001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:SeriesA2RedeemableConvertiblePreferredStockMember2022-01-012022-08-030001823575us-gaap:FurnitureAndFixturesMember2023-01-310001823575zfox:ZerofoxIncMemberus-gaap:AccumulatedOtherComprehensiveIncomeMember2022-08-030001823575us-gaap:AccumulatedOtherComprehensiveIncomeMember2024-01-310001823575zfox:CostOfRevenueSubscriptionMember2022-08-042023-01-310001823575srt:MinimumMember2024-01-310001823575zfox:SharePriceEqualsOrGreaterThanFifteenPointZeroZeroPerShareMember2022-08-032022-08-030001823575srt:MinimumMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2023-02-012024-01-3100018235752023-11-012024-01-310001823575zfox:ZerofoxIncMemberzfox:SeriesSeedRedeemableConvertiblePreferredStockMember2022-01-310001823575zfox:OptionsToPurchaseCommonStockMemberzfox:CommonStockOptionsIssuedMember2023-02-012024-01-310001823575zfox:IDXMemberus-gaap:CommonStockMember2022-08-042023-01-310001823575us-gaap:PreferredStockMemberzfox:SeriesD1RedeemableConvertiblePreferredStockMember2022-02-012022-08-030001823575us-gaap:AdditionalPaidInCapitalMemberzfox:ZerofoxIncMember2022-08-042023-01-310001823575zfox:CommonStockWarrantsMember2023-01-310001823575zfox:SharePriceEqualsOrGreaterThanFifteenPointZeroZeroPerShareMember2022-08-0300018235752022-01-312022-01-310001823575zfox:ZerofoxIncMemberus-gaap:CommonStockMember2022-08-030001823575zfox:RestrictedStockUnitsOutstandingMemberus-gaap:RestrictedStockUnitsRSUMember2023-02-012024-01-310001823575zfox:SeriesBRedeemableConvertiblePreferredStockWarrantsMemberus-gaap:WarrantMember2022-02-012022-08-030001823575zfox:HaveliMergerAgreementMember2024-01-310001823575zfox:ZeroFoxMember2022-02-012022-08-030001823575zfox:PrivateWarrantMemberus-gaap:FairValueInputsLevel3Member2022-08-052023-01-310001823575zfox:PublicWarrantMemberus-gaap:FairValueInputsLevel3Member2022-08-040001823575zfox:OptionsToPurchaseCommonStockMemberzfox:CommonStockOptionsOutstandingMember2022-02-012022-08-030001823575zfox:PrivateWarrantsMemberus-gaap:FairValueInputsLevel3Memberus-gaap:FairValueMeasurementsRecurringMember2023-01-310001823575us-gaap:MeasurementInputRiskFreeInterestRateMemberzfox:SponsorEarnoutSharesMember2023-01-3100018235752022-08-042022-08-040001823575us-gaap:LeaseholdImprovementsMember2024-01-310001823575us-gaap:CustomerConcentrationRiskMemberus-gaap:SalesRevenueNetMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-01-012022-08-030001823575zfox:ZerofoxIncMemberzfox:SeriesARedeemableConvertiblePreferredStockMember2022-08-030001823575zfox:ZeroFoxMember2022-08-042023-01-310001823575zfox:IDXMember2022-08-042023-01-3100018235752023-04-212023-04-210001823575zfox:SubscriptionsMemberus-gaap:CostOfSalesMember2023-02-012024-01-310001823575us-gaap:RetainedEarningsMember2022-08-042023-01-310001823575us-gaap:AdditionalPaidInCapitalMemberzfox:ZerofoxIncMember2022-01-310001823575zfox:StifelBankMember2023-01-310001823575zfox:TriggeringEventIiiMemberzfox:LgcsEarnoutSharesMembersrt:ScenarioForecastMember2024-03-312024-03-310001823575us-gaap:TrademarksAndTradeNamesMember2023-01-310001823575zfox:ReportingUnitMember2022-10-3100018235752025-02-012024-01-310001823575srt:MaximumMemberzfox:TwoThousandAndTwentyTwoIncentiveEquityPlanMember2022-02-012022-08-030001823575us-gaap:CustomerRelationshipsMember2022-02-012023-01-310001823575zfox:CommonStockOptionsIssuedMemberzfox:OptionsToPurchaseCommonStockMember2022-08-042023-01-310001823575zfox:SubscriptionRevenueMember2023-02-012024-01-310001823575us-gaap:MeasurementInputPriceVolatilityMemberzfox:SponsorEarnoutSharesMember2024-01-310001823575us-gaap:SellingAndMarketingExpenseMember2022-02-012022-08-0300018235752022-02-012022-08-030001823575zfox:SharePriceEqualsOrGreaterThanSeventeenPointFiveZeroPerShareMember2022-08-032022-08-030001823575zfox:SubscriptionsMember2022-08-042023-01-310001823575us-gaap:TransferredOverTimeMember2022-08-042023-01-310001823575us-gaap:ShareBasedCompensationAwardTrancheTwoMemberzfox:SponsorEarnoutSharesMember2023-01-310001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-030001823575zfox:AlsopLouieConvertibleNoteMemberzfox:LookingglassCyberSolutionsIncMemberzfox:SubordinatedConvertiblePromissoryNoteMember2024-01-310001823575zfox:SubscriptionsMember2022-02-012022-08-030001823575us-gaap:TransferredAtPointInTimeMember2022-02-012022-08-030001823575zfox:LoanAndSecurityAgreementMemberzfox:StifelNoteMember2021-01-072021-01-070001823575zfox:ZerofoxIncMemberus-gaap:CommonStockMember2022-02-012022-08-030001823575zfox:SponsorEarnoutSharesMember2023-01-310001823575zfox:TwoThousandAndTwentyTwoIncentiveEquityPlanMember2024-01-310001823575zfox:PublicWarrantsMember2023-01-310001823575us-gaap:WarrantMemberzfox:CommonStockWarrantsMember2022-02-012022-08-030001823575zfox:AmendedLoanAndSecurityAgreementMemberzfox:SeriesERedeemableConvertiblePreferredStockMemberzfox:StifelNoteMember2021-12-310001823575zfox:NotificationServicesMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-01-012022-08-030001823575zfox:AccountsReceivableNetCurrentMember2024-01-310001823575zfox:BreachServicesMembersrt:MinimumMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2023-02-012024-01-310001823575us-gaap:RedeemableConvertiblePreferredStockMemberzfox:ZerofoxIncMember2022-08-030001823575us-gaap:RetainedEarningsMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2021-12-310001823575zfox:LookingglassCyberSolutionsIncMember2023-02-012024-01-310001823575srt:MinimumMemberus-gaap:FurnitureAndFixturesMember2024-01-310001823575us-gaap:SeriesBPreferredStockMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2016-07-2900018235752025-01-01zfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-0300018235752021-12-310001823575zfox:ZerofoxIncMemberzfox:SeriesC1RedeemableConvertiblePreferredStockMember2022-02-012022-08-030001823575zfox:PIPEInvestorsMemberzfox:IDXMember2022-08-032022-08-030001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMemberus-gaap:CommonStockMember2021-12-310001823575zfox:SubscriptionsMemberus-gaap:CostOfSalesMember2022-02-012022-08-030001823575country:US2022-02-012022-08-030001823575zfox:BreachMemberus-gaap:TransferredAtPointInTimeMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-01-012022-08-030001823575zfox:LookingglassEarnoutSharesAndLookingglassDeferredSharesMember2023-08-012023-10-310001823575zfox:ZerofoxIncMemberzfox:SeriesARedeemableConvertiblePreferredStockMember2022-01-310001823575us-gaap:FairValueInputsLevel3Memberus-gaap:FairValueMeasurementsRecurringMember2023-01-3100018235752024-03-130001823575zfox:LookingglassCyberSolutionsIncMember2024-01-310001823575zfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:MembershipServicesMember2023-02-012024-01-310001823575us-gaap:CustomerRelationshipsMember2023-02-012024-01-310001823575us-gaap:MeasurementInputRiskFreeInterestRateMemberzfox:SponsorEarnoutSharesMember2024-01-310001823575zfox:TwoThousandSixteenEquityIncentivePlanMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2016-08-312016-08-310001823575zfox:ZerofoxIncMemberzfox:SeriesCRedeemableConvertiblePreferredStockMember2022-08-030001823575us-gaap:AdditionalPaidInCapitalMember2023-02-012024-01-3100018235752023-02-012024-01-310001823575zfox:SeriesERedeemableConvertiblePreferredStockMemberzfox:ZerofoxIncMember2022-02-012022-08-030001823575zfox:TwoThousandAndTwentyTwoIncentiveEquityPlanMembersrt:MinimumMember2022-02-012022-08-030001823575zfox:IDXMember2023-05-012023-07-310001823575zfox:RestrictedStockUnitsIssuedAndOutstandingMember2024-01-310001823575us-gaap:CommonStockMember2023-02-012024-01-310001823575zfox:CommonStockWarrantsMember2024-01-310001823575zfox:PublicWarrantMemberus-gaap:FairValueInputsLevel3Member2023-02-010001823575us-gaap:CommonClassBMemberus-gaap:CommonStockMember2022-08-030001823575zfox:SubscriptionRevenueMember2022-02-012022-08-030001823575zfox:InfoarmorNoteMemberzfox:LoanAndSecurityAgreementMember2023-02-012024-01-310001823575zfox:PrivateWarrantsMemberus-gaap:FairValueInputsLevel2Memberus-gaap:FairValueMeasurementsRecurringMember2024-01-310001823575zfox:ZerofoxIncMemberus-gaap:AccumulatedOtherComprehensiveIncomeMember2022-02-012022-08-030001823575us-gaap:TrademarksAndTradeNamesMember2024-01-310001823575zfox:LoanAndSecurityAgreementMemberzfox:StifelNoteMember2021-12-310001823575us-gaap:RetainedEarningsMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-01-012022-08-030001823575zfox:SponsorEarnoutSharesMemberus-gaap:CommonStockMember2023-02-012024-01-310001823575zfox:SeriesC1RedeemableConvertiblePreferredStockWarrantsMemberus-gaap:WarrantMember2023-02-012024-01-310001823575us-gaap:PaymentInKindPIKNoteMemberzfox:ConvertibleNotesMember2024-01-310001823575zfox:PrivateWarrantMemberus-gaap:FairValueInputsLevel3Member2023-02-022024-01-310001823575us-gaap:GeographicConcentrationRiskMemberus-gaap:SalesRevenueNetMemberus-gaap:NonUsMember2023-02-012024-01-310001823575zfox:ZeroFoxPredecessorMember2024-01-310001823575zfox:WarrantsAndRightsSubjectToMandatoryRedemptionOneMember2023-02-012024-01-310001823575zfox:ZerofoxIncMemberzfox:SeriesCRedeemableConvertiblePreferredStockMember2022-01-310001823575us-gaap:RetainedEarningsMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-030001823575zfox:CommonStockOptionsIssuedMemberzfox:OptionsToPurchaseCommonStockMember2022-02-012022-08-030001823575us-gaap:PreferredStockMember2024-01-310001823575us-gaap:WarrantMemberzfox:SeriesARedeemableConvertiblePreferredStockWarrantsMember2022-02-012022-08-030001823575zfox:OtherMember2023-02-012024-01-310001823575srt:MaximumMemberzfox:TwoThousandAndTwentyTwoIncentiveEquityPlanMember2022-08-0300018235752023-01-01zfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-030001823575us-gaap:NonUsMemberus-gaap:GeographicConcentrationRiskMemberus-gaap:SalesRevenueNetMember2022-08-042023-01-3100018235752022-08-04zfox:IdExpertsHoldingsIncAndSubsidiaryMemberzfox:DeferredRevenueMember2024-01-310001823575zfox:InfoarmorNoteMemberzfox:PromissoryNotePayableMemberzfox:VigilanteMember2021-06-070001823575zfox:ZeroFoxMemberus-gaap:RestrictedStockUnitsRSUMember2022-02-012022-08-030001823575zfox:TriggeringEventIMemberzfox:LgcsEarnoutSharesMember2024-01-312024-01-310001823575zfox:ZerofoxIncMember2022-08-030001823575zfox:ZeroFoxMemberus-gaap:RestrictedStockUnitsRSUMembersrt:MinimumMember2022-08-042023-01-310001823575zfox:RestrictedStockUnitsIssuedMemberus-gaap:RestrictedStockUnitsRSUMember2022-08-042023-01-310001823575srt:MaximumMemberzfox:TwoThousandSeventeenEquityIncentivePlanMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2017-08-312017-08-310001823575zfox:ZerofoxIncMemberus-gaap:AccumulatedOtherComprehensiveIncomeMember2022-01-310001823575zfox:LookingglassCyberSolutionsIncMemberzfox:LgcsDeferredSharesMember2023-04-212023-04-210001823575us-gaap:TransferredOverTimeMemberzfox:BreachMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-01-012022-08-030001823575zfox:SeriesARedeemableConvertiblePreferredStockMemberzfox:IdExpertsHoldingsIncAndSubsidiaryMember2022-08-0300018235752023-08-042024-01-310001823575us-gaap:FairValueInputsLevel1Memberus-gaap:FairValueMeasurementsRecurringMember2024-01-3100018235752026-02-012024-01-31xbrli:purexbrli:sharesiso4217:USDiso4217:USDxbrli:shares

 

 

UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

Washington, D.C. 20549

 

FORM 10-K

 

(Mark One)

ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the fiscal year ended January 31, 2024

OR

TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 FOR THE TRANSITION PERIOD FROM TO

Commission File Number 001-39722

 

ZeroFox Holdings, Inc.

(Exact name of Registrant as specified in its Charter)

 

Delaware

98-1557361

(State or other jurisdiction of

incorporation or organization)

(I.R.S. Employer

Identification No.)

1834 S. Charles Street

Baltimore, Maryland

21230

(Address of principal executive offices)

(Zip Code)

Registrant’s telephone number, including area code: (855) 936-9369

 

Securities registered pursuant to Section 12(b) of the Act:

 

Title of each class

 

Trading

Symbol(s)

 

Name of each exchange on which registered

Common Stock, $0.0001 par value per share

 

ZFOX

 

The Nasdaq Stock Market LLC

Warrants, each whole warrant exercisable for one share of Common Stock at an exercise price of $11.50 per share

 

ZFOXW

 

The Nasdaq Stock Market LLC

 

Securities registered pursuant to Section 12(g) of the Act: None

Indicate by check mark if the Registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. YES No

Indicate by check mark if the Registrant is not required to file reports pursuant to Section 13 or 15(d) of the Act. YES No

Indicate by check mark whether the Registrant: (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the Registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes NO

Indicate by check mark whether the Registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the Registrant was required to submit such files). Yes NO

Indicate by check mark whether the Registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Exchange Act.

 

Large accelerated filer

Accelerated filer

Non-accelerated filer

Smaller reporting company

Emerging growth company

 

 

 

 

 

 

If an emerging growth company, indicate by check mark if the Registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act.

Indicate by check mark whether the Registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report.

If securities are registered pursuant to Section 12(b) of the Act, indicate by check mark whether the financial statements of the Registrant included in the filing reflect the correction of an error to previously issued financial statements.

Indicate by check mark whether any of those error corrections are restatements that required a recovery analysis of incentive-based compensation received by any of the Registrant’s executive officers during the relevant recovery period pursuant to §240.10D-1(b).

Indicate by check mark whether the Registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). YES NO

 

 

 


 

As of July 31, 2023, the aggregate market value of the common stock held by non-affiliates was $87.4 million.

On August 3, 2022, the Registrant’s Common Stock and Public Warrants began trading on the Nasdaq Global Market and the Nasdaq Capital Market under the symbols “ZFOX” and “ZFOXW,” respectively.

The number of shares of Registrant’s Common Stock outstanding as of March 13, 2024, was
124,843,024.

 

DOCUMENTS INCORPORATED BY REFERENCE

 

Portions of the Registrant's definitive Proxy Statement relating to the 2024 annual meeting of stockholders (the Proxy Statement) are incorporated herein by reference in Part III of this Annual Report on Form 10-K (the Annual Report). The Proxy Statement will be filed with the Securities and Exchange Commission (the SEC) within 120 days after the year ended January 31, 2024.

 


 

Explanatory Note

This Annual Report on Form 10-K of ZeroFox Holdings, Inc. ("the Company") includes the consolidated financial statements of:

The Company as of and for the year ended January 31, 2024, as of January 31, 2023, and for the period August 4, 2022, to January 31, 2023;
The Company's predecessor, ZeroFox, Inc. ("the Predecessor"), for the period February 1, 2022, to August 3, 2022, presented within the prior period financial statements of the Company (see Note 2); and
The Company's other predecessor, ID Experts Holdings, Inc. ("IDX"), for the period January 1, 2022, to August 3, 2022, presented as separate financial statements.

As of August 3, 2022, the Company merged with ZeroFox, Inc. and IDX (the "Business Combination") at which time ZeroFox, Inc. and IDX became indirect, wholly-owned subsidiaries of the Company. The financial statements for the Company’s predecessors are not necessarily indicative of the Company’s results of operations, cash flows, or financial position following the completion of the Business Combination.

The terms "ZeroFox", "the Company", "Successor", refer to ZeroFox Holdings, Inc. and its subsidiaries, including ZeroFox, Inc. and ID Experts Holdings, Inc. after the closing of the Business Combination. The term "the Successor Period" refers to the duration of time including the finalization of the Business Combination through the end of prior reporting period; August 4, 2022, to January 31, 2023. The term "Predecessor" refers to ZeroFox, Inc. and its subsidiaries prior to the closing of the Business Combination. The term "the Predecessor Period" refers to the duration of time from the first day of the Predecessor's prior fiscal year to just prior to the finalization of the Business Combination i.e., February 1, 2022, to August 3, 2022.

Forward-Looking Statements

This Annual Report on Form 10-K, including, without limitation, statements contained under the heading “Management’s Discussion and Analysis of Financial Condition and Results of Operations" in Item 7 of Part II, contains “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act of 1995. All statements, other than statements of historical fact, that address activities, events or developments that we expect, believe or anticipate will or may occur in the future, are forward-looking statements. Forward-looking statements involve risks and uncertainties that could cause actual results to differ materially from those anticipated by these forward-looking statements. The inclusion of any statement in this Annual Report does not constitute an admission by the Company or any other person that the events or circumstances described in such statement are material. These risks and uncertainties include, but are not limited to, the following:

our ability to meet expectations regarding the timing and completion of the proposed Merger (as defined in this Annual Report);
the possibility that the conditions to the closing of the proposed Merger are not satisfied, including the risk that the required regulatory approvals are not obtained or that our stockholders do not approve the proposed Merger;
the occurrence of any event, change or other circumstance that could result in the Haveli Merger Agreement (as defined in this Annual Report) being terminated or the proposed Merger not being completed on the terms reflected in the Haveli Merger Agreement, or at all;

i


 

the risk that the Haveli Merger Agreement may be terminated in circumstances that require us to pay a termination fee;
potential litigation relating to the proposed Merger;
the risk that the proposed Merger and its announcement could have adverse effects on the market price of our Common stock;
the ability of each party to consummate the proposed Merger;
risks related to the possible disruption of management's attention from our ongoing business operations due to the proposed Merger;
the effect of the announcement of the proposed Merger on our ability to retain and hire key personnel and maintain relationships with customers and business partners;
the risk of unexpected costs or expenses resulting from the proposed Merger;
defects, errors, or vulnerabilities in our Platform (as defined in this Annual Report), the failure of our Platform to block malware or prevent a security breach, misuse of the our Platform, or risks of product liability claims that would harm our reputation and adversely impact our business, operating results, and financial condition;
if our enterprise platform offerings do not interoperate with our customers’ network and security infrastructure, or with third-party products, websites or services, our results of operations may be harmed;
we may not timely and cost-effectively scale and adapt our existing technology to meet our customers’ performance and other requirements;
our ability to introduce new products and solutions and features is dependent on adequate research and development resources and our ability to successfully complete acquisitions;
our success depends, in part, on the integrity and scalability of our systems and infrastructure;
we rely on third-party cloud providers to host and operate our Platform, and any disruption of or interference with our use of these offerings may negatively affect our ability to maintain the performance and reliability of our Platform which could cause our business to suffer;
we rely on data, software and services from other parties;
we have a history of losses, and we may not be able to achieve or sustain profitability in the future;
if organizations do not adopt external cybersecurity solutions that may be based on new and untested security concepts, our ability to grow our business and our results of operations may be adversely affected;
we have experienced rapid growth in recent periods, and if we do not manage our future growth, our business and results of operations will be adversely affected;
we face intense competition and could lose market share to our competitors, which could adversely affect our business, financial condition, and results of operations;
competitive pricing pressure may reduce revenue, gross profits, and adversely affect our financial results;
adverse general and industry-specific economic and market conditions and reductions in customer spending, in either the private or public sector, including as a result of inflation

ii


 

and geopolitical uncertainty such as the war in Ukraine and the Israel-Hamas war, may reduce demand for our Platform or products and solutions, which could harm our business, financial condition, and results of operations;
if we fail to adapt to rapid technological change, evolving industry standards and changing customer needs, requirements or preferences, our ability to remain competitive could be impaired;
other risks and unforeseen events, including epidemics, pandemics or other outbreaks of illness, disease, or virus (such as the COVID-19 pandemic) and cybersecurity threats could adversely affect our business, operating results, and financial condition;
we rely heavily on the services of our senior management team;
one U.S. government customer accounts for a substantial portion of our revenue; and
a delay in the completion of the U.S. Government’s budget and appropriation process could delay procurement of solutions we provide and have an adverse effect on our future revenues.

Additional information concerning these, and other risks, is described in Part I, Item 1A, “Risk Factors” and in “Management’s Discussion and Analysis of Financial Condition and Results of Operations" in Part II, Item 7 of this Annual Report. We expressly disclaim any obligation to update any of these forward-looking statements, except to the extent required by applicable law.

iii


 

Table of Contents

Page

 

Part I

 

Item 1

Business

1

Item 1A

Risk Factors

14

Item 1B

Unresolved Staff Comments

79

Item 1C

Cybersecurity

79

Item 2

Properties

80

Item 3

Legal Proceedings

81

Item 4

Mine Safety Disclosures

81

 

Part II

 

Item 5

Market for Registrant's Common Equity, Related Stockholder Market for Registrant's Common Equity, Related Stockholder Matters, and Issuer Purchases of Equity Securities

82

Item 6

Reserved

82

Item 7

Management’s Discussion and Analysis of Financial Condition and Results of Operations

 

 

Management’s Discussion and Analysis of Financial Condition and Results of Operations of ZeroFox Holdings, Inc.

83

 

Management’s Discussion and Analysis of Financial Condition and Results of Operations of ID Experts Holdings, Inc.

111

Item 7A

Quantitative and Qualitative Disclosures About Market Risk

126

Item 8

Financial Statements and Supplementary Data

 

 

Of ZeroFox Holdings, Inc.

127

 

Of ID Experts Holdings, Inc.

181

Item 9

Changes in and Disagreements with Accountants on Accounting and Financial Disclosure

201

Item 9A

Controls and Procedures

201

Item 9B

Other Information

203

Item 9C

Disclosure Regarding Foreign Jurisdictions That Prevent Inspections

203

 

Part III

 

Item 10

Directors, Executive Officers, and Corporate Governance

204

Item 11

Executive Compensation

204

Item 12

Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters

204

Item 13

Certain Relationships and Related Transactions and Director Independence

204

Item 14

Principal Accountant Fees and Services

204

 

Part IV

 

Item 15

Exhibits and Financial Statement Schedules

205

Item 16

Form 10-K Summary

206

 

Signatures

214

 

Power of Attorney

215

 

iv


 

Part I

ITEM 1. BUSINESS

Unless the context otherwise requires, all references in this section to “we,” “us” and “our” generally refer to ZeroFox Holdings, Inc. following the consummation of the Business Combination.

Overview

ZeroFox is a leading provider of SaaS-based external cybersecurity solutions. External cybersecurity focuses on exposing, disrupting, and responding to threats outside the traditional corporate perimeter. These are threats targeting organizations’ growing public attack surface as well as broader external threats.

With digital transformation continuing to accelerate, the primary way that organizations interact and transact is now through digital channels and mediums. This has led to the proliferation of digital assets and data residing on external platforms that are outside the control of an organization. These external platforms include the surface web, deep and dark web, social media sites, collaboration platforms, code sharing sites, and mobile app stores (also referred to as "public attack service"). These external platforms are largely ungoverned, unmonitored, and unprotected by existing perimeter and internal security technologies. This public attack surface exposes organizations and their respective communities to threats to their organizations, brands, digital assets, and people. These threats include targeted phishing attacks, account takeovers, credential theft, data leakage, domain spoofing, and impersonations. The overall volume of external cyber threats targeting organizations in general continues to increase, driving a need for organizations to continuously monitor the external threat environment and incorporate threat intelligence into their security operations.

ZeroFox provides customers with an innovative, comprehensive, SaaS-based platform for external cybersecurity (our Platform) that protects organizations from threats outside the traditional corporate perimeter. Our Platform combines protection, intelligence, adversary disruption, and response services into an integrated solution.

Powered by patented technology and artificial intelligence innovations, our Platform collects and processes millions of pieces of content, rich media, posts, messages, global intelligence, and threat actor activity across the digital landscape, including social media sites, public, deep and dark web forums, mobile app stores, code repositories, representing thousands of digital platforms and discrete content sources. We apply advanced analytics to the data we collect and process to detect external threats to brands, people, systems, assets and data across a customer’s public attack surface. Our adversary disruption services allow organizations to disrupt and remediate these threats.

As a result of internal efforts and our August 2022 acquisition of IDX, we also offer comprehensive response services, including breach response, incident response, and intelligence and investigative services. Our data breach solutions include prevention, detection, forensic services, notification, and recovery assistance. We also offer membership subscriptions that include credit and non-credit monitoring, prevention tools, and unlimited recovery assistance.

As a result of our April 2023 acquisition of LookingGlass, our Platform also includes threat intelligence and attack surface management capabilities. The integration of these capabilities into our Platform broadens our visibility into external attack surface and vulnerabilities, including improved actionable intelligence to disrupt emergent threats.

1


 

Industry Background

The focus of the cybersecurity industry has traditionally been protecting internal assets that are owned and controlled by the organization. Owned assets include laptops, networks, systems, and cloud workloads. With digital transformation continuing to accelerate, the primary way that companies interact and transact is now through digital channels and mediums.

An increasingly large number of businesses, including those in industries that were slower to adopt digital technologies, have adopted social media, mobile applications, and cloud computing resulting in more critical digital assets now residing outside of traditional firewalls. These organizations now offer mobile and web applications as a key driver of their revenue production in order to make customer access easier, transactions smoother, and their services more engaging. These same organizations have aggressively embraced social media and digital channels to interact and transact with customers, vendors, and partners.

The dramatic shift to digital channels has created an enormous digital footprint on the “public” internet, expanding the attack surface to include all externally available digital platforms. These public platforms are largely ungoverned, unmonitored, and unprotected by existing perimeter and internal security technologies.

Adversaries are increasingly targeting organizations’ public attack surface which is reflected in increased threats including targeted phishing attacks, account takeovers, credential theft, data leakage, domain spoofing, and impersonations. All of these threats pose significant risk to organizations, their brands, and their assets. The volume of external cyber threats targeting organizations continues to increase, driving a need for organizations to continuously monitor the external threat environment and to incorporate threat intelligence into their security operations.

Protecting the public attack surface and defending against external threats is challenging. Organizations have limited visibility into their public attack surface. Traditional internal cybersecurity controls, including endpoint and perimeter solutions, do not provide visibility into or protection of the public attack surface and provide a limited view of the external threat environment. Continuously monitoring and protecting the public attack surface is difficult given its size and dynamic, unstructured nature. Additionally, many organizations continue to struggle with a scarcity of in-house cybersecurity expertise and resources.

We believe that securing the public attack surface and protecting organizations from external threats requires a platform-based approach that combines protection, intelligence, adversary disruption, and comprehensive response capabilities, including investigative, incident response and breach response services into a single solution. An external cybersecurity platform needs to provide continuous visibility into an organization’s public attack surface and threat environment, continuous monitoring and protection, and the ability to take action to prevent attacks, limit exposure, remediate an incident, and disrupt an adversary. We believe protecting organizations from external threats, requires comprehensive response capabilities including investigative, incident response, and breach response services.

2


 

Our Solutions

We provide external cybersecurity solutions to customers around the world. Customers rely on us to address important cybersecurity problems and challenges that they face today and look for our guidance regarding the problems they will face tomorrow. Our Platform is a cloud-native enterprise software-as-a-service application focused on providing external cybersecurity teams with comprehensive solutions to address external cybersecurity threats and risks. Our Platform employs continuous digital identification and detection, comprehensive threat intelligence and persistent adversary disruption to support a wide variety of cybersecurity use cases that address pervasive business challenges. Our customers’ adoption of the ZeroFox Platform often begins with the purchase of one or two core components and grows over time. Our Platform currently provides key capabilities across four strategic platform pillars: ZeroFox Protection, ZeroFox Intelligence, ZeroFox Disruption, and ZeroFox Response.

ZeroFox Protection: Powered by proprietary artificial intelligence, ZeroFox Protection gives customers real-time asset and vulnerability awareness of their external-facing internet accessible digital footprint and enables organizations to configure protective capabilities to continuously protect their external assets.

ZeroFox Protection provides technical capabilities to execute continuous attack surface identification and detection, which empowers the customer to gain an up-to-date picture of its internet accessible digital footprint. The digital presence typically includes social media accounts, collaboration platform accounts, domains, and internet-facing infrastructure, such as port, data, content, and images.

Domains: continuous monitoring of newly registered or observed domains related to the customer's brands and continuous analysis of domains for malicious indicators is required to ensure capturing the domain when it is hosting malicious content, code, or payloads.
Digital Platform Accounts: a catalog of owned digital accounts for brands, executives, individuals, locations, and products to adequately secure assets.
Internet-accessible Infrastructure: ensures the mapping of the external internet facing infrastructure, externally-accessible networks and digital infrastructure components.
Public, Private, and Proprietary Data, Content, and Images: the collection and analysis of data, content, images, and other information anywhere sensitive public, private, and proprietary information may reside on the internet to secure the customer’s enterprise.

ZeroFox Protection’s digital risk protection capabilities cast a digital net around owned assets across the internet including digital representations for the customer’s brands, identities, systems, executives, accounts, domains, and mobile applications to secure their digital presence against targeted attacks, protect privacy, and decrease fraudulent activity across the internet.

ZeroFox Protection's capabilities include:

Brand Protection: the intelligent identification of threats to brands to decrease the reach and efficacy of attacks.
Domain Protection: the continuous scanning of the internet for malicious and infringing domains to decrease the risk of impersonating domains, phishing websites, and malicious URLs.
Social Media Protection: the continuous monitoring of regional and global social media sites to detect malicious content and fraudulent profiles.

3


 

Executive Protection: the enabling of comprehensive control and protection for an executive’s digital footprint to ensure it is free of impersonations, sensitive data leakage, and other cyber risks.
Location Protection: continuous monitoring of the external threat environment to detect potential threats to physical locations.
Dark Web Monitoring: continuous monitoring of the criminal underground and dark web to detect early warning signs of potential threats, compromised credentials for sale, and sensitive data leakage.

ZeroFox Intelligence: ZeroFox Intelligence provides customers with a broad array of global threat intelligence solutions that assist with predicting emerging new threat vectors. We provide threat intelligence solutions that enable customers to directly search across our data lake of global threat indicators, tactics, adversary intelligence, exploits, and vulnerabilities. Additionally, customers can request advanced cyber-criminal investigations or engagement, or customers can directly integrate data into their existing security tools to improve prevention, detection, investigations, and response efforts.

ZeroFox Intelligence's capabilities include:

Intelligence Search: direct access to the ZeroFox data lake to search in real-time strategic, operational, and tactical global threat intelligence.
Dark Ops Engagement: our multilingual research and intelligence team allows for embedded interaction across deep and dark web forums as a specialized capability that can be leveraged for advanced adversary investigation and disruption. This capability also allows us to use advanced tradecraft for human intelligence collection from hard-to-reach underground communities that then feeds into our Platform for additional context, analysis, and alerts.
Intelligence Feeds: aggregated data of intelligence collections across the internet to ingest relevant threats and indicators of compromise findings into a customer’s technology stack.
On-Demand Investigations: leverage ZeroFox’s intelligence team to conduct research and investigations targeted at specific organizational needs like persons of interest, executive threats, attack surface, and geopolitical incidents.
Dedicated Analysts: supplement internal security teams with a dedicated threat intelligence analyst.

ZeroFox Disruption: ZeroFox Disruption leverages our Platform to report, block, and take down an attack’s core components across the internet. Disrupting threats often takes a significant amount of time and cost to comprehensively identify and then remove from the internet. We support customers by decreasing this significant cost through automation and leveraging technology-enabled solutions to report, block, sinkhole, and take down the components of an attack across the internet. By working with our Global Disruption Network, we are able to block and redirect traffic from malicious and nefarious locations. Our disruption capabilities also provide the ability to remove personally identifiable information from numerous data broker sites to disrupt phishing, social engineering attacks, doxxing, swatting, and impersonation attacks.

ZeroFox Disruption's capabilities include:

Takedowns: a comprehensive, scalable, managed takedown service that removes offending or sensitive content on the customer’s behalf across social networks, mobile app stores, domains, data broker sites, and others with automated request submission.

4


 

Global Disruption Network: distribution of threat indicators to our network of partners, including leading network providers, internet service providers, hosting providers, cloud providers, and content distribution networks, to block internet traffic from navigating to malicious locations across the web.

ZeroFox Response: ZeroFox Response enables organizations to provide the required 24x7 level of support necessary to quickly respond to cyber incidents including external attacks, data loss or exfiltration, ransomware, and potential breaches. With the global increase in computer generated information and data that is stored in the cloud, nearly every organization is more vulnerable to some level of external cyber threats and risk. These threats and risks are often exploited by persistent, malicious actors and criminals around the world, resulting in breaches, other types of disruption, or compromise of varying intensity and scale.

ZeroFox Response includes incident response services as well as a comprehensive data breach notification and response solution as a managed service for the breached enterprise. Our breach response solution is designed to comply with federal and state privacy and data breach notification laws and regulations in order to reduce overall risks to the breached enterprise. ZeroFox Response enables our customers to reduce overall enterprise risk by responding to these situations responsibly, in a timely manner, and in compliance with regulatory requirements.

ZeroFox Response's capabilities includes:

Breach Notifications: in coordination with outside counsel and cyber insurers, our breach response service provides a dedicated project manager in order to ensure breach notification, information website, communications with the affected individuals, as well as enrollment in our SaaS solution that provides identity and privacy protection to the affected population.
Identity and Privacy Services: in addition to providing response services, regulated enterprises are often required to provide ongoing protection services to compromised individuals to address their risks of harm. Our platform provides software to detect and address these risks, combined with complementary concierge-style services.
Incident Response and Digital Forensics: leverage ZeroFox incident response experts to investigate and rapidly respond to security incidents.

Our Platform

The ZeroFox Platform is powered by patented artificial intelligence capabilities and is built on a modern, cloud-native technology architecture that supports our core capabilities and solutions. Our engineering teams, which are aligned by scrum development methodology, deploy code updates and improvements to our Platform on a continual delivery basis. Our customers and partners can easily use and implement integrations to our Platform with other vendors. This integrated ecosystem, which is built on top of our Platform APIs, enables us to extend an organization’s technology investment in ZeroFox, thereby maximizing our customers’ investments in other cybersecurity categories such as endpoint, network, identity, security event management, security orchestration and automation, and IT service management. Our App Library has hundreds of connected applications, or “apps”, that allow our customers to integrate our Platform into their operational and security processes. We also provide our Platform capabilities to customers via enterprise mobile apps available from the Google Play and Apple App Stores.

5


 

The ZeroFox Platform’s transparent, artificial-intelligence-powered, engine curates content and distills the most critical issues of open source intelligence. We also leverage our research analysts to provide context and review of additional platforms, forums, and marketplaces to create a complete view of the threat landscape. Our customers’ cybersecurity teams utilize this intelligence to make informed decisions regarding remediation actions.

The patented, artificial-intelligence-powered engines in the ZeroFox Platform enable automation and analysis-at-scale in several key areas. The ZeroFox Platform has implemented artificial intelligence capabilities in machine learning, natural language processing, computer vision, and deep learning. An example of our computer vision capabilities includes embedded image identification where we can train our algorithms to find images within images. This is particularly useful when looking for objects like company logos and credit cards. An additional example of our approach and implementation of advanced optical character recognition (OCR) enables us to extract characters and words regardless of language from images for further automated computer analysis. Our modular approach to artificial intelligence design and implementation has enabled us to use our components individually or in combination with each other to help address external cybersecurity challenges.

We employ a proprietary technology backend and have optimized our Platform to provide a customer-centric turnkey user experience from a customer’s initial onboarding and configuration to ongoing use, reporting, analytics, and maintenance. Our platform can be quickly configured, effectively optimizing our customer’s experience by minimizing their time-to-value and time to implement enhanced security controls.

Our around-the-clock OnWatch managed security team strives to become a natural extension of our customer’s security operations center. The ZeroFox Platform is coupled with internal runbook integrations and workflows that enable global reach, response, and capacity. OnWatch teams are deployed in locations around the world to provide customers a prompt operational experience regardless of the time of day or night.

We have extended the ZeroFox App Library to integrate our Platform with the essential vendors within an organization’s security and information technology tech stack. These integrations add value to our customers by providing enhanced visibility and threat intelligence context.

We expanded the capabilities of our Platform with the acquisition of IDX in August 2022. The integration of IDX’s breach response solutions to our Platform provides a holistic offering to meet the growing demand for identity monitoring and breach response services.

Growth Strategy

We deliver exceptional and innovative external cybersecurity solutions that prioritize customer satisfaction and business resiliency. Embracing these priorities, we are pursuing the following growth strategies:

Drive new customer acquisition. We believe that the market for external cybersecurity solutions is still emerging and that there is a significant opportunity to acquire new customers. We plan to drive new customer acquisition by continuing to expand our sales capacity, strengthening and expanding our channel partner relationships, and continuing to invest in marketing.

 

6


 

Increase adoption and platform usage by current customers. We believe we have significant opportunities to expand our relationships with existing customers, including identifying and pursuing cross-sell opportunities with IDX customers. We plan to grow our business with existing customers by having them expand the use of our Platform to protect more assets and by having them adopt additional platform modules and services to address additional external cybersecurity use cases and security pain points.
Continue to innovate, enhance and expand our Platform. We plan to continue to invest heavily in innovation to enhance and expand the capabilities of our Platform. We believe that expanding the capabilities of our Platform will further increase the value we provide to our customers and provide additional growth opportunities.
Expand high margin business. We intend to focus on and continue to grow our higher margin enterprise platform subscription business in industry verticals that are experiencing the highest rates of cyberattacks.
Expand relationships with partners. We also intend to continue to build our relationships with our channel partners, including Value-Added Resellers (VARs), Original Equipment Manufacturers (OEMs), distribution partners, cyber insurers, and breach response partners.
Expand our global footprint. We intend to continue to grow our international customer base by increasing our investments in our international go-to-market efforts, operations, partners, and delivery capabilities.
Expand our total addressable market through strategic acquisitions. We intend to complement our organic growth investments with strategic acquisitions in complementary technologies and markets to successfully execute on our long-term vision and platform strategy. We have proven our capability to identify, acquire, and integrate targets to expand our total addressable market, enhance our solution offering, and accelerate our growth.

Our Customers

As of January 31, 2024, we had over 1,300 subscription customers. We have key reference customers in many industry verticals including education, energy, entertainment, financial services, government healthcare, media, retail, services, and technology that we believe validate our solutions in the market. Our customers range from small and medium-sized organizations to Fortune 500 companies.

We have a single government customer that accounted for 35% of our revenue for fiscal year 2024. Excluding this customer, no single customer accounted for more than 5% percent of our revenue for fiscal year 2024.

Sales and Marketing

Our sales team is bifurcated into two sub-organizations: a new customer acquisition team and a customer success team. These teams are further structured into named-account sales teams that focus on targeted customer verticals, regions, and customer size. Most of our current business is in North America and as such, the team structure is proportionate in size and focus to the geographic distribution of our existing customer base. Members of the account management team are focused on creating successful customer outcomes, renewing customer subscriptions, and expanding platform adoption to drive customer upsell values.

7


 

In alignment with our corporate strategy, we are a channel-first organization. Our go-to-market strategy leverages our partner community to reach our desired customer cohorts. In North America, we generally rely on a single tier, value-added reseller and partner community. In other regions, we may employ a two-tiered approach by leveraging a network of distributors who then manage the various channel partners within desired territories or regions.

Our comprehensive marketing strategy focuses on an inbound marketing model designed to efficiently deliver high contact-to-opportunity conversion rates and pipeline velocity. We execute field, partner, and demand programs to drive ongoing engagement with prospects and leverage our sales development organization to mature those engagements into sales pipeline opportunities. Once prospects become customers, we continue engagement with solution-oriented content created by ZeroFox experts and executives through numerous collaboration channels designed to drive increased customer revenue and optimize our customers’ long-term value. Additionally, we conduct webinars and podcasts, participate in cybersecurity industry events, and utilize our product marketing team to drive market awareness through thought leadership. The sophistication and experience of the ZeroFox threat intelligence enables us to package our thought leadership into daily and weekly threat intelligence reports, quarterly threat landscape reports, and annual threat reports. Other tactics leveraged to maximize inbound traffic include paid media, content syndication, social media, outbound campaigns, public relations, and remarketing advertising. These tactics frequently rely on the ZeroFox website to drive awareness, education, and opportunity conversion on the ZeroFox Platform’s broad set of artificial intelligence capabilities. Furthermore, the website has been optimized to assist with lead conversion in mobile, tablet, and traditional desktop engagements. Marketing automation workflows continuously engage prospects throughout the buyers’ journey with thought leadership and solution-centric content to advance their understanding of our Platform's value proposition.

Our global field and partner marketing strategy is designed to maximize the leverage of partner ecosystems and build brand engagement at regional and territory levels to drive and accelerate pipeline growth. We have strong participation in many prominent cybersecurity conferences and trade shows across many global geographies to expand our brand reach. In alignment with our sales approach, we have a channel-first sales and marketing strategy. We utilize technology-enabled communication and collaboration with partners at all sales lifecycle stages, from demand generation through technical validation and close. We believe that we have a state-of-the-art partner portal that allows global partners to take advantage of all aspects of our marketing strategy and content. The content on the partner portal provides partners with accelerated readiness through rapid product innovations to drive demand within their customer base and ensures their sales and technical teams are familiar with the latest capabilities of our Platform.

Research and Development

We devote significant resources to improve and enhance our solutions and maintain the effectiveness of our Platform. We work closely with our customers to gain valuable insights into their threat environments and security management practices to assist in designing new solutions and features that extend the capabilities of our Platform. Our engineering staff monitors and tests our software on a regular basis. We maintain a continuous integration and continuous delivery release framework to update and enhance our Platform and its modular capabilities. We can seamlessly deploy real-time upgrades with no downtime by leveraging our on-demand platform model.

8


 

Competition

The market for external cybersecurity solutions is competitive and characterized by rapid changes in technology, customer requirements, industry standards, and by frequent new product and service offerings and improvements. We see competition from the following categories:

digital risk protection and threat intelligence providers such as Forta (through its acquisition of Phishlabs), Mimecast, Proofpoint, Recorded Future, Bolster, and Reliaquest (through its acquisition of Digital Shadows) who primarily focus on select niche sub-sector categories within security;
broad infrastructure security vendors such as CrowdStrike, Fortinet, Palo Alto Networks, and Rapid7 (through its acquisition of IntSights), who are supplementing their traditional endpoint or network security solutions with threat intelligence solutions;
broad technology providers, such as Google and Microsoft that continue to invest in adding cybersecurity capabilities to their offerings;
data breach response services providers, such as Experian, Kroll, and Transunion, that have dedicated units focused on data breach response service offerings;
identity and privacy identity protection providers such as NortonLifeLock, Experian, and Transunion who are focusing on driving consumer awareness and adoption of credit-related protection services; and
managed security service and system integrator solution providers such as Secureworks (formerly Dell Secureworks), IBM, and Accenture who are using people to augment their combined technology offerings.

We believe that our external cybersecurity solutions offer advantages as compared to products offered by our competitors based on the following factors:

ability of our Platform to address the entire external cybersecurity lifecycle with protection, intelligence, adversary disruption, and response associated with cyberattacks and incursions;
ability of our artificial-intelligence powered platform and human threat intelligence team to acquire global data sets at scale on behalf of our customers;
ability of our Platform and related service capabilities to assist our customers from the discovery of a potential cyber breach through notification and protection of the enterprise by ensuring compliance with federal and state privacy and breach response laws and regulations, as well as the risks of harm to those individuals impacted by the breach and compromise of personal information;
ability of our Platform to leverage artificial intelligence to analyze data efficiently and effectively at scale to help customers achieve a wide variety of security protections;
ability of our Platform’s App Library integrations to drive enhanced value to customers through partner technology workflow automation and enhanced data contextualization;
ability of our Platform to drive in-platform policy orchestration enabling customers to automate ZeroFox-centric workflows; and
ability of our Platform to provide full adversary kill chain disruption capabilities by automating the process for removal of malicious or infringing content and providing the ability to coordinate and/or integrate with several partners to disrupt cyberattacks.

9


 

Intellectual Property

The intellectual property rights we hold are a foundational asset in our portfolio and are core to our long-term strategy to create stockholder value. We rely on intellectual property protection under law (patents, trademarks, copyrights, and trade secrets) and leverage our rights through various agreements, including license agreements, confidentiality and non-disclosure agreements, employee non-disclosure, and assignment of inventions agreements. We believe all these intellectual property rights enable us to be a leading provider of innovative, cloud-based external cybersecurity solutions. We attract both customers and employee talent from our market leadership position in innovation.

From inception, we anchored our business’ value proposition to the rapid creation of intellectual property; today this objective remains central to our Platform, capabilities, technology, service offerings and go-to-market strategy. Since then, we have ambitiously expanded our intellectual property portfolio by creating new inventions, tradecraft, and proprietary know-how stemming from our operational experience and research and development efforts.

The Company's subsidiaries collectively have 72 issued patents and 9 pending patent applications. These patents relate to a range of technologies and innovations including digital risk protection, threat intelligence, attack surface identification, cyber threat monitoring, breach response and privacy protection. The active patents are expected to expire between 2029 and 2042. We also own dozens of trademark registrations throughout the world and numerous registered domain names for websites that we use in our business, such as www.zerofox.com.

We will continue to invest in the innovation and development of our intellectual property portfolio through business acquisitions, technology alliance and strategic licensing relationships, and ongoing research and development. Our intellectual property rights will be at risk because invalidation, circumvention and third-party intellectual property claims, and litigation remain possible. In addition, our industry is competitive so the intellectual property created by our competitors could limit the adoption of our technologies and products.

We believe competitors may try to develop products that are similar to ours and that they may infringe our intellectual property rights. Competitors or other third parties may also claim that our Platform and other solutions infringe their intellectual property rights. Third parties may in the future assert claims of infringement, misappropriation, and other violations of intellectual property rights against us or our customers, with whom our agreements may obligate us to indemnify against these claims.

Despite our best efforts to protect and aggressively expand our intellectual property rights, there is always the potential that they may not be respected in the future or may be invalidated, circumvented, or challenged. The cybersecurity industry is characterized by the existence of a large and expanding number of patents and frequent claims and related litigation based on allegations of patent infringement or other violations of intellectual property rights. We believe our approach to constantly invest in intellectual property is a meaningful component of our corporate strategy to mitigate intellectual property risk and liability. As an organization, we may elect to protect our intellectual property rights and challenge our competitor’s infringing use of such rights. Successful claims of infringement by a third party could prevent us from offering certain products or features, require us to develop alternate, non-infringing technology, which could require time and during which we could be unable to continue to offer our affected products or solutions, require us to obtain a license, which may not be available on reasonable terms or at all, or force us to pay damages, royalties, or other fees.

For additional information, see the section titled “Risk Factors-Risks Related to Legal and Regulatory Matters.”

10


 

Backlog

We enter into both single and multi-year subscription contracts for our solutions. We generally invoice the entire amount at contract signing prior to commencement of the subscription period. Until such time as these amounts are invoiced, they are not recorded in deferred revenue or elsewhere in our consolidated financial statements and are considered backlog. As of January 31, 2024, we had $86.8 million in total deferred revenue, which excluded backlog of approximately $76.5 million. Of this amount, approximately $64.0 million is expected to be billed in fiscal year 2025. We expect backlog will change from period to period for several reasons, including the timing and duration of customer agreements, varying billing cycles of subscription agreements, and the timing and duration of customer renewals. Because revenue for any period is a function of revenue recognized from deferred revenue under contracts in existence at the beginning of the period, as well as new and renewing contracts during the period, backlog at the beginning of any period is not necessarily indicative of future revenue performance.

Human Capital

As of January 31, 2024, we employed 914 employees and 13 contractors. Our workforce is geographically distributed across the United States and various other locations around the world. None of our current employees are represented by a labor union and we have not experienced work stoppages. We consider our employee relations to be in good standing. We value our employees as a meaningful asset to our Company.

Attracting, Retaining, and Developing Talent

Our people team designs and implements key initiatives and employs business-driven human resources programs to recruit, hire, empower, develop, assess, and retain industry talent. First, we aim to build an effective team by leveraging our global footprint to find the right people, in the right geographies and place them into the right roles. Next, we empower employees to take ownership in their work while providing them with the tools, resources, and time to do their jobs well. We invest in our staff, offering coaching, training, and other support to develop short and long-term skills and provide them with opportunities for career growth. Our semi-annual performance management cycle, which is purposefully decoupled from compensation discussions to encourage non-biased dialogue, encompasses both look back and look ahead elements to celebrate success, make improvements, and develop competencies to address future business needs.

Diversity and Inclusion

Our corporate culture is built on the goal of creating a diverse and inclusive environment where employees’ unique opinions and feedback are respected, desired, and acted upon. As a team, employees constantly collaborate and work together to set policy, communicate openly, and drive an environment of transparency. For example, we frequently have global town hall meetings where the agenda is set by employees, hosted by employees that volunteer to emcee each event, and where multiple regions and business units share their achievements and successes.

Each global town hall has a segment referred to as "Fellow Foxes", where employees have the opportunity to thank and recognize their peers anonymously or openly in front of the entire company. It is not uncommon to see dozens of Fellow Foxes recognized in a single town hall; Fellow Foxes love to work hard and recognize their teammates.

11


 

The Fellow Foxes practice is an example of the framework and value system that has been built to recognize and reward employees based upon meritocracy. We believe that most talent not only wants to be listened to but also challenged and rewarded where they can rise to their full potential and deliver their top performance in a healthy, fun work environment. Our workforce’s ability to execute relentlessly in pursuit of company objectives is both a primary differentiator and a critical component contributing to our success.

To ensure that we retain a highly capable workforce that represents a variety of diverse backgrounds and complies with contractual obligations and local compliance regulations, we regularly benchmark our program against industry standards, diversity objectives, and key employee drivers.

Employee Health & Safety / COVID-19

We are committed to protecting the physical well-being of our employees, families, and customers. To address the evolving complexities introduced by COVID-19, we have taken and will continue to take multiple steps to promote safety, realign workforce planning strategy, and support employee needs while continuing to drive customer satisfaction. We regularly review and update our health and safety plan based on guidelines, rules and capabilities issued by local, regional, and countrywide healthcare organizations. At present, a large majority of employees work from home. In select geographies some employees can optionally work out of a local office in a hybrid environment, and there is another group of employees that work primarily in the office. Concurrently, we have used a phased approach that entails re-classifying ongoing work locations across all roles and implementing a flexible hybrid work model where appropriate.

While onsite, we have protocols in place to help keep employees, customers, and other visitors safe. We exercise an abundance of caution where safety is concerned and are ultimately prepared, resourced and equipped to exceed customer expectations, whether working onsite or remote.

Government Regulation

As a provider of external cybersecurity solutions, our business is subject to a variety of domestic and international laws and regulations relating to the collection, use, retention, protection, transfer, and processing of business data, personal data, and other sensitive information. Certain aspects of our offerings may involve access to and use of personally identifiable information and other sensitive data. The nature of cybersecurity products, identity offerings, and related services requires the collection of various types of data. In the operation of our business, we may collect the types of data covered by these laws and regulations including personally identifiable information, information about an individual’s health and financial information about individuals. To the extent we are in possession of such data and these various laws and regulations are determined to apply to us, this could require us to adopt additional operational, technological and security measures to protect and manage such information which could increase our costs of operations. Our failure to comply with such laws and regulations could also result in monetary fines and damage to our reputation which would have a negative impact on our business. These laws and regulations include, but are not limited to, GDPR, CCPA, CPRA, the Electronic Communication Privacy Act (“ECPA”), Computer Fraud and Abuse Act (“CFAA”), the Gramm-Leach-Bliley Act (“GBLA”), and the HIPAA/HITECH Act. In addition to these, other laws and regulations relating to cloud computing, cross-border data transfer restrictions, data collection and data localization may apply to our business as we expand outside of the U.S. market.

Our business is also subject to laws relating to import and export control such as U.S. export licensing requirements, trade and economic sanctions administered by the U.S. Office of Foreign Assets Control and anti-bribery laws such as the FCPA and the U.K. Anti-Bribery Act.

12


 

We believe that we are in material compliance with the laws and regulations that are applicable to us.

Many of these laws and regulations, such as those related to data protection and privacy, are frequently being revised and new laws in different jurisdictions are being adopted. Therefore, we must continually evolve our business practices to satisfy these regulatory obligations. We have policies and procedures that we rely on to satisfy these requirements and are transparent with our customers regarding our business practices, product features, and types of data that are collected when a customer uses our security solutions. In addition to the existing regulatory framework applicable to our business, some governments are considering whether to take a more active role in regulating the cybersecurity industry and, in the U.S., there are efforts to have the federal government regulate digital platform companies. New regulations in these two areas could impact our go-to-market model. Therefore, we keep abreast of these potential changes and how they may impact our business.

See the section titled “Risk Factors” for additional information about the laws and regulations we are subject to and the risks of our business associated with such laws and regulations.

Corporate Information

ZeroFox Holdings, Inc. is a holding company incorporated in the state of Delaware. ZeroFox Holdings, Inc. was formerly known as L&F Acquisition Corp. (L&F) and was a blank check, Cayman Islands exempted company, incorporated on August 20, 2020. The Company conducts its business through its wholly-owned, consolidated subsidiaries, primarily ZeroFox, Inc. and Identity Theft Guard Solutions, Inc., and Lookingglass Cyber Solutions, Inc.

On August 3, 2022, L&F, ZeroFox, Inc., and ID Experts Holdings, Inc. (IDX), consummated the Business Combination as contemplated by the Business Combination Agreement, dated as of December 17, 2021. In connection with the finalization of the Business Combination, L&F changed its name to ZeroFox Holdings, Inc. and changed its jurisdiction of incorporation from the Cayman Islands to the state of Delaware and changed its fiscal year end to January 31.

On April 21, 2023, the Company completed the acquisition of Lookingglass Cyber Solutions, Inc. ("LookingGlass"), a privately-held software company.

Our principal executive offices are located at 1834 S. Charles Street, Baltimore, Maryland 21230, and our telephone number is (855) 936-9369. Our website is www.zerofox.com. The information found on or that can be accessed from or that is hyperlinked to our website is not part of this Annual Report on Form 10-K.

Available Information

Our Annual Report on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, and amendments to these reports are filed with the SEC pursuant to Sections 13(a) and 15(d) of the Securities Exchange Act of 1934 (the Exchange Act). Such reports and other information filed or furnished by us with the SEC are available free of charge on our website at https://ir.zerofox.com/ as soon as reasonably practicable after we file such material with, or furnish it to, the SEC. The SEC maintains a website that contains the materials we file with or furnish to the SEC at www.sec.gov.

13


 

Investors and other interested parties should note that we use our media and investor relations website and our social media channels to publish important information about us, including information that may be deemed material to investors. We encourage investors and other interested parties to review the information we may publish through our media and investor relations website and the social media channels listed on our media and investor relations website, in addition to our SEC filings, press releases, conference calls, and webcasts.

ITEM 1A. RISK FACTORS

Investing in our securities involves a high degree of risk. Before making an investment decision, you should consider carefully the risks and uncertainties described below. Our business, operating results, financial condition, and prospects could also be harmed by risks and uncertainties not currently known to us or that we currently do not believe are material. If any of the risks actually occur, our business, operating results, financial condition, and prospects could be adversely affected. In that event, the market price of our Common Stock and Warrants could decline, and you could lose part or all of your investment.

Summary of Risk Factors

Our business is subject to numerous risks and uncertainties, including those outside of our control, that could cause our actual results to be harmed. These risks include the following:

Failure to complete, or delays in completing, the proposed Merger with Parent and Merger Sub announced on February 6, 2024 and disruptions in our business caused by the proposed Merger could materially and adversely affect or results of operations, business, financial results, and stock price.
We cannot be sure if or when the Merger will completed.
Lawsuits may be filed against us and the members of our Board arising out of the proposed Merger, which delay or prevent the proposed Merger.
Defects, errors, or vulnerabilities in our Platform, the failure of our Platform to block malware or prevent a security breach, misuse of our Platform, or risks of product liability claims would harm our reputation and adversely impact our business, operating results, and financial condition.
If our enterprise platform offerings do not interoperate with our customers’ network and security infrastructure, or with third-party products, websites or services, our results of operations may be harmed.
We may not timely and cost-effectively scale and adapt our existing technology to meet our customers’ performance and other requirements.
Our success depends, in part, on the integrity and scalability of our systems and infrastructure. System interruption and the lack of integration, redundancy and scalability in these systems and infrastructure may adversely affect our business, financial condition, and results of operations.
We (including the Predecessor and the Successor) have a history of losses and we may not be able to achieve or sustain profitability in the future.
If organizations do not adopt external cybersecurity solutions that may be based on new and untested security concepts, our ability to grow our business and results of operations may be adversely affected.

14


 

We face intense competition and could lose market share to our competitors, which could adversely affect our business, financial condition, and results of operations.
Adverse general and industry-specific economic and market conditions and reductions in customer spending, in either the private or public sector, including as a result of geopolitical uncertainty such as the war in Ukraine and the Israel-Hamas war, may reduce demand for our Platform or products and solutions, which could harm our business, financial condition and results of operations.
We have previously reported material weaknesses in our internal control over financial reporting that have been remediated, but if we fail to properly manage our internal control over financial reporting on a go forward basis, future material weaknesses could be identified that could result in a material misstatement in our financial statements.
If we fail to adapt to rapid technological change, evolving industry standards and changing customer needs, requirements or preferences, our ability to remain competitive could be impaired.
We rely heavily on the services of our senior management team, and if we are not successful in attracting or retaining senior management personnel, we may not be able to successfully implement our business strategy.
One U.S. government customer accounts for a substantial portion of our revenue. If our relationship with our largest customer is impaired or terminated, our revenue would decline, and our business, financial condition, and results of operations would be adversely affected.
A delay in the completion of the U.S. Government’s budget and appropriation process could delay procurement of solutions we provide and have an adverse effect on our future revenues.
Our issued and outstanding notes may impact our financial results, result in the dilution of our stockholders, create downward pressure on the price of our Common Stock, and restrict our ability to raise additional capital or take advantage of future opportunities.
We may not have the ability to raise the funds necessary to settle conversions of the Convertible Notes in cash, repurchase the Convertible Notes upon a fundamental change or repay the Convertible Notes in cash at their maturity, and our future debt may contain limitations on our ability to pay cash upon conversion, redemption or repurchase of the Convertible Notes.
We may need to raise additional capital to maintain and expand our operations and invest in new solutions, which capital may not be available on terms acceptable to us, or at all, and which could reduce our ability to compete and could harm our business.
The integration of two companies with different organization and compensation structures presents significant management challenges. There can be no assurance that this integration, and the synergies expected to result from that integration, will be achieved as rapidly or to the extent currently anticipated.
We will incur significant increased expenses and administrative burdens as a public company, which could negatively impact our business, financial condition, and results of operations.
Our management has limited experience in operating a public company.

15


 

Risks Related to the Proposed Merger

Failure to complete, or delays in completing, the proposed Merger with affiliates of Haveli Investments or disruptions in our business caused by the proposed Merger could materially and adversely affect our results of operations, business, financial results, and stock price.

On February 6, 2024, we entered into an Agreement and Plan of Merger (the “Haveli Merger Agreement”) with ZI Intermediate II, Inc., a Delaware corporation (“Parent”) and HI Optimus Merger Sub, Inc., a Delaware corporation and a wholly-owned subsidiary of Parent (“Merger Sub”) pursuant to which, if all of the conditions to closing are satisfied or, if permitted, waived, we will become a wholly-owned subsidiary of Parent (the “Merger”). The completion of the Merger is subject to the satisfaction or waiver of certain customary mutual closing conditions set forth in the Haveli Merger Agreement, including (a) the adoption of the Haveli Merger Agreement by the affirmative vote of the holders of a majority of the outstanding shares of Common Stock (the “Company Stockholder Approval”) and (b) the expiration or termination of the applicable waiting period under the Hart-Scott-Rodino Antitrust Improvements Act of 1976, as amended (the “HSR Act”), and receipt of approval, clearance or expiration of the applicable review periods under the United Kingdom’s National Security and Investment Act 2021, as amended (the “NSI Act”). The obligation of each party to consummate the Merger is also conditioned on, among other things, the other party’s representations and warranties being true and correct (subject to certain customary materiality exceptions) and the other party having performed in all material respects its obligations under the Haveli Merger Agreement, and the obligation of Parent to consummate the Merger is additionally conditioned on no material adverse effect on the Company having occurred since the execution of the Haveli Merger Agreement that is continuing. We cannot predict with certainty whether or when the required closing conditions will be satisfied and cannot assure you that we will be able to successfully consummate the proposed Merger as currently contemplated under the Haveli Merger Agreement or at all.

Risks related to the proposed Merger include, but are not limited to, the following:

under some circumstances, we may be required to pay Parent a termination fee of $5,261,750;
we will remain liable for significant expenses, including transaction, professional services and other costs relating to the Merger regardless of whether or not the Merger is consummated;
the attention of our management and employees may have been diverted to the Merger rather than to our own operations and the pursuit of other opportunities that could have been beneficial to us and could continue to be so diverted;
we could be subject to litigation related to the Merger, including with respect to our entry into the Haveli Merger Agreement;
the potential loss of key personnel during the pendency of the Merger as employees and other service providers may experience uncertainty about their future roles with us following completion of the Merger; and
under the Haveli Merger Agreement, we are subject to certain restrictions on the conduct of our business prior to completing the Merger, which restrictions could adversely affect our ability to conduct our business as we otherwise would have done if we were not subject to these restrictions.

16


 

The occurrence of any of these events individually or in combination could materially and adversely affect our results of operations, business and stock price or market price of our warrants.

We cannot be sure if or when the Merger will be completed.

The consummation of the Merger is subject to the satisfaction or waiver of various conditions, including obtaining the Company Stockholder Approval and the receipt of certain required regulatory approvals. We cannot guarantee that the closing conditions set forth in the Haveli Merger Agreement will be satisfied. If we are unable to satisfy the closing conditions or if other closing conditions are not satisfied, Parent will not be obligated to complete the Merger.

Until the Merger is completed, the Haveli Merger Agreement restricts us from taking specified actions without the consent of the other party and generally requires us to operate in the ordinary course of business consistent with past practice. These restrictions may prevent us from making appropriate changes to our business or pursuing attractive business opportunities that may arise prior to the completion of the Merger.

Uncertainty about the Merger may adversely affect our business and our relationships with employees, customers, suppliers and others with whom we do business, and the Merger may disrupt our current plans and operations or divert management’s attention away from ongoing business opportunities and operational matters.

Uncertainty about the completion or effect of the Merger may affect the relationship between us and our employees, clients and suppliers, which may have an adverse effect on our business, financial condition and results of operations. These uncertainties may cause clients, suppliers and others that deal with us to seek to change existing business relationships and to delay or defer decisions concerning us. Changes to existing business relationships, including termination or modification, could negatively affect our revenues, earnings and cash flow, as well as the market price of our common stock or warrants. Parent may terminate the Haveli Merger Agreement under certain circumstances, including if there is a material adverse change in our business. If that were to happen, we may not be entitled to a termination fee under the Haveli Merger Agreement, or the applicable termination fee may be insufficient to compensate us.

In addition, we are dependent on the experience and industry knowledge of our officers, key management personnel and other key employees to operate our business and execute our business plans. Our current and prospective employees may experience uncertainty about their roles following the Merger, which may have an adverse effect on our ability to attract or retain key management personnel and other key employees. Our business could be negatively impacted if key employees depart because of issues related to the uncertainty and difficulty of integration or a desire not to remain with the business if the Merger is not consummated. Adverse effects arising from the pendency of the Merger could be exacerbated by any delays in consummation of the Merger or termination of the Haveli Merger Agreement.

The Haveli Merger Agreement contains provisions that could discourage or deter a potential alternative purchaser that might otherwise have an interest in a business combination with us.

17


 

The Haveli Merger Agreement contains provisions that may discourage a third party from submitting an alternative proposal to us during the pendency of the proposed Merger as well as afterward, should the Merger not be consummated, that might result in greater value to our shareholders than the Merger. These provisions include a prohibition on soliciting or entering into discussions with any third party regarding any alternative proposals, subject to limited exceptions. However, our Board of Directors is permitted to take certain actions that it believes in good faith, after consultation with its advisors, the failure of which to take would reasonably be expected to be inconsistent with its fiduciary duties.

In addition, we may be required to pay to Parent a termination fee in cash equal to $5,261,750 in certain circumstances involving acquisition proposals for competing transactions.

If the Haveli Merger Agreement is terminated and we determine to seek another strategic transaction, we may not be able to negotiate a transaction on terms comparable to, or better than, the terms of the proposed Merger.

Lawsuits may be filed against us and the members of our Board arising out of the proposed Merger, which may delay or prevent the proposed Merger.

Putative stockholder complaints, including stockholder class action complaints, and other complaints may be filed against us, or our Board, and others in connection with the transactions contemplated by the Haveli Merger Agreement. The outcome of litigation is uncertain, and we may not be successful in defending against any such future claims. Lawsuits that may be filed against us, our Board, or against Parent or Merger Sub could delay or prevent the Merger, divert the attention of our management and employees from our day-to-day business and otherwise adversely affect us financially.

Risks Related to Our Technology, Products and Solutions

Defects, errors, or vulnerabilities in our Platform, the failure of our Platform to prevent a security incident, misuse of our Platform, or risks of product liability claims would harm our reputation and adversely impact our business, operating results, and financial condition.

Our Platform provides our customers with the ability to customize a multitude of settings and it is possible that a customer could misconfigure our Platform or otherwise fail to configure our products in an optimal manner. Such defects and misconfigurations of our Platform could cause our Platform to operate at suboptimal efficacy and increase the risk of cyberattacks on our customers. In addition, because the techniques used by computer hackers to access or sabotage target computing environments change frequently and generally are not recognized until launched against a target, there is a risk that an advanced attack could emerge that we do not anticipate and that our Platform is unable to detect or prevent.

18


 

Our Platform is multi-faceted and may be deployed with material defects, software “bugs” or errors that are not detected until after commercial release and deployment to our customers. Errors or defects may be more likely when a product is first introduced or as new versions are released, or when we introduce an acquired company's products. We have experienced these errors or defects in the past in connection with new products, acquired products and product upgrades and we expect that these errors or defects will be found from time to time in the future in new, acquired or enhanced products after commercial release. Defects may cause our products to be vulnerable to attacks and cause them to fail to detect threats. Any errors, defects, disruptions in service or other performance problems with our products may damage our customers’ businesses and could hurt our reputation. If our Platform fails to detect threats for any reason, we may incur significant costs, the attention of our key personnel could be diverted, our customers may delay or withhold payment to us or elect not to renew or other significant customer relations problems may arise. We may also be subject to liability claims for damages related to errors or defects in our products. A material liability claim or other occurrence that harms our reputation or decreases market acceptance of our products may harm our business and operating results. Limitation of liability provisions in our standard terms and conditions and our other agreements may not adequately or effectively protect us from any claims or liabilities related to errors or defects in our solutions.

If our Platform fails to detect threats in our customers’ cybersecurity infrastructure, or if our Platform fails to identify and respond to new and increasingly complex methods of cyber-attacks, our business and reputation may suffer. There is no guarantee that our Platform will detect all cyber threats, especially in light of the rapidly changing security landscape to which we must respond, including the constantly evolving techniques used by attackers to access or sabotage data. If we fail to update our Platform in a timely or effective manner to respond to these threats, our customers could experience security incidents with negative consequences. Many federal, state and foreign governments have enacted laws requiring companies to notify individuals of data security breaches involving their personal data. These mandatory disclosures regarding a security incident often lead to widespread negative publicity, and any association of us with such publicity may cause our customers to lose confidence in the effectiveness of our Platform. An actual or perceived security breach or theft of sensitive data of one of our customers, regardless of whether the breach is attributable to the failure of our Platform, could adversely affect the market’s perception of our offerings and subject us to legal claims.

 

19


 

As a cybersecurity provider, we have been, and expect to continue to be, a target of cyberattacks. If our or our service providers’ internal networks, systems, or data are or are perceived to have been compromised, our reputation may be damaged and our financial results may be negatively affected.

As a well-known provider of external cybersecurity products and solutions, we may in the future be specifically targeted by bad actors for attacks intended to circumvent our security capabilities or to exploit our Platform as an entry point into customers’ endpoints, networks, or systems. The risk of cybersecurity attacks related to political and economic conditions, war, and terrorism may increase, including from retaliatory cybersecurity attacks as a result of Russia’s invasion of Ukraine, the Israel-Hamas War, and related political, economic and counter-responses. In addition, defects or errors in our Platform could result in a failure to effectively alert customers of potential threats. Our data centers and platform may experience technical failures and downtime, may fail to distribute appropriate updates, or may fail to meet the increased requirements of a growing customer base, any of which could temporarily or permanently reduce the efficacy of our solutions and expose our customers to cyber threats. Any of these situations could result in negative publicity to us, damage our reputation, and increase expenses and customer relations issues, which would adversely impact our business, financial condition, and operating results.

Advances in computer capabilities, discoveries of new weaknesses and other developments with software generally used by the internet community may increase the risk we will suffer a security breach. Furthermore, our Platform may fail to detect malware, ransomware, viruses, worms or similar threats for any number of reasons, including our failure to enhance and expand our Platform to reflect industry trends, new technologies and new operating environments, the complexity of the environment of our customers and the sophistication of malware, viruses and other threats. We or our service providers may also suffer security breaches or unauthorized access to personal information, financial account information, and other confidential information due to employee error, rogue employee activity, or unauthorized access by third parties either by mistake or acting with malicious intent. If we experience any breaches of security measures or sabotage or otherwise suffer unauthorized use or disclosure of, or access to, personal information, financial account information or other confidential information, we might be required to expend significant capital and resources to address these problems. We may not be able to remedy any problems caused by hackers or other similar actors in a timely manner, or at all. Any real or perceived defects, errors or vulnerabilities in our Platform, or any other failure of our Platform to detect an advanced threat, could result in:

a loss of existing or potential customers;
delayed or lost revenue and adverse impacts to our business, financial condition, and operating results;
a delay in attaining, or the failure to attain, market acceptance;
the expenditure of significant financial and research and development resources in efforts to analyze, correct, eliminate, or work around errors or defects, and address and eliminate vulnerabilities;
an increase in resources devoted to customer service and support, which could adversely affect our gross margin;
harm to our reputation or brand; and

20


 

claims, litigation, regulatory inquiries, investigations, or enforcement actions, and other claims and liabilities, all of which may result in liabilities to us and be costly and burdensome and further harm our reputation.

If a high-profile cybersecurity incident occurs with respect to another SaaS provider, customers may lose trust in the security of the SaaS business model generally, which could adversely impact our ability to retain existing customers or attract new ones. In the last few years there have been many successful advanced external cybersecurity incidents that have damaged several prominent companies in spite of strong information security measures. We expect that the risks associated with cybersecurity incidents and the costs of preventing such external cybersecurity attacks will continue to increase in the future.

We cannot assure you that any limitation of liability provisions in our customer agreements, contracts with third-party vendors and service providers, or other contracts would be enforceable or adequate or would otherwise protect us from any liabilities or damages with respect to any particular claim relating to a breach of contract, security breach or other security-related matter as a result of federal, state, or local laws or ordinances, or unfavorable judicial decisions in the U.S. or other countries.

While we maintain insurance policies that may cover certain liabilities in connection with a cybersecurity incident, we cannot be certain that our insurance coverage will be adequate for liabilities actually incurred, that insurance will continue to be available to us on commercially reasonable terms, or at all, or that any insurer will not deny coverage as to any future claim. The successful assertion of one or more large claims against us that exceed available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or the imposition of large deductible or co-insurance requirements, could have a material adverse effect on our business, including our financial condition, results of operations and reputation. Even claims that ultimately are unsuccessful could result in our expenditure of significant funds in litigation, divert management’s time and other resources, and harm our reputation.

 

21


 

If our enterprise platform offerings do not interoperate with our customers’ network and security infrastructure, or with third-party products, websites or services, our results of operations may be harmed.

Our enterprise product offerings must interoperate with our customers’ existing network and security infrastructure. These complex systems are developed, delivered, and maintained by the customer, their employees and a myriad of vendors and service providers. As a result, the components of our customers’ infrastructure have different specifications, rapidly evolve, utilize multiple protocol standards, include multiple versions and generations of products and may be highly customized. Our Platform must be able to interoperate with highly complex and customized networks, which requires careful planning and execution between our customers, our customer support teams and our channel partners. Further, when our customers add new or updated elements to their infrastructure, when new usage trends emerge (such as remote work), or new industry standards or protocols are introduced, we may have to update or enhance our Platform and our other solutions to allow us to continue to provide service to customers. Our competitors or other vendors may refuse to work with us to allow their products to interoperate with our solutions, which could make it difficult for our Platform to function properly in customer networks that include these third-party products.

We may not deliver or maintain interoperability quickly, cost-effectively, or at all. These efforts require capital investment and engineering resources. If we fail to maintain compatibility of our Platform and solutions with our customers’ network and security infrastructures, our customers may not be able to fully utilize our products and solutions, and we may, among other consequences, lose or fail to increase our market share and experience reduced demand for our services, which would materially harm our business, operating results, and financial condition.

We may not timely and cost-effectively scale and adapt our existing technology to meet our customers’ performance and other requirements.

Our future growth is dependent upon our ability to continue to meet the needs of new customers and the expanding needs of our existing customers as their use of our products and solutions grow. As our customers gain more experience with our products and solutions, the amount of data transferred, processed and stored by us, the number of locations where our Platform and services are being accessed, have in the past, and may in the future, expand rapidly. In order to meet the performance and other requirements of our customers, we intend to continue to make material investments to increase capacity and to develop and implement new technologies in our service and cloud infrastructure operations. These technologies, which include databases, applications and server optimizations, network and hosting strategies, and automation, are often advanced, complex, new, and untested. We may not be successful in developing or implementing these technologies. In addition, it takes a significant amount of time to plan, develop, and test improvements to our technologies and infrastructure, and we may not be able to accurately forecast demand or predict the results we will realize from such improvements. To the extent that we do not effectively scale our operations to meet the needs of our growing customer base and to maintain performance as our customers expand their use of our products and solutions, we may not be able to grow as quickly as we anticipate, our customers may reduce or cancel use of our solutions and we may be unable to compete as effectively, and our business and results of operations may be harmed.

22


 

Our success depends, in part, on the integrity and scalability of our systems and infrastructure. System interruption and the lack of integration, redundancy, and scalability in these systems and infrastructure may adversely affect our business, financial condition, and results of operations.

Our success depends, in part, on our ability to maintain the integrity of our systems and infrastructure, including websites and related systems. System interruption and a lack of integration and redundancy in our information systems and infrastructure may adversely affect our ability to operate our Platform, respond to customer inquiries, and generally maintain cost-efficient operations. We may experience occasional system interruptions that make some or all systems or data unavailable or prevent us from efficiently providing access to our Platform.

Our ability to introduce new products and solutions and features is dependent on adequate research and development resources and our ability to successfully complete acquisitions. If we do not adequately fund our research and development efforts or complete acquisitions successfully, we may not be able to compete effectively and our business, financial condition, and results of operations may be harmed.

To remain competitive, we must continue to offer new products and solutions and enhancements to our existing platform. This is particularly true as we further expand and diversify our capabilities. Maintaining adequate research and development resources, such as the appropriate personnel and development technology, to meet the demands of the market is essential. We may also choose to expand into a certain market or strategy via an acquisition for which we could potentially pay too much or fail to successfully integrate into our operations.

Further, many of our competitors expend a considerably greater amount of funds on their respective research and development programs, and those that do not may be acquired by larger companies that would allocate greater resources to our competitors’ research and development programs. Our failure to maintain adequate research and development resources or to compete effectively with the research and development programs of our competitors would give an advantage to such competitors and our business, financial condition, and results of operations could be adversely affected. Moreover, there is no assurance that our research and development or acquisition efforts will successfully anticipate market needs and result in significant new marketable solutions or enhancements to our existing platform and solutions, design improvements, cost savings, revenue, or other expected benefits. If we are unable to generate an adequate return on such investments, we may not be able to compete effectively and our business, financial condition, and results of operations may be materially and adversely affected.

We rely on third-party cloud providers to host and operate our Platform, and any disruption of or interference with our use of these facilities or technologies may negatively affect our ability to maintain the performance and reliability of our Platform which could cause our business to suffer.

23


 

Our customers depend on the continuous availability of our Platform. We currently host our Platform and serve our customers using a mix of third-party cloud providers. Consequently, we may be subject to service disruptions as well as failures to provide adequate support for reasons that are outside of our direct control. We have experienced and expect that in the future we may experience interruptions, delays, and outages in service and availability from time to time due to a variety of factors, including infrastructure changes, human or software errors, website hosting disruptions, and capacity constraints.

The following factors, many of which are beyond our control, can affect the delivery, platform availability, and the performance of our products:

the development and maintenance of the infrastructure of the internet;
the performance and availability of third-party providers of cloud infrastructure services, with the necessary speed, data capacity and security for providing reliable internet access and services;
decisions by the owners and operators of service providers where our cloud infrastructure is deployed to terminate our contracts, discontinue services to us, shut down operations or facilities, increase prices, change service levels, limit bandwidth, declare bankruptcy or prioritize the traffic of other parties;
physical or electronic break-ins, acts of war or terrorism, human error or interference (including by disgruntled employees, former employees or contractors) and other catastrophic events;
external cyberattacks, including denial of service attacks, targeted at us or the infrastructure of the internet;
failure by us to maintain and update our cloud infrastructure to meet our data capacity requirements;
errors, defects or performance problems in our software, including third-party software incorporated in our software;
improper deployment or configuration of our solutions;
the failure of our redundancy systems, in the event of a service disruption at one of our data centers, to provide failover to other data centers in our data center network;
the failure of our disaster recovery and business continuity arrangements; and
availability to acquire and source data.

24


 

The adverse effects of any service interruptions on our reputation, results of operations, and financial condition may be disproportionately heightened due to the nature of our business and the fact that our customers have a low tolerance for interruptions of any duration. Interruptions or failures in our service delivery could result in a cyberattack or other security threat to our customers during such periods of interruption or failure. Additionally, interruptions or failures in our service could cause customers to terminate their subscriptions with us, adversely affect our renewal rates, and harm our ability to attract new customers. Our business would also be harmed if our customers believe that a cloud-based SaaS-delivered security solution is unreliable. We have experienced, and may in the future experience, service interruptions and other performance problems due to a variety of factors. The occurrence of any of these factors, or if we are unable to rapidly and cost-effectively fix such errors or other problems that may be identified, could damage our reputation, negatively affect our relationship with our customers or otherwise harm our business, results of operations, and financial condition.

In addition, because of the importance of cloud services to our business and our cloud providers’ positions in the cloud-based server industry, any renegotiation or renewal of our agreements may be on terms that are significantly less favorable to us than our current agreements. If our cloud-based server costs were to increase, our business, results of operations, and financial condition may be adversely affected. Although we expect that we could receive similar services from other cloud providers, if any of our arrangements with our cloud providers are terminated, we could experience interruptions on our Platform and in our ability to make our products and solutions available to customers, as well as delays and additional expenses in arranging alternative cloud infrastructure services. Ongoing improvements to cloud infrastructure may be more expensive than we anticipate and may not yield the expected savings in operating costs or the expected performance benefits. In addition, we may be required to re-invest any cost savings achieved from prior cloud infrastructure improvements in future infrastructure projects to maintain the levels of service required by our customers. We may not be able to maintain or achieve cost savings from our investments, which could harm our financial results.

 

25


 

We rely on data, software and services from other parties. Defects in or the loss of access to software or services from third parties could increase our costs and adversely affect the quality of our solutions.

We rely on third-party computer systems, broadband and other communications systems and service and data providers to provide customers with access to our Platform. Any interruptions, outages or delays in our systems, infrastructure or business, or the systems, infrastructure, or business of such third parties, or deterioration in the performance of these systems and infrastructure, could impair our ability to provide access to our Platform. Our business would be disrupted if any of the third-party software, data or services we utilize, particularly with respect to third-party software, data or services embedded in our solutions, or functional equivalents thereof, were unavailable due to extended outages or interruptions or because they are no longer available on commercially reasonable terms or prices or at all.

In each case, we would be required to either seek licenses to software, data or services from other parties and redesign our solutions to function with such other parties’ software, data or services or develop these components ourselves, which would result in increased costs and could result in delays in our solution and solution package launches and the release of new solution and solution package offerings until equivalent technology can be identified, licensed or developed, and integrated into our solutions. Furthermore, we might be forced to limit the features available in our current or future solutions. If these delays and feature limitations occur, our business, results of operations, and financial condition could be adversely affected.

Risk Factors Related to our Business and Industry

ZeroFox has a history of losses and we may not be able to achieve or sustain profitability in the future.

The Predecessor incurred net losses in all periods since its inception, including net losses of $38.4 million, $22.7 million, and $22.7 million for fiscal 2022, 2021, and 2020, respectively. The Successor experienced a net loss of $720.6 million for the Successor Period and $356.3 million for the year ended January 31, 2024. As of January 31, 2024, ZeroFox had an accumulated deficit of $1.1 billion. Following the Business Combination, we cannot predict when or whether we will reach or maintain profitability. We also expect that our operating expenses will increase over our historical expenses in the future as we continue to invest for future growth, including expanding our research and development activities to enhance our Platform, expanding our sales and marketing activities and reaching customers in new geographic locations, which will negatively affect our operating results if our total revenue does not increase. We cannot assure you that these investments will result in substantial increases in our revenue or improvements in our operating results. In addition to the anticipated costs to grow our business, we also expect to incur significant additional legal, accounting, and other expenses as a newly public operating company. Any failure to increase our revenue as we invest in our business or to manage our costs could prevent us from achieving or maintaining profitability.

 

26


 

If we are not able to maintain and enhance our brand and our reputation as a provider of external cybersecurity products and solutions, our business and results of operations may be adversely affected.

We believe that maintaining and enhancing our brand and our reputation as a provider of external cybersecurity products and solutions is critical to our relationship with existing customers, channel partners, and technology alliance partners and our ability to attract new customers and partners. The successful promotion of our brand will depend on a number of factors, including our marketing efforts, our ability to continue to develop additional features for our Platform and our ability to successfully differentiate our Platform from competitive cloud-based or legacy security solutions. Although we believe it is important for our growth, our brand promotion activities may not be successful or yield increased revenue.

In addition, independent industry or financial analysts and research firms often test our products and solutions and provide reviews of our Platform, as well as the products of our competitors, and the perception of our Platform in the marketplace may be significantly influenced by these reviews. If these reviews are negative, or less positive as compared to those of our competitors’ products, our brand may be adversely affected. Our products and solutions may fail to detect or prevent threats in any particular test for a number of reasons that may or may not be related to the efficacy of our products and solutions in real world environments. To the extent potential customers, industry analysts or testing firms believe that the occurrence of a failure to detect or prevent any particular threat is a flaw or indicates that our products and solutions or services do not provide significant value, we may lose customers, and our reputation, financial condition, and business would be harmed. Additionally, the performance of our channel partners and technology alliance partners may affect our brand and reputation if customers do not have a positive experience with these partners. In addition, we have worked and continue to work with high-profile customers as well as assist in analyzing and remediating high profile cyberattacks. Our work with such customers has exposed us to publicity and media coverage. Negative publicity about us, including about our management, the efficacy and reliability of our Platform, our product offerings, our professional services, and the customers we work with, even if inaccurate, could adversely affect our reputation and brand.

 

27


 

If organizations do not adopt external cybersecurity solutions that may be based on new and untested security concepts, our ability to grow our business and results of operations may be adversely affected.

Our future success depends on the growth in the market for cloud and/or SaaS-delivered external cybersecurity products and solutions. The use of SaaS products and solutions to manage and automate security and IT operations is rapidly evolving. As such, it is difficult to predict our potential growth, customer adoption and retention rates, customer demand for our products and solutions, or the success of existing or future competitive products. Any expansion in our market depends on several factors, including the cost, performance and perceived value associated with our products and solutions and those of our competitors. If our solutions do not achieve widespread adoption or there is a reduction in demand for our products and solutions due to a lack of customer acceptance, technological challenges, competing products, privacy or other liability concerns, decreases in corporate spending, weakening economic conditions, or otherwise, it could adversely affect our business, results of operations and financial results, resulting in early terminations, reduced customer retention rates, or decreased sales. We do not know whether the trend in adoption of cloud-enabled and/or SaaS-delivered cybersecurity solutions that we have experienced in the past will continue in the future. Furthermore, if we or other SaaS security providers experience security incidents, loss or disclosure of customer data, disruptions in delivery, or other problems, the market for SaaS solutions as a whole, including our security solutions, could be negatively affected.

Historically, information sharing related to cybersecurity has been a very well accepted concept from a theoretical perspective but very difficult to implement in practice. Companies are generally reluctant to share their sensitive cyber information with other entities, despite knowing the advantages of doing so. Misperceptions may exist, however, about what information gets shared, with whom that information is shared, and the jurisdictions (including foreign countries) of the companies with which the information gets shared. Further, concerns of existing or potential customers may exist related to the ability to completely remove any indicia of the source company, general market rejection of information sharing, or specific market skepticism of our approach, which may further add to a lack of customer acceptance.

In addition to the potential concerns related to sharing sensitive information in a system consisting of commercial or potentially competitive entities, additional concerns can arise when governments become involved as participants in the collective defense ecosystem. From a commercial perspective, companies frequently view information sharing on platforms with governments that are also customers as risky, based on perceptions that the governments might use such shared information to take action against the companies or to otherwise utilize it in a way that will expose such companies to liability. Such perceptions could lead commercial entities to stop sharing, not procure our services in the first place, or terminate their relationship with us altogether. Similarly, governments (as customers) may be unable to properly process such data or utilize it in a meaningful way, or share useful information back into our solutions. Any of these concerns could lead to reduced sales or contribute to a lack of customer acceptance. In addition, the mere involvement of one or more government entities as customers may harm our reputation with certain companies.

 

28


 

We (including the Predecessor and the Successor) have experienced rapid growth in recent periods, and if we do not manage our future growth, our business and results of operations will be adversely affected.

ZeroFox experienced rapid revenue growth in recent periods, and we expect to continue to invest broadly across our organization to support our growth. For example, ZeroFox’s actual employee headcount grew from 158 employees as of January 31, 2019, to 914 employees as of January 31, 2024. Additionally, ZeroFox's revenue grew from $8.9 million in fiscal 2019 to $233.3 million in fiscal year 2024. Although ZeroFox experienced rapid growth historically, we may not sustain these growth rates, nor can we assure you that our investments to support our growth will be successful. The growth and expansion of our business will require us to invest significant financial and operational resources and the continuous dedication of our management team. We have encountered and will continue to encounter risks and difficulties frequently experienced by rapidly growing companies in evolving industries, including market acceptance of our Platform, adding new customers, intense competition, and our ability to manage our costs and operating expenses. Our future success will depend in part on our ability to manage our growth effectively, which will require us to, among other things:

effectively attract, integrate, and retain a large number of new employees, particularly members of our sales and marketing and research and development teams;
further improve our Platform and cloud infrastructure to support our business needs;
enhance our information and communication systems to ensure that our employees and offices around the world are well-coordinated and can effectively communicate with each other and our growing base of channel partners and customers; and
improve our financial, management, and compliance systems and controls.

If we fail to achieve these objectives effectively, our ability to manage our expected growth, ensure uninterrupted operation of our Platform and key business systems, and comply with the rules and regulations applicable to our business could be impaired. Additionally, the quality of our Platform and services could suffer and we may not be able to adequately address competitive challenges. Any of the foregoing could adversely affect our business, results of operations, and financial condition.

We face intense competition and could lose market share to our competitors, which could adversely affect our business, financial condition, and results of operations.

The market for security solutions is intensely competitive, fragmented, and characterized by rapid changes in technology, customer requirements and industry standards, increasingly sophisticated attackers, and by frequent introductions of new or improved products to combat security threats. We expect to continue to face intense competition from current competitors, as well as from new entrants into the market given the relatively low barriers to entry in the industry. If we are unable to anticipate or react to these challenges, our competitive position could weaken, and we could experience a decline in revenue or reduced revenue growth, and loss of market share that would adversely affect our business, financial condition, and results of operations. Our ability to compete effectively depends upon numerous factors, many of which are beyond our control, including, but not limited to:

29


 

product capabilities, including the performance and reliability of our Platform; including our services and features, compared to those of our competitors;
our ability versus the ability of our competitors, to improve existing products, services, and features, or to develop new ones to address evolving customer needs;
our ability to attract, retain, and motivate talented employees;
our ability to establish and maintain relationships with channel partners;
our ability to acquire services from third parties at competitive prices;
the strength of our sales and marketing efforts; and
acquisitions or consolidation within our industry, which may result in more formidable competitors.

Our competitors include the following, by general category:

digital risk protection, such as Proofpoint, Rapid7 and Forta;
threat intelligence providers, such as Mandiant and Recorded Future; and
breach response providers, such as Experian, Transunion, and Kroll.

30


 

Many of these competitors have greater financial, technical, marketing, sales, and other resources, greater name recognition, longer operating histories, and a larger base of customers than we do. They may be able to devote greater resources to the development, promotion, and sale of services than we can, and they may offer lower pricing than we do. Further, they may have greater resources for research and development of new technologies, the provision of customer support, and the pursuit of acquisitions, or they may have other financial, technical, or other resource advantages. Our larger competitors have substantially broader and more diverse product and service offerings as well as routes to market, which allows them to leverage their relationships based on other products and to incorporate functionality into existing products to gain business in a manner that discourages users from purchasing our Platform. Conditions in our market could change rapidly and significantly because of technological advancements, partnering or acquisitions by our competitors or continuing market consolidation. Some of our competitors have recently made acquisitions of businesses or have established cooperative relationships that may allow them to offer more directly competitive and comprehensive solutions than were previously offered and adapt more quickly to new technologies and customer needs. As a result of such acquisitions or arrangements, our current or potential competitors may be able to devote greater resources to bring these solutions and services to market, initiate or withstand substantial price competition or develop and expand their product and service offerings more quickly than we do. These competitive pressures in our market or our failure to compete effectively may result in price reductions, fewer orders, reduced revenue and gross margins, increased net losses and loss of market share. Further, many competitors that specialize in providing protection from a single type of security threat may be able to deliver these targeted security products to the market quicker than we can or convince organizations that these limited products meet their needs. Even if there is significant demand for cloud-based security solutions like ours, if our competitors include functionality that is, or is perceived to be, equivalent to or better than ours in legacy products that are already generally accepted as necessary components of an organization’s security architecture, we may have difficulty increasing the market penetration of our Platform. Furthermore, even if the functionality offered by other security providers is different and more limited than the functionality of our Platform, organizations may elect to accept such limited functionality in lieu of adding products from additional vendors like us.

For all of these reasons, competition may negatively impact our ability to maintain and grow consumption of our Platform and solutions or put downward pressure on our prices and gross margins, any of which could materially harm our reputation, business, financial condition, and results of operations.

 

31


 

Competitive pricing pressure may reduce revenue, gross profits, and adversely affect our financial results.

If we are unable to maintain our pricing due to competitive pressures or other factors, our revenue and margins may be reduced and our revenue and gross profits, business, results of operations and financial condition may be adversely affected. The prices for our Platform, products and solutions, and professional services may decline for a variety of reasons, including competitive pricing pressures, discounts, anticipation of the introduction of new solutions by competitors, or promotional programs offered by us or our competitors. Competition continues to increase in the market segments in which we operate, and we expect competition to further increase in the future. Larger competitors with more diverse product and service offerings may reduce the price of products or subscriptions that compete with ours or may bundle them with other products and subscriptions in an effort to leverage their existing market share to make it harder for newer companies, like us, to effectively compete.

Adverse general and industry-specific economic and market conditions and reductions in customer spending, in either the private or public sector, including as a result of geopolitical uncertainty such as the ongoing conflict between Russia and Ukraine, may reduce demand for our Platform or products and solutions, which could harm our business, financial condition and results of operations.

Our business, financial condition, and results of operations depend on the overall demand for our Platform and products and solutions. Negative conditions in the general economy both in the United States and abroad, including conditions resulting from the COVID-19 pandemic, changes in gross domestic product growth, financial and credit market fluctuations, energy costs, international trade relations, geopolitical issues, such as the conflict between Russia and Ukraine, or the availability and cost of credit could lead to increased market volatility, decreased consumer confidence, and diminished growth expectations in the U.S. economy and abroad, which in turn could result in reductions in information technology, software, and security spending by our existing and prospective customers. Negative economic conditions in both the public and private sectors, including macroeconomic, political and market conditions, government shutdowns or reduction in government spending, the availability of short-term and long-term funding and capital, the level and volatility of interest rates, currency exchange rates, and inflation, may cause customers to reduce their spending. Prolonged economic slowdowns may result in customers delaying or canceling projects, choosing to focus on in-house development efforts or seeking to lower their costs by requesting us to renegotiate existing contracts on less advantageous terms or defaulting on payments due on existing contracts or not renewing at the end of the contract term.

 

32


 

We employ multiple and evolving pricing models, which subject us to various pricing challenges that could make it difficult for us to derive value from our customers and may adversely affect our business, financial condition, and results of operations.

We employ multiple and evolving pricing models for our offerings. Our pricing models may ultimately result in a higher total cost to our customers generally as data volumes increase over time, or may cause our customers to limit or decrease usage in order to stay within the limits of their existing licenses or lower their costs, making it more difficult for us to compete in our markets or negatively impacting our business, financial condition, and results of operations. As the amount of data within our customers’ organizations grows, we face downward pressure from our customers regarding our pricing, which could adversely affect our revenue and operating margins. In addition, our pricing models may allow competitors with different pricing models to attract customers unfamiliar or uncomfortable with our pricing models, which would cause us to lose business or modify our pricing models, both of which could adversely affect our revenue and operating margins. We have introduced and expect to continue to introduce variations to our pricing models, including but not limited to usage-based, tiered pricing based on number of users, flat upfront fee, fixed price, level of effort, cost plus fee, utility-based pricing and other pricing programs. We also must determine the appropriate price to enable us to compete effectively internationally. Although we believe that these pricing models and variations to these models will drive net new customers, and increase customer adoption, it is possible that they will not and may potentially cause customers to decline to purchase or renew contracts with us or confuse customers and reduce their lifetime value, which could negatively impact our business, financial condition, and results of operations.

If we fail to adapt to rapid technological change, evolving industry standards and changing customer needs, requirements or preferences, our ability to remain competitive could be impaired.

The market for our Platform and solutions is characterized by rapid technological change, evolving industry standards and changing regulations, as well as changing customer needs, requirements, and preferences. The success of our business will depend, in part, on our ability to anticipate, adapt and respond effectively to these changes on a timely and cost-effective basis. In addition, as our customers’ data infrastructure needs grow more complex, we expect them to face new and increasing challenges. Our customers require that our Platform and products and solutions effectively identify and respond to these challenges without disrupting the performance of our customers’ information technology and data systems or interrupting their operations. As a result, we must continually modify and improve our offerings in response to changes in our customers’ data infrastructures and operational needs or end-user preferences. The success of any enhancement to our existing offerings or the deployment of new offerings depends on several factors, including the timely completion and market acceptance of our enhancements or new offerings. Any enhancement to our existing offerings or new offerings that we develop and introduce involves significant commitment of time and resources and is subject to a number of risks and challenges, including, but not limited to:

ensuring the timely release of new solutions (including products and professional services) and enhancements to our existing solutions;
adapting to emerging and evolving industry standards, technological developments by our competitors and customers and changing regulatory requirements;

33


 

interoperating effectively with existing or newly-introduced technologies, systems or applications of our existing and prospective customers;
resolving defects, errors or failures in our Platform or solutions;
extending our solutions to new and evolving operating systems and hardware products; and
managing new solutions, product suites, and service strategies for the markets in which we operate.

If we are not successful in managing these risks and challenges, or if our Platform or products and solutions (including any upgrades thereto) are not technologically competitive or do not achieve market acceptance, our business, financial condition, and results of operations could be adversely affected.

If we are unable to maintain successful relationships with our channel partners, or if our channel partners fail to perform, our ability to market, sell, and distribute our Platform will be limited, and our business, financial position, and results of operations will be harmed.

In addition to our direct sales force, we rely on our channel partners to sell our Platform. A substantial amount of sales of our Platform flows through our channel partners and we expect this to continue for the foreseeable future. ZeroFox derived approximately 21% of its revenue for the fiscal year 2024 from subscriptions through channel partners. The loss of a substantial number of our channel partners or the failure to recruit additional channel partners, could adversely affect our operating results. Our ability to increase revenue will depend in part on our success in maintaining successful relationships with our channel partners and in training our channel partners to independently sell and deploy our Platform. If we fail to effectively manage our existing sales channels, or if our channel partners are unsuccessful in fulfilling the orders for our solutions, or if we are unable to enter into arrangements with, and retain a sufficient number of, high quality channel partners in each of the regions in which we sell products and solutions and keep them motivated to sell our products and solutions, our ability to sell our products and solutions and results of operations will be harmed.

 

34


 

We target enterprise customers and government organizations, and sales to these customers involve risks that may not be present or that are present to a lesser extent with sales to smaller entities.

We have a sales team that targets enterprise customers and government organizations. These sales involve risks that may not be present or that are present to a lesser extent with sales to smaller entities, such as longer sales cycles, more complex customer requirements, substantial upfront sales costs, and less predictability in completing sales. For example, enterprise customers may require considerable time to evaluate and test our products and solutions and those of our competitors prior to making a purchase decision and placing an order. A number of factors influence the length and variability of our sales cycle, including the need to educate potential customers about the uses and benefits of our products and solutions, the discretionary nature of purchasing and budget cycles, and the competitive nature of evaluation and purchasing approval and/or competitive bidding processes. As a result, the length of our sales cycle, from identification of the opportunity to deal closure, may vary significantly from customer to customer, with sales to enterprise customers and government organizations typically taking longer to complete. Moreover, enterprise customers often begin to deploy our products and solutions on a limited basis, but nevertheless demand configuration, integration services and pricing negotiations, which increase our upfront investment in the sales effort with no guarantee that these customers will deploy our products and solutions widely enough across their organization to justify our substantial upfront investment. Further, a significant percentage of our enterprise sales are to customers in the financial services sector. An economic slowdown in that sector could adversely impact our sales.

Our success and ability to grow our business depend on retaining and expanding our customer base. If we fail to add new customers or retain existing customers, our business, financial condition, and results of operations could be harmed.

We may enter into subscription agreements for our Platform and solutions where customers have discretion to renew or terminate services at the end of the term, or stand-alone agreements for the provision of specified software or services. For us to improve our operating results, it is important that we add new customers and that our existing customers renew their subscriptions and upgrade and expand their subscribed services. Our customers have no obligation to renew their subscriptions, to upgrade or expand their subscribed services, or to continue their relationship with us once a stand-alone engagement ends. Our customers’ renewal, upgrade, and expansion rates may decline or fluctuate as a result of a number of factors, including their satisfaction or dissatisfaction with our offerings, our pricing, the effects of general economic conditions, competitive offerings, or alterations or reductions in our customers’ spending levels. If we are unable to add new customers or if our existing customers do not renew their subscriptions when the term expires or do not upgrade and expand the subscribed services or if customers renew on terms less favorable to us, or do not otherwise continue to use our Platform and solutions for subsequent engagements, our revenue may decline and our business, financial condition, and results of operations could be harmed.

35


 

Our customers may merge with other entities who purchase solutions and services from our competitors, and, during weak economic times, there is an increased risk that one or more of our customers will file for bankruptcy protection, either of which may harm our business, financial condition, and results of operations. We also face risks from international customers that file for bankruptcy protection in foreign jurisdictions, particularly given that the application of foreign bankruptcy laws may be more difficult to predict. In addition, we may determine that the cost of pursuing any claim may outweigh the recovery potential of such claim. As a result, broadening or protracted extension of an economic downturn could harm our business, financial condition, and results of operations.

We provide service level commitments under some of our customer contracts. If we fail to meet these contractual commitments, we could be obligated to provide credits for future service and our business could suffer.

Certain of our customer agreements contain service level commitments, which contain specifications regarding the availability and performance of our Platform. Any failure of or disruption to our infrastructure could impact the performance of our Platform and the availability of products and services to customers. If we are unable to meet our stated service level commitments or if we suffer extended periods of poor performance or unavailability of our Platform, we may be contractually obligated to provide affected customers with service credits for future subscriptions, refunds, and in certain cases, the right to cancel their subscription. Our revenue, other results of operations and financial condition could be harmed if we suffer performance issues or downtime that exceeds the service level commitments under our agreements with our customers.

Our business will be subject to the risks of natural catastrophic events and to interruption by man-made problems such as power disruptions or terrorism.

A significant natural disaster, such as an earthquake, a fire, a flood, or significant power outage could have a material adverse impact on our business, results of operations and financial condition. Natural disasters could affect our personnel, supply chain, or logistics providers’ ability to provide materials and perform services. In addition, climate change could result in an increase in the frequency or severity of natural disasters. In the event that our infrastructure, or the information technology systems, supply chain or logistics of our service providers, is hindered by any of the events discussed above, the results could be missed financial targets, such as revenue, for a particular quarter. Likewise, we could be subject to other man-made problems, including but not limited to power disruptions and terrorist acts.

 

36


 

We rely heavily on the services of our senior management team, and if we are not successful in attracting or retaining senior management personnel, we may not be able to successfully implement our business strategy.

Our future success is substantially dependent on our ability to attract, retain, and motivate our key employees and the members of our management team. In particular, we are highly dependent on the services of James C. Foster, our chief executive officer, who is critical to our future vision and strategic direction. We also rely on our leadership team in the areas of operations, security, analytics, engineering, product management, research and development, marketing, sales, partnerships, mergers and acquisitions, support, and general and administrative functions. Although we entered into employment agreements with our key personnel, our senior management is employed on an “at-will” basis, which means they may terminate their employment with us at any time. If one or more of our key employees resigns or otherwise ceases to provide us with their service, our business could be harmed.

We rely on the performance of highly skilled personnel, including senior engineering, professional services, sales and technology professionals, and our ability to increase our customer base depends to a significant extent on our ability to expand our sales and marketing operations.

We believe our success has depended, and continues to depend, on the efforts and talents of our highly skilled team members, including our sales personnel, professional services personnel, and software engineers. We do not maintain key person insurance on any of our employees. Our key employees are employed on an “at-will” basis, which means that they could terminate their employment with us at any time. The loss of any of our key employees could adversely affect our ability to execute our business plan, and we may not be able to find adequate replacements. We cannot ensure that we will be able to retain the services of our key employees.

 

37


 

If we do not effectively expand and train our sales force, we may be unable to add new customers or increase sales to our existing customers, and our business will be adversely affected.

We depend on our sales force to obtain new customers and increase sales with existing customers. Our ability to achieve significant revenue growth will depend, in large part, on our success in recruiting, training and retaining sufficient numbers of sales personnel, and our third-party channel partner network of resellers, both domestically and internationally. We have expanded our sales organization in recent periods and expect to continue to add additional sales capabilities in the near term. Significant competition exists for sales personnel with the skills and technical knowledge that we require. New hires require significant training and may take significant time before they achieve full productivity, and this delay may be accentuated by our long sales cycles. Our recent hires and planned hires may not become productive as quickly as we expect, and we may be unable to hire or retain sufficient numbers of qualified individuals in the markets where we do business or plan to do business. In addition, a significant percentage of our sales force is new to our Company and selling our solutions, and therefore this team may be less effective than our more seasoned sales personnel. Furthermore, hiring sales personnel in new countries, or expanding our existing presence, requires upfront and ongoing expenditures that we may not recover if the sales personnel fail to achieve full productivity. We cannot predict whether, or to what extent, our sales will increase as we expand our sales force or how long it will take for sales personnel to become productive. If we are unable to hire and train a sufficient number of effective sales personnel, or the sales personnel we hire are not successful in obtaining new customers or increasing sales to our existing customer base, our business and results of operations will be adversely affected. All of these efforts will require us to invest significant financial and other resources and our business will be harmed if our efforts do not generate a correspondingly significant increase in revenue.

Our ability to maintain customer satisfaction depends in part on the quality of our customer support.

Once our Platform and solutions are purchased, our customers depend on our maintenance and support teams to resolve technical and operational issues relating to our Platform and solutions. Our ability to provide effective customer maintenance and support is largely dependent on our ability to attract, train, and retain qualified personnel with experience in supporting customers with our Platform and products and solutions such as ours and maintaining the same. The number of our customers has grown significantly and that has and will continue to put additional pressure on our support teams. We may be unable to respond quickly enough to accommodate short-term increases in customer demand for technical support. We may be subject to disruptions in customer support as well as failures to provide adequate support for reasons that are outside of our direct control.

38


 

We also may be unable to modify the future, scope, and delivery of our maintenance services and technical support to compete with changes in the technical services provided by our competitors. Increased customer demand for maintenance and support services, without corresponding revenue, could increase costs and negatively affect our operating results. In addition, if we experience increased customer demand for support and maintenance, we may face increased costs that may harm our business, financial condition, or results of operations. Further, as we continue to grow our operations and support our global customer base, we need to be able to continue to provide efficient support and effective maintenance that meet our customers’ needs globally at scale. Customers receive additional maintenance and support features, and the number of our customers has grown significantly, which will put additional pressure on our organization. If we are unable to provide efficient customer maintenance and support globally at scale or if we need to hire additional maintenance and support personnel, our business may be harmed. Our ability to attract new customers is highly dependent on our business reputation and on positive recommendations from our existing customers. Any failure to maintain high-quality maintenance and support services or a market perception that we do not maintain high-quality maintenance and support services for our customers would harm our business.

If we cannot maintain our company culture as we grow, we could lose the innovation, teamwork, passion, and focus on execution that we believe contribute to our success and our business may be harmed.

We believe that our corporate culture has been a contributor to our success, which we believe promotes innovation, teamwork, passion and focus on building and marketing our products and solutions. Any integration challenges or any failure to preserve our culture could harm our future success, including our ability to retain and recruit personnel, innovate and operate effectively and execute on our business strategy. As we grow, we may find it difficult to maintain our corporate culture. Additionally, our productivity and the quality of our products and solutions may be adversely affected if we do not integrate and train our new employees quickly and effectively. If we experience any of these effects in connection with future growth, it could impair our ability to attract new customers, retain existing customers and expand their use of our products and solutions, all of which would adversely affect our business, financial condition and results of operations.

We recognize revenue from subscription to our Platform over the term of the subscription. Consequently, increases or decreases in new sales may not be immediately reflected in our results of operations.

We generally recognize revenue from customers ratably over the terms of their subscriptions, which are generally one to three years. As a result, a substantial portion of the revenue we report in each period is attributable to the recognition of deferred revenue relating to agreements that we entered into during previous periods. Consequently, any increase or decline in new sales or renewals in any one period will not be immediately reflected in our revenue for that period. Any such change, however, would affect our revenue in future periods. Accordingly, the effect of downturns or upturns in new sales and potential changes in our rate of renewals may not be fully reflected in our results of operations until future periods. We may also be unable to timely reduce our cost structure in line with a significant deterioration in sales or renewals that would adversely affect our results of operations and financial condition.

39


 

Our operating results may fluctuate significantly which could make our future results difficult to predict and could cause our operating results to fall below expectations.

Our operating results may vary significantly in the future, particularly considering the number of enterprise customer contracts and the cyclical nature of our government sales generation, and period-to-period comparisons of our operating results may not be meaningful. Accordingly, the results of any one quarter should not be relied upon as an indication of future performance. Our operating results may fluctuate as a result of a variety of factors, many of which are outside of our control, and as a result, may not fully reflect the underlying performance of our business. Fluctuations in operating results may negatively impact the value of our securities. Factors that may cause fluctuations in our quarterly operating results include, without limitation:

our ability to generate significant revenue from new offerings and cross-selling current offerings;
our ability to expand our number of customers and sales;
our ability to hire and retain employees, in particular those responsible for our sales and marketing;
changes in the way we organize and compensate our sales teams;
the timing of expenses and recognition of revenue;
the timing and length of our sales cycles;
increased sales to large organizations;
the amount and timing of operating expenses related to the maintenance and expansion of our business and operations, as well as international expansion;
the timing and effectiveness of new sales and marketing initiatives;
changes in our pricing policies or those of our competitors;
the timing and success of new platforms, applications, features, and functionality by us or our competitors;
changes in the competitive dynamics of our industry, including consolidation among competitors;
changes in laws and regulations that impact our business;
the timing of expenses related to any future acquisitions, including our ability to successfully integrate, and fully realize the expected benefits of, completed acquisitions;
health epidemics or pandemics, such as the COVID-19 pandemic;
civil unrest and geopolitical instability, including as a result of the ongoing conflict between Russia and Ukraine; and
general political, economic, and market conditions.

 

40


 

Our long-term success depends, in part, on our ability to expand the sale of our Platform to customers located outside of the U.S., and our current, and any further, expansion of our international operations exposes us to risks that could have a material adverse effect on our business, operating results, and financial condition.

We are generating a portion of our revenue outside of the U.S., and conduct our business activities in various foreign countries, including some emerging markets, where the challenges of conducting our business can be significantly different from those we have faced in more developed markets and where business practices may create internal control risks. There are certain risks inherent in conducting international business, including:

fluctuations in foreign currency exchange rates, which could add volatility to our operating results;
new, or changes in, regulatory requirements;
uncertainty regarding regulation, currency, tax, and operations resulting from the United Kingdom’s, or the U.K., exit from the European Union, or the E.U., and possible disruptions in trade, the sale of our services and commerce, and movement of our people between the U.K., E.U., and other locations;
tariffs, export and import restrictions, restrictions on foreign investments, sanctions, and other trade barriers or protection measures;
costs and liabilities related to compliance with foreign privacy, data protection and information security laws and regulations, including the General Data Protection Regulation of the European Union, or the GDPR, and the risks and costs of noncompliance;
costs of localizing products and services;
the lack of acceptance of localized products and services;
the need to make significant investments in people, solutions and infrastructure, typically well in advance of revenue generation;
challenges inherent in efficiently managing an increased number of employees over large geographic distances, including the need to implement appropriate systems, policies, benefits and compliance programs;
difficulties in maintaining our corporate culture with a dispersed and distant workforce;
treatment of revenue from international sources, evolving domestic and international tax environments, and other potential tax issues, including with respect to our corporate operating structure and intercompany arrangements;
different standards for or weaker protection of our intellectual property, including increased risk of theft of our proprietary technology and other intellectual property;
economic weakness or currency-related crises;
compliance with multiple, conflicting, ambiguous or evolving governmental laws and regulations, including employment, tax, privacy, anti-corruption, import/export, antitrust, data transfer, storage and protection, and industry-specific laws and regulations, including rules related to compliance by our third-party resellers and our ability to identify and respond timely to compliance issues when they occur, and regulations applicable to us and our third-party data providers from whom we purchase and resell data;

41


 

vetting and monitoring our third-party resellers in new and evolving markets to confirm they maintain standards consistent with our brand and reputation;
generally longer payment cycles and greater difficulty in collecting accounts receivable;
our ability to adapt to sales practices and customer requirements in different cultures;
the lack of reference customers and other marketing assets in regional markets that are new or developing for us, as well as other adaptations in our market generation efforts that we may be slow to identify and implement;
dependence on certain third parties, including resellers with whom we do not have extensive experience;
natural disasters, acts of war, terrorism, or pandemics, including the ongoing COVID-19 pandemic;
corporate espionage; and
political instability and security risks in the countries where we are doing business and changes in the public perception of governments in the countries where we operate or plan to operate.

We might undertake corporate operating restructurings that involve our group of foreign country subsidiaries through which we do business abroad. We consider various factors in evaluating these restructurings, including the alignment of our corporate legal entity structure with our organizational structure and our objectives, the operational and tax efficiency of our group structure, and the long-term cash flows and cash needs of our business. Such restructurings could increase our operating costs, and if ineffectual, could increase our income tax liabilities and our global effective tax rate.

Risks Related to Government Contracting

One U.S. government customer accounts for a substantial portion of our revenue. If our relationship with our largest customer is impaired or terminated, our revenue would decline, and our business, financial condition, and results of operations would be adversely affected.

We have derived a substantial portion of our revenue from one U.S. government customer, the Office of Personnel Management (OPM). Our current contract with OPM has been extended to an optional period ending on June 30, 2024. On December 28, 2023, we were awarded a new contract by OPM (the "new OPM Contract"). The New OPM Contract is structured as a Base Period from July 1, 2024 to June 30, 2025, followed by a series of options as follows: Option Period I from July 1, 2025 to June 30, 2026, Option Period II from July 1, 2026 to September 30, 2026, Option Period, Option Period III from October 1, 2026 to March 31, 2027, Option Period IV from April 1, 2027 to September 30, 2027, Option Period V from October 1, 2027 to March 31, 2028, and Option Period VI from April 1, 2028 to September 30, 2028. OPM has an option to add a six-month transition out period to run concurrently with any option period. OPM accounted for approximately 35% of revenue for the year ended January 31, 2024.

42


 

As a result, our revenue could fluctuate materially, and could be materially and disproportionately affected by purchasing decisions by this customer or any other significant future customer. This customer may decide to purchase less than it has in the past, may alter its purchasing patterns at any time with limited notice, or may decide not to continue to license our products at all, any of which could cause our revenue to decline and adversely affect our financial condition and results of operations. If we do not further diversify our customer base, we will continue to be susceptible to risks associated with customer concentration.

Our business depends, in part, on sales to government organizations, and significant changes in the contracting or fiscal policies of such government organizations could have an adverse effect on our business and results of operations.

Our future growth depends, in part, on increasing sales to government organizations. Demand from government organizations is often unpredictable, subject to budgetary uncertainty and typically involves long sales cycles. We have made significant investment to address the government sector, but we cannot assure you that these investments will be successful, or that we will be able to maintain or grow our revenue from the government sector. U.S. federal, state, and local government sales are subject to a number of challenges and risks that may adversely impact our business. Sales to such government entities include the following risks:

selling to governmental agencies can be highly competitive, expensive, and time consuming, often requiring significant upfront time and expense without any assurance that such efforts will generate a sale;
government certification requirements applicable to our products may change and, in doing so, restrict our ability to sell into the U.S. Federal Government sector until we have attained the revised certification.
government demand and payment for our Platform may be impacted by public sector budgetary cycles and funding priorities and authorizations, with funding reductions or delays adversely affecting public sector demand for our Platform;
governments routinely investigate and audit government contractors’ administrative processes, and any unfavorable audit could result in the government refusing to continue buying our Platform, which would adversely impact our revenue and results of operations, or institute fines or civil or criminal liability if the audit were to uncover improper or illegal activities; and
governments may add new or change existing contractual and/or data security infrastructure requirements that could restrict our ability to sell to government customers.

The occurrence of any of the foregoing could cause governments and governmental agencies to delay or refrain from purchasing our solutions in the future or otherwise have an adverse effect on our business and results of operations.

 

43


 

A decline in the U.S. Government budget, changes in spending or budgetary priorities or delays in contract awards may adversely affect our business, financial condition, and results of operations and limit our growth prospects.

Revenue under contracts with U.S. government agencies represents a substantial amount of our total revenue. Levels of U.S. government spending are difficult to predict and subject to significant risk. Laws and plans adopted by the U.S. Government relating to, along with pressures on and uncertainty surrounding the U.S. federal budget, potential changes in budgetary priorities, sequestration, the appropriations process, and the permissible federal debt limit, could adversely affect the funding for individual programs and delay purchasing or payment decisions by our customers. Considerable uncertainty exists regarding how future budget and program decisions will unfold and what challenges budget reductions will present for us and the industry for our solutions and products.

Current U.S. government spending levels may not be sustained and future spending and program authorizations may not increase or may decrease or shift to programs in areas in which we do not provide services or are less likely to be awarded contracts. Such changes in spending authorizations and budgetary priorities may occur as a result of uncertainty surrounding the federal budget, increasing political pressure and legislation, shifts in spending priorities as a result of competing demands for federal funds, or other factors. In the event government funding relating to our contracts with the U.S. Government becomes unavailable, or is reduced or delayed, or planned orders are reduced, our contract or subcontract under such programs may be terminated or adjusted by the U.S. Government or the prime contractor, if applicable. Our operating results could also be adversely affected by spending caps or changes in the budgetary priorities of the U.S. Government, as well as delays in program starts or the award of contracts or task orders under contracts.

In addition, changes to the federal acquisition system and contracting models could affect whether and how we pursue certain opportunities and the terms under which we are able to do so. A significant decline in overall U.S. government spending, a significant shift in its spending priorities, significant delays in contract or task order awards for large programs could adversely affect our business, financial condition, and results of operations and limit our growth prospects.

 

44


 

A delay in the completion of the U.S. Government’s budget and appropriation process could delay procurement of solutions we provide and have an adverse effect on our future revenue.

The funding of U.S. government programs is subject to an annual congressional budget authorization and appropriations process. In years when the U.S. Government does not complete its appropriations before the beginning of the new fiscal year on October 1, government operations are typically funded pursuant to a “continuing resolution,” which allows federal government agencies to operate at spending levels approved in the previous appropriations cycle but does not authorize new spending initiatives. When the U.S. Government operates under a continuing resolution, delays can occur in the procurement of our products and solutions and may result in new initiatives being canceled. Revenue from government customers is often cyclical and based upon delays or change in the appropriation cycle or government shutdowns and thus can impact future performance. When the U.S. Government fails to complete its appropriations process or to provide for a continuing resolution, a full or partial federal government shutdown may result. A federal government shutdown could, in turn, result in our incurrence of substantial labor or other costs without reimbursement under customer contracts, the delay or cancellation of key programs or the delay of contract payments, which could have a negative effect on our cash flows and adversely affect our business, financial condition, and results of operations. For many programs, Congress appropriates funds on an annual fiscal year basis even though the program performance period may extend over several years. Consequently, programs are often partially funded initially, and additional funds are committed only as Congress makes further appropriations. If we incur costs in excess of funds obligated on a contract, we may be at risk for reimbursement of those costs unless or until additional funds are earmarked to the contract. In addition, when supplemental appropriations are required to operate the U.S. Government or fund specific programs and passage of legislation needed to approve any supplemental appropriations bill is delayed, the overall funding environment for our business could be adversely affected.

Due to the competitive process to obtain contracts and the likelihood of bid protests, we may be unable to achieve or sustain revenue growth and our business, financial condition, and results of operations may be adversely affected.

A substantial portion of the business that we seek with respect to our solutions is subject to competitive bidding processes with U.S. government customers. The U.S. Government has increasingly relied on contracts that are subject to a continuing competitive bidding process which has resulted in greater competition and increased pricing pressure. The competitive bidding process involves substantial costs and several risks, including significant cost and managerial time to prepare bids and proposals for contracts that may not be awarded to us, may be split among competitors or that may be awarded but for which we do not receive meaningful task orders, and to the risk of inaccurately estimating the resources and costs that will be required to fulfill any contract we win.

45


 

Following contract award, we may encounter significant expense, delay, contract modifications or even contract loss because of our competitors challenging (or protesting) the award of contracts to us in competitive bidding. Any resulting loss or delay of start-up and funding of work under protested contract awards may adversely affect our revenue and/or profitability. In addition, multi-award contracts require that we make sustained post-award efforts to obtain task orders under the contract. As a result, we may not be able to obtain these task orders or recognize revenue under these multi-award contracts. We are also experiencing increased competition generally which impacts our ability to obtain contracts. Our failure to compete effectively in this procurement environment would adversely affect our revenue and our business, financial condition, and results of operations may be adversely affected.

The U.S. Government may terminate, cancel, stop, modify or curtail our contracts at any time prior to their completion and, if we do not replace them, this may adversely affect our future revenue and profitability.

Many of the U.S. government programs in which we may participate as a prime contractor or subcontractor extend for several years and include one or more base years and one or more option years. These programs are normally funded on an annual basis. Under our contracts, the U.S. Government generally has the right to not exercise options to extend or expand our contracts and may otherwise terminate, cancel, stop, modify, or curtail our contracts at its convenience. Any decisions by the U.S. Government to not exercise contract options or to terminate, cancel, stop, modify or curtail our major programs or contracts would adversely affect our revenue, revenue growth, and profitability.

We may also experience technological or other performance difficulties under our contracts, which may result in delays, cost overruns, and failures in our performance of these contracts. If a government customer terminates a contract for default, we may be exposed to liability, including for excess costs incurred by the customer in procuring undelivered services and solutions from another source. Depending on the nature and value of the contract, a performance issue or termination for default could cause our actual results to differ from those anticipated and could harm our reputation, and even lead to a suspension or debarment action.

Our failure to comply with a variety of complex procurement rules and regulations could result in our being liable for civil or criminal penalties, termination of our U.S. government contracts, disqualification from bidding on future U.S. government contracts, and suspension or debarment from U.S. government contracting.

As a U.S. government contractor, we must comply with laws and regulations relating to the formation, administration, and performance of U.S. government contracts, which affect how we do business with our customers. Such laws and regulations may potentially impose added costs on our business and our failure to comply with them may lead to civil or criminal penalties, termination of our U.S. government contracts, or suspension or debarment from contracting with federal agencies. Some significant laws and regulations that affect us include, but are not limited to the following:

the Federal Acquisition Regulations (FAR) and FAR supplements, which regulate the formation, administration, and performance of U.S. government contracts;

46


 

Truthful Cost or Pricing Data, formerly known as the Truth in Negotiations Act, which requires certification and disclosure of cost and pricing data in connection with certain contract negotiations;
the Procurement Integrity Act, which regulates access to competitor bid and proposal information and government source selection information and our ability to provide compensation to certain former government officials;
the Civil False Claims Act, which provides for substantial civil penalties for violations, including for the knowing submission of a false or fraudulent claim to the U.S. Government for payment or approval;
the False Statements Act, which imposes civil and criminal liability for making false statements to the U.S. Government; and
the U.S. government Cost Accounting Standards, which imposes accounting requirements that govern our right to reimbursement under certain cost-based U.S. government contracts.

The FAR and many of our U.S. government contracts contain organizational conflict of interest clauses that may limit our ability to compete for or perform certain other contracts or other types of services for particular customers. Organizational conflicts of interest (OCI) arise when we engage in activities that may make us unable to render impartial assistance or advice to the U.S. Government, impair our objectivity in performing contract work or provide us with an unfair competitive advantage in winning or performing on a contract. An OCI that precludes our competition for or performance on a significant program or contract could harm our prospects. Conversely, our failure to identify and disclose an OCI can result in civil and/or criminal penalties.

The U.S. Government may adopt new contract rules and regulations or revise its procurement practices in a manner adverse to us at any time without notice and/or compensation, which could adversely affect our profitability, cash position or growth prospects.

Our industry has experienced, and we expect it will continue to experience, significant changes to business practices because of an increased focus on affordability, efficiencies and recovery of costs, among other items. U.S. government agencies may face restrictions or pressure regarding the type and number of services that they may obtain from private contractors. Legislation, regulations, and initiatives dealing with enhanced governance, oversight, and/or security (physical or cyber), procurement reform, mitigation of potential conflicts of interest, and environmental responsibility or sustainability, as well as any resulting shifts in the buying practices of U.S. government agencies, such as increased usage of fixed-price contracts, multiple-award contracts and small business set-aside contracts, could have adverse effects on government contractors. Any of these changes could impair our ability to obtain new contracts or renew our existing contracts when customers recompete those contracts. Any new contracting requirements or procurement methods could be costly or administratively difficult for us to implement and could adversely affect our business, financial condition, and results of operations.

 

47


 

As a U.S. government contractor, we are subject to reviews, audits, and cost adjustments by the U.S. Government, which, if resolved unfavorably to us, could adversely affect our profitability, cash position or growth prospects.

U.S. government contractors (including their subcontractors and others with whom they do business) operate in a highly regulated environment and are routinely audited and reviewed by the U.S. Government and its agencies. These agencies review a contractor’s performance on government contracts, cost structure, indirect rates, and pricing practices and compliance with applicable contracting and procurement laws, regulations, terms and standards, as well as the adequacy of our systems and processes in meeting government requirements. They also review the adequacy of the contractor’s compliance with government standards for its business systems, including a contractor’s accounting system, earned value management system, estimating system, materials management and accounting system, property management system, and purchasing system.

Both contractors and the U.S. government agencies conducting these audits and reviews have come under increased scrutiny. As a result, the current audits and reviews have become more rigorous and the standards to which we are held are being more strictly interpreted, increasing the likelihood of an audit or review resulting in an adverse outcome.

A finding of significant control deficiencies in our system audits or other reviews can result in decremented billing rates to our U.S. government customers until the control deficiencies are corrected and our remediations are accepted. Government audits and reviews may conclude that our practices are not consistent with applicable laws and regulations and result in adjustments to contract costs and mandatory customer refunds. Such adjustments can be applied retroactively, which could result in significant customer refunds. Our receipt of adverse audit findings or the failure to obtain an “approved” determination of our various business systems from the responsible U.S. government agency could significantly and adversely affect our business, including our ability to bid on new contracts and our competitive position in the bidding process. A determination of non-compliance with applicable contracting and procurement laws, regulations and standards could also result in the U.S. Government imposing penalties and sanctions against us, including reductions of the value of contracts, contract modifications or termination, withholding of payments, the loss of export/import privileges, administrative or civil judgments and liabilities, criminal judgments or convictions, liabilities and consent or other voluntary decrees or agreements, other sanctions, the assessment of penalties, fines or compensatory, treble or other damages or non-monetary relief or actions, suspension or debarment, suspension of payments, and increased government scrutiny that could negatively impact our reputation, delay or adversely affect our ability to invoice and receive timely payment on contracts, perform contracts or compete for contracts with the U.S. Government and may adversely affect our revenue and profitability.

 

48


 

Risks Relating to Financial, Tax, and Accounting Issues

Our issued and outstanding convertible notes may impact our financial results, result in the dilution of our stockholders, create downward pressure on the price of our Common Stock, and restrict our ability to raise additional capital or take advantage of future opportunities.

In connection with the Business Combination, we issued the Convertible Notes (see Note 10) in an aggregate principal amount of $150,000,000. The Convertible Notes are convertible into shares of our Common Stock at an initial conversion rate of 86.9565 shares of our Common Stock (subject to adjustment as provided in the Indenture) per $1,000 of principal amount of Notes and 86.9565 shares of our Common Stock (subject to adjustment as provided in the Indenture) per $1,000 of accrued and unpaid interest on any Convertible Notes. To the extent we exercise our option to pay interest in kind with respect to the Convertible Notes rather than in cash, the number of shares of our Common Stock into which the Convertible Notes may be converted would increase. The sale of the Convertible Notes may affect our earnings per share, as accounting procedures may require that we include in our calculation of earnings per share the number of shares of our Common Stock into which the Convertible Notes are convertible.

Upon a conversion of the Convertible Notes, we will have the ability to settle by payment of cash, by issuance of our Common Stock, or a combination of both. If shares of our Common Stock are issued to the holders of the Convertible Notes upon conversion, there will be dilution to our stockholders and the market price of our Common Stock may decrease due to the additional selling pressure in the market. Any downward pressure on the price of our Common Stock caused by the sale, or potential sale, of shares issuable upon conversion of the Convertible Notes could also encourage short sales by third parties, creating additional selling pressure on our share price.

We may not have the ability to raise the funds necessary to settle conversions of the Convertible Notes in cash, repurchase the Convertible Notes upon a fundamental change or repay the Convertible Notes in cash at their maturity, and our future debt may contain limitations on our ability to pay cash upon conversion, redemption or repurchase of the Convertible Notes.

Holders of the Convertible Notes will have the right under the Indenture to require us to repurchase all or a portion of their Notes upon the occurrence of a fundamental change before the applicable maturity date at a repurchase price equal to 100% of the principal amount of such notes to be repurchased plus accrued and unpaid interest to, but not including, the repurchase date. Moreover, we will be required to repay the Convertible Notes in cash at their maturity, unless earlier converted, redeemed or repurchased. We may not have enough available cash or be able to obtain financing at the time we are required to make repurchases of such notes surrendered or pay cash with respect to such notes being converted (which we otherwise may elect to do upon the conversion of notes in lieu of issuing shares).

49


 

Upon a conversion of the Convertible Notes, we will have the ability to settle by payment of cash, by issuance of our Common Stock, or a combination of both. Our ability to repurchase, redeem or to pay cash upon conversion of Notes may be limited by law, regulatory authority, or agreements governing our future indebtedness. Our failure to repurchase the Convertible Notes at a time when the repurchase is required by the Indenture would constitute a default under such indenture (provided that upon a conversion, we could settle by issuance of our Common Stock). A default under the Indenture or the fundamental change itself could also lead to a default under agreements governing our future indebtedness. If the payment of the related indebtedness were to be accelerated after any applicable notice or grace periods, we may not have sufficient funds to repay the interest on such indebtedness and repurchase the Convertible Notes or to pay cash upon conversion of the Convertible Notes.

We may still incur substantially more debt or take other actions that would diminish our ability to make payments on the Convertible Notes when due.

We and our subsidiaries may be able to incur substantial additional debt in the future, subject to the restrictions contained in our debt instruments, including, pursuant to the Indenture governing the Convertible Notes. Pursuant to the Indenture, we and our subsidiaries are not permitted to issue any Senior Indebtedness, Disqualified Capital Stock and Preferred Stock (each such term as defined in the Indenture) in an aggregate principal amount in excess of $50,000,000. However, we are not restricted from recapitalizing our debt or taking a number of other actions that are not limited by the terms of the Indenture that could have the effect of diminishing our ability to make payments on the Convertible Notes when due.

We have secured debt outstanding, which may adversely affect our financial condition and future financial results. Our existing debt agreements contain restrictive covenants that may limit our ability to operate our business.

We have outstanding secured indebtedness with Stifel Bank of $22.5 million as of January 31, 2024. Our secured indebtedness contains a number of restrictive covenants that impose significant operating and financial restrictions on us. As a result of these covenants, our ability to respond to changes in business and economic conditions and engage in beneficial transactions, including to obtain additional financing as needed, may be restricted. Furthermore, our failure to comply with our debt covenants could result in a default under our debt agreements, which would cause our indebtedness under such debt agreements to become immediately due and payable. If any of our debt is accelerated, we may not have sufficient funds available to repay it.

Our ability to make scheduled payments of principal and interest and other required repayments depends on our future performance, which is subject to economic, financial, competitive and other factors beyond our control. Our business may not generate cash flows from operations in the future sufficient to service our debt and make necessary capital expenditures. If we are unable to generate such cash flows, we may be required to adopt one or more alternatives, such as selling assets, restructuring operations, restructuring debt or obtaining additional equity capital on terms that may be onerous or dilutive.

50


 

We may incur additional indebtedness in the future in the ordinary course of business subject to the restrictions in the Indenture and our secured debt, which could include restrictive covenants. If new debt is added to current debt levels, the risks described above could intensify.

We may need to raise additional capital to maintain and expand our operations and invest in new solutions, which capital may not be available on terms acceptable to us, or at all, and which could reduce our ability to compete and could harm our business.

Retaining or expanding our current levels of personnel and products offerings may require additional funds to respond to business challenges, including the need to develop new products and enhancements to our Platform, improve our operating infrastructure, or acquire complementary businesses and technologies. The failure to raise additional capital or generate the significant capital necessary to expand our operations and invest in new products and solutions could reduce our ability to compete and could harm our business. Accordingly, we may need to engage in additional equity or debt financing to secure additional funds. If we raise additional equity financing, stockholders may experience significant dilution of their ownership interests and the market price of our Common Stock could decline. If we engage in debt financing, the holders of debt would have priority over the holders of our Common Stock, and we may be required to accept terms that restrict our operations or our ability to incur additional indebtedness or to take other actions that would otherwise be in the interests of the debt holders. Any of the above could harm our business, results of operations, and financial condition.

 

51


 

Future acquisitions, strategic investments, partnerships, or alliances could be difficult to identify and integrate, divert the attention of key management personnel, disrupt our business, dilute stockholder value, and adversely affect our results of operations, and financial condition.

As part of our business strategy, we have in the past and expect to continue to make investments in and/or acquire complementary businesses and assets. Our ability as an organization to acquire and integrate other companies, services, or technologies in a successful manner in the future is not guaranteed. We may not be able to find suitable acquisition candidates, and we may not be able to complete such acquisitions on favorable terms, if at all. If we do complete acquisitions or strategic investments, we may not ultimately strengthen our competitive position or ability to achieve our business objectives, and any acquisitions or investments we complete could be viewed negatively by our end-customers or investors. In addition, our due diligence may fail to identify all the problems, liabilities or other shortcomings or challenges of an acquired business, product, or technology, including issues related to intellectual property, product quality or product architecture, regulatory compliance practices, revenue recognition or other accounting practices or issues with employees or customers. If we are unsuccessful at integrating such acquisitions, or the technologies associated with such acquisitions, into our Company, our revenue and results of operations could be adversely affected. Any integration process may require significant time and resources, and we may not be able to manage the process successfully. We may not successfully evaluate or utilize the acquired technology or personnel, or accurately forecast the financial impact of an acquisition transaction, including accounting charges. We may have to pay cash, incur debt or issue equity securities to pay for any such acquisition, each of which could adversely affect our financial condition and the market price of our Common Stock. The sale of equity or issuance of debt to finance any such acquisitions could result in dilution to our stockholders. The incurrence of indebtedness would result in increased fixed obligations and could also include covenants or other restrictions that would impede our ability to manage our operations.

Additional risks we may face in connection with acquisitions include:

diversion of management time and focus from operating our business to addressing acquisition integration challenges;
coordination of research and development and sales and marketing functions;
integration of product and service offerings;
retention of key employees from the acquired company;
changes in relationships with strategic partners as a result of product acquisitions or strategic positioning resulting from the acquisition;
cultural challenges associated with integrating employees from the acquired company into our organization;
integration of the acquired company’s accounting, management information, human resources, and other administrative systems;
the need to implement or improve controls, procedures, and policies at a business that prior to the acquisition may have lacked sufficiently effective controls, procedures, and policies;
additional legal, regulatory or compliance requirements;

52


 

financial reporting, revenue recognition or other financial or control deficiencies of the acquired company that we do not adequately address and that cause our reported results to be incorrect;
liability for activities of the acquired company before the acquisition, including intellectual property infringement claims, violations of laws, commercial disputes, tax liabilities, and other known and unknown liabilities;
unanticipated write-offs or charges; and
litigation or other claims in connection with the acquired company, including claims from terminated employees, customers, former stockholders or other third parties.

Our failure to address these risks or other problems encountered in connection with acquisitions and investments could cause us to fail to realize the anticipated benefits of these acquisitions or investments, cause us to incur unanticipated liabilities, and harm our business generally.

We have previously reported material weaknesses in our internal control over financial reporting that have been remediated, but if we fail to properly manage our internal control over financial reporting on a go forward basis, future material weaknesses could be identified that could result in a material misstatement in our financial statements.

A material weakness is a deficiency, or a combination of deficiencies, in internal control over financial reporting such that there is a reasonable possibility that a material misstatement of our annual or interim financial statements will not be prevented or detected on a timely basis. We rely upon internal processes and information systems to support key business functions, including our assessment of internal controls over financial reporting as required by Section 404 of the Sarbanes-Oxley Act.

We cannot be certain that the measures we have taken, and expect to take, to improve our internal controls will be sufficient to ensure that our internal controls will remain effective and eliminate the possibility that other material weakness or deficiencies may develop or be identified in the future. If we identify future material weaknesses in our internal controls, even if quickly remediated once disclosed, investors may lose confidence in our financial statements and our stock price may decline. Implementing changes to our internal controls in connection with the remediation of any material weakness may distract our management and could require us to incur significant expenses. If we fail to remediate any material weakness, our financial statements may be inaccurate, we may be required to restate our financial statements, our ability to report our financial results in a timely and accurate basis may be adversely affected, our access to the capital markets may be restricted, our stock price may decline, and we may be subject to sanctions or investigation by regulatory authorities, which could materially and adversely affect our business and results of operations.

Our ability to use our net operating loss carryforwards and certain other tax attributes may be limited.

53


 

As of January 31, 2024, ZeroFox had U.S. federal and state net operating loss carryforwards, or NOLs, available to offset future federal and state taxable income of approximately $226.4 million and $105.7 million, respectively, and portions of which expire in various years. A lack of future taxable income would adversely affect our ability to utilize these NOLs before they expire. Under the Tax Cuts and Jobs Act of 2017 (the Tax Act), as modified by the Coronavirus Aid, Relief, and Economic Security Act (the CARES Act), federal NOLs incurred in tax years beginning after December 31, 2017 may be carried forward indefinitely, but the deductibility of such federal NOLs in tax years beginning after December 31, 2020 is limited to 80% of taxable income. It is uncertain if and to what extent various states will conform to the Tax Act or the CARES Act.

In addition, under Section 382 of the Code, a corporation that undergoes an “ownership change” (as defined under Sections 382 and 383 of the Code and applicable Treasury Regulations) is subject to limitations on its ability to utilize its pre-change NOLs and certain other tax attributes to offset post-change taxable income or taxes. In connection with the Business Combination, we conducted a Section 382 review which determined the Business Combination constituted an ownership change. However, this will not affect our ability to realize the NOL carryforwards on a going forward basis provided we have sufficient taxable income, subject to the annual limitation. In addition, we may experience future ownership changes under Section 382 of the Code that could further affect our ability to utilize our NOLs to offset our income. Furthermore, our ability to utilize NOLs of companies that we have acquired or may acquire in the future may be subject to limitations. In addition, at the state level, there may be periods during which the use of NOLs is suspended or otherwise limited, which could accelerate or permanently increase state taxes owed. For these reasons, we may not be able to utilize a material portion of the NOLs reflected on our balance sheet, even if we attain profitability, which could potentially result in increased future tax liability to us and could adversely affect our operating results and financial condition.

Finally, beginning in 2022 Tax Act eliminated the option to deduct research and development expenditures immediately in the year incurred pursuant to Section 174 of the Code. The Tax Act requires taxpayers to capitalize and amortize such expenditures over five years. The actual impact on cash from operations will depend on whether and when these provisions are deferred, modified, or repealed by Congress, including any retroactive application to 2022, among other factors

IDX failed to collect sales and use tax prior to January 1, 2022, and we have been working to mitigate such failure.

Prior to January 1, 2022, IDX did not collect U.S. sales and use tax from its customers for its services. During 2020, IDX engaged an external tax consultant to perform a full U.S. sales tax nexus study and analysis. IDX accrued and reflected historical liabilities in its financial statements and was filing Voluntary Disclosure Agreements (VDA) in relevant U.S. jurisdictions, and we will be remitting liabilities accordingly. Beginning January 1, 2022, IDX began collecting, reporting, and remitting appropriate U.S. sales tax from its customers in all applicable jurisdictions. As of January 31, 2024, the Company recorded an accrual $1.3 million for IDX sales and use taxes that were not remitted prior to January 1, 2022.

Our goodwill and identifiable intangible assets have been impaired and could become further impaired, which could reduce the value of our assets and reduce our net income in the year in which the write-off occurs.

54


 

Goodwill represents the excess of the cost of an acquisition over the fair value of the net assets acquired. We also ascribe value to certain identifiable intangible assets, which consist primarily of customer relationships, developed technology, and trade names, among others, as a result of acquisitions. We may incur impairment charges on goodwill or identifiable intangible assets if we determine that the fair values of goodwill or identifiable intangible assets are less than their current carrying values. We evaluate, on a regular basis, whether events or circumstances have occurred that indicate all, or a portion, of the carrying amount of goodwill may no longer be recoverable, in which case an impairment charge to earnings would become necessary.

A decline in general economic conditions or global equity valuations could impact the judgments and assumptions about the fair value of our business and we could be required to record impairment charges on our goodwill or other identifiable intangible assets in the future, which could impact our consolidated balance sheet, as well as our consolidated statement of comprehensive loss.

The Company recorded goodwill impairment charges of $284.2 million during the year ended January 31, 2024. The Company recorded a $72.1 million impairment charge as result of its annual test of goodwill as of October 31, 2023, and a $212.1 million impairment charge as result of the interim test of goodwill as of January 31, 2024.

If our estimates or judgments relating to our critical accounting policies prove to be incorrect or financial reporting standards or interpretations change, our results of operations could be adversely affected.

The preparation of financial statements in conformity with GAAP requires management to make estimates and assumptions that affect the amounts reported in our consolidated financial statements and accompanying notes. We have historically based our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances as discussed in the sections titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations of ZeroFox” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations of IDX.” The results of these estimates form the basis for making judgments about the carrying values of assets, liabilities, and equity, and the amount of revenue and expenses that are not readily apparent from other sources. Significant assumptions and estimates used in our consolidated financial statements include, and may include in the future, those related to revenue recognition; valuation of intangibles in purchase accounting; allowance for doubtful accounts; costs to obtain or fulfill a contract; valuation of common stock; carrying value and useful lives of long-lived assets; loss contingencies; and the provision for income taxes and related deferred taxes. Our operating results may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions, which could cause our operating results to fall below the expectations of industry or financial analysts and investors, resulting in a decline in the market price of our Common Stock.

55


 

Additionally, we will regularly monitor our compliance with applicable financial reporting standards and review new pronouncements and drafts thereof that are relevant to us. As a result of new standards, changes to existing standards and changes in their interpretation, we might be required to change our accounting policies, alter our operational policies and implement new or enhance existing systems so that they reflect new or amended financial reporting standards, or we may be required to restate our published financial statements. Such changes to existing standards or changes in their interpretation may have an adverse effect on our reputation, business, financial position, and profit, or cause an adverse deviation from our revenue and operating profit targets, which may negatively impact our financial results.

Risks Related to the Business Combination, Being a Public Company, and Integration of the Predecessor and IDX

The integration of two companies with different organization and compensation structures presents significant management challenges. There can be no assurance that this integration, and the synergies expected to result from that integration, will be achieved as rapidly or to the extent currently anticipated.

The Business Combination involves the integration of two businesses that currently operate as independent businesses. We are devoting significant management attention and resources to integrating business practices and operations following the Closing. We may encounter potential difficulties in the integration process including the following:

the inability to successfully integrate our businesses, including operations, technologies, products and services, in a manner that permits us to achieve the cost savings and operating synergies anticipated to result from the Business Combination, which could result in the anticipated benefits of the Business Combination not being realized partly or wholly in the time frame currently anticipated or at all;
the loss of customers as a result of certain customers of either or both of the two businesses deciding not to continue to do business with us, or deciding to decrease their amount of business in order to reduce their reliance on a single company;
the necessity of coordinating geographically separated organizations, systems, and facilities;
the integration of personnel, including sales teams, with diverse business backgrounds and business cultures, while maintaining focus on providing consistent, high-quality products and services;
the consolidation and rationalization of information technology platforms and administrative infrastructures as well as accounting systems and related financial reporting activities; and
the challenge of preserving important relationships of both companies and resolving potential conflicts that may arise.

56


 

Furthermore, it is possible that the integration process could result in the loss of talented employees or skilled workers of the companies. The loss of talented employees and skilled workers could adversely affect our ability to successfully conduct our business because of such employees’ experience and knowledge of the respective business. In addition, we could be adversely affected by the diversion of management’s attention and any delays or difficulties encountered in connection with the integration of the companies. The process of integrating operations could cause an interruption of, or loss of momentum in, the activities of the businesses. If we experience difficulties with the integration process, the anticipated benefits of the Business Combination may not be realized fully or at all, or may take longer to realize than expected. These integration matters could have an adverse effect on our business, results of operations, financial condition or prospects during this transition period and for an undetermined period after completion of the Business Combination.

We will incur significant increased expenses and administrative burdens as a public company, which could negatively impact our business, financial condition, and results of operations.

We face increased legal, accounting, administrative, and other costs and expenses as a public company that we have not historically incurred. The Sarbanes-Oxley Act, including the requirements of Section 404(a) relating to disclosing (i) management’s responsibility for establishing and maintaining internal control over financial reporting and (ii) annually assessing the effectiveness of the internal control over financial reporting, as well as rules and regulations subsequently implemented by the SEC, the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 and the rules and regulations promulgated and to be promulgated thereunder, the Public Company Accounting Oversight Board (PCAOB) and the securities exchanges, impose additional reporting and other obligations on public companies. Compliance with public company requirements will increase costs and make certain activities more time-consuming. Our management and other personnel are required to devote a substantial amount of time to compliance with these requirements.

We have made, and will continue to make, changes to our internal control over financial reporting, including IT controls, procedures for financial reporting, and accounting systems to meet our reporting obligations as a public company. However, the measures we take may not be sufficient to satisfy our obligations as a public company. If we do not continue to develop and implement the right processes and tools to manage our changing enterprise and maintain our culture, our ability to compete successfully and achieve our business objectives could be impaired, which could negatively impact our business, financial condition, and results of operations. In addition, we cannot predict or estimate the amount of additional costs we may incur to comply with these requirements. We anticipate that these costs will materially increase our general and administrative expenses.

These rules and regulations result in our incurring legal and financial compliance costs and will make some activities more time-consuming and costly. For example, we expect these rules and regulations to make it more difficult and more expensive for us to obtain director and officer liability insurance, and we may be required to accept reduced policy limits and coverage or incur substantially higher costs to obtain the same or similar coverage. As a result, it may be more difficult for us to attract and retain qualified people to serve on our Board, on our Board committees or as executive officers.

 

57


 

Our management has limited experience in operating a public company.

Our executive officers have limited experience in the management of a publicly traded company. Our management team may not successfully or effectively manage our transition to a public company that is subject to significant regulatory oversight and reporting obligations under federal securities laws. Their limited experience in dealing with the increasingly complex laws pertaining to public companies could be a significant disadvantage in that it is likely that an increasing amount of their time may be devoted to these activities, which results in less time being devoted to our management and growth. We may not have adequate personnel with the appropriate level of knowledge, experience, and training in the accounting policies, practices or internal control over financial reporting required of public companies in the United States. The development and implementation of the standards and controls necessary for us to achieve the level of accounting standards required of a public company in the United States may require costs greater than expected. It is possible that we will be required to expand our employee base and hire additional employees to support our operations as a public company, which will increase our operating costs in future periods.

We qualify as an “emerging growth company.” The reduced public company reporting requirements applicable to emerging growth companies may make our Common Stock less attractive to investors.

We qualify as an “emerging growth company” under SEC rules. As an emerging growth company, we are permitted and plan to rely on exemptions from certain disclosure requirements that are applicable to other public companies that are not emerging growth companies. These provisions include, but are not limited to: (1) an exemption from compliance with the auditor attestation requirement in the assessment of internal control over financial reporting pursuant to Section 404 of the Sarbanes-Oxley Act of 2002, (2) not being required to comply with any requirement that may be adopted by the PCAOB regarding mandatory audit firm rotation or a supplement to the auditor’s report providing additional information about the audit and the financial statements, (3) reduced disclosure obligations regarding executive compensation arrangements in periodic reports, registration statements, and proxy statements, and (4) exemptions from the requirements of holding a nonbinding advisory vote on executive compensation and stockholder approval of any golden parachute payments not previously approved. Further, Section 102(b)(1) of the JOBS Act exempts emerging growth companies from being required to comply with new or revised financial accounting standards until private companies (that is, those that have not had a Securities Act registration statement declared effective or do not have a class of securities registered under the Exchange Act) are required to comply with the new or revised financial accounting standards. The JOBS Act provides that a company can elect to opt out of the extended transition period and comply with the requirements that apply to non-emerging growth companies but any such election to opt out is irrevocable. As a result, the information we provide is different than the information that is available with respect to other public companies that are not emerging growth companies. If some investors find our Common Stock less attractive as a result, there may be a less active trading market for our Common Stock, and the market price of our Common Stock may be more volatile.

 

58


 

Uncertainty about the effects of the Business Combination may affect our ability to retain key employees and integrate management structures and may materially impact the management, strategy, and results of our operation as a combined company.

Uncertainty about the effects of the Business Combination on our business, employees, customers, third parties with whom we have relationships, and other third parties may adversely affect us. These uncertainties may impair our ability to attract, retain, and motivate key personnel for a period of time after the Business Combination. If key employees depart because of issues related to the uncertainty and difficulty of integration or a desire not to remain with our Company, our business could be harmed.

Some of our existing agreements contain change in control or early termination rights that may have been implicated by the Business Combination.

Parties with which we have been doing business, including customers and suppliers, may experience uncertainty associated with the Business Combination, including with respect to current or future business relationships with us. As a result, our business relationships may be subject to disruptions if customers, suppliers or others attempt to negotiate or renegotiate changes in existing business relationships or consider entering into business relationships with parties other than us. For example, certain customers, suppliers, and third-party providers may assert contractual consent rights or termination rights that may have been triggered by a change of control. These disruptions could harm our relationships with existing third parties with whom we have relationships, all of which could have a material adverse effect on our business, financial condition, and results of operations, cash flows, and/or share price of our Common Stock.

Risks Related to Legal and Regulatory Matters

Failure to adequately obtain, maintain, protect, and enforce our intellectual property and other proprietary rights could adversely affect our business.

Our success and ability to compete depends in part on our ability to protect the proprietary information, methods, software, and technologies that we develop, hold, or claim under a combination of intellectual property and proprietary rights in and outside the U.S. Despite our efforts, third parties may still attempt to disclose, obtain, copy, use or otherwise exploit our intellectual property or other proprietary information, methods or technologies without our authorization, and our efforts to protect our intellectual property and other proprietary rights may not prevent such unauthorized disclosure, use, exploitation, misappropriation, infringement, reverse engineering or other violation of our intellectual property or other proprietary rights. Further, effective protection of our rights may not be available to us in every country in which our Platform or products and solutions are available. The laws of some countries also may not be as protective of intellectual property and other proprietary rights as those in the U.S., and mechanisms for enforcement of intellectual property and other proprietary rights may be inadequate. In addition, we may need to license our intellectual property in order to participate in patent pools or industry standard setting activities or to receive third-party grants as a part of stand-alone licensing arrangements. Accordingly, despite our efforts, we may be unable to prevent third parties from using our intellectual property or other proprietary information or technology.

59


 

While we hold a number of issued patents and have a number of pending patent applications, we may be unable to obtain patent protection for the technology covered in our patent applications or such patent protection may not be obtained quickly enough to meet our business needs. Furthermore, the patent prosecution process is expensive, time-consuming, and complex, and we may not be able to prepare, file, prosecute, maintain, and enforce all necessary or desirable patent applications at a reasonable cost or in a timely manner. The scope of patent protection also can be reinterpreted after issuance and issued patents may be invalidated. Even if our patent applications do issue as patents, they may not issue in a form that is sufficiently broad to protect our technology, prevent competitors or other third parties from competing with us, or otherwise provide us with any competitive advantage. In addition, any of our patents, copyrights, trademarks, or other proprietary rights may be challenged, narrowed, invalidated, held unenforceable, or circumvented in litigation or other proceedings, including, where applicable, opposition, re-examination, inter partes review, post-grant review, interference, nullification and derivation proceedings, and equivalent proceedings in foreign jurisdictions, and such intellectual property or other proprietary rights may be lost or no longer provide us meaningful competitive advantages. Such proceedings may result in substantial cost and require significant time from our management, even if the eventual outcome is favorable to us. Third parties also may legitimately and independently develop solutions, services, and technology similar or duplicative of our Platform.

Besides protection under intellectual property laws, we enforce and protect our rights through confidentiality or license agreements that we generally enter into with our corporate partners, employees, consultants, advisors, vendors, and customers. We generally limit access to our intellectual property and control access to our proprietary information. However, we cannot guarantee protection of our intellectual property or proprietary information with all of the parties who may have or have had access, and we cannot guarantee that such agreements we have entered into will not be breached or challenged, or that such breaches will be detected. Furthermore, non-disclosure provisions within such agreements can be difficult to enforce, and even if successfully enforced, may not be entirely effective.

Despite our efforts, we cannot guarantee that any of the measures we have taken will limit the unauthorized use of our proprietary information or prevent infringement, misappropriation, or other violation of our technology or other intellectual property or proprietary rights. We may be an attractive target for cyberattacks or other unauthorized intrusion or access, and we may also have a heightened risk of unauthorized access to, and misappropriation of, our proprietary and competitively sensitive information. We therefore may be required to spend significant resources to monitor and protect our intellectual property and other proprietary rights, and we may conclude that in at least some instances the benefits of protecting our intellectual property or other proprietary rights may be outweighed by the expense or distraction to our management. We may initiate claims or litigation against third parties for infringement, misappropriation, or other violation of our intellectual property or other proprietary rights or to establish the validity of our intellectual property or other proprietary rights. Any such claims or litigation, whether or not it is resolved in our favor, could be time-consuming, result in significant expense to us and divert the efforts of our technical and management personnel. Furthermore, attempts to enforce our intellectual property rights against third parties could also provoke these third parties to assert their own intellectual property or other rights against us, or result in a holding that invalidates or narrows the scope of our intellectual property rights, in whole or in part.

60


 

Claims by others that we infringe their proprietary technology or other intellectual property rights could result in significant costs and substantially harm our business, financial condition, results of operations, and prospects.

Claims by others that we infringe their intellectual property rights or violate other rights in their proprietary technology could harm our business. Companies in our industry hold a large number of patents and also protect their copyright, trade secret, and other intellectual property rights, and companies in the security industry frequently enter into litigation based on allegations of patent infringement or other violations of intellectual property rights. As we face increasing competition and grow, the possibility of intellectual property rights claims against us also grows. In addition, to the extent we hire personnel from competitors, we may be subject to allegations that such personnel have divulged proprietary or other confidential information to us.

Third parties may in the future also assert claims against our customers or channel partners, whom our standard license and other agreements obligate us to indemnify against third-party claims that our products and solutions infringe the intellectual property rights of third parties. As the number of products and competitors in the security and IT operations market increases and overlaps occur, third-party claims of infringement, misappropriation, and other violations of intellectual property rights may also increase. While we intend to increase the size of our patent portfolio, many of our competitors and others may now and in the future have significantly larger and more mature patent portfolios than we have. In addition, future litigation may involve non-practicing entities, companies or other patent owners who have no relevant product offerings or revenue and against whom our own patents may therefore provide little or no deterrence or protection. Any claim of intellectual property infringement by a third party, even a claim without merit, could cause us to incur substantial costs defending against such claim, could distract our management from our business and could require us to cease use of such intellectual property.

Additionally, our insurance policies may not cover intellectual property infringement claims. In the event that we fail to successfully defend ourselves against an infringement claim, a successful claimant could secure a judgment or otherwise require payment of legal fees, settlement payments, ongoing royalties or other costs or damages; we may agree to a settlement that prevents us from offering certain services or features; or we may be required to obtain a license, which may not be available on reasonable terms, or at all, to use the relevant technology. If we are prevented from using certain technology or intellectual property, we may be required to develop alternative, non-infringing technology, which could require significant time and costs, during which we could be unable to continue to offer our affected products and services or features, and may ultimately not be successful. Any of these events could harm our business, financial condition, and results of operations.

Although third parties may alternatively offer a license to their technology or other intellectual property, the terms of any such license may not be acceptable, and the failure to obtain a license or the costs associated with any license could cause our business, financial condition, and results of operations to be adversely affected. In addition, some licenses may be nonexclusive, and therefore our competitors may have access to the same technology licensed to us.

 

61


 

Some of our technologies incorporate “open-source” software, which could negatively affect our ability to sell our Platform and subject us to possible litigation.

Our platform and subscriptions contain third-party open-source software components, and failure to comply with the terms of the underlying open-source software licenses could restrict our ability to sell our Platform and services. The use and distribution of open-source software may also entail greater risks than the use of third-party commercial software, as open-source licensors generally do not provide warranties or other contractual protections regarding infringement claims or the quality of the code. Many of the risks associated with use of open-source software cannot be eliminated and could negatively affect our business. In addition, the wide availability of open code used in our solutions could expose us to security vulnerabilities.

Certain open-source licenses may contain requirements that we make available source code for the modifications or derivative works we create based upon the type of open-source software used. If we combine our proprietary software with such open-source software, under such open-source licenses, we may be required to release the source code of our proprietary software to the public, including authorizing further modification and redistribution, or otherwise be limited in the licensing of our services, each of which could provide an advantage to our competitors or other entrants to the market, create security vulnerabilities in our solutions, require us to re-engineer all or a portion of our Platform, and could reduce or eliminate the value of our services. This would allow our competitors to create similar products with lower development effort and time and ultimately could result in a loss of sales for us.

The terms of many open-source licenses have not been interpreted by U.S. courts, and there is a risk that these licenses could be construed in ways that could impose unanticipated conditions or restrictions on our ability to commercialize products, solutions, and subscriptions incorporating such software. Moreover, we cannot assure you that our processes for controlling our use of open-source software in our products, solutions, and subscriptions have been or will be effective. From time to time, we may face claims from third parties asserting ownership of, or demanding release of, the open-source software or derivative works that we developed using such software (which could include our proprietary source code), or otherwise seeking to enforce the terms of the applicable open-source license. These claims could result in litigation that could be costly to defend, have a negative effect on our operating results and financial condition or require us to devote additional research and development resources to change our solutions. Responding to any infringement or noncompliance claim by an open-source vendor, regardless of its validity, discovering certain open-source software code in our Platform, or a finding that we have breached the terms of an open-source software license, could harm our business, results of operations and financial condition, by, among other things:

resulting in time-consuming and costly litigation;
diverting management’s time and attention from developing our business;
requiring us to pay monetary damages or enter into royalty and licensing agreements that we would not normally find acceptable;
causing delays in the deployment of our Platform or service offerings to our customers;
requiring us to stop offering certain services or features of our Platform;

62


 

requiring us to redesign certain components of our Platform using alternative non-infringing or non-open-source technology, which could require significant effort and expense;
requiring us to disclose our proprietary software source code and the detailed program commands for our software;
prohibiting us from charging license fees for the proprietary software that uses certain open source; and
requiring us to satisfy indemnification obligations to our customers.

We may become involved in litigation that may adversely affect us.

We may become subject to claims, suits, and government investigations and other proceedings including patent, product liability, class action, whistleblower, personal injury, property damage, labor and employment (including all allegations of wage and hour violations), commercial disputes, compliance with laws and regulatory requirements and other matters, and we may become subject to additional types of claims, suits, investigations, and proceedings as our business develops. Such claims, suits, and government investigations and proceedings are inherently uncertain, and their results cannot be predicted. Regardless of the outcome, any of these types of legal proceedings can have an adverse impact on us because of legal costs and diversion of management attention and resources and could cause us to incur significant expenses or liability, adversely affect our brand recognition, and/or require us to change our business practices. The expense of litigation and the timing of this expense from period to period are difficult to estimate, subject to change and could adversely affect our results of operations. It is possible that a resolution of one or more such proceedings could result in substantial damages, settlement costs, fines and penalties that could adversely affect our business, consolidated financial position, results of operations, or cash flows in a particular period. These proceedings could also result in reputational harm, sanctions, consent decrees, or orders requiring a change in our business practices. Because of the potential risks, expenses, and uncertainties of litigation, we may, from time to time, settle disputes, even where we have meritorious claims or defenses, by agreeing to settlement agreements. Because litigation is inherently unpredictable, we cannot assure you that the results of any of these actions will not have a material adverse effect on our business, financial condition, results of operations, and prospects. Any of these consequences could adversely affect our business and results of operations.

 

63


 

If we are not able to satisfy data protection, security, privacy, and other government- and industry-specific requirements or regulations, our business, results of operations, and financial condition could be harmed.

Personal privacy, data protection, information security regulations, and other laws applicable to specific categories of information raise significant issues in the U.S., Europe and in other jurisdictions where we offer our products and solutions. The data that we collect, analyze, and store is subject to a variety of laws and regulations, including regulation by various government agencies. The U.S. federal government, and various state and foreign governments, have adopted or proposed limitations on the collection, distribution, use, retention, protection, transfer, processing, and storage of certain categories of information, such as the personal information of individuals. These laws and regulations include, but are not limited to, the Federal Trade Commission Act, the Computer Fraud and Abuse Act, the Health Insurance Portability and Accountability Act and the Gramm-Leach-Bliley Act.

The nature of cybersecurity product and service offerings requires the collection of various types of data. In the operation of our business we may collect the types of data covered by these laws and regulations including personally identifiable information, such as information about an individual’s health and financial information about individuals. To the extent we are in possession of such data and these various laws and regulations are determined to apply to us, this could require us to adopt additional operational, technological, and security measures to protect and manage such information which could increase our costs of operations. Our failure to comply with such laws and regulations could also result in monetary fines and reputational damage which would have a negative impact on our business. Laws and regulations outside the U.S., and particularly in Europe, often are more restrictive than those in the U.S. Applicable laws and regulations may require us to implement privacy and security policies, permit customers to access, correct, and delete personal information stored or maintained by us, inform individuals of security breaches that affect their personal information, and, in some cases, obtain individuals’ consents to use personal information for certain purposes. In addition, some foreign governments require that personal information collected in a country not be disseminated outside of that country without consent or other implemented safeguards.

We may find it necessary or desirable to join industry or other self-regulatory bodies or other information security or data protection-related organizations that require compliance with their rules pertaining to information security and data protection. We also may be bound by additional, more stringent contractual obligations with our customers and partners relating to our collection, use and disclosure of personal, financial, and other data. We expect that there will continue to be new proposed laws, regulations, and industry standards concerning privacy, data protection, information security, specific categories of data, and electronic services in the U.S., the E.U. and other jurisdictions in which we operate or may operate, and we cannot yet determine the impact such future laws, regulations, standards, or perception of their requirements may have on our business.

64


 

For example, the GDPR applies to the processing (which includes the collection and use) of certain personal data of data subjects in the European Economic Area (EEA). As compared to previously effective data protection law in the European Union, the GDPR imposes additional obligations and resulting risk upon our business and increases substantially the penalties to which we could be subject in the event of any non-compliance. Administrative fines under the GDPR can amount to 20,000,000 Euros or four percent of our worldwide annual revenue for the prior fiscal year, whichever is higher. We may be required to incur, in the future, substantial expense in complying with the obligations imposed by the GDPR, potentially making significant changes in our business operations, which may adversely affect our revenue and our business overall. Additionally, because there have been very few GDPR actions enforced against companies similar to ours, we are unable to predict how they will be applied to us or our customers. Despite our efforts to comply with the GDPR, a regulator may determine that we have not done so and subject us to fines and public censure, which could harm our Company financially and negatively affect our reputation. Among other requirements, the GDPR regulates transfers of personal data subject to the GDPR to third countries that have been found to not provide adequate protection to such personal data, including the U.S. We have undertaken certain efforts to conform transfers of personal data from the EEA to the U.S. and other jurisdictions based on our understanding of current regulatory obligations and the guidance of data protection authorities. Despite this, we may be unsuccessful in establishing or maintaining conforming means of transferring such data from the EEA, in particular because of continued legal and legislative activity within the European Union that has challenged or called into question the legal basis for existing means of data transfers to countries (including the U.S.) that have been found to not provide adequate protection for personal data.

The implementation of the GDPR has led other jurisdictions to either amend existing laws or propose new data privacy and cybersecurity laws to resemble all or a portion of the requirements of the GDPR (e.g., for purposes of having an adequate level of data protection to facilitate data transfers from the E.U.). Accordingly, the challenges we face in the E.U. will likely also apply to other jurisdictions outside the E.U. that adopt laws similar to the GDPR or regulatory frameworks of equivalent complexity. For example, the California Consumer Privacy Act of 2018, or CCPA, became enforceable on July 1, 2020. The CCPA has been characterized as the first “GDPR-like” privacy statute to be enacted in the U.S. because it contains several provisions similar to certain provisions of the GDPR. In addition, the California Privacy Rights Act of 2020, or the CPRA, was passed by California voters in November 2020. The CPRA amends the CCPA by creating additional privacy rights for California consumers and additional obligations on businesses, which could subject us to additional compliance costs as well as potential fines, individual claims, and commercial liabilities. The majority of the CPRA provisions took effect on January 1, 2023. The CCPA and CPRA could mark the beginning of a trend toward more stringent privacy legislation in the U.S., as other states or the federal government may follow California’s lead and increase protections for U.S. residents. For example, the Virginia Consumer Data Protection Act and the CCPA have already prompted several proposals for new federal and state privacy legislation that, if passed, could increase our potential liability, add layers of complexity to compliance in the U.S. market, increase our compliance costs and adversely affect our business.

65


 

Evolving and changing definitions of personal data and personal information within the E.U., the U.S. and elsewhere, especially relating to classification of IP addresses, machine identification, location data and other information, may limit or inhibit our ability to operate or expand our business, including limiting technology alliance partnerships with other security vendors that may involve the sharing of data. Even the perception of privacy concerns, whether or not valid, may harm our reputation, inhibit adoption of our products by current and future customers, or adversely impact our ability to attract and retain workforce talent. In addition, changes in laws or regulations that adversely affect the use of the internet, including laws impacting net neutrality, could impact our business. We expect that existing laws, regulations and standards may be interpreted in new manners in the future. Future laws, regulations, standards, and other obligations, and changes in the interpretation of existing laws, regulations, standards, and other obligations could require us to modify our products and solutions, restrict our business operations, increase our costs and impair our ability to maintain and grow our customer base and increase our revenue.

Beyond broader data processing regulations affecting our business, the overall cybersecurity industry may face direct regulation. For example, in 2018, Singapore introduced what is believed to be the world’s first cybersecurity licensing requirement, mandating that providers of specific types of incident response services receive a government license before providing such services. License requirements such as these may impose upon us significant organizational costs and high barriers of entry into new markets.

Although we have worked and will continue to work to comply with applicable laws and regulations, applicable industry standards with which we represent compliance, and our contractual obligations, such laws, regulations, standards, and obligations are evolving and may be modified, interpreted and applied in an inconsistent manner from one jurisdiction to another, and may conflict with one another. In addition, they may conflict with other requirements or legal obligations that apply to our business or the security features and services that our customers expect from our solutions. As such, we cannot assure ongoing compliance with all such laws, regulations, standards, and obligations which may change in the future. Any failure or perceived failure by us or our employees, representatives, contractors, channel partners, agents, intermediaries, or other third parties to comply with applicable laws and regulations, or applicable industry standards that we represent compliance with or that may be asserted to apply to us, or to comply with employee, customer, partner, and other data privacy and data security requirements pursuant to contract and our stated notices or policies, could result in enforcement actions against us, including fines, imprisonment of company officials and public censure, claims for damages by customers and other affected individuals, damage to our reputation and loss of goodwill (both in relation to existing customers and prospective customers), any of which could have a material adverse effect on our operations, financial performance and business. Any inability of us or our employees, representatives, contractors, channel partners, agents, intermediaries, or other third parties to adequately address privacy and security concerns, even if unfounded, or comply with applicable laws, regulations, standards, and obligations, could result in additional cost and liability to us, damage our reputation, inhibit sales, and adversely affect our business and results of operations.

66


 

We are subject to laws and regulations, including governmental export and import controls, sanctions, foreign investment screening, and anti-corruption laws, that could impair our ability to compete in our markets and subject us to liability if we are not in full compliance with applicable laws.

We are subject to laws and regulations, including governmental export controls, that could subject us to liability or impair our ability to compete in our markets. Our products and solutions are subject to U.S. export controls, including the U.S. Department of Commerce’s Export Administration Regulations, and we and our employees, representatives, contractors, agents, intermediaries, and other third parties are also subject to various economic and trade sanctions regulations administered by the U.S. Treasury Department’s Office of Foreign Assets Control. We incorporate standard encryption algorithms into our products, which, along with the underlying technology, may be exported outside of the U.S. only with the required export authorizations, including by license, license exception or other appropriate government authorizations, which may require the filing of an encryption registration and classification request. Furthermore, U.S. export control laws and economic sanctions prohibit the shipment of certain cloud-based solutions to countries, governments, and persons targeted by U.S. sanctions. We also collect information about cyber threats from internet-accessible, and non-internet routable sources, intermediaries, and third parties that we make available to our customers in our threat industry publications. While we have implemented certain procedures to facilitate compliance with applicable laws and regulations in connection with the collection of this information, we cannot assure you that these procedures have been effective or that we, or third parties, many of whom we do not control, have complied with all laws or regulations in this regard. Failure by our employees, representatives, contractors, channel partners, agents, intermediaries, or other third parties to comply with applicable laws and regulations in the collection of this information also could have negative consequences to us, including reputational harm, government investigations and penalties.

Although we take precautions to prevent our information collection practices and services from being provided in violation of such laws, our information collection practices and services may have been in the past, and could in the future be, provided in violation of such laws. If we or our employees, representatives, contractors, channel partners, agents, intermediaries, or other third parties fail to comply with these laws and regulations, we could be subject to civil or criminal penalties, including the possible loss of export privileges and fines. We may also be adversely affected through reputational harm, loss of access to certain markets, or otherwise. Obtaining the necessary authorizations, including any required license, for a particular transaction may be time-consuming, is not guaranteed and may result in the delay or loss of sales opportunities.

67


 

Various countries regulate the import of certain encryption technology, including through import permit and license requirements, and have enacted laws that could limit our ability to distribute our products or could limit our customers’ ability to implement our products in those countries. Changes in our products and solutions or changes in export and import regulations may create delays in the introduction of our products and solutions into international markets, prevent our customers with international operations from deploying our products and solutions globally or, in some cases, prevent the export or import of our products and solutions to certain countries, governments or persons altogether. Any change in export or import regulations, economic sanctions or related legislation, shift in the enforcement or scope of existing regulations, or change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our products and solutions by, or in our decreased ability to export or sell our products and solutions to, existing or potential customers with international operations. Any decreased use of our products and solutions or limitation on our ability to export or sell our products and solutions would likely adversely affect our business, results of operations, and financial condition.

We may be subject to review and enforcement under domestic and foreign laws that screen investment and to other national-security-related laws and regulations. In certain jurisdictions, these regulatory requirements may be more stringent than in the United States and may impact cybersecurity providers more specifically. As a result of these laws, investments by certain investors may impose added costs on our business, impact our operations, and/or limit our ability to engage in strategic transactions that might otherwise be beneficial to us and our investors.

68


 

We are also subject to the Foreign Corrupt Practices Act (FCPA), the U.K. Anti-Bribery Act, and other anti-corruption, sanctions, anti-bribery, anti-money laundering, and similar laws in the U.S. and other countries in which we conduct activities. Anti-corruption and anti-bribery laws, which have been enforced aggressively and are interpreted broadly, prohibit companies and their employees, agents, intermediaries, and other third parties from promising, authorizing, making or offering improper payments or other benefits to government officials and others in the private sector. We leverage third parties, including intermediaries, agents, and channel partners, to conduct our business in the U.S. and abroad, to sell subscriptions to our Platform and to collect information about cyber threats. We and these third parties may have direct or indirect interactions with officials and employees of government agencies, or state-owned or affiliated entities and we may be held liable for the corrupt or other illegal activities of these third-party business partners and intermediaries, our employees, representatives, contractors, channel partners, agents, intermediaries, and other third parties, even if we do not explicitly authorize such activities. While we have policies and procedures to address compliance with the FCPA, the U.K. Anti-Bribery Act and other anti-corruption, sanctions, anti-bribery, anti-money laundering and similar laws, we cannot assure you that they will be effective, or that all of our employees, representatives, contractors, channel partners, agents, intermediaries, or other third parties have not taken, or will not take actions, in violation of our policies and applicable law, for which we may be ultimately held responsible. As we increase our international sales and business, our risks under these laws may increase. Noncompliance with these laws could subject us to investigations, severe criminal or civil sanctions, settlements, prosecution, loss of export privileges, suspension or debarment from U.S. government contracts, other enforcement actions, disgorgement of profits, significant fines, damages, other civil and criminal penalties or injunctions, whistleblower complaints, adverse media coverage, and other consequences. Any investigations, actions or sanctions could harm our reputation, business, results of operations, and financial condition.

Risks Related to Ownership of our Common Stock and Public Warrants

There can be no assurance that we will be able to comply with the continued listing standards of Nasdaq.

If we fail to satisfy the continued listing requirements of Nasdaq such as the corporate governance requirements or the minimum share price requirement, Nasdaq may take steps to delist our securities. Such a delisting would likely have a negative effect on the price of the securities and would impair your ability to sell or purchase the securities when you wish to do so. In the event of a delisting, we can provide no assurance that any action taken by us to restore compliance with listing requirements would allow our securities to become listed again, stabilize the market price or improve the liquidity of our securities, prevent our securities from dropping below the Nasdaq minimum share price requirement or prevent future non-compliance with Nasdaq’s listing requirements. Additionally, if our securities are not listed on, or become delisted from, Nasdaq for any reason, and are quoted on the OTC Bulletin Board, an inter-dealer automated quotation system for equity securities that is not a national securities exchange, the liquidity and price of our securities may be more limited than if we were quoted or listed on Nasdaq or another national securities exchange. You may be unable to sell your securities unless a market can be established or sustained.

69


 

Our business and operations could be negatively affected if we become subject to any securities litigation or shareholder activism, which could cause us to incur significant expense, hinder execution of our business and growth strategy, and impact our stock price.

In the past, following periods of volatility in the market price of a company’s securities, securities class action litigation has often been brought against that company. Shareholder activism, which could take many forms or arise in a variety of situations, has been increasing recently. Volatility in the stock price of our Common Stock or other reasons may in the future cause it to become the target of securities litigation or shareholder activism. Securities litigation and shareholder activism, including potential proxy contests, could result in substantial costs and divert management’s and our Board’s attention and resources from our business. Additionally, such securities litigation and shareholder activism could give rise to perceived uncertainties as to our future, adversely affect our relationships with service providers and make it more difficult to attract and retain qualified personnel. Also, we may be required to incur significant legal fees and other expenses related to any securities litigation and activist shareholder matters. Further, our stock price could be subject to significant fluctuation or otherwise be adversely affected by the events, risks and uncertainties of any securities litigation and shareholder activism.

The market price of shares of our Common Stock may be volatile, which could cause the value of stockholder investments to decline.

The market price of our Common Stock may be highly volatile and could be subject to wide fluctuations. Securities markets worldwide experience significant price and volume fluctuations. Market volatility, as well as general economic, market or political conditions, could reduce the market price of shares of our Common Stock regardless of our operating performance.

In addition, our operating results could be below the expectations of public market analysts and investors due to a number of potential factors, including:

variations in operating results or dividends, if any, to stockholders;
additions or departures of key management personnel;
publication of research reports about our industry;
litigation and government investigations;
changes or proposed changes in laws or regulations or differing interpretations or enforcement of laws or regulations affecting our business;
adverse market reaction to any indebtedness incurred or securities issued in the future;
changes in market valuations of similar companies;
adverse publicity or speculation in the press or investment community;
the development and sustainability of an active trading market for our Common Stock;
announcements by competitors of significant contracts, acquisitions, dispositions, strategic partnerships, joint ventures, or capital commitments; and
the impact of the COVID-19 pandemic (or future pandemics) on our management, employees, partners, customers, and operating results.

70


 

In response to any of the foregoing developments, the market price of shares of our Common Stock could decrease significantly. You may be unable to resell your shares at or above your purchase price.

If our operating and financial performance in any given period does not meet the guidance provided to the public or the expectations of investment analysts, the market price of our Common Stock may decline.

We may, but are not obligated to, provide public guidance on our expected operating and financial results for future periods. Any such guidance will consist of forward-looking statements, subject to the risks and uncertainties described in this Annual Report and in our other public filings and public statements. Our actual results may not always be in line with or exceed any guidance we have provided, especially in times of economic uncertainty. If, in the future, our operating or financial results for a particular period do not meet any guidance provided or the expectations of investment analysts, or if we reduce our guidance for future periods, the market price of our Common Stock may decline as well. Even if we do issue public guidance, there can be no assurance that we will continue to do so in the future.

If securities or industry analysts do not publish research or reports about our business or publish negative reports, the market price of our Common Stock could decline.

The trading market for our Common Stock is influenced by the research and reports that industry or securities analysts publish about us and our business. If regular publication of research reports ceases, we could lose visibility in the financial markets, which in turn could cause the market price or trading volume of our Common Stock to decline. Moreover, if one or more of the analysts who cover us downgrade our Common Stock or if reporting results do not meet their expectations, the market price of our Common Stock could decline.

 

71


 

We may issue additional shares of our Common Stock (including upon the exercise of warrants), which would increase the number of shares eligible for future resale in the public market and result in dilution to Company stockholders.

The Warrants became exercisable on September 2, 2022, provided in each case that we have an effective registration statement under the Securities Act covering the shares of our Common Stock issuable upon exercise of our Warrants and a current prospectus relating to them is available and such shares are registered, qualified or exempt from registration under the securities, or blue sky, laws of the state of residence of the holder (or holders exercise their warrants on a cashless basis under the circumstances specified in the Warrant Agreement). Each Warrant entitles the holder thereof to purchase one share of our Common Stock at a price of $11.50 per whole share, subject to adjustment. In addition, the Convertible Notes initially will be convertible into approximately 13,043,473 shares of our Common Stock, subject to increase to the extent that we exercise our option to pay interest in kind with respect to the Convertible Notes rather than in cash (please see “Risk Factors—Risks Related to Ownership of our Common Stock—Our issued and outstanding notes may impact our financial results, result in the dilution of our stockholders, create downward pressure on the price of our Common Stock, and restrict our ability to raise additional capital or take advantage of future opportunities.”) The issuance of additional shares of our Common Stock as a result of any of the aforementioned transactions may result in dilution to the then-existing holders of our Common Stock and increase the number of shares eligible for resale in the public market. Sales of substantial numbers of such shares in the public market could adversely affect the market price of our Common Stock.

We may issue additional shares of our Common Stock or other equity securities without stockholder approval, which would dilute stockholder ownership interests and may depress the market price of our Common Stock.

Pursuant to the Incentive Equity Plan, we may issue an aggregate of up to 23,887,536 shares of Common Stock as of January 1, 2024, which amount will be subject to increase from time to time. We may also issue additional shares of our Common Stock or other equity securities of equal or senior rank in the future in connection with, among other things, future acquisitions or repayment of outstanding indebtedness, without stockholder approval, in a number of circumstances.

The issuance of additional shares or other equity securities of equal or senior rank would have the following effects:

existing stockholders’ proportionate ownership interest in us will decrease;
the amount of cash available per share, including for payment of dividends in the future, may decrease;
the relative voting strength of each share of previously outstanding common stock may be diminished; and
the market price of our Common Stock may decline.

 

72


 

There is no guarantee that our Warrants will ever be in the money, and they may expire worthless.

The exercise price for our Warrants is $11.50 per-share (subject to adjustment as described herein). We do not expect warrant holders to exercise their Warrants and, therefore, we do not expect to receive cash proceeds from any such exercise, for so long as Warrants are out-of-the money. There can be no assurance that Warrants will ever be in-the-money prior to their expiration and, as such, the Warrants may expire worthless. The last reported sales price for our Common Stock on March 13, 2024 was $1.11 per share.

We may amend the terms of our Public Warrants in a manner that may be adverse to holders of such warrants with the approval by the holders of at least 50% of the then outstanding our Public Warrants. As a result, the exercise price of our Public Warrants could be increased, the exercise period could be shortened and the number of shares of our Common Stock purchasable upon exercise of our Public Warrants could be decreased, all without any particular public warrant holder’s approval.

Our Public Warrants were issued in registered form under the Warrant Agreement. The Warrant Agreement provides that the terms of the Public Warrants may be amended without the consent of any holder to cure any ambiguity, mistake or correct any defective provision, but requires the approval by the holders of at least 50% of the then outstanding Public Warrants to make any change that adversely affects the interests of the registered holders of such Public Warrants. Accordingly, we may amend the terms of our Public Warrants in a manner adverse to a holder if holders of at least 50% of the then outstanding Public Warrants approve of such amendment and, solely with respect to any amendment to the terms of our Private Placement Warrants or any provision of the Warrant Agreement with respect to our Private Placement Warrants, 50% of the number of the then outstanding Private Placement Warrants. Although our ability to amend the terms of our Public Warrants with the consent of at least 50% of the then outstanding Public Warrants is unlimited, examples of such amendments could be amendments to, among other things, increase the exercise price of the Public Warrants, convert the Public Warrants into cash, shorten the exercise period or decrease the number of shares of our Common Stock purchasable upon exercise of a Public Warrant.

 

73


 

We may redeem unexpired Public Warrants prior to their exercise at a time that is disadvantageous to holders of Public Warrants, thereby making such warrants worthless.

We have the ability to redeem all, but not less than all, of the outstanding Public Warrants at any time after they become exercisable and prior to their expiration, at a price of $0.01 per warrant, provided that the closing price of our Common Stock equals or exceeds $18.00 per share (as adjusted for share sub-divisions, share capitalizations, reorganizations, recapitalizations and the like) for any 20 trading days within a 30 trading-day period ending on the third trading day prior to the date on which we give proper notice of such redemption to the warrants holders and provided certain other conditions are met. We may not redeem the warrants unless an effective registration statement under the Securities Act covering the shares of our Common Stock issuable upon exercise of the warrants is effective and a current prospectus relating to those shares is available throughout the minimum 30-day notice period discussed below. If and when our Public Warrants become redeemable by us, we may exercise our redemption right even if we are unable to register or qualify the underlying securities for sale under all applicable state securities laws. Redemption of the outstanding warrants could force warrant holders to (i) exercise their warrants and pay the exercise price therefor at a time when it may be disadvantageous for them to do so, (ii) sell their warrants at the then-current market price when they might otherwise wish to hold their warrants or (iii) accept the nominal redemption price which, at the time the outstanding warrants are called for redemption, is likely to be substantially less than the market value of their warrants. None of our Private Warrants will be redeemable by us in accordance with these provisions so long as they are held by the Sponsor, Jefferies LLC or their permitted transferees.

74


 

In addition, we have the ability to redeem all, but not less than all, of the outstanding Public Warrants at any time after they become exercisable and prior to their expiration, at a price of $0.10 per warrant, provided that the closing price of our Common Stock equals or exceeds $10.00 per share (as adjusted for share sub-divisions, share capitalizations, reorganizations, recapitalizations and the like) for any 20 trading days within a 30 trading-day period ending on the third trading day prior to the date on which we give proper notice of such redemption to the warrants holders and provided certain other conditions are met, including that holders will be able to exercise their warrants on a “cashless basis” prior to redemption for a number of shares of our Common Stock determined based on the period of time to expiration of the warrants and the redemption fair market value of our Common Stock, both as set forth in a table in the Warrant Agreement. If and when our Public Warrants become redeemable by us, we may exercise our redemption right even if we are unable to register or qualify the underlying securities for sale under all applicable state securities laws. The value received upon exercise of the warrants (1) may be less than the value the holders would have received if they had been able to exercise their warrants at a later time at which the underlying share price is higher and (2) may not compensate the holders for the value of the warrants, including because the number of shares received on a cashless exercise basis is capped at 0.361 of a share of our Common Stock per warrant (subject to adjustment) irrespective of the remaining life of our Public Warrants. If the closing price of our Common Stock is less than $18.00 per share (as adjusted for share sub-divisions, share capitalizations, reorganizations, recapitalizations and the like) for any 20 trading days within a 30 trading-day period ending on the third trading day prior to the date on which we give proper notice of such redemption to the warrants holders, we may only redeem our Public Warrants in accordance with these provisions if we concurrently redeem the outstanding Private Warrants (other than Private Warrants held by the Sponsor, Jefferies LLC and their permitted transferees) on the same terms.

In the event that we elect to redeem our Public Warrants in either of the scenarios described above we would only be required to have the notice of redemption mailed by first class mail, postage prepaid, by us not less than thirty (30) days prior to the redemption date to the registered holders of the outstanding warrants to be redeemed at their last addresses as they shall appear on the registration books. Any notice mailed in the manner provided above will be conclusively presumed to have been duly given whether or not the registered holder of the warrants received such notice. We are not contractually obligated to notify investors when our Public Warrants become eligible for redemption, and we do not intend to so notify investors upon eligibility of the warrants for redemption.

 

75


 

The Warrant Agreement designates the courts of the State of New York or the United States District Court for the Southern District of New York as the sole and exclusive forum for certain types of actions and proceedings that may be initiated by holders of our Warrants, which could limit the ability of warrant holders to obtain a favorable judicial forum for disputes with us.

The Warrant Agreement provides that, subject to applicable law, (i) any action, proceeding or claim against us arising out of or relating in any way to the Warrant Agreement, including under the Securities Act, will be brought and enforced in the courts of the State of New York or the United States District Court for the Southern District of New York, and (ii) that we irrevocably submit to such jurisdiction, which jurisdiction shall be the exclusive forum for any such action, proceeding or claim. We will waive any objection to such exclusive jurisdiction and that such courts represent an inconvenient forum. However, Section 22 of the Securities Act provides that federal and state courts have concurrent jurisdiction over lawsuits brought under the Securities Act or the rules and regulations thereunder. To the extent the exclusive forum provision restricts the courts in which claims arising under the Securities Act may be brought, there is uncertainty as to whether a court would enforce such a provision. We note that investors cannot waive compliance with the federal securities laws and the rules and regulations thereunder.

Notwithstanding the foregoing, these provisions of the Warrant Agreement do not apply to suits brought to enforce any liability or duty created by the Exchange Act or any other claim for which the federal district courts of the United States of America are the sole and exclusive forum. Any person or entity purchasing or otherwise acquiring any interest in any our Warrants shall be deemed to have notice of and to have consented to the forum provisions in the Warrant Agreement. If any action, the subject matter of which is within the scope the forum provisions of the Warrant Agreement, is filed in a court other than a court of the State of New York or the United States District Court for the Southern District of New York (a foreign action) in the name of any holder of our Warrants, such holder shall be deemed to have consented to: (x) the personal jurisdiction of the state and federal courts located in the State of New York in connection with any action brought in any such court to enforce the forum provisions (an enforcement action), and (y) having service of process made upon such warrant holder in any such enforcement action by service upon such warrant holder’s counsel in the foreign action as agent for such warrant holder.

This choice-of-forum provision may limit a warrant holder’s ability to bring a claim in a judicial forum that it finds favorable for disputes with us, which may discourage such lawsuits. Alternatively, if a court were to find this provision of the Warrant Agreement inapplicable or unenforceable with respect to one or more of the specified types of actions or proceedings, we may incur additional costs associated with resolving such matters in other jurisdictions, which could materially and adversely affect our business, financial condition and results of operations and result in a diversion of the time and resources of our management and Board.

 

76


 

Provisions in our organizational documents and provisions of Delaware General Corporation Law (DGCL) may delay or prevent an acquisition by a third party that could otherwise be in the interests of stockholders.

Our organizational documents contain several provisions that may make it more difficult or expensive for a third party to acquire control of us without the approval of our Board. These provisions, which may delay, prevent or deter a merger, acquisition, tender offer, proxy contest, or other transaction that stockholders may consider favorable, include the following:

the division of our Board into three classes and the election of each class for three-year terms;
advance notice requirements for stockholder proposals and director nominations;
provisions limiting stockholders’ ability to call special meetings of stockholders and to take action by written consent;
restrictions on business combinations with interested stockholders;
in certain cases, the approval of holders representing at least two-thirds of the total voting power of the shares entitled to vote will be required for stockholders to adopt, amend or repeal certain provisions of the Bylaws, or amend or repeal certain provisions of the Certificate of Incorporation;
no cumulative voting; and
the ability of the Board to designate the terms of and issue new series of preferred stock without stockholder approval, which could be used, among other things, to institute a rights plan that would have the effect of significantly diluting the stock ownership of a potential hostile acquirer, likely preventing acquisitions by such acquirer.

These provisions of our organizational documents could discourage potential takeover attempts and reduce the price that investors might be willing to pay for the shares of our Common Stock in the future, which could reduce the market price of the common stock. For more information, see the “Description of Securities” included as an exhibit to this Annual Report.

 

77


 

The provision of our Certificate of Incorporation requiring exclusive venue in the Court of Chancery in the State of Delaware and the federal district courts of the United States for certain types of lawsuits may have the effect of discouraging lawsuits against directors and officers.

Our Certificate of Incorporation provides that, unless otherwise consented to by us in writing, the Court of Chancery of the State of Delaware (or, if the Court of Chancery does not have jurisdiction, another State court in Delaware or the federal district court for the District of Delaware) will, to the fullest extent permitted by law, be the sole and exclusive forum for the following types of actions or proceedings: (i) any derivative action or proceeding brought on behalf of us; (ii) any action asserting a claim of breach of a duty (including any fiduciary duty) owed by any of our current or former director, officer, stockholder, employee or agent to us or our stockholders; (iii) any action asserting a claim against us or any of our current or former director, officer, stockholder, employee or agent relating to any provision of the DGCL or the Certificate of Incorporation or the Bylaws or as to which the DGCL confers jurisdiction on the Court of Chancery of the State of Delaware; and (iv) any action asserting a claim against us or any of our current or former director, officer, stockholder, employee or agent governed by the internal affairs doctrine of the State of Delaware, in each such case unless the Court of Chancery (or such other state or federal court located within the State of Delaware, as applicable) has dismissed a prior action by the same plaintiff asserting the same claims because such court lacked personal jurisdiction over an indispensable party named as a defendant therein. Our Certificate of Incorporation further provides that, unless otherwise consented to by us in writing to the selection of an alternative forum, the federal district courts of the United States will, to the fullest extent permitted by law, be the sole and exclusive forum for the resolution of any complaint against any person in connection with any offering of our securities, asserting a cause of action arising under the Securities Act. Any person or entity purchasing or otherwise acquiring any interest in our securities will be deemed to have notice of and consented to this provision.

Although our Certificate of Incorporation contains the choice of forum provisions described above, it is possible that a court could rule that such provisions are inapplicable for a particular claim or action or that such provisions are unenforceable. For example, under the Securities Act, federal courts have concurrent jurisdiction over all suits brought to enforce any duty or liability created by the Securities Act, and investors cannot waive compliance with the federal securities laws and the rules and regulations thereunder. In addition, Section 27 of the Exchange Act creates exclusive federal jurisdiction over all suits brought to enforce any duty or liability created by the Exchange Act or the rules and regulations thereunder, and, therefore, the exclusive forum provisions described above do not apply to any actions brought under the Exchange Act.

Although we believe these provisions will benefit us by limiting costly and time-consuming litigation in multiple forums and by providing increased consistency in the application of applicable law, these exclusive forum provisions may limit the ability of our stockholders to bring a claim in a judicial forum that such stockholders find favorable for disputes with us or our directors, officers or employees, which may discourage such lawsuits against us and our directors, officers, and other employees.

 

78


 

We have no current plans to pay cash dividends on our Common Stock. As a result, stockholders may not receive any return on investment unless they sell their Common Stock for a price greater than the purchase price.

We have no current plans to pay dividends on our Common Stock. Any future determination to pay dividends will be made at the discretion of our Board, subject to applicable laws. It will depend on a number of factors, including our financial condition, results of operations, capital requirements, contractual, legal, tax, and regulatory restrictions, general business conditions, and other factors that our Board may deem relevant. In addition, the ability to pay cash dividends may be restricted by the terms of debt financing arrangements, as any future debt financing arrangement likely will contain terms restricting or limiting the amount of dividends that may be declared or paid on our Common Stock. As a result, stockholders may not receive any return on an investment in our Common Stock unless they sell their shares for a price greater than that which they paid for them.

ITEM 1B. UNRESOLVED STAFF COMMENTS

None

ITEM 1C. CYBERSECURITY

We are committed to protecting information and the underlying information systems involved in the operation of our business. We face a multitude of cybersecurity threats that range from attacks common to most industries such as phishing and denial-of-service attempts, to more-sophisticated malware and ransomware attacks, in addition to threats designed to penetrate our Platform. Our customers, suppliers, subcontractors, and third-party business partners also face similar cybersecurity threats. A cybersecurity incident impacting us or any of these entities could have a materially adverse impact on our operations, performance, our brand, and our competitive position. We rely on technical safeguards that are designed to protect our information systems from cybersecurity threats, including firewalls, intrusion prevention and detection systems, anti-malware functionality, and access controls. We must maintain a robust cybersecurity stance in the rapidly evolving security environment to uphold our market leadership position.

The Board of Directors assesses the Company’s overall risk assessment and risk management policies. The Board discharges this responsibility through its committees, each of which examines various components of enterprise risk. The Audit Committee reviews the Company's management of cybersecurity risk, including our policies and processes to monitor and mitigate potential exposure.

79


 

Our Chief Information Security Officer (“CISO”) leads a Security & Compliance team that is responsible for information security, including cyber threat detection and response. Our CISO has extensive information technology and program management experience, including a background in corporate information security across a wide range of industries. The Security & Compliance team oversees and works to improve our enterprise security framework through its identification, assessment, and response to potential threats in order to mitigate risk and reduce the impact of a cyber incident. These efforts include daily internal and external vulnerability scans, web application scans, and vendor risk assessments. The assessment of a cyber incident includes both quantitative and qualitative factors to determine if there is a material impact. Quantitative factors include the potential or actual financial loss and cost of remediation efforts. Qualitative factors include damages to our brand and/or competitive standing, disruptions to our operations, and the potential for litigation. Regardless of whether we consider an incident to be material, the Security & Compliance team will monitor the situation. This ongoing monitoring aims to contain, mitigate, and remediate the circumstances that contributed to the incident and any potential losses arising from the incident. The Security & Compliance team also monitors evolving factors that might later elevate an incident above a materiality threshold which would require us to make public disclosure of the incident.

We engage third parties to conduct evaluations of our information security controls and compliance such as penetration testing and HIPAA (“Health Insurance Portability and Accountability Act”) risk assessment. Since we provide services to certain government agencies, we are subject to various compliance assessments including the Cybersecurity Maturity Model Certification developed by the United States Department of Defense. We also receive an annual System & Organizational Control (SOC 2) audit which assesses our key compliance controls and objectives which helps us identify gaps that may require enhancements to our enterprise security framework.

We also consider our risks from cybersecurity threats as part of a broader overall enterprise risk management (ERM) program. The ERM program is managed by a cross-functional team that is comprised of our CTO, CFO, COO, and General Counsel. Our risk assessment approach is to evaluate the likelihood and potential negative impact of each threat or risk using a quantitative scoring methodology. To the extent our ERM program identifies a severe cybersecurity related risk, we will develop a response plan, assign owners to each planned action, and track progress of solution implementation. The Board of Directors reviews our ERM program on an annual basis.

Despite the extensive approach we take to cybersecurity, we may not be successful in preventing or mitigating a cybersecurity incident that could have a material adverse effect on us. While we maintain cybersecurity insurance policies, the costs related to a cybersecurity incident may not be fully insured. See Item 1A. “Risk Factors” for a discussion of cybersecurity risks.DDD

ITEM 2. PROPERTIES

Our corporate headquarters in Baltimore, Maryland consist of office space that is currently leased until February 2026. We lease and maintain additional offices in the United States, including Portland, Oregon, and internationally in the United Kingdom, Chile, and India. We believe that our current facilities are adequate to meet our ongoing needs and that suitable additional alternative spaces will be available in the future on commercially reasonable terms.

80


 

From time to time, we may be subject to legal proceedings and claims in the ordinary course of business. We are not presently a party to any legal proceedings that, if determined adversely to us, would individually or taken together have a material adverse effect on our business, results of operations, financial condition or cash flows. We have received, and may in the future continue to receive, claims from third parties asserting, among other things, infringement of their intellectual property rights. Future litigation may be necessary to defend ourselves, our partners and our customers by determining the scope, enforceability, and validity of third-party proprietary rights, or to establish our proprietary rights. The results of any current or future litigation cannot be predicted with certainty, and regardless of the outcome, litigation can have an adverse impact on us because of defense and settlement costs, diversion of management resources, and other factors.

ITEM 4. MINE SAFETY DISCLOSURES

Not applicable.

 

81


 

Part II

ITEM 5. MARKET FOR REGISTRANT'S COMMON EQUITY, RELATED STOCKHOLDER MATTERS AND ISSUER PURCHASES OF EQUITY SECURITIES

Common Stock

Our Common Stock trades on the Nasdaq Global Market under the ticker symbol "ZFOX." Prior to the consummation of the Business Combination, L&F’s Class A Ordinary Shares were listed on the NYSE American under the symbol “LNFA.”

Public Warrants

Our Public Warrants trade on the Nasdaq Capital Market under the ticker symbol "ZFOXW." Prior to the consummation of the Business Combination, L&F’s warrants were listed on the NYSE American under the symbol “LNFA WS.”

Holders of Record

On January 31, 2024, there were 144 holders of record of our Common Stock and 2 holders of record of our Public Warrants. We believe the actual number of beneficial owners of our Common Stock and Public Warrants is greater than this number of record holders and includes beneficial owners whose shares are held in street name by brokers, banks, and other nominees.

Dividend Policy

We have never declared or paid any cash dividends on our capital stock. We currently intend to retain all available funds and any future earnings for use in the operation of our business and do not expect to pay any dividends on our capital stock in the foreseeable future. Additionally, our ability to pay dividends is limited by restrictions on our ability to pay dividends or make distributions under the terms of our loan and security agreement with Stifel Bank. Any future determination to declare dividends will be made at the discretion of our Board of Directors, subject to applicable laws, and will depend on a number of factors, including our financial condition, results of operations, capital requirements, contractual restrictions, general business conditions, and other factors that our Board of Directors may deem relevant.

Issuer Purchases of Equity Securities

None.

ITEM 6. [RESERVED]

 

82


 

MANAGEMENT'S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS

The following discussion and analysis of our financial condition and results of operations should be read in conjunction with our consolidated financial statements and related notes included elsewhere in this Annual Report on Form 10-K. Some of the information contained in this discussion and analysis or set forth elsewhere in this Annual Report, including information with respect to our plans and strategy for our business and related financing, includes forward-looking statements that involve risks and uncertainties. See “Forward-Looking Statements” and “Risk Factors” for a discussion of forward-looking statements and important factors that could cause actual results to differ materially from the results described in or implied by these forward-looking statements. Unless otherwise indicated or the context otherwise requires, references in this Management’s Discussion and Analysis of Financial Condition and Results of Operations of ZeroFox Holdings, Inc. section to ‘‘ZeroFox,’’ ‘‘we,’’ ‘‘us,’’ ‘‘our,’’ and other similar terms refer to ZeroFox Holdings, Inc. and its consolidated subsidiaries after the Business Combination.

Overview

ZeroFox was formed through the merger of ZeroFox, Inc., ID Experts Holdings, Inc., and L&F Acquisition Corp. ("L&F") on August 3, 2022. ZeroFox, Inc. was founded in 2013 with the vision that the emergence and adoption of social media, mobile applications, and cloud computing by enterprises would fundamentally change the cybersecurity paradigm. Social media represents much more than a platform where individuals connect online. The adoption of social media revolutionized the way people communicate with each other and, subsequently, how enterprises and organizations enable communication among employees, customers, partners, and prospects. Mobile applications accelerated the digital transformation in which earlier versions of the web would need to become interactive and persist across multiple modern mediums. Furthermore, cloud computing’s continued evolution and adoption demonstrate how organizations are more comfortable with data residing beyond their traditional security perimeter outside of the historical boundaries of IT governance and control.

We provide customers with an innovative and comprehensive platform for external cybersecurity that protects organizations from threats outside the traditional corporate perimeter (our Platform). Our Platform protects our customers from threats to their organizations, brands, digital assets, and people. These threats include targeted phishing attacks, account takeovers, credential theft, data leakage, domain spoofing, and impersonations.

Our cloud-native platform combines protection, intelligence, adversary disruption, and response services into an integrated solution.

Our protection capabilities continuously monitor social, mobile, surface web, deep and dark web, email, and collaboration platforms and use artificial intelligence-powered analytics to identify threats. Our Platform processes millions of pieces of content, rich media, posts, messages, global intelligence, and threat actor activity across the digital landscape, including mobile app stores, social media sites, dark web forums, and discrete content sources. With the data we collect and process, we identify targeted phishing attacks, credential compromise, data exfiltration, brand hijacking, and executive and location threats across the public-facing surface web as well as the deep and dark web.

Our intelligence capabilities provide access to threat intelligence data as well as analysis and investigations provided by our threat intelligence experts.

83


 

Our adversary disruption capabilities enable the remediation of threats through automated takedowns of domains, impersonations, and malicious content, and facilitate the blocking of adversary infrastructure across various networks.

Our response services include breach response (notification, call center support, and identity protection) and incident response.

We sell subscriptions to our Platform to organizations of all sizes across multiple industries. We primarily sell subscriptions through our direct sales teams that leverage our global network of channel partners. A majority of our customers purchase subscription agreements with a term of one year. Our subscription agreements are generally priced on the number of assets protected and the desired levels of services. We generally recognize our subscription agreements ratably over the term of the agreement.

We also generate revenue from breach response services, incident response, investigative services, and training. Our breach response services can be priced on either a fixed price or variable price arrangement. A typical breach response arrangement includes breach notification services and a period of identity protection services. We recognize revenue for the breach notification services on completion of the notification and the identity protection on a ratable basis over the contract term, typically 15 months. Our incident response, investigative, and training services are generally priced on a fixed-fee basis and revenue is recognized as the services are performed.

Russian Invasion of Ukraine and Israel-Hamas War

We continue to monitor and respond to the war in Ukraine and the associated sanctions and other restrictions. We are also monitoring and responding to the Israel-Hamas war. The full impact of the conflicts on our business operations and financial performance remains uncertain and will depend on future developments, including the severity and duration of the conflicts and their impact on regional and global economic conditions. We will continue to monitor these conflicts and assess the related restrictions and other effects and pursue prudent decisions for our team members, customers, and business. As of the date of this report, these conflicts have not resulted in a material impact to our business operations and financial performance.

Recent Acquisitions

On April 21, 2023, we completed the acquisition of Lookingglass Cyber Solutions, Inc. (LookingGlass). The successful completion of the acquisition combined the innovative platforms of ZeroFox and LookingGlass, enabling our customers to build a robust security posture by providing world-class visibility into external attack surface assets and vulnerabilities.

Proposed Merger

On February 6, 2024, the Company entered into the Haveli Merger Agreement with Parent and Merger Sub. Parent and Merger Sub are each affiliates of the Haveli Funds, managed by Haveli.

84


 

The Haveli Merger Agreement provides that, among other things and on the terms and subject to the conditions of the Haveli Merger Agreement, (a) Merger Sub will merge with and into the Company, with the Company surviving the Merger as a wholly-owned subsidiary of Parent (the “Merger”), and (b) at the effective time of the Merger (the “Effective Time”), each issued and outstanding share (immediately prior to the Effective Date) of Company Common Stock (except as otherwise provided in the Haveli Merger Agreement) will be cancelled and converted into the right to receive an amount in cash equal to $1.14 per share, without interest and subject to any applicable withholding taxes.

The completion of the Merger is subject to the satisfaction or, if permitted, waiver of certain customary mutual closing conditions set forth in the Haveli Merger Agreement, including (a) obtaining Company Stockholder Approval and (b) the expiration or termination of the applicable waiting period under the HSR Act, and the receipt of approval, clearance or expiration of the applicable review periods under the NSI Act. The obligation of each party to consummate the Merger is also conditioned on the other party’s representations and warranties being true and correct (subject to certain customary materiality exceptions) and the other party having performed in all material respects its obligations under the Merger Agreement, and the obligation of Parent to consummate the Merger is additionally conditioned on no material adverse effect on the Company having occurred since the execution of the Merger Agreement. The consummation of the Merger is not subject to any financing condition.

The Merger is expected to close in the first half of 2024. Upon consummation of the Merger, the Company will cease to be a publicly traded company (see Note 18 to the consolidated financial statement included in Part II, Item 8 of this Annual Report).

Key Factors Affecting Performance

New Customer Acquisition

Our future growth depends in large part on our ability to acquire new customers. To attract new customers, we have invested, and will continue to invest, in our sales and marketing efforts. Many organizations have not yet adopted external cybersecurity solutions and our business and operating results will be affected by the rate at which organizations adopt our solutions. We believe our Platform addresses the evolving needs of organizations of all sizes and industries and coupled with our go-to-market strategy, presents significant opportunities for growth.

Investing in Growth

We intend to continue to invest in our business so that we can capitalize on our market opportunity. We intend to continue to invest in sales and marketing to grow our sales team, expand our brand recognition and optimize our channel partner network. We also intend to continue to invest in our research and development team to build additional functionality and enhance existing functionality in our Platform to extend our capabilities as our success is dependent on our ability to further our technological leadership. Additionally, we plan to evaluate strategic acquisitions of businesses and technologies to expand and enhance the functionality of our Platform.

Our investments in growth may adversely affect our operating results in the near term. However, we expect that these investments will contribute to our long-term growth and success.

If these investments do not lead to expected revenue growth, our operating losses may increase, we may not achieve profitability, and our growth rates may slow.

85


 

Retention and Expansion of Customers

Our ability to increase revenue depends in large part on our ability to retain our existing customers and grow the value of their subscriptions. We focus on increasing sales to our existing customers by increasing the number of protected assets and corresponding intelligence services delivered on and through our External Cybersecurity Platform. We intend to expand existing capabilities and launch new features which we believe will contribute to increased adoption by our growing base of customers. Our ability to expand within our customer base, particularly large enterprise and government customers, will depend on a number of factors, including platform performance, competitive offerings, pricing, overall changes in our customers’ spending levels, and the effectiveness of our efforts to help our customers realize the benefits of our Platform.

Key Business Metrics

We monitor the following key metrics to help us evaluate our business, identify trends affecting our business, formulate business plans, and make strategic directions.

Subscription Customers

We believe that the size of our customer base is an indicator of our market adoption and that our net new customer additions are an indicator of the growth of our business. We focus our sales and marketing efforts on large enterprises and medium-sized businesses. We define a subscription customer as any entity that has entered into a distinct agreement for access to our Platform for which the term has not ended or with which we are continuing to provide service and negotiating a renewal contract that expired within 90 days of the applicable measurement date. We do not consider our channel partners as subscription customers, and we treat managed service security providers, who may purchase our products on behalf of multiple companies, as a single subscription customer. As of January 31, 2024, the Company had over 1,300 subscription customers.

Annual Recurring Revenue ("ARR")

We believe that ARR is a key operating metric to measure our business as changes in ARR reflect our ability to acquire net new customers and to maintain, retain, and expand our relationships with our existing customers. We define ARR as the annualized contract value of all recurring revenue related to contracts in place at the end of the reporting date assuming any contract is renewed on its existing terms. We continue to include ARR from customers whose term has expired within 90 days of the applicable measurement date for which we are actively negotiating renewal. As of January 31, 2024, the Company had an ARR of $188.4 million.

Components of Our Results of Operations

Revenue

We generate revenue from subscription agreements and from services, which includes breach response services.

Subscription revenue includes access to our hosted platform for protection, intelligence, disruption, and response capabilities along with credit and identity protection services. The majority of our customers are invoiced annually in advance of their subscription term. Our subscription agreements are “stand ready” to permit platform access and provide our protection services over the contractual term. We recognize subscription revenue ratably over the term of the agreement.

86


 

Services revenue includes breach response, training, and investigative services. Our breach response services can be priced on either a fixed price or variable price arrangement. A typical breach response arrangement includes breach notification services and a period of identity protection services. We recognize revenue for the breach notification services on completion of the notification and the identity protection services on a ratable basis over the contract term, which is typically 15 months. Our training and investigative services are generally priced on a fixed-fee basis and revenue is recognized as the services are performed.

Cost of Revenue

Costs of subscription revenue consist primarily of third-party cloud infrastructure expenses; fees paid to data providers; personnel-related costs such as salaries, bonuses, benefits, and stock-based compensation associated with customer support; software and subscription services used to support our customers; amortization of our capitalized internal-use software; travel and related expenses; amortization of acquired technology; and allocated overhead costs. Our allocated overhead costs include depreciation and information technology expenses.

Cost of services revenue consist primarily of fees to outsourced service providers for credit monitoring; call center operation; notification mailing; insurance; personnel-related costs such as salaries, bonuses, benefits, and stock-based compensation associated with breach project management and delivery, intelligence services, and other services; travel and related expenses; amortization of acquired technology; and allocated overhead costs. Our allocated overhead costs include depreciation and information technology expenses.

Operating Expenses

Our operating expenses consist of research and development, sales and marketing, and general and administrative expenses. Personnel-related expenses, including salaries, bonuses, commissions, benefits, and stock-based compensation are the most significant components of each of these categories. Operating expenses also include allocated overhead costs.

Research and Development

Research and development expenses consist primarily of personnel costs for our research, product and engineering teams, including salaries, bonuses, benefits, and stock-based compensation. Research and development expenses also include software, subscription services, and third-party cloud infrastructure incurred in the design and development of our hosted platform as well as allocated overhead costs.

We expect research and development expenses to increase in absolute dollars as we continue to invest in our Platform and services. However, we anticipate research and development expenses to decrease as a percentage of our revenue over time. Our research and development expenses may fluctuate as a percentage of our revenue from period-to-period depending on the timing of these expenses and the capitalization of expenses that qualify as internal-use software.

87


 

Sales and Marketing

Sales and marketing expenses consist primarily of personnel costs for our sales and marketing teams, including salaries, commissions, bonuses, benefits, and stock-based compensation. Sales and marketing expenses also include conferences, branding and other marketing events, software services, subscription services, travel and related expenses, amortization of acquired customer relationships, and allocated overhead costs. We capitalize and amortize sales commissions from the initial acquisition of a customer subscription agreement to sales and marketing expense over the estimated customer life. We capitalize and amortize sales commissions from breach service arrangements to sales and marketing expense over the service period. We capitalize and amortize commissions paid for the renewal of a customer’s subscription over the term of the renewal.

We expect sales and marketing expenses to increase in absolute dollars as we continue to invest in our sales and marketing organization to drive additional revenue, further penetrate our market, and expand our global customer base. However, we anticipate sales and marketing expenses to decrease as a percentage of our revenue over time. Our sales and marketing expenses may fluctuate as a percentage of our revenue from period to period depending on the timing of these expenses.

General and Administrative

General and administrative expenses consist primarily of personnel costs for our executive, finance, legal, human resources, and information technology teams, including salaries, bonuses, benefits, and stock-based compensation. General and administrative expenses also include professional fees for external accounting, legal, and other advisory services, insurance, software and subscription services, travel and related expenses, facilities-related expenses, amortization of acquired trade names, and allocated overhead costs.

We expect to incur additional expenses as the result of operating as a public company, including costs related to additional reporting and compliance requirements applicable to a listed company and increased expenses for insurance, accounting, legal, and other services. We expect general and administrative expenses to increase in absolute dollars; however, we anticipate general and administrative expenses to decrease as a percentage of our revenue over time.

Goodwill Impairment

We record a goodwill impairment loss when, as a result of our annual test or interim test (if factors are present that require an interim test), the fair value of the Company's single reporting unit is below the carrying value of the Company's single reporting unit.

Interest Expense

Interest expense consists primarily of contractual interest expense, as well as amortization of debt discount and issuance costs related to our term loans and our Convertible Notes issued on August 3, 2022.

Change in Fair Value of Purchase Consideration Liability

The Purchase consideration liability consists of the fair value of the purchase consideration not yet finalized in the acquisition of LookingGlass. The change in the fair value of the purchase consideration liability is primarily driven by changes in the price of the Company's Common Stock.

88


 

Change in Fair Value of Warrant Liabilities

Warrant liabilities consists of the fair value of the Company's outstanding warrants issued to various holders. The change in the fair value of the warrant liabilities is primarily driven by changes in the price of the Company's warrants traded on Nasdaq.

Change in Fair Value of Sponsor Earnout Shares Liability

Sponsor earnout shares liability consists of the fair value of the potentially issuable sponsor earnout shares. The change in the fair value of the sponsor earnout shares liability is primarily driven by changes in the price of the Company's Common Stock.

Other Income (Expense), Net

Other income (expense), net consists primarily of unrealized and realized gains and losses related to changes in foreign currency exchange rates.

(Benefit from) Provision for Income Taxes

(Benefit from) provision for income taxes consists primarily of pre-tax losses and the reduction of deferred tax liabilities associated with the amortization of intangible assets with no tax basis acquired through the Business Combination. The provision also includes income taxes in foreign jurisdictions in which the Company operates.

 

89


 

Results of Operations

Results for the Year ended January 31, 2024, Compared to the Period August 4, 2022, to January 31, 2023 (Successor) and February 1, 2022 to August 3, 2022 (Predecessor)

This section describes the results of the Company for the year ended January 31, 2024, and the period August 4, 2022, to January 31, 2023 (the "Successor Period") and the results of the Predecessor for the period February 1, 2022, to August 3, 2022 (the "Predecessor Period"). There are no comparative analysis between the year ended January 31, 2024, versus the Successor Period and the Predecessor Period, as there is a lack of comparability between the periods presented.

The following table sets forth our results of operations:

 

 

 

Successor

 

 

 

Predecessor

 

(dollars in thousands)

 

Year Ended January 31, 2024

 

 

August 4, 2022 to January 31, 2023

 

 

 

February 1, 2022 to
August 3, 2022

 

Revenue

 

 

 

 

 

 

 

 

 

 

Subscription

 

$

89,308

 

 

$

31,679

 

 

 

$

27,946

 

Services

 

 

143,992

 

 

 

56,707

 

 

 

 

1,291

 

Total revenue

 

 

233,300

 

 

 

88,386

 

 

 

 

29,237

 

Cost of revenue

 

 

 

 

 

 

 

 

 

 

Subscription (1)

 

 

44,137

 

 

 

18,225

 

 

 

 

8,349

 

Services (1)

 

 

114,199

 

 

 

43,600

 

 

 

 

457

 

Total cost of revenue

 

 

158,336

 

 

 

61,825

 

 

 

 

8,806

 

Gross profit

 

 

74,964

 

 

 

26,561

 

 

 

 

20,431

 

Operating expenses

 

 

 

 

 

 

 

 

 

 

Research and development (1)

 

 

31,190

 

 

 

12,134

 

 

 

 

8,092

 

Sales and marketing (1)

 

 

73,790

 

 

 

35,859

 

 

 

 

18,516

 

General and administrative (1)

 

 

38,758

 

 

 

18,218

 

 

 

 

10,093

 

Goodwill impairment

 

 

284,240

 

 

 

698,650

 

 

 

 

 

Total operating expenses

 

 

427,978

 

 

 

764,861

 

 

 

 

36,701

 

Loss from operations

 

 

(353,014

)

 

 

(738,300

)

 

 

 

(16,270

)

Interest expense, net

 

 

(15,202

)

 

 

(7,867

)

 

 

 

(2,965

)

Change in purchase consideration liability

 

 

2,456

 

 

 

 

 

 

Change in fair value of warrant liability

 

 

(349

)

 

 

5,364

 

 

 

 

(2,059

)

Change in fair value of sponsor earnout shares

 

 

2,053

 

 

 

9,634

 

 

 

 

Loss before income taxes